具有多阶段任务需求的温备份系统可靠性分析

实际工程中很多系统的任务都具有多个阶段,且不同阶段的外界环境及系统需求均可能发生变化,而工作元件可在任意阶段发生失效,为系统的可靠性分析与建模带来了挑战。为增加系统的可靠性,一种常用的设计方法是配置备份元件。针对多阶段任务下基于需求的温备份系统可靠性建模问题,首先提出了一种基于多值决策图的方法,其次给出了处于不同状态的元件可靠性计算公式,最后通过算例表明该模型适用于具有多阶段任务需求的温备份系统可靠性分析。     

Optimal Abort Rules for Multiattempt Missions

Many real‐world systems use mission aborts to enhance their survivability. Specifically, a mission can be aborted when a certain malfunction condition is met and a risk of a system loss in the case of a mission continuation becomes too high. Usually, the rescue or recovery procedure is initiated upon the mission abort. Previous works have discussed a setting when only one attempt to complete a mission is allowed and this attempt can be aborted. However, missions with a possibility of multiple attempts can occur in different real‐world settings when accomplishing a mission is really important and the cost‐related and the time‐wise restrictions for this are not very severe. The probabilistic model for the multiattempt case is suggested and the tradeoff between the overall mission success probability (MSP) and a system loss probability is discussed. The corresponding optimization problems are formulated. For the considered illustrative example, a detailed sensitivity analysis is performed that shows specifically that even when the system's survival is not so important, mission aborting can be used to maximize the multiattempt MSP.     

Optimal Mission Abort Policy for Systems Operating in a Random Environment

Many real‐world critical systems, e.g., aircrafts, manned space flight systems, and submarines, utilize mission aborts to enhance their survivability. Specifically, a mission can be aborted when a certain malfunction condition is met and a rescue or recovery procedure is then initiated. For systems exposed to external impacts, the malfunctions are often caused by the consequences of these impacts. Traditional system reliability models typically cannot address a possibility of mission aborts. Therefore, in this article, we first develop the corresponding methodology for modeling and evaluation of the mission success probability and survivability of systems experiencing both internal failures and external shocks. We consider a policy when a mission is aborted and a rescue procedure is activated upon occurrence of the m th shock. We demonstrate the tradeoff between the system survivability and the mission success probability that should be balanced by the proper choice of the decision variable m . A detailed illustrative example of a mission performed by an unmanned aerial vehicle is presented.     

A Framework to Understand Extreme Space Weather Event Probability

An extreme space weather event has the potential to disrupt or damage infrastructure systems and technologies that many societies rely on for economic and social well‐being. Space weather events occur regularly, but extreme events are less frequent, with a small number of historical examples over the last 160 years. During the past decade, published works have (1) examined the physical characteristics of the extreme historical events and (2) discussed the probability or return rate of select extreme geomagnetic disturbances, including the 1859 Carrington event. Here we present initial findings on a unified framework approach to visualize space weather event probability, using a Bayesian model average, in the context of historical extreme events. We present disturbance storm time (Dst ) probability (a proxy for geomagnetic disturbance intensity) across multiple return periods and discuss parameters of interest to policymakers and planners in the context of past extreme space weather events. We discuss the current state of these analyses, their utility to policymakers and planners, the current limitations when compared to other hazards, and several gaps that need to be filled to enhance space weather risk assessments.     

Spatial Risk Analysis of Power Systems Resilience During Extreme Events

The increased frequency of extreme events in recent years highlights the emerging need for the development of methods that could contribute to the mitigation of the impact of such events on critical infrastructures, as well as boost their resilience against them. This article proposes an online spatial risk analysis capable of providing an indication of the evolving risk of power systems regions subject to extreme events. A Severity Risk Index (SRI) with the support of real‐time monitoring assesses the impact of the extreme events on the power system resilience, with application to the effect of windstorms on transmission networks. The index considers the spatial and temporal evolution of the extreme event, system operating conditions, and the degraded system performance during the event. SRI is based on probabilistic risk by condensing the probability and impact of possible failure scenarios while the event is spatially moving across a power system. Due to the large number of possible failures during an extreme event, a scenario generation and reduction algorithm is applied in order to reduce the computation time. SRI provides the operator with a probabilistic assessment that could lead to effective resilience‐based decisions for risk mitigation. The IEEE 24‐bus Reliability Test System has been used to demonstrate the effectiveness of the proposed online risk analysis, which was embedded in a sequential Monte Carlo simulation for capturing the spatiotemporal effects of extreme events and evaluating the effectiveness of the proposed method.     

