3.3 Analytic Development of Reliability and Performance in Engineering Design 133
The overall performance index, OPI, can be calculated as
OPI =
1
mn

m
∑
i=1
n
∑
j= 1
(PPI)(SPI)

(3.92)
where m is the number of performance parameters, and n is the number of systems.
Computation: propagation rule 1:
(only X) and (only Y)andG ⇒ (only Range (G, X, Y))
OPI [corners (PPI, SPI)]
=[1/12×((1.2×1.6)+(1.2×1.7)+(1.2×1.7)+(1.2×1.5)
+(2.1×1.6)+(2.1×1.7)+(2.1×1.7)+(2.1×1.5)
+(1.8×1.6)+(1.8×1.7)+(1.8×1.7)+(1.8×1.5))] ,
[1/12×((7.4×9.0)+(7.4×7.0)+(7.4×7.0)+(7.4×6.6)
+(7.5×9.0)+(7.5×7.0)+(7.5×7.0)+(7.5×6.6)
+(7.1×9.0)+(7.1×7.0)+(7.1×7.0)+(7.1×6.6))]
OPI [range (PPI, SPI)]
= < [1/12×33.2 ] , [1/12×651.2] >
and:
OPI = < all-parts only %2.854.3 >
Description:
The overall performance index, OPI, is a combination of the parameter perfor-

mance index, PPI,andthesystem performance index, SPI,and indicates the over-
all performance of the operational parameters (PPI), and the overall contribution
of the system’s items on the system (SPI) itself.
The numerical value of OPI lies in the range 0–100 and can thus be indicated as
a percentagevalue, which is a useful measure for conceptual design optimisation.
The reverse jet scrubber system has an overall performance in the range of 2.8
to 54%, which is not optimal.
The critical minimum performance level of 2.8% as well as the upper p erfor-
mance level of 54% indicate design review.
3.3.2 Analytic Development of Reliability Assessment
in Preliminary Design
The most applicable techniques selected as tools for reliability assessment in intelli-
gent computer automated methodology for determining the integrity of engineering
134 3 Reliability and Performance in Engineering Design
design during the preliminary or schematic design phase are failure modes and ef-
fects analysis (FMEA), failure modes a nd effects criticality analysis (FMECA), and
fault-tree analysis. However, as the main use of fault-tree analysis is perceived to
be in designing for safety, whereby fault trees provide a useful representation of the
different failure paths that can lead to safety and risk assessments of systems and
processes, this technique will be considered in greater detail in Chap. 5, Safety and
Risk in Engineering Design. Thus, only FMEA and FMECA are further developed
at this stage with respect to the following:
i. FMEA and FMECA in engineering design analysis
ii. Algorithmic modelling in failure modes and effects analysis
iii. Qualitative reasoning in failure modes and effects analysis
iv. Overview of fuzziness in engineering design analysis
v. Fuzzy logic and fuzzy reasoning
vi. Theory of approximate reasoning
vii. Overview of possibility theory
viii. Uncertainty and incompleteness in design analysis

ix. Modelling uncertainty in FMEA and FMECA
x. Development of a qualita tive FMECA.
3.3.2.1 FMEA and FMECA in Engineering Design Analysis
Systems can be described in terms of hierarchical system breakdown structures
(SBS). These system structures are comprised of many sub-systems, assemblies and
components (and parts), which can fail at one time or another. The effect of func-
tional failure of the system structures on the system as a whole can vary, and can
have a direct, indirect or no adverse effect on the performance of the system. In
a systems context, any direct or indirect effect of equipment functional failures will
result in a change to the reliability of the system or equipment, but may not neces-
sarily result in a change to the performance of the system.
Equipment (i.e. assemblies and components) showing functional failures that
degrade system performance, or render the system inoperative, is termed system-
critical. Equipment functional failures that degrade the reliability of the system are
classified as reliability-critical (Aslaksen et al. 1992).
a) Reliability-Critical Items
Reliability-critical items are those items that can have a quantifiable impact on
system performance but predominantly on system reliability. These items are usu-
ally identified by appropriate r eliability analysis techniques. The identification of
reliability-critical items is an essential portion of engineering desig n analysis, es-
pecially since the general trend in the design of process engineering installa-
tions is towards increasing system co mplexity. I t is thus imperative that a sys-
tematic m ethod for identifying reliability-critical items is implemented during the
3.3 Analytic Development of Reliability and Performance in Engineering Design 135
engineering design process, particularly during preliminary design. Such a system-
atic method is failure modes and effects criticality analysis (FMECA). In practice,
however, development of FMECA procedures have often been considered to be ar-
duous and time consuming. As a result, the benefits that can be derived have often
been misunderstood and not fully appreciated. The FMECA procedure consists of
three inherent sub-methods:

