Conception of Repairable Dynamic Fault Trees and resolution by the use of RAATSS, a Matlab s toolbox based on the ATS formalism G. Manno a , F. Chiacchio b,n , L. Compagno c , D. D'Urso c , N. Trapani c a Det Norske Veritas, Research & Innovation, Høvik, Norway b University of Catania, Department of Mathematics and Informatics, Catania, Italy c University of Catania, Department of Industrial Engineering (D.I.I.), Catania, Italy article info Article history: Received 24 November 2012 Received in revised form 24 August 2013 Accepted 5 September 2013 Available online 19 September 2013 Keywords: Availability Failure gates Adaptive Transitions System First occurrence Discrete event simulation abstract Dynamic Fault Tree (DFT) is a well-known stochastic technique for conducting reliability studies of complex systems. At the state of the art, existing tools (both academic and commercial) do not fully support DFT with repairable components and repeated events, lowering the penetration of this powerful technique in real industrial applications (e.g., industrial processes and plants, computer, electronic and network applications). One of the main reasons limiting the attractiveness of DFT is that, originally, DFTs were conceived without repairable components; only recently few related works have started to deal with a formal semantic, which would avoid undefined behavior and misinterpretation of DFT. Other researchers have tackled the problem by introducing extensions of the original Fault Trees (FTs) technique like Boolean Driven Markov Processes (BDMPs) and Generalized Fault Trees (GFTs). However, despite they consider repairable systems and repeated events, we have found that the introduction of a different formalism with more complex features has again limited the penetration of these powerful methods in real applications. The target of this work is the original DFT technique. Starting from the state of the art, a set of standardized rules that frame the behaviors of dynamic gates are designed and a well- defined semantic for repairable-DFT is drawn through the application of a novel formalism, the Adaptive Transitions System (ATS). The proposed theoretical framework is afterward used to code a software tool, RAATSS, for the resolution of extended, repairable-DFT. Moreover, this work introduces some novel concepts regarding the modeling of a system by a DFT and provides a basic hint of the ATS capabilities to describe interdependencies in complex system. & 2013 Elsevier Ltd. All rights reserved. 1. Introduction Although risk assessment evaluation of complex dependable systems can be performed through the use of dynamic stochastic modeling, in the real industrial world the well-known combina- torial techniques, such as Reliability Block Diagram (RBD) and Static Fault Tree (SFT), are still the most widely used [1,2]. The main reasons that have limited the adoption of dynamic stochastic modeling in industrial applications can be related to the following issues: (i) enterprises do not bother to update the risk assessment of existing processes (or plants) evaluated with the static techni- ques; (ii) static techniques offer exact and simple solution algo- rithms as they do not consider time and cross dependencies among the parts of a system (e.g., spares replacement, load sharing, and chain of events); and (iii) dynamic modeling is still too enigmatic and there is not a straight solution algorithm to solve any type of complex model [3]. The first issue is reasonable because updating a risk model is not the main activity of an enterprise and it costs time and money. Moreover, the enhancement of existing static models with dynamic features can result tedious mainly because commercial (and academic) solutions are not well developed or easy to use. In fact, at the state of the art, all the available solutions present several limits [3]. Continuous time Markov chains (CTMCs) are the progenitor of stochastic dynamic modeling [4]; they are very flexible and can model several types of systemic dependencies. However, although they obey to a rigorous mathematical founda- tion, their use is limited to applications that can only be described by exponential distributions. Moreover, CTMCs have at least two other important issues: (i) large models can easily turn into the state space explosion, which makes the analytical resolution unfeasible and (ii) the system oriented representation, i.e., com- ponents, mechanisms and their interaction, is lost due to the flat representation of the state space. Regardless of the mentioned merits and limits, CTMCs have been the launching pad for other formalisms, like Dynamic Fault Trees (DFTs), Dynamic Reliability Block Diagrams (DRBD), Boolean Driven Markov Process (BDMP), and Generalized Fault Tree (GFT) [5–9]. Introducing new formalisms, researchers have tried to Contents lists available at ScienceDirect journal homepage: www.elsevier.com/locate/ress Reliability Engineering and System Safety 0951-8320/$ - see front matter & 2013 Elsevier Ltd. All rights reserved. http://dx.doi.org/10.1016/j.ress.2013.09.002 n Corresponding author. Tel.: þ39 3287171803. E-mail address: chiacchio@dmi.unict.it (F. Chiacchio). Reliability Engineering and System Safety 121 (2014) 250–262