1
Risk Analysis
Introduction and Overview
Thomas A. Mazzuchi
Professor and Chairman
Department of Engineering
Management and Systems Engineering
George Washington University
2
Terminology and Background
• Risk
- A measure of potential loss due to natural or
human activities
- A combination of the probability or frequency of
the hazard and its consequence; e.g.,
• Loss
- Adverse consequences of such activities that
affect
Human life or health
Economics or property
The natural environment
Information , etc
3
Terminology and Background
• Engineering Systems Losses Can Be
- Internal to the system; i.e,
Damage to one of the system’s components
- External to the system; i.e.,
Damage to a component of the external
environment in which the system must
function; e.g.,
Humans
Organizations
Economic assets
Environmental assets
4
Terminology and Background
• Risk Analysis
- Is the process of characterizing, managing, and
informing others about the existence, nature,
magnitude, prevalence, contributing factors, and
uncertainties that pertain to the potential losses
- Other names for risk analysis
Probabilistic Risk Analysis (PRA)
Quantitative Risk Analysis (QRA)
Probabilistic Safety Analysis (PSA)
5
Terminology and Background
• Importance of Risk Analysis
- While formal methods for risk analysis have
been shaped by modern demands, the concept
of risk analysis is not new; it is even ancient
- People are living longer, healthier, more
prosperous lives and have more to loose
- Today people expect greater protection than
before from industry and government, and they
react with litigation when they feel let down
6
Terminology and Background
• Importance of Risk Analysis
- Even as public concerns about risk exert
pressure on policy makers for regulations,
engineering systems are increasing in
complexity and autonomy
Simply making regulations without studying
their effects can be costly and suboptimal—
even dangerous
- A proper risk analysis will adequately model the
system, demonstrate the effect of mitigating
measures, and communicate these to the public
7
Elements of Risk Analysis
Risk
Assessment
Risk
Management
Risk
Communication
National Research Council (1994)
8
Elements of Risk Analysis
• Risk Assessment
- The process by which the probability or frequency of
loss by or to an engineering system is assessed,
and the magnitude of the loss (consequences)
estimated
• Risk Management
- The process by which the potential (probability or
frequency) for loss and/or the magnitude of loss is
minimized and controlled
• Risk Communication
- The process by which information about the nature
and consequences of risk, as well as the risk
assessment approach and the risk management
options, are shared and discussed among decision
makers and other stakeholders
9
Risk Assessment
•
Definition of Risk (Kaplan & Garrick, 1981)
- Risk addresses three basic questions:
What can go wrong?
How likely is it to happen?
What are the losses (or consequences)?
- A combination of hazard and likelihood
- A triple <Si,Pi,Ci>
Si a specific scenario of a hazard
Pi probability of si (or frequency)
Ci consequence of si
10
Risk Assessment
•
Modifications
- Si may occur with a given
probability Pi or frequency fi
- Its occurrence may be static
or dynamic over time
- Pi and Ci may be uncertain
and have probability
distributions
- These distributions may be a
function of time or Si or a
combination of the two
- These quantities may be
jointly distributed
11
Quantitative Risk Assessment
•
Overview
Important Risk Journals
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Health, Risk and Society
Journal of Risk and Insurance
Journal of Risk and Uncertainty
Journal of Risk: Health, Safety and Environment
Journal of Risk Research
Journal of Safety Research
Journal of System Safety
Risk Analysis, An International Journal
Risk, Decision, and Policy
Risk Management and Insurance Review
Risk Management: An International Journal
Safety Science
The Journal of Risk
Reliability Engineering and System Safety
International Journal of Reliability, Quality, and Safety Eng
12
13
Societies of Interest
•
•
•
•
•
•
•
•
•
•
•
•
•
American Society of Mechanical Engineers
Safety Engineering and Risk Analysis Division
American Society of Safety Engineers
American Statistical Association, Section on Risk Analysi
IEEE Reliability Society
International Association for Probabilistic Safety
Assessment and Management.
Risk Assessment and Policy Association
Risk Theory Society
Society for Maintenance Reliability Professionals
Society for Reliability Engineers
Society for Risk Analysis
System Safety Society
The Safety and Reliability Society
14
Qualitative Risk Assessment:
Risk Matrices
15
Introduction
• Risk Matrix
– a table that has several categories of probability,
likelihood or frequency on its rows (or columns)
and several categories of severity, impact, or
consequence on its columns (or rows)
– It associates a recommended level of risk,
urgency, priority, or management action associated
with each column-row pair (i,e, cell)
16
Introduction
Federal Highway Administration, 2006
Federal Aviation Administration, 2007
17
Introduction
Qualitative Risk Assessment
• NASA Risk Management Reporting
Qualitative Risk Assessment
• NASA Risk Management Reporting
Problems with Risk Matrices and
Matrix Design Cox (2008)
• If Risk = probability * consequence
Risk
Consequence
Probability
p*c=constant
Probability
Consequence
20
Subjective Interpretations
and Input Bias Smith et al (2009)
1
PROBABILITY
Likelihood
1
SRP
Utility
Value
Value
0
Objective
Subjective
21
Consequence
Utility
Objective
Subjective
Extension of Cox for Opt. 5x5 Matrix
Design Hong and Mazzuchi (2013)
22
c
Uncertainty Distribution for Portfolios
of Risks Mazzuchi and Scolese (2014)
p
23
Quantitative Risk Analysis
Scenario Analysis
25
Fault Trees
• The Basics of Fault Trees
- A fault tree develops a deterministic description of
the occurrence of the top event, in terms of the
occurrence or not of intermediate events
Top events represent system-level failure
- Describes intermediate events further until, at a
finer level of detail, basic events are obtained
Basic events represent component-level failure
- By itself, a fault tree is only a visual model of how a
system failure can occur
26
Fault Trees
1. Identify undesirable
TOP event
2. Identify first
contributors
3. Link contributors to
TOP event by logic
gates
4. Identify second level
contributors
5. Link second level
contributors to TOP
event by logic gate
27
Fault Tree Construction
•
Symbols
Event Symbols
Transfer Symbols
Basic Event
Undeveloped Event
Transfer In
External Event
Transfer Out
Intermediate Event
28
Fault Tree Construction
• Symbols
- Gate Symbols
and gate: Output
occurs if all input
events occur
+
+
or gate: Output
occurs if any input
event occurs
exclusive or gate:
Output occurs if
exactly one input
event occurs
+
priority and gate:
Output occurs if all input
events occur in a
specific sequence
inhibit gate: Output
occurs if the single input
occurs in the presence of
an enabling condition
not or gate: Output
occurs if at least one
input event does not
occur
not and gate: Output
occurs if all input events
do not occur
Fault Tree Example 2
Example with Success Event
Pressure Relief Valve
PRV
29
Possible Ignition
Source
I1
Leak
Isolation Valve
VAL
Permanent Ignition
Source
Gas flowing through pipe, there is a leak
I2
after the isolation valve this valve should
close but then the pressure relief vale
must open to relieve local pressure
30
Fault Tree Example 2
Example with Success Event
Explosion After Gas Leak
Posterior to Isolation Valve
+
Explosion Prior
to Isolation
VAL
Performs
Correctly
PRV
Fails
Explosion Posterior to
Isolation Valve
VAL
Fails
I1
Present
31
Fault Tree Example 3
Large Example
V2
T1
V4
P1
C
V1
V3
V5
P2
C
Sensing &
Control
System
AC Power
Source
Pumping System Example
32
Fault Tree Example 3
No Water Delivered When Needed
No Water Delivered from P2 Branch
No Water Delivered from P1 Branch
+
+
No Water
No
Delivered V3 Fails to V5 Fails to Water
from V1
Remain
Remain from P2
Open
Open
+
a
S Fails
to Send
Signal
+
S
Fails
AC
Fails
b
P2 Fails to
Function
AC
Fails
a
No Water
Delivered V4 Fails to
from V1
Remain
Open
+
T1
Ruptures
V1 Fails to
Remain
Open
S Fails
to Send
Signal
b
No
V2 Fails to Water
Remain from P1
Open
+
P1 Fails
to
Function
AC
Fails
33
Fault Tree Example 3
No Water Delivered When Needed
+
No Water Delivered from V1
S
Fails
+
T1
Ruptures
V1 Fails to
Remain
Open
P1 Fails to
Function
V4 Fails to
Remain
Open
Pumping Branches Fail
AC
Fails
P1 Branch
Fails
P2 Branch
Fails
+
+
V2 Fails to
Remain
Open
P2 Fails
to
Function
Alternative
Construction
V5 Fails to
Remain
Open
V3 Fails to
Remain
Open
34
Fault Tree Example 4
Block Diagram Example
• Circuit Block Diagram Example
3
1
B
D
4
A
7
5
2
C
E
6
F
35
Fault Tree Example 4
No Current
at Point F
+
No Current
at D & E
Unit 7
Fails
No Current
at Point E
+
No Current
at Point C
+
No
Current
at Pnt A
Units 5 & 6
Fail
Unit 2
Fails Unit 6 Unit 5
Fails Fails
No Current
at Point D
+
No Current
at Point B
+
No
Current
at Pnt A
Units 3 & 4
Fail
Unit 1 Unit 4 Unit 3
Fails Fails Fails
36
Event Tree Method
• The Event Tree Method is the primary technique
used in PRA to generate risk scenarios
• This method can be used when …
- … Successful operation of a system depends on the
approximately chronological and discrete operation
of its units
- … Previous event tree model scenarios of
successive events have led to exposure to hazards,
and ultimately to undesirable consequences
37
Event Tree Method Example
Initiating
Event A
B
C
D
Success ↑
Failure ↓
Let A denote that subsystem A
fails and A denote that it does not
fail
E
Sequence
Logic
System
Results
ABCE
S
ABCE
F
ABCDE
S
ABCDE
F
ABCD
F
AB
F
Mutually
Exclusive
Events
Depends on
sequence of events
38
Event Tree Method
• Building an event tree
- Build from left to right
- Start the sequence at the initiating event
- Place protective barriers as the successive (binary)
events
- Calculate branching probabilities (called split
fractions) from fault trees
- Calculate the probability of the end mutually
exclusive events as the multiple of the path split
fractions
39
Event Tree Method Example 1
PUMP KLAXON
P
K
S
A subgrade compartment
containing important control
B equipment is protected from
flooding using the above
system. If the water rises it
should close the float switch
which operates a pump with
separate power supply, A
klaxon should also sound
and alert operators to
perform bailing.
40
Event Tree Method Example 1
Water
Rises
I
Float
Switch
S
Pump
P
Klaxon
K
Bailing
B
System System
Logic Results
ISP
S
ISPKB
S
ISPKB
ISPK
F
F
IS
F
41
Event Tree Method Example 2
Backup
Attempted
Abnormal Signal Firewall
Illegal
Initiated by
Access by Principal Detected by
Operator
Firewall
Operator
Hacker
B
F
O
I
System
Logic
System
Results
IF
S
IFOB
S
IFOB
IFO
F
F
42
Event Tree Method
Split fractions are calculated using fault trees
Quantifying Scenario Analysis
Quantifying Fault Trees
and Event Trees
44
• How Do You Quantify Fault Trees and Event Trees
- A fault tree or an event tree by itself is only a visual
model of a system
- It can be a representation of Boolean logic, i.e. a
representation of the functioning (or not) of the
system as a function of its components
- Because the basic events are 0-1 (fail-no fail), we
can use Boolean algebra to reduce the system
expression to the lowest terms
- In doing so we make the following assumptions
All events are binary
The system is coherent
I.e., failure of any component cannot improve
the system
45
Boolean Reduction:
Boolean Algebra
Notation
X and Y
X or Y
Not X
Boolean Operator
X•Y
X+Y = 1-(1-X)(1-Y)
X’
• Important Laws
Commutative
X•Y = Y•X
Associative
X•(Y•Z) = (X•Y)•Z
Distributive
X•(Y+Z) = X•Y+X•Z
Idempotent
X•X = X
Absorption
X+X•Y = X
Complementation X+X’ = Ω
De Morgan’s
(X•Y)’ = X’+Y’
Empty/Universal Set ∅’ = Ω
Set Theory
X∩Y
X∪Y
Xc
t
X+Y = Y+X
X+(Y+Z)=(X+Y)+Z
X+X = X
(X’)’ = X
(X+Y)’ = X’•Y’
Reducing a Fault Tree Using
Boolean Algebra
T = E1•E2 = (A+E3) • (C+E4)
= A•C + A•E4 + C•E3 + E3•E4
= A•C + A•(A•B) + C•(B+C) +
+ (B+C)•(A•B)
= A•C + A•A•B + C•B + C•C +
+ B•A•B + C•A•B
= A•C + A•B + B•C + C + A•B +
+ A•B•C
= A•C + A•B + B•C +C + A•B•C
= A•C + A•B + C + A•B•C
= A•B + C + A•B•C
= A•B + C
This is the reduced tree and reduced
Boolean expression for the tree called
Min Cut Set Representation
46
Representing Systems in
Terms of Their Components
47
Using the convention that
X•Y=X*Y and X+Y=1-(1-X)*(1-Y)
we may determine the state of the top event in terms of
the component states.
From previous page T=A•B + C = 1-(1-A*B)*(1-C)
For example if A occurs and C occurs but B does not
T=1-(1-1*0)(1-1) = 1 (Then the top event occurs)
Representing Systems in
Terms of Their Components
48
• Truth tables
- Generate all possible component states and the
probabilities associated with each.
- For m components, each can either function or not
(i.e. 2 states for each component) thus there are 2m
possible states taking in to account all components.
- Evaluate the system using the Boolean formula for
each state
49
Representing Systems in
Terms of Their Components
- Generation of All Possible States
20=1
20=1
1st Col
0
21=2
1
0
1=2
2
1
0
1
0
1
:
:
2nd Col
0
0
2=4
2
1
1
0
0
2=4
2
1
1
:
:
3rd Col
…..
0
0
….. 2n-1
0
0
1
1
1
1
….. 2n-1
:
:
nth Col
0
:
:
0
1
:
:
1
:
:
Representing Systems in
Terms of Their Components
• Truth tables
T=A•B + C = 1-(1-A*B)*(1-C)
=1-(1-0*0)(1-0)
=1-(1-1*0)(1-0)
=1-(1-0*1)(1-0)
=1-(1-1*1)(1-0)
=1-(1-0*0)(1-1)
=1-(1-1*0)(1-1)
=1-(1-0*1)(1-1)
=1-(1-1*1)(1-1)
Note that if all elements of {A,B} occur or all elements of
{C} occur then the top event occurs
These are called Cut Sets
50
Representing Systems in
Terms of Their Components
• Truth Tables in Excel
T=A•B + C = 1-(1-A*B)*(1-C)
51
52
Some Important Definitions
• Cut Set
- A collection of basic events such that, if the events
occur together, the top event certainly occurs
• Min Cut Set
- A cut set such that, if any basic event is removed,
the remaining set is no longer a cut set
• Path Set
- A collection of basic events that connect input and
output
A path set merely represents a path through the
graph
• Min Path Set
- A path set such that, if any basic event is removed,
the remaining set is no longer a path set
Min Cut Set Representation
for Fault Trees
53
• What is it?
- After Boolean reduction, the Boolean formula for any
fault tree will be in Min Cut Set Representation
T = X11• X12• … • X1n1+ X21• X22• … • X2n2+
….+ Xm1• Xm2• … • Xmnm
where {Xi1, Xi2, … , Xini} is the ith cut set and
Xij=1 if ith item failed and 0 otherwise,
Letting Ci = Xi1• Xi2• … • Xini
where Ci is the ith cut set indicator
Ci =1 if all elements of the ith cut set fail
Then
T = C1+C2+….+ Cm
Min Cut Set Representation
for Fault Trees
• Converting Min Cut Set Representation to a
Calculable Formula
T = C1+C2+….+ Cm
Then we can write
T = 1 – (1-C1)*(1-C2)*…*(1-Cm)
And since
Ci = Xi1• Xi2• … • Xini
We can write
T = 1 – (1-C1)*(1-C2)*…*(1-Cm)
= 1 – (1- Πj=1,n1X1j)*(1-Πj=1,n2X2j)…*(1-Πj=1,nmXmj)
54
55
Example
Consider the following Fault Tree
[(D+E)•B]•[B•C+A]
(D+E)•B
D+E
B•C+A
B•C
56
Example
T = [(D + E) • B] • [(B • C) + A]
T = (B•D + B•E) • [(B•C) + A]
T = (B•D•B•C) + (B•E•B•C) + (B•D•A) + (B•E•A)
T = B•C•D + B•C•E + A•B•D + A•B•E
The minimal cut sets of the top event are thus
C1 = {B, C, D}
C2 = {B, C, E}
C3 = {A, B, D}
C4 = {A, B, E}
57
Example
Thus if A = 1 if component A fails and 0 otherwise
and this is true for B,C,D,E as well we can write
T = 1-(1- B*C*D)*(1- B*C*E)*(1- A*B*D)*(1- A*B*E)
And if T=1 we have system
failure and T=0 indicates
system is functioning
58
Example
Determining Boolean Representation
for Series-Parallel Systems
X2
X4
X1
X3
X6
X7
X5
X2*X3
X8
X4
X6
X7
X1
X5
X8
59
Determining Boolean Representation
for Series-Parallel Systems
X2*X3
X4
X6
X7
X1
X5
X2*X3
X8
X4
X6*X7*X8
X1
X5
1-(1-X2*X3)*(1-X4)
X6*X7*X8
X1
X5
60
Determining Boolean Representation
for Series-Parallel Systems
1-(1-X2*X3)*(1-X4)
X6*X7*X8
X1
X5
X1
[1-(1-X2*X3)*(1-X4)]X5
X6*X7*X8
1-(1-X1)*(1-[1-(1-X2*X3)*(1-X4)]X5)*(1-X6*X7*X8)
61
Determining Boolean Representation
for Series-Parallel Systems
2
4
1
3
6
7
5
8
System Indicator
= 1 – (1-X1)(1-(1-(1-X2X3)(1-X4))X5)(1-X6X7X8)
=1-(1-X1)(1-X2X3X5-X4X5+X2X3X4X5)(1-X6X7X8)
=1-(1-X1)(1-X2X3X5)(1-X4X5)(1-X6X7X8)
since for binary variables (X5)2= X5
Which is called min cut representation (no Xin terms)
62
Determining Boolean Representation
for Series-Parallel Systems
2
4
1
3
63
6
7
5
8
What is min cut set representation?
1-(1-X1)(1-X2X3X5)(1-X4X5)(1-X6X7X8)
Note that for the sets of components {1}, {2,3,5}, {4,5},
{6,7,8} if all of the items in the sets fail, then the system
fails – a cut set
Also not that we can not reduce any set by even a single
element and have it still be a cut set – a min cut set
Determining Boolean Representation
for Series-Parallel Systems
2
4
1
3
64
6
7
5
8
What is a min path?
Note that for the sets of components {1,5,6}, {1,5,7}
{1,5,8}, {1,2,4,6}, {1,2,4,7}, {1,2,4,8}, {1,3,4,6}, {1,3,4,7},
{1,3,4,8}, if all of the items in the sets function, then the
system functions (a path from beginning to end – a path
set
Also not that we can not reduce any set by even a single
element and have it still be a path set – a min path set
Boolean Representation
for General Systems
Non series-parallel structures
4
1
3
2
5
Use cut set representation
Z=1-(1-X1X2)(1-X1X3X5)(1-X4X5)(1-X2X3X4)
65
Boolean Representation
for General Systems
As structures get more complex this becomes difficult
and we may have to resort to a Fault Tree
Determine the min path and min cut sets
A
in
D
F
H
B
C
E
G
out
66
Boolean Representation
for General Systems
67
No Flow to Out
+
No Flow to H
H
No Flow From G
No Flow From F
+
+
No Flow to F
No Flow From D
No Flow From A
+
No Flow to D
No Flow
From “in”
+
D
+
C
No Flow to E
No Flow
From “in”
+
+
B
We will discount
this in our analysis
No Flow
From “in”
G
No Flow From E
No Flow From C
+
A
No Flow to G
F
B
No Flow
From “in”
E
Boolean Representation
for General Systems
68
[A•(B+D)+F] •[C•(B+E)+G]+H
+
[A•(B+D)+F] •[C•(B+E)+G]
H
C•(B+E)+G
A•(B+D)+F
+
+
A•(B+D)
C•(B+E)
F
B+D
A
B
B
B+E
C
+
A
+
C
D
G
B
B
E
Boolean Representation
for General Systems
Failure = [A●(B+D)+F]●[C●(B+E)+G]+H
= [A●B + A●D + F] ● [C●B + C●E + G]+H
= A●B●B●C+ A●B●C●E + A●B●G + A●D●B●C+
A●D●C●E + A●D●G + F●B●C+ F●C●E + F●G +H
= A●B●C+ A●B●C●E + A●B●G + A●B●C●D+ A●C●D●E +
A●D●G + B●C●F+ C●E●F + F●G +H
= A●B●C + A●B●G + A●C●D●E + A●D●G + B●C●F
+ C●E●F + F●G + H
Cut Set: {A,B,C}, {A,B,G}, {A,C,D,E}, {A,D,G}, {B,C,F},
{C,E,F},{F,G},{H}
Using our indicator notation
T=1-(1-A*B*C)*(1-A*B*G)*(1-A*C*D*E)*(1-A*D*G)
*(1-B*C*F)*(1-C*E*F)*(1-F*G)*(1-H)
69
Quantifying Event Trees
(Using DeMorgan’s Laws)
I
A
B
C
ABC
Scenario 1
ABC
AB
A
Scenario 2
Scenario 3
Scenario 4
Assume split fractions are calculated using fault trees
A=b+c•d
B=c+e
C=b•d
A
B
+
+
c
G1
b
c
d
C
e
b
d
70
71
Quantifying Event Trees
Scenario 4
I • A = I • (b+c•d)
Scenario 3
I • A • B = I • (b•c+b•d) • (c+e)
= I • (b•c•e + b•c•d + b•d•e)
Scenario 2
I • A • B • C = I • (b•c+b•d) • (c+e) • (b•d)
= I • (b•c+b•d) • (c•e) • (b•d) ={ }
Scenario 1
I • A • B • C = I • (b•c+b•d) • (c•e) • (b•d)
= I • (b•c+b•d) • (c•e) • (b+d)
= I • b•c•e
Calculating the Probability
of the Top Event
• Three Methods
• Converting Cut Set Formulation to Probability
Statements
• Using Truth Tables
• Using Binary Decision Diagrams
72
Calculating the Probability
of the Top Event - Method 1
73
• Additive Law for Events A1,…, An
P(A1∪…∪An) = ∑i=1,n P(Ai) – ∑i<j P(Ai∩Aj) + ∑i<j<k P(Ai∩
Aj∩Ak) +… + (–1)n+1* P(A1∩…∩An)
You know P(A1∪A2) = P(A1) + P(A2) - P(A1 ∩A2)
The above general formula is called the InclusionExclusion Principle (as terms are added you
overestimate then underestimate)
for example
∑i=1,n P(Ai) – ∑i<j P(Ai∩Aj) ≤ P(A1∪…∪An) ≤ ∑i=1,n P(Ai)
Calculating the Probability of
the Top Event - Method 1
74
If a fault tree has minimal cut sets C1, C2, …, Cm, then
T = C1 + C2 + … + Cm
P(T=1) = P({C1 =1}∪ {C2 =1}∪ … ∪ {Cm=1})
and we can calculate
P(T=1) = ∑P(Ci =1) - ∑P({Ci =1}∩ {Cj=1}) + … +
+ (–1)m+1 ∑P({C1 =1}∩{C2 =1}∩ … ∩ {Cm=1})
P(Ci=1)=P({Xi1=1}∩…∩{Xini=1})
and we can calculate bounds
∑P1(Ci ) – ∑P1(Ci ∩ Cj) < P1(T) < ∑P1(Ci)
where we use the notation henceforth
P1(C)=P({C=1}) and P1(Ci ∩ Cj) = P({Ci =1}∩ {Cj=1})
Calculating the Probability of
the Top Event – Method 1
• Rare Event Approximation P1(T) ≈ ∑P1(Ci)
(conservative)
- Based on the notion that the simultaneous
occurrence of several rare events is negligible
- Problematic when there is a large degree of
overlap in cut sets
- An additional simplifying assumption is the
independence of components
P1(Ci) = P({Xi1=1}∩…∩{Xini=1})
= P1(Xi1) • P1(Xi2) • … • P1(Xini)
assuming independence
75
Calculating the Probability of
the Top Event – Method 1
76
Example 1
C1= {A,B}
C2 = {C}
P1(A) = P1(B) = P1(C) = 0.1 and A,B,C mutually indep.
P1(T) = P1(C∪A∩B) ≈ P1(C) + P1(A∩B)
≈ P1(C) + P1(A)*P1(B) = 0.110 (Bound)
P1(T) = P1(C) + P1(A∩B) – P1(A∩B∩C)
= P1(C) + P1(A)*P1(B) – P1(A)*P1(B)*P1(C)
= 0.109 (Exact)
Calculating Probability of Top Event:
Truth Tables – Method 2
A
B
0
1
0
0
1
1
0
1
0
0
1
0
1
0
1
1
C
0
0
0
1
0
1
1
1
P(A)P(B)P(C)
(.9)(.9)(.9)
(.1)(.9)(.9)
(.9)(.1)(.9)
(.9)(.9)(.1)
(.1)(.1)(.9)
(.9)(.1)(.1)
(.9)(.1)(.1)
(.1)(.1)(.1)
=
=
=
=
=
=
=
=
0.729
0.081
0.081
0.081
0.009
0.009
0.009
0.001
77
System
0
0
0
1
1
1
1
1
0 denotes that component does not fail
1 denotes that component fails
P(T) = 0.081 + 0.009 + 0.009 + 0.009 + 0.001 = 0.109
Note: Independence of components is assumed
78
Calculating Probability of Top Event:
Binary Decision Diagrams – Method 3
A
0
1
B
B
0
1
C
0
0
0
C
1 0
1 0
1
C
1 0
1 0
C
1 0
1 1
1
1
Tree represents all possible component states
Bottom of tree represents the truth table value for the
tree path.
There are techniques to reduce the tree.
Calculating Probability of Top Event:
Binary Decision Diagrams – Method 3
A
0
1
B
B
0
1
C
0
0
0
C
1 0
1 0
1
C
1 0
1 0
C
1 0
1 1
1
1
The tree is basically a physical
representation of the truth table
79
Calculating Probability of Top Event:
BDD’s – Method 3
.109 =.9*.10 + .1*.19
A
.9
.1
0.10= .9*.1 + .1*.1
.10 B
.9
.1
.19 =.9 *.1 + .1 * 1
.19 B
.9
.1
.1 C .1 C .1 C 1 C
.9
.1 .9
.1 .9
.1 .9
.1
0
1 0
1 0 1 1
1
Calculate probability of top event by replacing the
states with their probabilities, and folding back the tree
For example, 0.19 = 0.1 * 0.9 + 1 * 0.1
80
Putting it All Together
Example
Consider the event tree and fault trees below:
I
B
A
Determine a Boolean equation representing each
event tree scenario in terms of fault tree basic events
(C1, C2, C3).
81
Putting it All Together
Example
a) If the frequency of the initiating event I is 10-3 per
year, and P1(C1) = 0.001, P1(C2) = 0.008, and
P1 (C3) = 0.005, calculate the risk (injuries per
year).