• Failure modes and effects analysis (FMEA).
• Failure hazard analysis.
• Criticality analysis.
The methods of failure modes and effects analysis, failure hazard analysis and
criticality analysis are interrelated. Failure hazard analysis and criticality analysis
cannot be effectively implemented without the prior preparations for failure modes
and effects analysis. Once certain groundworkhas been completed, all of these anal-
ysis methods should b e applied. This groundwork includes a detailed understanding
of the functions of the system under consideration, and the functional relationships
of its constituent components. Therefore, two necessary additional techniques are
imperative prior to developing FMEA procedures, namely:
• Systems breakdown structuring.
• Functional block diagramming.
As previously indicated, a systems breakdown structure (SBS) can be defined
as “a systematic hierarchical representation of equipment, grouped into its logical
systems, sub-systems, assemblies, sub-assemblies, and component levels”.
A functional block diagram (FBD) can be defined as “an orderly and structured
means for describing component functional relationships for the purpose of systems
analysis”.
An FBD is a combination of an SBS and concise descriptions of th e operational
and physical functions and functional relationships at component level. Thus, the
FBD need only be done at the lowest level of the SBS, which in most cases is at
component level. It is from this relation between the FBD and the SBS that the
combined result is termed a functional systems breakdown structure (FSBS).
Some further concepts essential to a proper basic understanding of FSBS are
considered in th e following definitions:
A system is defined as “a complete whole of a set of connected parts or com-
ponents with functionally related properties that links them together in a system
process”.
A function is defined as “the work that an item is designed to perform”.

This definition indicates, through the terms work and design, that any item con-
tains both operational and physical functions. Operational functions are related to
the item’s working performance, and physical functions are related to the item’s
design.
Functional relationships, on the other hand, describe the actions or changes in
a system that are derived from the various ways in which the system’s components
and their properties are linked together within the system. Functional relationships
136 3 Reliability and Performance in Engineering Design
thus describe the comp lexity of a system at the component level. Component func-
tional relationships describe the actions internal in a system, and can be regarded as
the interactive work that the system’s components are designed to perform. Com-
ponent functional relationships may therefore be considered from the point of view
of their internal interactive fu nctions. Furthermore, component functional relation-
ships may also be considered from the point of view of their different cause and
effect changes, or change sympto ms, or in other words, their internal symptomatic
functions.
In order to fully understand component functional relationships, concise descrip-
tions of the operational and physical functions of the system must first be defined,
andthenthefunctional relationships at component level are defined. The descrip-
tions of the system’s operational and physical functions need to be quantified with
respect to their limits of performance, so that the severity of functional failures can
be defined at a later stage in the FMECA procedure. The first step, then, is to list the
components in a functional systems breakdown structure (FSBS).
b) Functional Systems Breakdown Structure (FSBS)
The identification of the constituent items of each level of a functional systems
breakdown structure (FSBS) is determinedfrom the top down. This is done by iden-
tifying the actual physical design configuration of the system, in lower-level items of
the systems hierarchy. The various levels of an FSBS are identified from the bo ttom
up, by logically grouping items or components into sub-assemblies, assemblies or
sub-systems. Operational and physical functions and limits of performance are then

defined in the FSBS. Once the functions in the FSBS have been described and limits
of performance quantified, then the various functional relationships of the compo-
nents are defined, either in a functional block diagram (FBD) or through functional
modelling.
The functional block diagram (FBD) is a structured means for describing com-
ponent functional relationships for design analysis. However, in the development
of an FBD, the descriptions of these component functional relationships should be
limited to two words if possible: a verb to d escribe the action or change, and a noun
to describe the object of the action or change. In most cases, if the component func-
tional relationships cannot be stated using two words, then more than one functional
relationship exists.
A verb–noun combination cannot be repeated in any one branch of the FBD’s
descriptions of the component functional relationships. If, however, repetition is
apparent, then review of the component functional relationships in the functional
block diagram (FBD) becomes necessary (Blanchard et al. 1990).
As an example, some verb–noun combinations are given for describing compo-
nent functionalrelationships for design analysis during the preliminary design phase
in the engineering d esign process.
3.3 Analytic Development of Reliability and Performance in Engineering Design 137
The following semantic list represents some verb–noun combinations:
Verb Noun
Circulate Current
Close Overflow
Compress Gas
Confine Liquids
Contain Lubricant
Control Flow
Divert Fluid
Generate Power
Provide Seal

