10.4.1.4 Model D - Redundant Systems
units are up and P2
when only one unit is up, the system
output or effectiveness, SE, over T2 is expected to be
10.4.1.4 Model D - Redundant
7.5 for a more detailed description of the mathematical models used to
calculate the reliability of systems incorporating some form of redundancy).
In this model, the availability of some redundant systems is considered. First
we deal with two equal, independent units in a parallel redundant arrangement
with each unit being separately repairable or replaceable while the other continues operating. Thus, the system is “up”
if both or any one of the two units operates. (See Section 7.5 for a more
detailed description of the mathematical models used to calculate the
reliability of systems incorporating some form of redundancy).
If we define the unavailability U
of a unit as
||U = 1 - A = MTTR/(MTBF + MTTR)
then the probability that the system is unavailable is the
probability that both units are down at the same time, which is
and system availability is
Further, using the binomial expansion
||(A + U)2 = A2 +
2AU + U2 = 1
we find that we may write Eq. (10.38) also in the form
||Asystem = A2 +
which gives us the probability A2 that both units are
operating at any point in time and the probability 2AU that only one unit is
working. Over a period of time T, the system will on the average be operating
for a time TA2 with both units up, while for 2TAU only one unit
will be up. If the performance of the system is P1
||SE = P1 TA2 +
Assume a ship has two engines which are subject to on-board
repair when they fail. When both engines work, the ship speed is 30 nmi/hour,
and when only one engine works it is 20 nmi/hour. Let an engine MTBF be 90 hr.
and let its MTTR be 10 hr., so that the availability of an engine is A = 0.9
and its unavailability is U = 0.1. Over a 24-hour cruise the ship will be
expected to travel on the average
= 30 • 24 • .81 + 2 •
20 • 24 • 0.9 • 0.1 = 583.2 + 86.4 = 669.6 nmi.
The expected time for the ship to be found idle with both
engines out for a 24-hour cruise is:
||Tidle = 24U2 =
24(0.01) = 0.24 hr
For three units in parallel we get
||(A + U)3 = A3 +
3A2 U + 3AU2 + U3 = 1
If the system goes down only if all three units are down, system
||Asystem = A3 +
3A2 U + 3AU2 = 1 - U3
but if at least two units are needed for system operation since
a single unit is not sufficient, system availability becomes
||Asystem = A3 +
In general, for a system with n equal, redundant units, we
expand the binomial term
(A + U)n = 1, or
which yields the probabilities of being in any one of the
possible states. Then, by adding the probabilities of the acceptable states,
we obtain the availability of the system. As stated earlier, the units must be
independent of each other, both in terms of their failures and in terms of
their repairs or replacements, with no queuing up for repair.
contains, throughout the text, extensive tabulations of availability and
related measures of multiple parallel and standby redundant systems for cases
of unrestricted as well as restricted repair when failed redundant units must
queue up and wait until their turn comes to get repaired.
Returning briefly to Eq. (10.36), when the two redundant units
are not equal but have unavailabilities U1 = 1 -
A1 and U2 = 1 - A2, system unavailability becomes:
||Asystem = 1 - U1
Again, we may expand the multinomial
(A2 + U2) = A1A2 + A1U2 + A2U1 + U1U2
and may write system availability in the form
||Asystem = A1A2 + A1U2 + A2U1
For n unequal units we expand the term
and add together the probabilities of acceptable states and
other effectiveness measures, as illustrated in the ship engines example.
This approach is analogous to that shown in Section
5 (k out of n configuration) for reliability.
It can be shown that the limiting expression for an n equipment
parallel redundant system reduces to the binomial form if there are as many
repairmen as equipments. This is equivalent to treating each equipment as if
it had a repairman assigned to it or to saying that a single repairman is
assigned to the system but that the probability of a second failure occurring
while the first is being repaired is very small. The expression for steady
state availability is
where n is the number of redundant equipments and l/n indicates
that at least 1 equipment must be available for the system to be
In general where at least m out of n redundant equipments must
be available for the system to be available:
Table 10.4-1 (Ref. )
provides expressions for the instantaneous and steady state
availability for 1, 2, and 3 equipments, parallel and standby redundancy,
and single and multiple repair maintenance policies.
TABLE 10.4-1: AVAILABILITY OF SOME REDUNDANT SYSTEMS
ON EXPONENTIAL FAILURE AND REPAIR DISTRIBUTIONS
(click on table to
means that failed units can be
repaired one at a time. If a unit fails, repairs are immediately initiated on
it. If more than one unit is down, repairs are initiated on a single unit
until it is fully operational; then, repairs are initiated on the second
failed unit. For the case of multiple repair, all failed units can have repair work initiated on
them as soon as failure occurs, and the work continues until each unit is
operational. Also, a repair action on one unit is assumed to be independent of
any other unit.
One case not yet addressed is the
case of redundant units when repairs cannot be made until complete system
failure (all redundant units have failed). The steady state availability can
be approximated by (see Ref.  for
deriving exact expressions):
MTTF = mean time to failure for redundant
MTTR = mean time to restore all units in the redundant
In the case of an n-unit parallel system
m = 1, for the multiple repairs case
m = n, for the single repair case, or
In the case of an n-unit standby system with one active and n-1 standby units
m = 1, for the multiple repairs
m = n, for the single repair case.
Following are some examples
utilizing the concepts presented in this section.
In the case of a 2-unit parallel system with l = 0.01 fr/hr and
m = 1.0 rp/hr, if
the system does not undergo repairs until both units fail, the system’s
steady-state availability is by Eq. (10.56).
With single repair (Case 1)
With multiple repairs (Case 2)
If repairs are initiated
each time a unit fails, with multiple repairs when both units fail (Case 3)
then from Table 10.4-1.
A(1/2) = 0.9999
Looking at the three cases of this example
Average Downtime in
We can see that the maintenance philosophy plays a significant
role. For example, Cases 1 and 2 may not be acceptable for a crucial system
such as a ballistic missile early warning system.
We have three redundant equipments, each with an availability of
0.9. What is the availability of the configuration if two of the three
equipments must be available at anytime?
Given three standby equipments with multiple repair capability,
the MTBF of each equipment is 1000 hours and the repair rate is 0.02/hr. What
is the expected steady state availability (Ass)?
From Table 10.4-1, we see that the
appropriate formula is
l = 1/1000 = 0.001/hr
Substituting these values
Given two standby equipments in an early warning ground radar
system. The equipments are operated in parallel and have a single repair
capability. The MTBF of each equipment is 100 hours and the repair rate is
2/hr. What is the expected steady state availability?
From Table 10.4-1, the appropriate equation is:
Let us return to the example of the previous section, Figure
10.4-4, in which we had a series system consisting of five subsystems with the
following R&M parameters:
A (previously calculated)
It was previously found that
the availability of this system was "1">
Suppose that we would like to raise the system availability to
0.95 by using redundant parallel subsystems with multiple repair for
subsystems 3 and 4 (the two with lowest availability). How many redundant
subsystems would we need for each subsystem?
We have the situation
This means that the product
of the improved availabilities (A3 A4 ) of subsystems 3
and 4 must be approximately 0.98. As a first cut, let us assume equal
availability for improved subsystems 3 and 4. This means that each must have
an availability of 0.99 for their product to be 0.98.
Eq. (10.51) is the general
expression for improvement in availability through redundancy
A(1/n) = 1 - (1 -
where A(1/n) is the improved availability with n redundant
units. Let us call this A’. Then,
A’ = 1 - (1 - A)n
1 - A’ = (1 - A)n
Taking the natural logarithm of both sides of the
(1 - A’) = n
ln (1 - A)
which is a general
expression that can be used to determine the number of redundant subsystems
required to achieve a desired subsystem availability (A’).
Let us look at improved subsystem
A’ = 0.99
A = 0.83333
2.57, which is rounded up to 3 redundant subsystems (total).
Similarly for subsystem 4:
which is rounded up to 2 redundant subsystems
Thus, in order for the system availability to be raised to 0.95,
we need 3 parallel redundant Subsystems 3, and 2 parallel redundant Subsystems
Note that we have not discussed the optimum allocation of
failure and repair rates to achieve a given availability; this will be done
later in this section.