82
83
Example
Solution
a) The Boolean equations representing each of the
event tree scenarios in terms of the fault tree
basic events (C1, C2, C3) are:
Scenario 1:
84
Example
Scenario 2:
Scenario 3:
85
Example Solution
86
Example: Solution
That is the rate of I
≈ 7.95x10-6+6.00x10-6
87
Example Solution
Advanced Probability
Analysis
Probability of System Failure:
Law of Total Probability
1
2
3
Z=1-(1-X1*X2)*(1-X3)
• Notation
We use the event Ci (S) to denote that component i
(the system) fails and Ci’ (S’) that it does not.
We also use the indicator Xi=1 (Z=1) to indicate that
component i (the system) fails and Xi=0 (Z=0) to
indicate that component i (the system) does not fail
Thus P(Ci)=Pr(Xi=1) and P(S)=Pr(Z=1)
89
Probability of System Failure:
Law of Total Probability
1
90
3
2
Z=1-(1-X1*X2)*(1-X3)
• Use probability laws
P(S) = P([C1∩C2 ]∪C3) = P(C1∩C2) + P(C3) – P(C1∩C2∩C3)
• Or condition on component states
This side will
be 0 or 1
This side will be the probability
of a component state
P(S|C1∩C2∩C3)
P(S|C1´∩C2∩C3)
P(S|C1∩C2´∩C3)
P(S|C1∩C2∩C3´)
P(S|C1´∩C2´∩C3)
… + P(S|C1´∩C2´∩C3´)
*
*
*
*
*
*
P(C1∩C2∩C3) +
P(C1´∩C2∩C3) +
P(C1∩C2´∩C3) +
P(C1∩C2∩C3´) +
P(C1´∩C2´∩C3) + …
P(C1´∩C2´∩C3´)
Probability of System Failure:
Law of Total Probability
1
2
P(C1∩C2´∩C3)
3
Z=1-(1-X1*X2)*(1-X3)
Assuming
Independence
Using SUMPRODUCT function
91
Advanced Probability Laws:
Conditional Probability
• Conditional Probability
- P(A|B) = P(A ∩ B) / P(B) , if P(B) > 0
- Conditional probability redefines the sample
space
A
New Sample Space
B
Elements of A in the
New Sample Space
92
Probability of System Failure:
Conditional Probability
1
2
93
3
If component 2 fails what is the
probability of System Failure –
Measure Component Importance
• Conditioning on component 2 failure:
P(S|C2) = P(S∩C2) / P(C2)
= P({[C1∩C2 ]∪C3}∩C2} / P(C2)
= P([C1∩C2 ]∪[C3∩C2 ]) / P(C2)
= {P(C1∩C2) + P(C3∩C2) - P(C1∩C2∩C3)} / P(C2)
• If components are independent:
= {P(C1)P(C2) + P(C3)P(C2) - P(C1)P(C2)P(C3)} / P(C2)
= P(C1) + P(C3) - P(C1)P(C3)
Probability of System Failure:
Conditional Probability
1
2
3
If component i fails what is the
probability of System Failure
Note: Independence NOT Assumed
94
Probability of Component Failure:
Conditional Probability
1
2
3
If system fails, what is the
probability of component i failure –
Maintenance Implications
Note: Independence NOT Assumed
95
Probability of Cut Set Causing Failure:
Conditional Probability
Non series-parallel structures
1
4
3
2
5
Cut Sets: {1,2}, {1,3,5}, {4,5}, {2,3,4}
Cut Set Representation
Z=1-(1-X1X2)(1-X1X3X5)(1-X4X5)(1-X2X3X4)
96
Calculating Complex Structure
Functions and Probability of Failure
=Pr(CS12∩Z}/Pr{Z}
= Pr(CS12}/Pr{Z}
97
98
Importance Measures
• Motivation
− A key challenge in a PRA is to identify the elements
in the system that contribute most to the risk
− Method to accomplish this is Importance Ranking
− The many importance measures used for this
process can be categorized as either
Absolute
Defines each risk element in terms of an
absolute risk metric, such as the conditional
frequency of a hazard exposure given the
state of the element; or
Relative
Compares risk contribution of each element to
that of another
99
Importance Measures
• Formulation
− Risk is usually composed of a collection of
scenarios that occur with a certain frequency or
probability
− A series of cut sets can represent these scenarios
− Wall, et al. (2001), represent total risk by a linear
function of any single risk element:
R = aP + b
100
Importance Measures
R = aP + b
where
R: total System Risk
a: total contribution from cut sets that involve a
particular element
P: total risk contribution from a particular element
b: total contribution from cut sets that do not
involve a particular element
− Wall, et al.’s, method is only useful for investigating
one-at-a-time sensitivity to risk elements
101
Principles of Importance Measures
IB
=a
IFV = aP/(aP+b)
IC
= aP/(aP+b)
II
= aP
IRRW = aP
IRRW = (aP+b)/b
IRAW = a(1-P)
IRAW = (a+b)/(aP+b)
DIM1
• DIM 2
•
•
•
•
•
•
•
•
•
, RP=1 – RP=0
, (Rbase – RP=0)/Rbase
, (Rbase – RP=0)/Rbase
,Rbase – RP=0
, Rbase – RP=0 (differential method)
, Rbase/RP=0 (fraction method)
, RP=1 – Rbase (differential method)
, RP=1/Rbase (fraction method)
, (R/Pi)/(Σj=1,nR/Pj)
, aiPi/Σj=1,naiPi
Safety Systems:
k-out-of-n Systems
102
Consider a system where the system will function if
k-out-of-n of its components function or will fail is n-k+1
or more components fail
Usually these are of identical components, each with
probability of failure p, then the probability of system
failure is
Why?
1
2
3
2-out-of-3 System
Min Cut Sets {1,2}, {1,3}, {2,3}
Prob of Failures
103
Modelling Dependent Failures
• What is dependent failure?
- Let Ci be the event that component i fails and let
P(Ci) denote its probability
If we have n components and their failures are
independent, then
P(C1∩C2∩ … ∩Cn) = P(C1)P(C2) … P(Cn)
If their failures are not independent, then this is
not a simple multiplication, we use the
Multiplicative Law
P(C1∩C2∩ … ∩Cn) = P(C1) • P(C2│C1)
* P(C3│C1∩C2) *…* P(Cn│C1∩C2 ∩ … ∩Cn-1)
The probabilities of n joint dependent events on
the left side are usually greater than the
corresponding independent probabilities
104
Modelling Dependent Failures
• Example
105
Modelling Dependent Failures
• What are Common Cause Failures
- CCFs are considered to be the collection of all
sources of dependency, especially between
components, that are not known or are difficult to
model explicitly.
- CCFs have been shown by many studies to
contribute significantly to the overall unreliability of
complex systems;
- CCFs have no unique or universal definitions.
- A fairly general definition is given by Mosleh as: A
CCF is a subset of dependent events in which two
or more component fault states exist at the same
time, or in a short time interval, and are direct
results of a shared cause.
