10.4.1.4 Model D  Redundant
Systems
(See Section
7.5 for a more detailed description of the mathematical models used to
calculate the reliability of systems incorporating some form of redundancy).
In this model, the availability of some redundant systems is considered. First
we deal with two equal, independent units in a parallel redundant arrangement
with each unit being separately repairable or replaceable while the other continues operating. Thus, the system is “up”
if both or any one of the two units operates. (See Section 7.5 for a more
detailed description of the mathematical models used to calculate the
reliability of systems incorporating some form of redundancy).
If we define the unavailability U
of a unit as

U = 1  A = MTTR/(MTBF + MTTR) 
(10.35) 
then the probability that the system is unavailable is the
probability that both units are down at the same time, which is

U_{system} = U^{2} 
(10.36) 
and system availability is

A_{system} = 1 
U^{2} 
(10.37) 
Further, using the binomial expansion

(A + U)^{2} = A^{2} +
2AU + U^{2} = 1 
(10.38) 
we find that we may write Eq. (10.38) also in the form

A_{system} = A^{2} +
2AU 
(10.39) 
which gives us the probability A^{2} that both units are
operating at any point in time and the probability 2AU that only one unit is
working. Over a period of time T, the system will on the average be operating
for a time TA^{2} with both units up, while for 2TAU only one unit
will be up. If the performance of the system is P_{1} when both
units are up and P_{2}
when only one unit is up, the system
output or effectiveness, SE, over T^{2} is expected to be

SE = P_{1} TA^{2} +
2P_{2} TAU 
(10.40) 
Assume a ship has two engines which are subject to onboard
repair when they fail. When both engines work, the ship speed is 30 nmi/hour,
and when only one engine works it is 20 nmi/hour. Let an engine MTBF be 90 hr.
and let its MTTR be 10 hr., so that the availability of an engine is A = 0.9
and its unavailability is U = 0.1. Over a 24hour cruise the ship will be
expected to travel on the average
SE = 30 • 24 • .81 + 2 •
20 • 24 • 0.9 • 0.1 = 583.2 + 86.4 = 669.6 nmi.
The expected time for the ship to be found idle with both
engines out for a 24hour cruise is:

T_{idle} = 24U^{2} =
24(0.01) = 0.24 hr 
(10.41) 
For three units in parallel we get

(A + U)^{3} = A^{3} +
3A^{2} U + 3AU^{2} + U^{3} = 1 
(10.42) 
If the system goes down only if all three units are down, system
availability is:

A_{system} = A^{3} +
3A^{2} U + 3AU^{2} = 1  U^{3} 
(10.43) 
but if at least two units are needed for system operation since
a single unit is not sufficient, system availability becomes

A_{system} = A^{3} +
3A^{2} U 
(10.44) 
In general, for a system with n equal, redundant units, we
expand the binomial term
(A + U)^{n} = 1, or


(10.45) 
which yields the probabilities of being in any one of the
possible states. Then, by adding the probabilities of the acceptable states,
we obtain the availability of the system. As stated earlier, the units must be
independent of each other, both in terms of their failures and in terms of
their repairs or replacements, with no queuing up for repair.
Reference [9]
contains, throughout the text, extensive tabulations of availability and
related measures of multiple parallel and standby redundant systems for cases
of unrestricted as well as restricted repair when failed redundant units must
queue up and wait until their turn comes to get repaired.
Returning briefly to Eq. (10.36), when the two redundant units
are not equal but have unavailabilities U_{1} = 1 
A_{1} and U_{2} = 1  A_{2}, system unavailability becomes:

U_{system} = U_{1}
U_{2} 
(10.46) 
and availability

A_{system} = 1  U_{1}
U_{2} 
(10.47) 
Again, we may expand the multinomial

(A_{1} +
U_{1})
(A_{2} + U_{2}) = A_{1}A_{2} + A_{1}U_{2} + A_{2}U_{1} + U_{1}U_{2} 
(10.48) 
and may write system availability in the form

A_{system} = A_{1}A_{2} + A_{1}U_{2} + A_{2}U_{1} 
(10.49) 
For n unequal units we expand the term
and add together the probabilities of acceptable states and
other effectiveness measures, as illustrated in the ship engines example.
This approach is analogous to that shown in Section
5 (k out of n configuration) for reliability.
It can be shown that the limiting expression for an n equipment
parallel redundant system reduces to the binomial form if there are as many
repairmen as equipments. This is equivalent to treating each equipment as if
it had a repairman assigned to it or to saying that a single repairman is
assigned to the system but that the probability of a second failure occurring
while the first is being repaired is very small. The expression for steady
state availability is
where n is the number of redundant equipments and l/n indicates
that at least 1 equipment must be available for the system to be
available.
In general where at least m out of n redundant equipments must
be available for the system to be available:
Table 10.41 (Ref. [10])
provides expressions for the instantaneous and steady state
availability for 1, 2, and 3 equipments, parallel and standby redundancy,
and single and multiple repair maintenance policies.
Single repair
means that failed units can be
repaired one at a time. If a unit fails, repairs are immediately initiated on
it. If more than one unit is down, repairs are initiated on a single unit
until it is fully operational; then, repairs are initiated on the second
failed unit. For the case of multiple repair, all failed units can have repair work initiated on
them as soon as failure occurs, and the work continues until each unit is
operational. Also, a repair action on one unit is assumed to be independent of
any other unit.
One case not yet addressed is the
case of redundant units when repairs cannot be made until complete system
failure (all redundant units have failed). The steady state availability can
be approximated by (see Ref. [25] for
deriving exact expressions):
where:
MTTF = mean time to failure for redundant
system
and
MTTR = mean time to restore all units in the redundant
system
In the case of an nunit parallel system
and
We can see that the maintenance philosophy plays a significant
role. For example, Cases 1 and 2 may not be acceptable for a crucial system
such as a ballistic missile early warning system.
Example 8:
We have three redundant equipments, each with an availability of
0.9. What is the availability of the configuration if two of the three
equipments must be available at anytime?
Example 9:
Given three standby equipments with multiple repair capability,
the MTBF of each equipment is 1000 hours and the repair rate is 0.02/hr. What
is the expected steady state availability (A_{ss})?
From Table 10.41, we see that the
appropriate formula is
"1">
l = 1/1000 = 0.001/hr
m
= 0.02/hr
Substituting these values
Example 10:
Given two standby equipments in an early warning ground radar
system. The equipments are operated in parallel and have a single repair
capability. The MTBF of each equipment is 100 hours and the repair rate is
2/hr. What is the expected steady state availability?
From Table 10.41, the appropriate equation is:
Example 11:
Let us return to the example of the previous section, Figure
10.44, in which we had a series system consisting of five subsystems with the
following R&M parameters: