Reliability analysis of helicopter emergency flotation system

Abstract

The reliability of the emergency flotation system of helicopters is analysed by using fault tree analysis and the Monte Carlo method. We constructed a fault tree with the failure of system as the top event and obtained the minimal cut set, the ranking of the structural importance of the bottom events and the probability of the occurrence of the top event. Based on the system fault tree, a Monte Carlo simulation model of the emergency flotation system is established by using Matlab/Simulink. The results show that the Monte Carlo method is feasible and effective for the reliability analysis of the emergency flotation systems of helicopters. Furthermore, the comparison between the criticality importance and mode importance of each subsystem suggests that the control component is the weakest part of the emergency flotation systems, thereby providing a basis for system reliability design and fault diagnosis.

Keywords

Helicopter emergency flotation system fault tree analysis Monte Carlo simulation reliability analysis

1. Introduction

The helicopter life-saving tech is important to ensure the safety of crew or passage when a helicopter in emergency, such as emergent loading, failing or damage accidence, generally, the rescue environment is classified into two categories according to different falling environments: land rescue and marine rescue. Helicopters are not watertight. After landing in the sea, they usually sink into the water within a few minutes, making it difficult for the crew to escape [1]. The emergency flotation system is one of the main life-saving equipment installed in helicopters. It helps keep helicopters afloat in the event of a water landing, ensuring adequate time for the crew to escape. However, owing to the complex sea conditions and the difficulties faced during the arrival of rescue teams, the reliability of the emergency flotation systems of helicopters is pivotal.

Therefore, to analyse the reliability of the emergency flotation systems of helicopters and determine the weak link of the system reliability, we developed a fault tree with the system failure as the top event after clarifying the relationship between the system structure and logical function, and conducted qualitative and quantitative analyses. Furthermore, based on the Fault Tree Analysis (FTA), we used the Monte Carlo (MC) method to analyse the reliability of the emergency flotation systems and determine the weak link of the system reliability.

2. Working principle of helicopter emergency flotation system

The emergency flotation system of a helicopter comprises three major components, i.e. a control component (S1), an inflatable component (S2) and a pontoon assembly (S3). The schematic diagram of the system is shown in Fig. 1. It can be observed that the subsystems are connected in series, hence, an emergency floatation system works only when all the subsystems function properly [2].

Fig. 1.

Schematic diagram of helicopter emergency flotation system.

When an emergency such as a sea crash occurs, the pilot can turn on the control switch according to the scenario to activate the airbag inflation and ignition device. Moreover, if the pilot loses his/her operational capability, the sensors in the emergency flotation system can intelligently activate the ignition device as well. When the inflatable component receives the ignition signal, air source devices I and II operate together and inflate the pontoons on both sides of the fuselage via an inflation pipeline, enabling the helicopter to float on the surface of the water, thereby obtaining time for the crew to escape.

3. Fault tree analysis of helicopter emergency flotation system

The FTA considers an undesired fault as the top event, and determines the necessary and sufficient reasons of the top event by a strictly hierarchical logical analysis from top to bottom, thereby determining the cause or a combination of causes for the top event. Consequently, the weak link of the system is determined by ranking the importance of the bottom event [3].

The fault tree is divided into five layers, in which the total system failure is the top event. For the fault tree to correspond to the actual situation, the incorrect operation of the pilot is included in the fault tree as a bottom event. Because the pontoon cabin protects the pontoon, the failure rate of the pontoon is considered zero by default before the pontoon cabin fails. In the fault tree, the logical relationship between the pontoon cabin failure and the pontoon damage is defined as the cold spare gate. Table 1 shows the symbols and meanings of the fault tree events where X represents the bottom events. According to the fault tree, all the minimum cut sets(MCSs) are obtained by using the downlink method : {X₁X₂}, {X₃}, {X₄X₆}, {X₅X₆}, {X₇}, {X₈}, {X₉X₁₁}, {X₉X₁₂}, {X₁₀X₁₁}, {X₁₀X₁₂}, {X₁₃}, {X₁₄}, {X₁₅X₁₆}, {X₁₇}, {X₁₈}, {X₁₉X₂₀}, {X₂₁}. This fault tree has a total of seventeen MCSs, and the MCS has a maximum capacity of two bottom events. Through the number of times that the bottom event occurs in all the MCS and the combination with other bottom events, the structural importance of the bottom event is sorted as follows: $\begin{eqnarray}\displaystyle \text{} & \text{} & \displaystyle \text{I}(\text{X}_{21})=\text{I}(\text{X}_{18})=\text{I}(\text{X}_{17})=\text{I}(\text{X}_{14})=\text{I}(\text{X}_{13})=\text{I}(\text{X}_{12})=\text{I}(\text{X}_{11})=\text{I}(\text{X}_{10})=\text{I}(\text{X}_{9})=\text{I}(\text{X}_{8})\nonumber\\ \displaystyle \text{} & \text{} & \displaystyle \quad =∼\text{I}(\text{X}_{7})=\text{I}(\text{X}_{3})>\text{I}(\text{X}_{6})>\text{I}(\text{X}_{20})=\text{I}(\text{X}_{19})=\text{I}(\text{X}_{16})=\text{I}(\text{X}_{15})=\text{I}(\text{X}_{5})=\text{I}(\text{X}_{4})=\text{I}(\text{X}_{2})=\text{I}(\text{X}_{1}).\nonumber\end{eqnarray}$ According to the Boolean algorithm, the probability of occurrence of the top event is: $\begin{eqnarray}\displaystyle P(T)\text{} & =\text{} & \displaystyle P(X_{1}X_{2}+X_{3}+X_{4}X_{6}+X_{5}X_{6}+X_{7}+X_{8}+X_{9}X_{11}+X_{9}X_{12}+X_{10}X_{11}\nonumber\\ \displaystyle \text{} & \text{} & \displaystyle +∼X_{10}X_{12}+X_{13}+X_{14}+X_{15}X_{16}+X_{17}+X_{18}+X_{19}X_{20}+X_{21} )\nonumber\\ \displaystyle \text{} & {\approx}\text{} & \displaystyle P(X_{1}X_{2})+P(X_{3})+P(X_{4}X_{6})+P(X_{5}X_{6})+P(X_{7})+P(X_{8})+P(X_{9}X_{11})+P(X_{9}X_{12})\nonumber\\ \displaystyle \text{} & \text{} & \displaystyle +∼P(X_{10}X_{11})+P(X_{10}X_{12})+P(X_{13})+P(X_{14})+P(X_{15}X_{16})+P(X_{17})\nonumber\\ \displaystyle \text{} & \text{} & \displaystyle +∼P(X_{18})+P(X_{19}X_{20})+P(X_{21}).\end{eqnarray}$ (1)

Table 1

Symbols and meanings of the fault tree

Symbol	Meaning	Symbol	Meaning	Symbol	Meaning
T	Failure of total system	C₁	Failure of left pontoon	X₁₁	Leakage of high pressure tank II
A	Failure of control component	C₂	Failure of right pontoon	X₁₂	Failure of electrically-controlled inflation valve II
A₁	Failure of power supply	X₁	Failure of Airborne power
A₂	Failure of trigger mechanism	X₂	Failure of emergency power	X₁₃	Leakage of inflation pipeline
A₂₁	Failure of manual switch opening	X₃	Failure of spare switch	X₁₄	Failure of inflation valve I
B	Failure of inflation component	X₄	Failure of manual switch	X₁₅	Failure of pontoon carbine I
B₁	Failure of compressed gas source opening	X₅	Incorrect operation of driver	X₁₆	Damage of pontoon I
		X₆	Failed sensor due to soaking	X₁₇	Fault of connecting mechanism I
B₁₁	Failure of left compressed air source	X₇	Failure of control circuit	X₁₈	Failure of inflation valve II
		X₈	Failure of ignition circuit	X₁₉	Failure of pontoon cabin II
B₁₂	Failure of right compressed air source	X₉	Leakage of high pressure tank I	X₂₀	Damage of pontoon II
		X₁₀	Failure of electrically-controlled inflation valve I	X₂₁	Fault of connecting mechanism II
C	Failure of pontoon component

Table 2 illustrates life distribution and related parameters of each component along with the relevant information [4–7], and the mission time of the emergency flotation system is t₀ = 2000 h. The probability of occurrence of the top event computed by using Eq. (1) is 0.1076. The probability of failure, birnbaum reliability importance and criticality importance of each subsystem are calculated to analyse the influence of the failure of each subsystem on the top event. The calculation results are shown in Table 3.

Table 2

Life distribution and related parameters of system components

Component	Lifetime distribution	Parameter	Component	Lifetime distribution	Parameter
Pilot	Constant	R (t) = 0.9967	Tank	Constant	R (t) = 0.9999
Spare switch	Exponential distribution	4.2624 ×10⁻⁹	Startup switch	Exponential distribution	4.2624 ×10⁻⁹
Ignition circuit	Exponential distribution	22.8 ×10⁻⁶	Control circuit	Exponential distribution	22.8 ×10⁻⁶
Airborne power	Exponential distribution	0.9045 ×10⁻⁶	Emergency power	Exponential distribution	1.0125 ×10⁻⁶
Electrically-controlled inflation valve	Exponential distribution	41.60 ×10⁻⁶	Pipeline	Exponential distribution	1.20 ×10⁻⁶
			Pontoon cabin	Exponential distribution	9.06 ×10⁻⁶
			Pontoon	Exponential distribution	1.20 ×10⁻⁶
Connecting mechanism	Weibull distribution	m =1.113 eta = 240000	Inflation valve	Weibull distribution	m =3.500 𝜂= 218000
Sensor	Exponential distribution	0.3120 ×10⁻⁶

Fig. 2.

Fault tree of helicopter emergency flotation system.

Table 3

Failure probability, probability importance and critical importance of subsystems

Subsystem	Failure probability	Birnbaum Reliability importance	Criticality importance
S1	0.0892	0.98168	0.827019
S2	0.0088	0.90206	0.074971
S3	0.0096	0.90278	0.081853

It is observed from the calculation results that, at t₀, the probability of failure of each subsystem is sorted as follows as: S1 > S3 > S2. The greater the criticality importance of the subsystem, the weaker it is in the system. Decreasing the probability of failure of this subsystem significantly decreases the probability of occurrence of the top event. Table 3 identifies the priorities of the actions to be taken to implement the security controls when a top event occurs.

It is known from Table 3 that the criticality importance of the control component is the highest, approximately eleven times that of the pontoon assembly. Therefore, the failure of the control component contributes the most to the probability of occurrence of the top event. It is the weakest link of the helicopter emergency flotation system. Reliable emergency flotation systems can be developed by improving the control component or increasing the detection frequency of the control component.

4. MC simulation of helicopter emergency flotation system

The MC method plays an important role in the reliability evaluation of systems. It is an approximate calculation method based on probability and statistics theories, which can simulate the actual physical process of system fault, so the prediction results are highly consistent with the reality. According to Bernoulli’s theorem, when the sample size is sufficiently large, the probability of a random event can be estimated by the frequency of occurrence of the event in a large number of trials. In practical engineering applications, the probability of failure of the system can be obtained after several simulation sampling. On the other hand, the weaknesses of the system are determined from the mode importance of the bottom events [8].

By using MATLAB/Simulink and the system fault tree, we developed the MC simulation model of the emergency flotation system. Each bottom event is sampled by using the corresponding life distribution function as shown in Table 2. The sampling value of the failure time of the i-th base event is: $\begin{eqnarray}\displaystyle t_{i}=F_{i}^{-1}({\eta}) & & \displaystyle\end{eqnarray}$ (2) where 𝜂 is a random number between 0 and 1. If there are several bottom events in the MCS, all the bottom events will lead to the occurrence of the MCS, i.e. the time of occurrence of the MCS T is the maximum time of occurrence of the included bottom events. On the other hand, as long as one MCS occurs, the top events will occur, i.e. the time of occurrence of the top events Y is the minimum time of occurrence of all the MCS. Its logical relationship is as follows: $\begin{eqnarray}\displaystyle \text{} & \text{} & \displaystyle T=\max \{t_{1},t_{2},\ldots ,t_{i},\ldots ,t_{n}\}\end{eqnarray}$ (3) $\begin{eqnarray}\displaystyle \text{} & \text{} & \displaystyle Y=\min \{T_{1},T_{2},\ldots ,T_{q},\ldots ,T_{k}\}.\end{eqnarray}$ (4) The probability of failure of the emergency flotation system is simulated M times by using the direct sampling method, and the results Y_m (m = 1,2, …, M) is compared with the given time t_m. If Y_m < t_m, the top event occurs within a given time, i.e. the system failure. If the number (N_m) of system failure at time t_m is accumulated, the probability of failure of the system can be expressed by N_m∕M.

Fig. 3.

Calculation results under different simulation times.

When determining the system task time, different simulation times (M) are calculated, and the result is shown in Fig. 3. It can be observed that the probability of failure of the emergency flotation system and the model importance of subsystems converge gradually with the increase in M. Considering the calculation time and data convergence, several calculations are repeated at M = 20000. The sample contains 100 sets of computational data, some of which are shown in Table 4.

Figure 4(a) is the distribution of variable P. It can be observed that the sample points are concentrated on both sides of 0.1050. On processing the data further, the frequency distribution histogram (FDH), mean value (X), and standard deviation (Y ) of the probability of the system failure are obtained, and the variable P represents a normal distribution. Similarly, the FDH, mean value and standard deviation of the variables P₁, P₂, P₃, W₁, W₂ and W₃ can be obtained. As shown in Fig. 5, the data also show a normal distribution, therefore the MC method is feasible.

Fig. 4.

Sample data of variable.

Table 4

Sample data

Sample number	P	P ₁	P ₂	P ₃	W ₁	W ₂	W ₃
1	0.10830	0.08980	0.00975	0.01095	0.81267	0.08824	0.09910
2	0.10315	0.08580	0.01000	0.01010	0.82066	0.08274	0.09660
⋮	⋮	⋮	⋮	⋮	⋮	⋮	⋮
49	0.10025	0.08345	0.01010	0.00985	0.82015	0.08305	0.09686
50	0.10235	0.08590	0.00830	0.00935	0.82835	0.08149	0.09016
⋮	⋮	⋮	⋮	⋮	⋮	⋮	⋮
99	0.10575	0.08880	0.00795	0.00895	0.82451	0.09239	0.08310
100	0.10410	0.08650	0.00750	0.00960	0.82030	0.08867	0.09104

(Note: P-system failure probability, P₁-control component failure probability, P₂-inflated component failure probability, P₃-float component failure probability, W₁-control component mode importance, W₂-inflated component mode importance, and W₃-float assembly mode importance.)

Fig. 5.

Frequency distribution histogram of variables.

On the other hand, the simulated mean probability of failure is compared with the calculated value. The results are shown in Table 5. It can be observed that the error between the probability of fault obtained by using the MC method and the actual calculation results is approximately 10⁻³, and the simulation accuracy will be higher with the increase in the simulation times and sample size. Therefore, it can be affirmed that the MC method is effective in the reliability analysis of the helicopter emergency flotation system.

Table 5

Simulation results and errors

System	Simulated average value	Calculated value	Error value
P	0.10490	0.10760	0.00270
P ₁	0.08791	0.08920	0.00129
P ₂	0.00881	0.00880	0.00001
P ₃	0.00998	0.00960	0.00038

Furthermore, the weakness of the system reliability is judged from the mode importance. The larger the value, the weaker in the system. From the Fig. 5, we can observe that the mode importance of the control component is the maximum, which is approximately ten times that of the inflatable component. Therefore, we obtain the same conclusion as that of the FTA, i.e. the control component is the weak link of the system. Improving the control component will improve the reliability of the system.

5. Conclusions

With the help of the FTA and MC method, based on the analysis of the composition structure and logical function relationship of the helicopter emergency flotation system, we developed a fault tree with the system failure as the top event. The ranking of the structural importance of the bottom events, the probability of occurrence of the top event, and the probability of failure of each subsystem were obtained (S1 > S3 > S2). By comparing the criticality importance of each subsystem, we identified the control component is the weak link of the helicopter emergency flotation system.

On the other hand, based on the fault tree, an MC simulation model of the emergency flotation system is developed with the help of MATLAB/Simulink. When the number of simulations is 20000, the calculated data with a sample size of 100 is obtained. The feasibility and validity of the MC method are proved by combining the data distribution and average value of each variable. By comparing the mode importance of each subsystem, we identified the control component as the weak link of the system, which provides a basis for the reliability design and fault diagnosis of the helicopter emergency flotation system.

References

Hou

, The Influence of Water wave on Stability of Helicopter Emergency Floating System, Nanjing University of Aeronautics and Astronautics, 2016.

Mingzhai

Mingyu

and Shiyi

, Design of naval helicopter emergency float system, in: China Helicopter Society 19th Annual Forum Proceedings, Harbin, 2003.

Contini

Cojazzi

G.G.M.

and Renda

, On the use of non-coherent fault trees in safety and security studies, Reliability Engineering and System Safety93 (2008), 1886–1895.

General Equipment Department, National Military Standards of the People’s Republic of China: Reliability Prediction handbook for electronic equipment GJB/Z,299C-2006. Beijing: General Equipment Department Military Standards Press, 2007.

Wang

Y.M.

and Liang

, Research on reliability evaluation for valves, Journal of Machine Design32(1) (2015), 13–16.

Zhang

C.X.

Zhou

M.Y.

and Wang

Z.P.

, Reliability model of aircraft structure corrosion based on bayesian updated, Acta Aeronautica et Astronautics Sinica35(7) (2014), 1931–1940.

Chen

S.B.

Gao

Zhou

X.G.

and Zeng

M.C.

, Analysis and research of the pilot-control reliability for the helicopter, Helicopter Technique4 (2011), 6–11.

Arya

L.D.

Choube

S.C.

Arya

, Evaluation of reliability indices accounting omission of random repair time for distribution systems using Monte Carlo simulation, International Journal of Electrical Power and Energy Systems42(1) (2012), 533–541.