New technology and systems are to an increasing extent used to solve tasks that are safety-critical. It can be the breaking of your car, the setting of a green light signal for a train, a closure of a valve in response to a high pressure, or the provision of the correct dose of medication to a patient. Despite its application, our concerns are the same: A failure of the technology or system may result in harm to humans, the environment, or material assets of high importance to the society. So how do we specify requirements for such systems? How can we design systems in light of these requirements? And not to forget: How can we ensure or at least know if the systems continue to perform as long as it is in use.

Please note that this page is under development during the spring/summer of 2014, so the content may be subject to some changes in this period.

LATEST NEWS (per 26ht of September):

There will be six seminars.

DAY 1: 4th of September (VG11, Valgrinda - same building as information meeting, but ground floor)
DAY 2: 18th of September (VG11)
DAY 3: 2nd of October (VG11)
DAY 4: 16th of October (Note: VG12. Next to VG11)
DAY 5: 6th of November (VG11)
DAY 6: 20th of November (VG11)

In total there were six (perhaps 7) students that will take the course, and 2 followers that will be at the lectures but not take the exam.

About the seminars:

In the information meeting, I handed out and presented a brief overview of the course content (will be uploaded on it's learning). The main approach to the seminars is:

I lecture some topics
Students lecture specific topics (will be assigned at the previous seminar day)
We will work on some tutorials.

About the project:

A project accounts for 50% of the grade. You should start to think about a topic that is is relevant for your PhD project, within the context of the course. See also infomration under "04 - Student project". You may spend a week or two to think about a topic,.

About exam:

There will be an oral exam in the course. We have not yet set the date, but we will together find a suitable date. I will post questions and problems after each seminar that will be relevant for exam.

About first seminar (4th of September):

You should read chapter 1 and 2 in the SIS textbook http://www.ntnu.edu/ross/books/sis. You may purchase it or read the online version available from wiley online (via NTNU library).
It is also beneficial to read the following short intro to IEC 61508 http://www.mtl-inst.com/images/uploads/datasheets/App_Notes/AN9025.pdf

Brief background of course

This PhD course is offered by the RAMS group (RAMS = Reliability, availability, maintenance, and safety) at the department of Production and Quality Engineering, NTNU. The course is lectured by Professor Mary Ann Lundteigen. The course is framed by the description at "emner på nett": http://www.ntnu.edu/studies/courses/PK8201#tab=omEmnet.

The course may be useful for PhD students that are involved in development of new technology for safety-critical applications, or who work with systems where reliability is a key attribute. There are no formal requirements to previous knowledge, in order to take this course, but without any previous background in system reliability (such as e.g., TPK 4120), the student may need to do some additional reading and preferably have access to one of the following books System Reliability Theory or Reliability of Safety-Critical Systems. The first mentioned books presents the more basic concepts and methods within system reliability theory, and the second book builds on and extends the application of these.

It should be noted that some adjustments to the course content may (to some extent and if possible) be adjusted to the background and needs for the PhD students following the course. This means that the syllabus may be different from one year to the next. Nevertheless, the following topics will be covered in the course:

Key requirements for safety critical functions, with a special focus on the IEC 61508 standard which outlines requirements that are generic for all sectors and applications.
Safe design principles, including fail-safe design
Key concepts like safety integrity level (SIL)
Models and methods for quantification of reliability of safety critical functions, including common cause failure models, PDS method, quantification of reliability for high and low demand systems, analysis of multi-state systems, using Markov models, versus binary systems.
Follow-up of safety integrity level (SIL) in the operational (or usage) phase.

Course objective and motivation

The main objective of this course is give participating students a thorough understanding of concepts, methods, principles, and dilemmas in relation to the specification, design, and use of safety-critical systems. It is also a main goal that students can relate some of the lectured topics to their own research project.

As a PhD student you should learn to be critical to all concepts, all terms and all statements. Since the field of reliability assessment (as we are using it here) is probabilistic, there is always uncertainty about the validity of the results. You may challenge the scope of the assessment, the approach used, the data, the calculation approaches, the qualitative analysis methods and so on.

