1. Introduction
In order to evaluate the effect of potential failures of system operations on mission, safety, and performance, FMECA(Failure Mode, Effects and Criticality Analysis) is performed among the developments. The FMECA result is used to identify the items with high risk by evaluating the expected failure effects of the items constituting the system.
Besides choosing the analyzed objects as the key management targets, FMECA also allows us to reflect them in design, develop exclusion procedure, prepare technical manuals and analyze complete reliability centered maintenance^{[14]}.
Usually, in order to establish reasonable preventive maintenance between life cycle of systems, it is necessary to select preventive maintenance items and preventive maintenance cycles through RCM analysis. However, in the analysis of the criticality using US military specifications, many procedures are applied in different aspects according to the developer's capability and requirements. For an ease in accessibility, it is required to establish an objective standard procedure of criticality analysis^{[56]}.
Therefore, this paper summarizes the reliability and Bayes theory related to the criticality analysis, examines the problems of the US military standard for criticality analysis and suggests a method for quantifying the probability of failure for objective criticality analysis.
2. Theoretical background
2.1 Reliability theory^{[7]}
The instantaneous failure rate{λ(t)} is the rate at which an item that has been operating up to a certain point causes a failure within a certain unit time. It is used as a scale to indicate the frequency of the occurrence of failure, and can be derived using equation (1).
F(t) is the unreliability function, that represents the probability of failure occurring within a certain point of time, and f(t) is the failure density function, which means the frequency of failure occurrence over time. In general, the failure rate can be defined as the number of failures occurring during the unit time. In many applications, the average failure rate{λ (t_{1},t_{2})} is also used. It can also be expressed as equation (2) using the reliability function{R(t)}.
R(t) means the probability of satisfactorily operation during the intended use period under given operating conditions. And, λ(t) and R(t) used in equation (4) are derived from the relation of (3).
Assuming that only one failure occurs at a certain point in the above equation (4), and assuming that the life of the part follows the exponential distribution, λ (t) becomes a constant. In that case, F(t) can be expressed as equation (5).
Taylor's theorem is an approximation of the analytic function by the polynomial function. The approximation of the analytic function by the n^{th} polynomial function is called the Taylor approximation, and the Taylor approximation of F(t) following the exponential distribution is expressed as (6). The approximate value of the second order Taylor function is given by equation (7)^{[8]}.
As a result, when the failure rate and time are very small, the probability of a failure occurring within a period can be expressed as a product of failure rate and time.
2.2 Bayes Theory
Bayes`s theorem describes the process of inferring the probability of an event based on previous experience and current evidence. If event A is any event of sample space S, The conditional probability that event B occurs under the condition that A has occurred is expressed as (8)^{[9]}.
P(A_{i}) is the prior probability of A, P(B) is the prior probability of B, P(A_{i}B) is the conditional probability of A when event B is given, P(BA_{i}) is the posterior probability for the evidence of event A.
In the criticality analysis, the failure effect probability (β_{j}) is defined as the probability that the failure effect will belong to a specific severity classification, under the condition that a particular failure mode has occurred. This implies that conditional probability P(B_{j}A_{i}) can be expressed as equation (9) by applying Bayes`s theorem. Where A_{i} is defined as a specific failure mode occurrence event and B_{j} as a failure effect occurrence event according to a specific failure mode.
P(A_{i}B_{j}) represents the conditional probability of A_{i} when the event B_{j} is given, P(A_{i}) represents the probability of occurrence of a specific failure mode, and P(B_{j}) represents the probability of a specific failure effect occurring.
2.3 Relationship between failure mode and failure effect
The terms failure cause, failure effect, and failure mode are used interchangeably in practical applications. According to the definition, a failure mode means a symptom of a failure due to a failure effect ^{[10]}, and a failure effect indicates a result of a failure mode occurring in terms of the operation, function, or state of the system^{[11]}. As a result, the failure mode can be defined as a prior probability event in which the causal relation of the failure effect is established, and the failure mode and the failure effect are in the dependency relation as the causal relation is established.
When the criticality analysis is performed, the failure effect should be extended not only to the analysis target level but also to the system and subsystem level as shown in Fig. 1. From the relationship between the failure mode and the failure effect, there is a feature that the upper failure of the analysis target is described as the failure effect.
3. Application of military standards
The criticality analysis between system development is based on Task 101 and Task 102 of MILSTD1629A. The critical value(C_{m}) Is expressed as the product of the failure mode ratio(α), the failure effect probability(β), the failure rate(λ) and the annual operating time(t)^{[1]}.
C_{m} denotes the degree of criticality for a specific failure mode of the item to be analyzed, and the failure mode ratio means a rate at which failure occurs due to the mode of the identified failure.
In equation (10), most of the parameters are applied quantitative specifications, but the failure effect probability is generally determined by the developer's qualitative indicators such as Table 1, and the decision method as shown in Table 2 is applied. In addition, there is no guideline for cases where several failure effects occur in one failure mode, so there is a possibility of error in judgment, and the validity of the analysis result depends greatly on the developer's capability. Therefore, it is necessary to study the methodology that can quantitatively judge the failure effect probability to reduce the workload of the developer and to make a more accurate and rational analysis^{[13]}.
4. Failure effect probability quantification
The approximation of the probability of failure by Taylor theorem is applied with Bayes' theorem to quantify the failure effect probability. According to Bayes' theorem (9), the failure effect probability can be calculated using three parameters P(A_{i}), P(A_{i}B_{j}) and P(B_{j}). For the analysis, MTBF(Mean Time between Failure), failure mode ratio derived from reliability analysis and FTA (Fault Tree Analysis) technique were used.
First, P(A_{i}) means the probability of occurrence of the failure mode, and it can be derived by expressing the top event failure event of the FTA as the failure mode event^{[14]}.
And, P(A_{i}B_{j}) means the rate of occurrence of the failure mode(A_{i}) under the failure effect occurrence condition(B_{j}). It can be expressed as equation (11)^{[15]}, from the ratio of the failure effect occurrence frequency(O_{fe,j}) to the failure mode occurrence frequency(O_{fm,i}).
If there is failure data of similar system in the above equation, it can be applied immediately. However, when there is no failure data, the frequency of occurrence of the failure mode is calculated from the failure rate and the failure mode ratio of the analysis target as shown in equation (12). Considering that the failure effect due to the failure mode has progressed according to a certain failure mechanism, the frequency of occurrence of the failure effect can be calculated as in equation (13)^{[16]}.
In this case, the occurrence frequency of the failure refers to the sum of the failure effects having the same mission function as well as the severity classification for the occurrence of the failure mode of the analysis object. And, m is the group having the same mission function and severity classification.
In addition, P(B_{j}) means the probability of occurrence of the failure effect, and the probability approximation can be performed using the failure effect event`s failure rate(λ_{fe.j}) according to the Taylor theorem (7). Here, the failure effect event`s failure rate can be calculated using the frequency of occurrence(O_{fe,total}) of the total failure, the frequency of occurrence of the failure, and the system failure rate(λ_{s}) as shown in equation (15)^{[4]}.
5. Failure effect probability quantification
The aircraft's fuel system must be capable of continuously supplying and maintaining fuel to the engine, while minimizing the pilot's attention during flight. In this fuel system, the failure effect probability is quantified by applying equation (15) to the fuel transfer pump.
The fuel transfer pump is mounted outside the fuel tank to enable fuel transfer between the tanks. Through the FMEA, the Fuel transport degradation, the Low discharge pressure, and the failure mode of the external leakage are identified as shown in Table 3.
P(A_{i}) is calculated by applying the FTA to the components of the fault cause derived by FMEA as shown in Fig. 2. In this case, equation (7), MTBF and FMD data of the components are applied to the probability of failure of the basic event^{[17]}.
P(A_{i}B_{j}) is shown in Table 4, and frequency of occurrence of failure mode is calculated using equation (12) based on FMEA data. The failure effect is classified based on the mission function shown in Fig. 3 and the severity classification shown in Table 3, and the frequency of occurrence of the failure effect is calculated by applying equation (13).
Finally, P(B_{j}) is calculated as shown in Table 5 by applying equation (14) and (15) through the system failure rate and the frequency of occurrence of the failure effect.
Analyzed parameters of P(A_{i}), P(A_{i}B_{j}) and P(B_{j}) are applied to the Bayes equation (9) to calculate the failure effect probability of the fuel transfer pump. The critical value is calculated by applying the failure rate, the operating time (234H) and the failure mode ratio to the equation (10), and the critical value(C_{m}) using the quantification method for the fuel transfer pump is shown in Table 6.
6. Conclusion
In this study, theories related to criticality analysis and US military standards were analyzed, and a method for quantifying the failure effect probability was proposed for objective criticality analysis. Based on our findings, the following conclusions can be drawn:

Criticality analysis according to US military standards depends on the subjective judgment of the expert or the indicator of the failure effect probability.

A methodology for quantifying the probability of failure is proposed using the reliability theory and Bayes' theorem.

The calculation of criticality was demonstrated by applying the method of quantification of failure effect probability to the fuel transfer pump for aircraft.