Transfer Signal
Transport Material
It is obvious that the most appropriate verb must be combined with a correspond-
ing noun. Thus, the verb ‘control’ can be used in many combinations with different
nouns. It can be readily discerned that these actions can be either operational func-
tional relationships that are related to the item’s required performance,orphysical
functional relationships that are related to the item’s design. For instance, current
can be controlled operationally,through the use of a regulator, or physically through
the internal physical r esistance properties of a conductor.
What becomes essential is to ask the question ‘how?’ after the verb–noun com-
bination has been established in describing functional relationships. The question is
directed towards an answer of either ‘operational’or‘physical’. In the case of an
uncertain decision concerning whether the verb–noun description of the functional
relationship is achieved either operationally (i.e. related to the item’s performance)
or physically (i.e. related to the item’s material design), then the basic princ iples
used in defining the item’s functions can be referred to.
These principles indicate that the item’s functions can be identified on the basis
of the fundamental criteria relating to operational and physical functions, which are:
• movement and work, in the case of operational functions, and
• shape and consistence, in the case of physical functions.
c) Failure Modes and Effects Analysis (FMEA)
Failure modes and effects analysis (FMEA) is one of the most commonly used tech-
niques for assessing the reliability of engineering designs. The analysis at systems
level involves identifying potential equipment failure modes and assessing the con-
sequences they might have on the system’s performance. Analysis at equipment
level involves identifying potential component failure modes and assessing the ef-
fects they might have on the functional reliability of neighbouring components, and
then propagating these up to the system level. This propagation is usually done in
a failure modes and effects criticality analysis (FMEA).
The criticality of components and component failure modes can therefore be

assessed by the extent the effects of failure might have on equipment functional
138 3 Reliability and Performance in Engineering Design
reliability, and the appropriate steps taken to amend the design so that critical failure
modes b ecome sufficiently improbable.
With the completion of the functional block diagram (FBD), development of the
failure modes and effects an a lysis (FMEA) can proceed. The in itial steps of FMEA
considers criteria such as:
• System performance specifications
• Component functional relationships
• Failure modes
• Failure effects
• Failure causes.
A complex system can be analysed at different levels of resolution and the appro-
priate performance or functions defined at each level. The top levels of the system
breakdown structure are the process and system levelswhere performancespecifica-
tions are defined, and the lower levels are the assembly, component and part levels
where not only primary equipment but also individual components have a role to
play in the overall functions of the system. An FMEA consists of a combined top-
down and bottom-up analysis. From the top, the process and system performance
specifications are decomposed into assembly and component performance require-
ments and, from the bottom, these assembly and component performance require-
ments are translated into functions and functional relationships for which system
performance specifications can be met.
After determining assembly and component functions and functional relation-
ships through application of the techniques of system breakdown structures (SBS)
and functional block diagrams (FBD), the remaining steps in developing an FMEA
consider determining failure mod es, failure effects, failure causes as well as failure
detection.
Engineering systems are designed to achieve predefined performance criteria
and, although the FMEA will provide a comparison between a system’s normal and

faulty behaviour through the identification of failure modes and related descriptions
of possible failures, it is only when this behavioural change affects one of the per-
formance criteria that a failure effect is deemed to have occurred. The failure effect
is then described in terms of system performance that has b een either reduced or not
achieved at all.
A survey of applied FMEA has shown that the greatest criticism is the inabil-
ity of the FMEA to sufficiently influence the engineering design process, because
the timescale of the analysis often exceeds the design process (Bull et al. 1995b).
It is therefore often the case that FMEA is seen not as a design tool but solely as
a deliverable to the c lient. To reduce the total tim e for the FMEA, an approach is re-
quired whereby the methodology is not only automated but also integrated into the
engineering design process through intelligent computer automated m ethodology.
Such an approach would, however, require consideration of qualitative reasoning in
engineering design analysis. In order to be able to develop the reliability technique
of FMEA (and its extension of criticality consideration s into a FMECA) for ap-
plication in intelligent computer automated methodology, particularly for artificial
3.3 Analytic Development of Reliability and Performance in Engineering Design 139
intelligence-ba sed (AIB) modelling, it is essential to carefully consider each pro-
gressive step with respect to its related definitions. It is obvious that the best point
of departure would be an appropriate definition for failure.
According to the US Military Standard (MIL-STD-721B), a failure is defined as
“the inability of an item to function within its specified limits of performance”. This
implies that system functional performance limits must be clearly defined before
any functional failures can be identified. The task of defining system functional
performance limits is not straightforward, especially with comp lex integration of
systems. A thorough analysis of systems integration complexity requires that the
FMEA not only considers the functions of the various systems and their equipment
but that limits of performance be related to these functions as well.
As previously indicated, the definitio n of a function is given as “the work that an
item is designed to perform”. Thus, failure of the item’s function means failure of

