The present invention relates to a generator of predetermined sequences of combined logic signals.
This generator makes it possible to obtain predetermined sequences of combined logic signals of levels 1 and 0 obtained, in certain predetermined circumstances, at successive instants of each sequence.
The invention is applicable to the simulation of all logic systems operating on the basis of the reception of logic signals of level 0 or 1 which, when applied to the different inputs of a simulation circuit, correspond to the simulation of the failure or repair of components of the simulated circuit. This generator can also be used in the study of the failure or satisfactory operation of any system having a plurality of components (e.g. mechanical or hydraulic), as a function of the failure or satisfactory operation of each of these components. The failure or satisfactory operation of the components of the system can take place either simultaneously or separately. The study of the failure of the system takes place by associating the generator according to the invention with a logic simulator, whose logic components represent the components of the simulated system. The logic signals of level 0 or 1 are applied to the inputs of logic components of the simulator in order to simulate the failure or repair of corresponding components of the system. For each of the combinations of the logic signals supplied to the outputs of the generator according to the invention, the response of the simulator (logic level of the output signal thereof) is analysed, to establish whether it is a combination of logic signals which will or will not lead to the failure of the system. The list of combinations of the logic signals of level 0 or 1 associated with the simulator responses makes it possible to analyze the simulated system for reliability studies.
It is known that in nuclear power stations, aircraft, oil industry research means, etc., it is necessary to use control or security systems having a high degree of reliability and which for this reason very frequently have redundant channels. These redundant channels make it possible to ensure that any failure of one of the components of one of the channels does not prevent the system from triggering the desired security or control action. These redundant channels also make it possible to facilitate the repair or inspection of one of the channels without stopping the desired security or control action.
Different methods have been used for analyzing the reliability of control or security systems. Unfortunately, these methods generally use the so-called failure tree principle, which requires the use of a power computer, when the system to be checked is complex. These difficulties are described in the article by P. K. ANDOW entitled "Difficulties in fault tree synthesis for process plant", which appeared in the IEEE Transactions reliability journal, Vols R29, April 1980, pp. 2 to 9.
The difficulties appearing in the reliability analysis of the system on the basis of the failure tree thereof can be surmounted by the use of wired simulation circuits representing the system. These circuits are e.g. described in the article entitled "Verification of fault tree analysis" published by "Electric Power Research Institute", in the Journal EPRI-NP-1570, Vols 1 and 2, May 1981. These simulation circuits make it possible to avoid the design of a failure tree of a system, but have very limited performance levels, because they permit the reliability study of systems having at the most 20 components.
More recently, a combined logic signal generator has been developed, which makes it possible to study the reliability of systems on the basis of simulation circuits. This generator is described in the article by A. LAVIRON entitled "ESCAF-failure simulation and reliability calculation device", Second National Reliability Conference, Birmingham, England, Vol. 2, March 1979, pp. 6C/4/1-6C/4/10. This combined logic signal generator makes it possible to study the reliability for complex systems via logic simulators. On N of its outputs, it supplies all the possible combinations of P logic signals of level 1 and N-P logic signals of level 0. As a function of the sought reliability tests, these logic signals are applied to the inputs of components of the simulation circuit, so as to simulate either the satisfactory operation of each component (logic level 1 of the signal applied to one input of the component), or the failure of each component (logic level 0 applied to the input of said component). These logic signals simulating the failure or satisfactory operation of one or more components of the simulation circuit make it possible to observe on the output of said circuit whether the failure or satisfactory operation of one or more components of the circuit leads to the failure or satisfactory operation of the said circuit. The aforementioned combination generator makes it possible to simulate systems with more than 400 components. However, it only permits the simulation of events (failure or satisfactory operation of components of a circuit) which occur simultaneously for studies in which there is no intervention of the arrival order of the events. This generator, which clearly constitutes an advance compared with simulation systems using power computers (e.g. of the GRAY I type) still does not make it possible to simulate events (failure or satisfactory operation of the components of a circuit occurring in a successive manner). However, it is often necessary in a reliability study of a system to bring about the intervention of failure or satisfactory operation sequences, in which the arrival order of the events has a considerable importance for the reliability study. The simulation procedures (failure tree) used with the aforementioned generator cannot then be used. These known procedures require the preparation of a MARKOV diagram which is generally very complex and cannot in fact be provided for a system having numerous components.