On the Limitations of Redundancies in the Improvement of System Reliability

Some program managers share a common belief that adding a redundant component to a system reduces the probability of failure by half. This is true only if the failures of the redundant components are independent events, which is rarely the case. For example, the redundant components may be subjected to the same external loads. There is, however, in general a decrease in the failure probability of the system. Nonetheless, the redundant element comes at a cost, even if it is less than that of developing the first one when both are based on the same design. Identical parts save the most in terms of design costs, but are subjected to common failure modes from possible design errors that limit the effectiveness of the redundancy. In the development of critical systems, managers thus need to decide if the costs of a parallel system are justified by the increase in the system's reliability. NASA, for example, has used redundant spacecraft to increase the chances of mission success, which worked well in the cases of the Viking and Voyager missions. These two successes, however, do not guarantee future ones. We present here a risk analysis framework accounting for dependencies to support the decision to launch at the same time a twin mission of identical spacecraft, given incremental costs and risk-reduction benefits of the second one. We illustrate this analytical approach with the case of the Mars Exploration Rovers launched by NASA in 2003, for which we had performed this assessment in 2001.     

Security of Separated Data in Cloud Systems with Competing Attack Detection and Data Theft Processes

Empowered by virtualization technology, service requests from cloud users can be honored through creating and running virtual machines. Virtual machines established for different users may be allocated to the same physical server, making the cloud vulnerable to co‐residence attacks where a malicious attacker can steal a user's data through co‐residing their virtual machines on the same server. For protecting data against the theft, the data partition technique is applied to divide the user's data into multiple blocks with each being handled by a separate virtual machine. Moreover, early warning agents (EWAs) are deployed to possibly detect and prevent co‐residence attacks at a nascent stage. This article models and analyzes the attack success probability (complement of data security) in cloud systems subject to competing attack detection process (by EWAs) and data theft process (by co‐residence attackers). Based on the suggested probabilistic model, the optimal data partition and protection policy is determined with the objective of minimizing the user's cost subject to providing a desired level of data security. Examples are presented to illustrate effects of different model parameters (attack rate, number of cloud servers, number of data blocks, attack detection time, and data theft time distribution parameters) on the attack success probability and optimization solutions.     

Probabilistic Assessment of the Failure Risk of the Europa Clipper Spacecraft due to Radiations

The Europa mission approved in 2019 is still in the development phase. It is designed to conduct a detailed reconnaissance of that moon of Jupiter as it could possibly support life as we know it. This article is based on a top-down approach (mission → system → subsystems → components) to model the probability of mission failure. The focus here is on the case where the (uncertain) radiation load exceeds the (uncertain) capacity of critical subsystems of the spacecraft. The model is an illustrative quantification of the uncertainties about (1) the complex external radiation environment in repeated exposures, (2) the effectiveness of the shielding in different zones of the spacecraft, and (3) the components’ capacities, by modeling all three as dynamic random variables. A simulation including a sensitivity analysis is used to obtain the failure probability of the whole mission in forty-five revolutions around Jupiter. This article illustrates how probabilistic risk analysis based on engineering models, test results and expert opinions can be used in the early stages of the design of space missions when uncertainties are large. It also describes the optimization of the spacecraft design, taking into account the decisionmakers’ risk attitude and the mission resource constraints.     

Modeling Finite‐Time Failure Probabilities in Risk Analysis Applications

In this article, we introduce a framework for analyzing the risk of systems failure based on estimating the failure probability. The latter is defined as the probability that a certain risk process, characterizing the operations of a system, reaches a possibly time‐dependent critical risk level within a finite‐time interval. Under general assumptions, we define two dually connected models for the risk process and derive explicit expressions for the failure probability and also the joint probability of the time of the occurrence of failure and the excess of the risk process over the risk level. We illustrate how these probabilistic models and results can be successfully applied in several important areas of risk analysis, among which are systems reliability, inventory management, flood control via dam management, infectious disease spread, and financial insolvency. Numerical illustrations are also presented.     

Learning from Nuclear Accident Experience

Statistical procedures are developed to estimate accident occurrence rates from historical event records, to predict future rates and trends, and to estimate the accuracy of the rate estimates and predictions. Maximum likelihood estimation is applied to several learning models and results are compared to earlier graphical and analytical estimates. The models are based on (1) the cumulative number of operating years, (2) the cumulative number of plants built, and (3) accidents (explicitly), with the accident rate distinctly different before and after an accident. The statistical accuracies of the parameters estimated are obtained in analytical form using the Fisher information matrix. Using data on core damage accidents in electricity producing plants , it is estimated that the probability for a plant to have a serious flaw has decreased from 0.1 to 0.01 during the developmental phase of the nuclear industry. At the same time the equivalent frequency of accidents has decreased from 0.04 per reactor year to 0.0004 per reactor year, partly due to the increasing population of plants.     