106
Modelling Dependent Failures
• Modelling CCFs: Two Components
- As CCFs have no explicit definition, their
probabilities are modelled as possible joint
combinations of failures of components
- Consider a system with two redundant components
A, B; then
P(A fails) = P(AI) + P(CAB)
AI denotes A fails separately
BI denotes B fails separately
CAB denotes A & B fail together by common
cause
107
Modelling Dependent Failures
• Modelling CCFs: Three Components
- Consider a system with three redundant
components A, B and C
The total failure probability of A can be
expressed in terms of its independent failure AI
and its dependent failures as follows:
CAB, CAC denote that (A,B) & (A,C) fail
together by common cause
CABC denotes that (A,B,C) fail together by
common cause
- Component A fails if any of the events above occur
P(A fails) = P(AI) + P(CAB) + P(CAC) + P(CABC)
108
Modelling Dependent Failures
• Modelling CCFs: Min Cut Representation
- The equivalent Boolean representation of total
failure of component A is AT = AI+CAB+CAC+CABC
- If the success criterion for the system is “2 out of 3
components A, B and C succeed,” then failure of
the system can be represented by the following cut
sets:
- {AI,BI}, {AI,CI}, {BI,CI}, {CAB}, {CAC}, {CBC}, {CABC}
- Thus the Boolean representation of system failure
will be
S = (AI•BI) + (AI•CI) + (BI•CI) + CAB
+ CAC + CBC + CABC
(why not include(AI•BI•CI?)
109
Modelling Dependent Failures
• Modelling CCFs; Probability Representation
- If independence is assumed, only the first four terms
of the Boolean expression are used, i.e., P(CAB) =
P(CAC) = P(CBC) = P(CABC) = 0;
Otherwise, applying the Rare Event
Approximation results
P(System Failure) = P(any 2 or 3 components fail)
QS ≈ P(AI)P(BI) + P(CAB) + P(AI)P(CI)
+ P(CAC) + P(BI)P(CI) + P(CBC)
+ P(CABC)
110
Modelling Dependent Failures
- Assume that components A, B, and C are similar,
and define
Qi = Probability of i simultaneous component
failures due to common cause
- and write
QS = P(System Failure)
= P(any 2 or 3 components fail)
= P(AI)P(BI) + P(CAB) + P(AI)P(CI)
+ P(CAC) + P(BI)P(CI) + P(CBC)
+ P(CABC)
= 3(Q1)2 + 3(Q2) + (Q3)
111
Modelling Dependent Failures
- In general for a k out of n system to fail there
must be n-k+1 or more failures
Example
112
Modelling Dependent Failures
- Generally, models for common cause failure derive
expressions for Qk for a system of size m, 1 ≤ k ≤ m
in terms of total probability of component failure (Qt)
113
Probability Models for Time
Dependent Analysis
Previous Lecture:
A Snap Shot in Time
1
114
3
2
► Use probability laws
Z=1-(1-X1*X2)*(1-X3)
P(S) = P([C1∩C2 ]∪C3) = P(C1∩C2) + P(C3) – P(C1∩C2∩C3)
► Or condition on component states
This side will
be 0 or 1
This side will be the probability
of a component state
P(S|C1∩C2∩C3)
P(S|C1´∩C2∩C3)
P(S|C1∩C2´∩C3)
P(S|C1∩C2∩C3´) *
P(S|C1´∩C2´∩C3)
… + P(S|C1´∩C2´∩C3´)
*
P(C1∩C2∩C3) +
*
P(C1´∩C2∩C3) +
*
P(C1∩C2´∩C3) +
P(C1∩C2∩C3´) +
*
P(C1´∩C2´∩C3) + …
*
P(C1´∩C2´∩C3´)
Random Variables:
Time Dependent Behavior
115
► Random variables are important for describing
system behavior as a function of time:
TS is system life length, Ti life length of component i
P(TS ≤ t) = P({T1 ≤ t} ∪ {T2 ≤ t})
(series system)
P (TS ≤ t) = P({T1 ≤ t} ∩ {T2 ≤ t}) (parallel system)
Note:
{Ti ≤ t} defines our previous notation, Ci , for a
fixed value t but as t varies the probability is
a function of time
When T takes values in [0, ∞), it is called a
lifetime variable (used in reliability and risk
analysis)
Important Functions for
Random Variables
116
► Probability Distribution
f(x)
= Pr{X=x}
for X discrete (called
pmf)
f(x)dx ≈ Pr{x<X<x+dx} for X continuous
(called pdf)
► Cumulative Distribution Function:
F(x) = P(X ≤ x) = ∑ i≤x f(i) for X discrete
x
= ∫ 0 f(u)du for X continuous
► Reliability (Survival) Function
R(x) = P(X>x) =1– F(x)
[F(x) or S(x) is often used in place of R(x)]
Important Functions for
Random Variables
117
Important Functions for
Random Variables
118
► Failure Rate Function (Continuous rv Only)
h(x) = Lim dx→0P(X ≤ x+dx|X>x}/dx
h(x)dx
≈ P(x<X ≤ x+dx|X>x}
Denotes instantaneous probability of failure
► Cumulative Failure Rate Function (Continuous
RV Only)
x
H(x) = ∫ 0 h(u)du (continuous only)
Denotes cumulative wear or exposure
119
Classic Failure Rate Curve
Infant
Mortality
Failure
Rate
Chance
Failure
Wear
Out
Failure
time
Note: i. life lengths said to follow a bathtub failure
rate with three phases: infant mortality,
chance failure and wear out
ii. if h(x) is nondecreasing, constant,
nonincreasing we say that X is IFR, CFR, or
DFR for Increasing, Constant or Decreasing
Failure Rate
120
Classic Failure Rate Curve
Infant
Mortality
Failure
Rate
Chance
Failure
Wear
Out
Failure
time
Note: i. In practice we often only use one phase of
the curve
ii. There are example phenomena from each
phase (DFR –software, CFR-electronics,
IFR-mechanical devices)
Parametric Families of
Distributions
121
► When a distribution f(x) can be indexed by a
set of parameters, say Θ, whose specification
completely determines the distribution we say
that f(x|Θ) is a parametric family.
► Important Properties
Failure Rate Behavior
Distribution of Minimums (for series systems)
TS = Min{T1, …, Tn}
Distribution of Sums (for cold backup or switching
systems)
TS = T1 +…+ Tn
Which Parametric Family
to Use?
► Look at the data histogram
122
Use of Parametric Families:
System Reliability as a Function
of Time
► Component Life Lengths
T1~Wei(2,10), T2~Wei(1,5) assume independence
► System Life TS
P(TS ≤ t) = P({T1 ≤ t} ∪ {T2 ≤ t}) (series system)
= P({T1 ≤ t}) + P({T2 ≤ t}) - P({T1 ≤ t})P({T2 ≤ t})
= (1 - e–(t/10)2) + (1 - e–(t/5))
- (1 - e–(t/10)2) (1 - e–(t/5))
P(TS ≤ t) = P({T1 ≤ t} ∩ {T2 ≤ t}) (parallel system)
= (1 - e–(t/10)2) (1 - e–(t/5))
123
124
Making Risk Time Dependent
Some times you are lucky and the system lifelength distribution
has a closed form
Series
Parallel
Cold Standby
(perfect switch)
1
1
n
….
…
….
