Identifying failure paths and potentially hazardous scenarios resulting from component faults and interactions is a challenge in the early design process. The inherent complexity present in large engineered systems leads to non-obvious emergent behavior, which may result in unforeseen hazards. Current hazard analysis techniques either focus on small slices of failure scenarios (fault trees and event trees), or lists of known hazards in the domain (hazard identification).
Early in the design of a complex system, engineers may represent their system as a functional model. A function failure reasoning tool can then exhaustively simulate qualitative failure scenarios. Some scenarios will be identified as hazardous by hazard rules specified by the engineer, but the goal is to identify scenarios representing unknown hazards.
A clustering method is applied repetitively to the large set of failure propagation results. Then, an algorithm identifies the scenario most likely to be hazardous, and presents it to the engineer. After viewing the scenario and judging its safety, the engineer may have insight to produce additional rules. The collaborative process of computer rating and human judgment will identify previously unknown hazards.
The feasibility of this methodology is being tested on a relatively simple functional model of an electrical power system. Related work applying function failure reasoning to a team of robotic rovers will provide data from a more complex system.