Quantitative Assessment of Building Fire Risk to Life Safety

This article presents a quantitative risk assessment framework for evaluating fire risk to life safety. Fire risk is divided into two parts: probability and corresponding consequence of every fire scenario. The time-dependent event tree technique is used to analyze probable fire scenarios based on the effect of fire protection systems on fire spread and smoke movement. To obtain the variation of occurrence probability with time, Markov chain is combined with a time-dependent event tree for stochastic analysis on the occurrence probability of fire scenarios. To obtain consequences of every fire scenario, some uncertainties are considered in the risk analysis process. When calculating the onset time to untenable conditions, a range of fires are designed based on different fire growth rates, after which uncertainty of onset time to untenable conditions can be characterized by probability distribution. When calculating occupant evacuation time, occupant premovement time is considered as a probability distribution. Consequences of a fire scenario can be evaluated according to probability distribution of evacuation time and onset time of untenable conditions. Then, fire risk to life safety can be evaluated based on occurrence probability and consequences of every fire scenario. To express the risk assessment method in detail, a commercial building is presented as a case study. A discussion compares the assessment result of the case study with fire statistics.     

大规模灾害中基于聚类的医疗物资联合运送优化

应急响应中,往往出现救援物资供应节点与需求节点距离太远、关键道路损毁导致难以及时通过车辆运送物资到灾区等情景,此时直升飞机逐渐被用来运送关键应急资源（如医疗物资及医护人员）。然而,大规模灾害中难以使用直升飞机运送医疗物资到每个医疗救助点,通常考虑灾民的聚集性选择一定数量的应急中转点,以接收直升飞机运送的医疗物资,之后采用车辆运送物资到其覆盖的医疗救助点。针对该问题,提出一种基于聚类的两阶段医疗物资联合运输方法：第一阶段根据医疗救助点分布,采用模糊C-均值算法（FCM）进行应急中转点选择和医疗救助点划分,并针对FCM划分中存在的剩余容量不均衡问题,考虑容量约束提出一种改进划分方法（FCMwCC）,构建“直升飞机-车辆”医疗物资联合运输网络结构;第二阶段建立基于聚类的运送路线优化模型,确定从应急中转点到医疗救助点的具体运送路线。数值实验验证了提出方法和算法的有效性。     

Uncertainty about Probability: A Decision Analysis Perspective

The issue of how to think about "uncertainty about probability" is framed and analyzed from the viewpoint of a decision analyst. The failure of nuclear power plants is used as an example. The key idea is to think of probability as describing a state of information on an uncertain event, and to pose the issue of uncertainty in this quantity as uncertainty about a number that would be definitive: it has the property that you would assign it as the probability if you knew it. Logical consistency requires that the probability to assign to a single occurrence in the absence of further information be the mean of the distribution of this definitive number, not the median as is sometimes suggested. Any decision that must be made without the benefit of further information must also be made using the mean of the definitive number's distribution. With this formulation, we find further that the probability of r occurrences in n exchangeable trials will depend on the first n moments of the definitive number's distribution. In making decisions, the expected value of clairvoyance on the occurrence of the event must be at least as great as that on the definitive number. If one of the events in question occurs, then the increase in probability of another such event is readily computed. This means, in terms of coin tossing, that unless one is absolutely sure of the fairness of a coin, seeing a head must increase the probability of heads, in distinction to usual thought. A numerical example for nuclear power shows that the failure of one plant of a group with a low probability of failure can significantly increase the probability that must be assigned to failure of a second plant in the group.     

Uncertainty Analysis Based on Probability Bounds (P-Box) Approach in Probabilistic Safety Assessment

A wide range of uncertainties will be introduced inevitably during the process of performing a safety assessment of engineering systems. The impact of all these uncertainties must be addressed if the analysis is to serve as a tool in the decision-making process. Uncertainties present in the components (input parameters of model or basic events) of model output are propagated to quantify its impact in the final results. There are several methods available in the literature, namely, method of moments, discrete probability analysis, Monte Carlo simulation, fuzzy arithmetic, and Dempster-Shafer theory. All the methods are different in terms of characterizing at the component level and also in propagating to the system level. All these methods have different desirable and undesirable features, making them more or less useful in different situations. In the probabilistic framework, which is most widely used, probability distribution is used to characterize uncertainty. However, in situations in which one cannot specify (1) parameter values for input distributions, (2) precise probability distributions (shape), and (3) dependencies between input parameters, these methods have limitations and are found to be not effective. In order to address some of these limitations, the article presents uncertainty analysis in the context of level-1 probabilistic safety assessment (PSA) based on a probability bounds (PB) approach. PB analysis combines probability theory and interval arithmetic to produce probability boxes (p-boxes), structures that allow the comprehensive propagation through calculation in a rigorous way. A practical case study is also carried out with the developed code based on the PB approach and compared with the two-phase Monte Carlo simulation results.     

