3. MethodologyThe FTA (fault tree a

3. Methodology

The FTA (fault tree analysis) was developed by H. Watson and Allison B, the members of the Bel laboratories, as a method for evaluation of the system safety, required by the US Army (Ericson,
2005). It is a deductive analysis focused on an undesired event of a system and defines its causes (Haasl, 1965). The FTA can be simply described as an analytical technique, with specified unwanted state of the system (most common state crucial for the safety condition), the system then being monitored within the environment and operations in order to define all possible ways in which unwanted event may appear (Haimes, 2008). The tree itself is a logical dia- gram which shows how the occurrence of other events and which combination of them can lead to the top (undesired) event. Formally, a fault tree is a connected and directed acyclic graph G ¼ (X,U), where X is the set of nodes and U is the set of arcs. The root of graph G corresponds to the top undesired event of the modelled system; the leaves represent the basic events which model the failure of the system components while the remaining nodes are divided by their cause and are named intermediate events. Logical gates are applied in modelling the causeeeffect relations between the events. Each pair of the nodes may be joined by a single arc at most (Limnios, 2007).
Since the system we analyze is coherent, only AND or OR logical gates are used. Two main characteristics of coherent fault trees are: each component (basic event) is relevant to the system and struc- ture function is monotonic (increasing) (Barlow and Proschan,
1996).
Fault tree analysis is based on systematic and quantitative pro- cess which considers the unreliability of components and their impact on unreliability of the entire system, and it consists of the following phases (Lee et al., 1985):