the work that the item is d esigned to perform.
Functional failure can thus be defined as “the inability of an item to carry-out
the work that it is designed to perform within specified limits of performance”.
It is obvious from this definition that there are two degrees of severity of func-
tional failure:
i) A complete loss of function, where the item cannot carry out any of the work
that it was designed to perfo rm.
ii) A partial loss of function, where the item is unable to function within specified
limits of performance.
Potential failure may be defined as “the identifiable condition o f an item indicat-
ing that functional failure can be expected”. In other words, potential failure is an
identifiable condition or state of an item on which its function depends, indicating
that the occurrence of functional failure can be expected.
From an essential understanding of the implications of these definitions, the var-
ious steps in the development of an FMEA can now be considered.
STEP 1: the first criterion to consider in the FMEA is failu re mode.
The definition of mode is given as “method or manner”.
Failure mode can be defined as “the method or manner of failure”.
If failure is considered from the viewpoint of either functionalfailure or potential
failure,thenfailure mode can be determined as:
i) The method or manner in which an item is unable to carry out the work that it
is designed to perform within limits of performance. This would imply either
the mode of failure in which the item cannot carry out any of the work that it
is designed to perform (i.e. complete loss of function), or the mode of failure
in which the item is unable to function within specified limits of performance
(i.e. partial loss of function).
ii) The method or manner in which an item’s identifiable cond ition could arise,
indicating that functional failure can be expected. This would imply a failure
mode only when the item’s identifiable condition is such that a functional
failure can be expected.

140 3 Reliability and Performance in Engineering Design
Thus, failure mode can be described from the points of view of:
• A complete functional loss.
• A partial functional loss.
• An identifiable condition .
For reliability assessment during the preliminary engineering design phase, the
first two failure modes, namely a complete functional loss, and a partial functional
loss, can be practically considered. Th e determin ation of an identifiable condition is
considered when contemplating the possible causes of a complete functional loss or
of a partial functional loss.
STEP 2: the following step in developing an FMEA is to consider the criteria of
failure effects.
The definition of effect is given as “an immediate result produced”.
Fa ilure effects can be defined as “the immediate results produced by failure”.
Failure consequence can be defined as “the overall result or outcome of failures”.
It is clear that from th ese definitions that there are two levels—firstly, an imme-
diate effect and, secondly, an overall consequence of failure.
i) The effects of failure are associated with analysis at component level of the
immediate results that initially occur within the component’s or assembly’s
environment.
ii) The consequences of failure are associated with analysis at systems level of
the overall results that eventually occur in the system or process as a whole.
For the purpose of developing an FMEA at the higher systems level, some of the
basic principles of failure consequences need to be described. The consequences
of failure need not have immediate results. However, as indicated before, typical
FMEA analysis of failure effects on functional r eliability at component level and
propagated up to the system level is usually done in a failure modes and effects
criticality analysis ( FMEA).
Operational and physical consequences of failure can be grouped into five sig-
nificant categories:

• Safety consequences.
Safety operationalandphysical consequencesof functionalfailureare alternately
termed critical functional failure consequences. These functional failures affect
either the operationalor physical functions of systems, assemblies or components
that could have a direct adverse effect on safety, with respect to catastrophic
incidents or accidents.
• Economic consequences.
Economic operational and physical consequences of functional failure involve
an indirect economic loss, such as the loss in production, as well as the direct
cost of corrective action.
• Environmental consequences.
Environmental operational and physical consequences of functional failure in
engineered installations relate to environmental problems predominantly associ-
3.3 Analytic Development of Reliability and Performance in Engineering Design 141
ated with treatment of wastes from mineral processing operations, hydrometal-
lurgical processes, high-temperature processes, and processing operations from
which by-products are treated. Any functional failures in these processes would
most likely result in environmental operational and physical consequences.
• Maintenance consequences.
Maintenance operational and physical consequences of functional failure in-
volve only the direct cost of corrective maintenance action.
• Systems consequences.
Systems operational and physical consequences of functional failure involve in-
tegrated failures in the functional relationships of components in process engi-
neering systems with regard to their internal interactive functions, or internal
symptomatic functions.
STEP 3: the following step in developing an FMEA is to consider the criteria of
failure causes.
The definition of cause is “that which produces an effect”.
Fa ilure causes can be defined as “the initiation of failures which produce an

effect”.
The definition of functional failure was given as “the inability of an item to carry-
out the work that it is designed to perform within specified limits of performance”.
Considering the causes of functionalfailure, it is practical to place these into hazard
categories of component functional failure incidents or events.Thesehazard cate-
gories are determined through the reliability evaluation technique of failure hazard
analysis (FHA), which is considered later.
The definitio n of potential failure was g iven as “the identifiable condition of an
item indicating that functional failure can be expected”. The effects of potential
failure could result in functional failure. In other words, the causes of functional
failure can be found in potential failure conditions. The most significant aspect of
potential failure is that it is a condition or state, and not an incident or event such as
with functional failure.
In being able to define potential failure in an item of equipment, the identifiable
conditions or state of the item upon which its functions depend must then also be
identified. The operational and physical conditions of the item form the basis for
defining potential failures arising in the item’s functions. This implies that an item,
which may have several functions and is meant to carry out work that it is designed
to perform, will be subject to several conditions or states on which its functions
depend, from the moment that it is working or put to use. In other words, the item is
subject to potential failure the mom ent it is in use.
Potential failure is related to the identifiable condition or state of the item, based
upon the work it is designed to perform, and the result of its use. The causes of
potential failure are thus related to the extent of use under which the system or
equipment is placed.
In summary, then, developing an FMEA includes considering the criteria of fail-
ure causes—the causes of functional failure can be found in potential failure condi-
142 3 Reliability and Performance in Engineering Design
tions and, in turn, the causes of potential failure can be related to the extent of use
of the system or equipment.

Despite the fairly comprehensive and sound theoretical approach to the defini-
tions o f the relevant criter ia a nd analysis steps in developing an FMEA, it still does
not provide exhaustive lists of causes and effects for full sets of failure modes.
A complete analysis, down to the smallest detail, is generally too expensive (and
often impossible). The central objective of FMEA in engineering design therefore
is more for design verification. This would require an approach to FMEA that con-
centrates on failure modes that can be represented in terms of simple linguistic or
logic statements, or by algorithmic modelling in the case of more complicated fail-
ure modes. In the design of integrated engineering systems, however, most failure
modes are not simple but complex, requiring an analytic approach such as algorith-
mic modelling.
3.3.2.2 Algorithmic Modelling in Failure Modes and Effects Analysis
All engineering systems can be broken down into sub-systems and/or assemblies
and components, but at which level should they be modelled? At one extreme, if the
FMEA is concerned with the process as a whole, it may be sufficient to represent the
inherent equipment as single entities. Conversely, it may be necessary to consider
the effects of failure of single components of the equipment. Less detailed analysis
could be justified for a system based on previous designs, with relatively high reli-
ability and safety records. Alternatively, greater detail and a correspondingly lower
system-level analysis is required for a new design or a system with unknown relia-
bility history (Wirth et al. 1996).
The British Standard on FMEA and FMECA (BS5760, 1991) requires failure
modes to be considered at the lowest practical level. However, in considering the use
of FMEA for automated continual design reviews in the engineering design process,
it is prudent to initially concentrate on failure modes tha t could be represented in
terms of simple linguistic or logic statements. Once this has been accomplished,
the problem of how to address complicated failure modes can be addressed. This is
considered in the following algorithmic approaches (Bull et al. 1995b):
• Numerical analysis
• Order of magnitude

• Qualitative simulation
• Fuzzy techniques.
a) Numerical Analysis
There are several numerical and symbolic algorithms that can be used to solve d y-
namic systems. However, many of these algorithms have two major drawbacks:
firstly, they might not be able to reach a reliable steady-state solution, due to con-
volutions in the numerical solution of their differential equations, or because of the