Expected learning outcome

Knowledge:
In this course the students will get a thorough insight into reliability assessment of safety-critical systems. This includes for the students to get knowledge about (i) various types of safety critical systems, (ii) key requirements, with basis in regulations and key standards, such as IEC 61508 (and similar), (iii) different methods for reliability assessment in design and operation(usage, (iv) consideration of uncertainty in reliability assessments, and (v) methods for identification of reliability performance requirements. Many of the application examples are taken from the process industry, but the methods lectured are also applicable for other application areas, such as aviation, railway, medical equipment, automotive, machinery and so on.

Skills:
The students shall be able to (i) perform reliability assessment of safety-critical functions by the use of different type of methods, (ii) identify relevant data for their analyses, (iii) apply relevant standards, and (iv) identify and discuss relevant research challenges within the course topic.

General competence:
The students shall be able to understand how reliability assessments are influencing decisions in design and operation/use of safety-critical systems. The students should also understand how reliability assessments are linked to risk assessments of a plant/facility or equipment, whose failure may result in damage to human(s), the environment or significant material assets.

Relevance

Many research projects involve development of technology for or which may be part of safety-critical systems, used to prevent loss of harm, or which may cause harm if the system fails. There are (at least) three key challenges in relation to such systems: How reliable must these systems be in order to provide the necessary confidence of performance, how can we design such systems so that the required reliability is achieved, and how can we track and maintain the reliability performance throughout the life of the systems. To answer these questions, it is necessary to be familiar with key concepts and methods within system reliability, and the link between system reliability and risk analysis. This course touches upon both, and is also addressing key standards that are governing for specification, design and use of safety-critical systems.

Topics and lecturing plan

The final lecturing plan will be determined in a first meeting with the students that have signed up for the course. Most likely, the course will be arranged as seminars (3 x 2 days, alternatively 6x1 days), but I will be open for other arrangements if this is more suited. See a list of lectured topics to the right on this page.

The lecturing will be done as follows:

1-2 topics are introduced by lecturer, including some tutorials
Each student prepares a presentation to the next gathering on one of the topics (for example with basis in an article or a report), for a more in-depth analysis
The student presentations are held in relation to the next gathering, and supplemented with discussions
At the end of the next gathering, the lecturer introduces 1-2 new topics, including some tutorials
Each student prepares a presentation to the next ... and so on

The students will also carry out a project (student work, accounts for 50% in the final grade), on a topic that is agreed with the lecturer. The topic may, to the extent possible, be aligned with the student's PhD project og sub-tasks.

Examination

The examination constitute an oral exam (50%) and a student project (50%). The date of the exam is agreed in the beginning of the semester. The student work consists of a project, with expected work load of 90 hours, on a selected topic in agreement with the lecturer.

Syllabus

Type
Standard	Selected topics from IEC 61508 Part 1 Part 2 Part 5 Part 6
Standard	Selected topics from IEC 61511 Part 1 Part 3
Articles	to be specified
Method handbook	PDS method handbook (student version will be made available)
Text book:	Selected sections from the book: Reliability of Safety-Critical Systems, see http://www.ntnu.edu/ross/books/sis

Supplementary reading (depending on the student background and research topic):

Will depend on the project assignment
IEC 62061 (design of safety-critical systems for machinery)
IEC 61511 (design of safety-critical systems for the process industry)
IEC 62304 (design of safety-critical medical devices)

Lectured topics

Note that the weight of each topic may be different, and also adjusted in light background of participating students.

Seminar	Description	Reading material
1	Key concepts and introduction of reliability assessment methods SIL, safety lifecycle, Hardware safety integrity, architectural constraints Failure classification Reliability data sources Intro to software	SIS textbook chapter 1 +2, 8 IEC 61508-1
2	Methods for quantifying probability of failure on demand (low-demand systems) - including common cause failures	SIS textbook, chapter 8, IEC 61508-6 + selected articles PDS-method
3	Methods for quantifying failure frequency (high-demand systems) - including common cause failures	SIS textbook chapter 9, IEC 61508-6. PDS-method
4	Special topic 1: Use of PetriNets for reliability assessments Special topic 2: SIL allocation methods - determining SIL requirements	SIS textbook chapter 5 and chapter 8. IEC 61508-6 Selection of reports and articles
5	Special topic 3: Partial testing and test coverage Special topic 4: Determining beta using checklists	SIS textbook chapter 11, SIS textbook chapter 10
6	Special topic 5: Spurious trips Special topic 6: Follow-up of SIL requirements in operation	Selection of reports and articles

Page tree

PK 8201 Reliability of Safety-Critical systems