1
n
n
TS=min{T1,…,Tn}
TS=max{T1,…,Tn}
If Ti~ Exp(λi)
then Ts~ Exp(∑i=1,nλι)
No Distribution for
Ti leads to a
known form
distribution for TS
TS=T1+…+Tn
If Ti~ gamma(νi,α)
then Ts~ gamma(∑i=1,nνi ,α)
If Ti~ normal(µi,σi2)
then s~normal(∑i=1,nµi,∑i=1,nσi2)
125
Analyzing Serries Systems
1
…
n
TS=min{T1,…,Tn}
System Failure = 1 - Pr{TS>t}
= 1- Pr{ min{T1,…,Tn}>t}
= 1 - Pr{T1>t, …., Tn>t}
=1 - ∏i=1,n Pr{Ti>t}
if components are independent
=1 - ∏i=1,n [1-Fi(t)]
126
Analyzing Parallel Systems
1
….
n
TS=max{T1,…,Tn}
System Failure = Pr{TS ≤ t}
= Pr{ max{T1,…,Tn} ≤ t}
= Pr{T1 ≤ t, …., Tn ≤ t}
= ∏i=1,n Pr{Ti ≤ t}
if components are independent
= ∏i=1,n Fi(t)
127
Making Risk Time Dependent
1
2
3
Z=1-(1-X1*X2)*(1-X3)
► Use probability laws (Cuts Set Rep)
P(TS<t) = P([{T1<t} ∩{T2 <t}] ∪{T3<t})
= P({T1<t}∩{T2<t}) + P({T3<t}) – P({T1<t} ∩ {T2<t} ∩ {T3<t})
► Or condition on component states
P({T1<t} ∩ {T2<t} ∩ {T3>t}) + P({T1>t} ∩ {T2>t} ∩ {T3<t})
+P({T1<t} ∩ {T2>t} ∩ {T3<t}) + P({T1>t} ∩ {T2<t} ∩ {T3<t})
+ P({T1<t} ∩ {T2<t} ∩ {T3<t})
Assuming independent components such that the CDF of
component i is Fi(t) = Pr{Ti≤t} yields
128
Making Risk Time Dependent
1
2
3
Z=1-(1-X1*X2)*(1-X3)
► Use probability laws (Cuts Set Rep)
P(TS<t) = F1(t)F2(t) + F3(t) - F1(t)F2(t)F3(t)
► Or condition on component states
P(TS<t) = F1(t)F2(t)R3(t) + R1(t)R2(t)F3(t) + F1(t)R2(t)F3(t)
+ R1(t)F2(t)F3(t) + F1(t)F2(t)F3(t)
where Ri(t) = 1 – Fi(t) = Pr{Ti > t}
129
Statistical Inference for Time
Dependent Model Parameters
Making Models Reflect Reality:
Classical Estimation
130
► What is an estimator?
Given an unknown parameter θ and a random
sample X1, ..., Xn from (X|θ), what are some
estimators Θ for θ?
They are functions of the random sample
Θ(X) = (1/n) ∑i=1,n Xi), ,
Θ(X) = max(X1, ..., Xn )
Θ(X) = 3, ......
An estimator is a random variable with a probability
distribution and an estimate is a realization of that
random variable.
What is a good estimator?
Look at its pdf
131
Classical Estimation
► What is a good estimator?
Unbiassedness
Minimum Variance
Consistency
E[Θ] = θ
VAR(Θ) as small as possible
(there is a Cremer-Rao
Lower Bound)
Θn→ θ as n→∞
132
Classical Estimation
► Main Parametric Estimators:
~
Given a random sample X1, ..., Xn from f(X|θ), with
unknown parameter(s), θ
Method of Moments (ok properties but easy to use)
Θ(X) is obtained as the solution to
1. E[X|θ] = (1/n) ∑i=1,n Xi, (θ has dimension one)
2. E[X|θ] = (1/n) ∑i=1,n Xi,
VAR[X|θ] = S2
(θ has dimension two)
more equations for higher dimensions
Example
_
^
Exponential E[X] = 1/λ ⇒λ = 1/x
_
Gamma
E[X]
= ν/α ,_VAR[X]= ν/α2
⇒ ν=x2/S^2, α=x/S2^ 133
Classical Estimation
► Main Parametric Estimators:
Method of Least Squares
Θ(X) is obtained as the solution to
Min ∑i=1,n {F(X(i)|θ) - i/n}2 , X(i) is the ith smallest Xi
value and F is a particular parametric family
Selected F(x|θ)
~
0
134
Classical Estimation
Method of Maximum Likelihood (Best
Properties)
Θ(X) is obtained as that which maximizes the
likelihood function, a function essentially describing
the probability of observing what was observed
By selecting the values for the parameter that
maximize the likelihood function, we select the
parameter values which maximize the probability of
observing what we oberved
There are several forms of likelihood functions
Formulating the Likelihood
Function – Complete Samples
The Likelihood has many forms, based on the data
► Complete Samples: a random sample X1, ..., Xn
L(θ|X) = Πi=1,n f(Xi|θ)
X
X
X
X
X
Exact failure times observed
135
Formulating the Likelihood
Function - Censoring
► Right Censored Samples: A life test with n items
that stops after time t*, if r failures are observed,
let the observed failure times be denoted X(r) =
X(1), ..., X(r) in addition we know X(i) > t* for i > r,
L(θ|X(r),t*) ={Πi=1,r f(X(i)|θ)}R(t*|θ)n-r
X
X
(
(
X
0
~
t*
136
Formulating the Likelihood
Function-Censoring
► Left Censored Samples: A life test with n items
that begins at t = 0 but we do not get to observe
the condition of the items until after time t*. Let r
items be observed to be failed at t* and let the
observed failure times be denoted X(n-r) = X(r+1), ...,
X(n) in addition, we know X(i) ≤ t* for i ≤ r.