违约风险下的信贷决策模型与机制

研究了违约风险下的信贷决策模型与机制,通过以银行个体合理性和激励相容性作为约束条件,建立了在考虑违约风险和项目成功概率条件下的信贷决策模型,分别给出了基于抵质押贷款和信用贷款策略下的信贷决策机制,探讨了信贷配给机制与无配给机制的设计方法,给出了在信贷出现配给时银行发放信用贷款和有抵质押贷款的条件.最后运用实例详细分析并讨论了不同违约概率条件下企业项目成功概率对银行期望收益的影响,得到了银行相应的贷款临界值和在不同项目成功概率条件下银行最大可接受的违约概率.     

Articulating Values to Inform Decision Making: Lessons from Family Firms Around the World

Both the popular and the academic press stress that management grounded in values is fundamental to decision-making. High performance companies know that clarity about values is key to getting the job done. However, many family-owned firms do not adequately articulate their core values into a workable orientation for the business. As a result, they are in danger of seriously impairing their decision-making. The authors analyzed family business mission statements from around the world to identify the core values expressed therein. The authors also analyzed how efficiently these values were articulated. They propose that family businesses can make their decision making more effective by identifying and including their core values in the business's mission statement. This revised version was published online in July 2006 with corrections to the Cover Date.     

Penalty guided genetic search for redundancy optimization in multi-state series-parallel power system

This paper presents a genetic algorithm (GA) for parallel redundancy optimization in series-parallel power systems exhibiting multi-state behavior, optimizing the reliability subject to constraints. The components are binary and chosen from a list of products available in the market, and are being characterized by their feeding capacity, reliability, cost and weight. System reliability is defined as the ability to satisfy consumer demand and is presented as a piecewise cumulative load curve. In GA, to handle infeasible solutions penalty strategies are used. Penalty technique keep a certain amount of infeasible solutions in each generation so as to enforce genetic search towards an optimal solution from sides of, both, feasible and infeasible regions. We here present a dynamic adaptive penalty function which helps the algorithm to search efficiently for optimal/near optimal solution. To evaluate system reliability, a fast procedure, based on universal generating function, is used. An example considering a multi-state series-parallel power system is solved considering both homogeneous and heterogeneous types of redundancy. Also an example considering price discounts is solved. The effectiveness of the penalty function and the proposed algorithm is studied and shown graphically.     

Analysis of Uncertainties in Interactive Probabilistic Safety Analysis (PSA) Models

Probabilistic safety analysis (PSA) has been used in nuclear, chemical, petrochemical, and several other industries. The probability and/or frequency results of most PSAs are based on average component unavailabilities during the mission of interest. While these average results are useful, they provide no indication of the significance of the facility's current status when one or more components are known to be out of service. Recently, several interactive computational models have been developed for nuclear power plants to allow the user to specify the plant's status at a particular time (i.e., to specify equipment known to be out of service) and then to receive updated PSA information. As with conventional PSA results, there are uncertainties associated with the numerical updated results. These uncertainties stem from a number of sources, including parameter uncertainty (uncertainty in equipment failure rates and human error probabilities). This paper presents an analysis of the impact of parameter uncertainty on updated PSA results.     

Modeling Sequential Information Acquisition Behavior in Rational Decision Making

Most real‐life decisions are made with less than perfect information and there is often some opportunity to acquire additional information to increase the quality of the decision. In this article, we define and study the sequential information acquisition process of a rational decision maker (DM) when allowed to acquire any finite amount of information from a set of products defined by vectors of characteristics. The information acquisition process of the DM depends both on the values of the characteristics observed previously and the number and potential realizations of the remaining characteristics. Each time an observation is acquired, the DM modifies the probability of improving upon the products already observed with the number of observations available. We construct two real‐valued functions whose crossing points determine the decision of how to allocate each available piece of information. We provide several numerical simulations to illustrate the information acquisition incentives defining the behavior of the DM. Applications to knowledge management and decision support systems follow immediately from our results, particularly when considering the introduction and acceptance of new technological products and when formalizing online search environments.     

Integrating Software into PRA: A Software-Related Failure Mode Taxonomy

Probabilistic risk assessment is a methodology to assess the probability of failure or success of a mission. Results provided by the risk assessment methodology are used to make decisions concerning choice of upgrades, scheduling of maintenance, decision to launch, etc. However, current PRA neglects the contribution of software to the risk of failure of the mission. Our research has developed a methodology to account for the impact of software to system failure. This article focuses on an element of the approach: a comprehensive taxonomy of software-related failure modes. Application of the taxonomy is discussed in this article. A validation of the taxonomy and conclusions drawn from this validation effort are described. Future research is also summarized.