L(θ|X) = {Πi=r+1,n f(X(i)|θ)}F(t*|θ)r
X
X
)
)
X
0
t*
137
Formulating the Likelihood
Function-Censoring
138
► Interval Censored Samples: A life test with n
items begins at time t = 0 but observation of the
state of the items (failed or surviving) is only at
fixed time points 0 = t0 < t1< …. < tk < tk+1 = ∞. The
test is stopped at tk. Let Xi, i = 1, ...,k denote the
number of items observed failed in [tk-1,tk], Xk+1 is
the number still surviving at tk
L(θ|X) ∝ Πi=1,k+1 [F(ti|θ) - F(ti-1|θ)]Xi
(
(
(
)
0
t1
)
)
t2
(
)
t3
t4
Formulating the Likelihood
Function
139
► Or any mixture
)
(
)
(
(
X
0
t1
t2
t3
t4
L(θ|Data)∝[F(t2|θ)]*[F(t2|θ)-F(t1|θ)]* R(t3|θ)*R(t4|θ)*f(t1|θ)
Usually for numeric reasons we take the natural log
and maximize
Formulating the Likelihood
Function
► Example:Consider the following failure time
data
from an exponential distribution
t1=5, t2=12, t3=26, t4>10, t5>17, t6<4,
t7∈[5,10], t8∈[5,10], t9∈[11,16], t10∈[20,30],
L = f(5)*f(12)*f(26)*R(10)*R(17)*F(4)
*[F[10)-F(5)]2*[F(16)-F(11)]*[F(30)-F(20)]
or
140
141
Maximum Likelihood Estimation
- Weibull Likelihood Plots
142
Bayesian Statistical Inference
for Time Dependent Model
Parameters
143
Bayesian Statistical Inference
► Law of Total Probability
Given an event B and a collection of events
A1, …, An which are mutually exclusive
(Ai ∩ Aj =∅) and collectively exhaustive (∪Aj =Ω)
then P(B) = ∑j=1,nP(B ∩ Aj) = ∑j=1,nP(B | Aj)P(Aj)
► Bayes Law
Given an event B and a collection of events
A1, …, An which are mutually exclusive
(Ai ∩ Aj =∅) and collectively exhaustive (∪Aj =Ω)
then P(Ai|B) = P(B | Ai)P(Ai)/ ∑j=1,nP(B | Aj)P(Aj)
144
Bayesian Statistical Inference
► Random Variables and The Law of Total
Probability and Bayes Law
When a problem uses a random variable and
specifies its parameters conditioned on some
physical act X~f(x|θ) where Unconditional questions about X – Law of TP
For example
145
Bayesian Statistical Inference
Questions about θ given observations on X –
Bayes Law
For example
146
Bayesian Statistical Inference
Example: Products are produced by three
separate machines. Machine 1,2, and 3 produce
defective products with probability .1, .05 and .02
respectively and account for 10%, 40% and 50%
of the total products produced.
Then X is number of defects, X|p~Bin(n,p)
where n is a sample size and
147
Bayesian Statistical Inference
a. If a box of 10 product are randomly selected and
we do not know which machine manufactured the
products in the box, what is the probability of no
defects?
Pr{X =0}
= Pr{X 0|p=.10}Pr{p=.10}+Pr{X=0|p=.05}PR{p=.05}
+ Pr{X =0|p=.02} Pr{p=.02}
= (.90)10(.10)+(.95)10(.40)+(.98)10(.50) = .6829
148
Bayesian Statistical Inference
b. If 1 defect is found what is the probability that
machine 1 produced the box?
149
Bayesian Statistical Inference
150
Bayesian Statistical Inference
Note: the spreadsheet works for a single observation
but may be used sequentially for multiple observations
Example Pr{p=.1|X1=1,X2>3}
Pr{p=.1}
Pr{p=.1|X1=1}
Pr{p=.1|X1=1,X2>3}
151
Bayesian Statistical Inference
► Bayes Theorem: Continuous Analogue
THM: Let X and Θ be continuous random vectors
with joint probability density f(x,θ) . Let f(x|θ) and f(θ|
x) be the corresponding conditional densities and
f(θ) = ∫ f(x,θ)dx be the marginal density of Θ. Then
f(θ|x) = f(x|θ)f(θ)/{∫ f(x|θ)f(θ)d θ}
Proof: if f(θ) > 0 and f(x) > 0, f(θ|x) = f(x,θ)/f(x)
⇒ f(θ|x) = f(x,θ)/{∫f(x|θ)f(θ)dθ}
= f(x|θ)f(θ)/{∫ f(x|θ)f(θ)dθ}
152
Bayesian Statistical Inference
► Principals of Bayesian Inference
Description of uncertainty is via probability,
Uncertainty about unknown parameters α, β, γ, etc
for statistical models is expressed via probability
distributions for the parameters
Given a model f(x|Θ) with unknown Θ, a distribution,
g(θ) is specified using expert judgment. This is
called the prior distribution for Θ and describes our
uncertainty about Θ
153
Bayesian Statistical Inference
If we wish to make probability statements about the
random variable X, taking into account our
uncertainty for Θ, we may do so using the
law of total probability f(x) = ∫ f(x|θ)g(θ)dθ
This distribution is called the
predictive distribution for x.
Thus Pr{X∈A} = ∫Af(x)dx if X is continuous or using
an appropriate summation if X is discrete
154
Bayesian Statistical Inference
If data becomes available we update our
uncertainty distribution for Θ using Bayes Theorem.
We use the probability model to describe the form
of the data as a function of the parameter. This is
called the likelihood function.
There are many forms of the likelihood function
depending on the form of the data, however for a
complete random sample X1,…, Xn from f(x|θ), the
likelihood is given as
L(θ|x1,…, xn ) = Πi=1,n f(xi|θ)
155
Bayesian Statistical Inference
Given the data, x~ = x1,…, xn the updated distribution
which describes the uncertainty for Θ is given by
Bayes Theorem as
g(θ|x)
= L(θ|x)g(θ)/{∫
L(θ|x)g(θ)dθ}
~
~
~
This is called the posterior distribution for Θ and it
describes our uncertainty for Θ in light of the data.
156
Bayesian Statistical Inference
If we wish to make probability statements about the
random variable X, taking into account our
uncertainty for Θ AFTER the a random sample is
observed, we may do so using the law of total
probability
f(x|x)
= ∫f(x|θ)g(θ|x)dθ
~
~
This is called
the predictive distribution for X after observing x.
~
157
Bayesian Statistical Inference
BEFORE DATA
OBSERVABLE
PARAMETER
Prior
Predictive
f(x)
Prior
g(θ)
AFTER DATA
Posterior
Predictive
f(x|x)
~
Posterior
g(θ|x)
~
158
Bayesian Statistical Inference
• Example (Effect of Prior on Posterior)
Failure Data: (12,10,15,5,8)
159
Bayesian Statistical Inference
• Example (Effect of Prior on Posterior)
Failure Data: (.1,.5,.3,.1,.2)
Bayesian Statistics:
Defining the Prior
► Methods
Conjugate Priors
Noninformative Priors
Maximum Entropy Priors
Empirical Bayes Priors
160
Bayesian Statistics:
Prior Selection
PRIOR ASSESSMENT
Access to Experts
Yes
Yes
Any Prior
Access to Computer
No
No
Access to Data
Yes
161
Conjugate Prior
Empirical
Bayes Prior
No
Access to Partial
Information
Moments
No
Noninformative Prior
Yes
Maximum
Information
Prior
162
Example Bayes Analysis
The number of non serious accidents at a plant is given by
a Poisson process with rate λ per year. However, since λ is
unknown, a prior distribution is constructed. The gamma
distribution with υ=1 and α=5 is selected. Given the above,
what point estimate would you use for λ?
163
Example Bayes Analysis
The number of non serious accidents at a plant is given by
a Poisson process with rate l per year. However, since λ is
unknown, a prior distribution is constructed. The gamma
distribution with υ=1 and α=5 is selected.
What is the probability that λ is less than .1?
What is the probability of more than 2 accidents per
year?
164
Example Bayes Analysis
For a year period, we observe 3 accidents. Plot the prior
and posterior distribution of λ. In a year we observe 3
accidents, what is the probability of more than 2 accidents in
the following year?
165
Example Bayes Analysis
© Copyright 2026 Paperzz