Introduction

When Napoleon asked Laplace why his treatise on cosmology did not mention God, the latter replied, "Sire, I had no need for this hypothesis". At the end of the 19th century, physicists thought they had covered the whole of physics, and it was considered purely deterministic. There was however a small problem, but they thought it would be quickly resolved during the following century. Indeed, Young's famous slit experiment has remained somewhat forgotten. The problem encountered was that, depending on the conditions of the experiment, light behaves either like a particle or a wave, and there was no explanation for this at the time.

Owing to Planck, Einstein, Bohr, Heisenberg, Pauli, Dirac, Schrödinger and Born, quantum mechanics was born in the 1920s. It essentially states that at the subatomic level, we cannot know the position of a particle with great precision. Rather, only its probability of presence and determinism give way to uncertainty. Despite the fact it is little addressed in educational programs, quantum mechanics is nevertheless present in our daily lives. It fuels the doubt that makes us uncomfortable, and we all seek to reduce, or even better, eliminate it. We continued to monitor weather forecasts, depsite the fact we know that the weather is notoriously unpredictable and that forecasts are quite often inaccurate.

In industry, we more commonly speak of operational safety. This discipline, which acquired this name and its current form mainly over the last half century and in the defense, aeronautics, space, nuclear, telecommunications and transport sectors, is now useful, even essential, for all sectors of industry and even other activities. The goal that requires the use of operational safety is more recognizable under the term "risk control". Operational safety is, according to Villemeur (1988), "the ability of an entity to satisfy one or more required functions under given conditions". It mainly encompasses four components: reliability, maintainability, availability and safety.

Figure I.1. Various analyses of operational safety.

Reliability is thus the quantitative basis for the other three analyses of operational safety. It can itself be divided into three distinct levels depending on the phases of the system's lifecycle. This can be illustrated synthetically by Figure I.2.

Figure I.2. Different types of reliability and their positioning in the lifecycle of a system.

The maintainability of a system is also a major parameter. Of course, it only makes sense for systems subject to maintenance. It does not depend directly on reliability (the reason for the green arrow in Figure I.1). For a system to be optimally maintained, it is first essential that the spare stock is in line with the number of system failures. Thus, the estimation of the "right" number of systems in stock can be assessed on the basis of the reliability level.

Availability is a critical parameter for many industrial applications, such as aeronautics, railways, energy production and distribution. Availability represents the ability of a system to perform a required function under given conditions at a given time. It depends not only on the reliability of the system but also on its ability to be repaired. The number of repairs is generally random.

Safety, more commonly referred to as "safety" in certain industrial fields, is the ability of a product to respect, during all phases of a device's life, an acceptable level of accident risk likely to cause an attack on personnel or major degradation of the product or its environment. It is generally broken down into an analysis of failure modes and their effects and an estimation of the probability of occurrence of certain feared events specified by the client.

The authors, despite sometimes working in different industrial fields, have very often encountered methodological errors, resulting in the confusion of the major parameters of these different areas of operational safety. For example, the failure rate is often referred to as a key reliability indicator, particularly on the Internet, whereas its practical use is restricted to a few industrial applications, such as space or certain military applications (missiles). It is also possible that, for a new generation component, reliability tests are carried out on test benches to verify that its intrinsic reliability is indeed as expected. However, these tests are rare because they are time consuming and have a significant cost. The effect of maintenance, which is present in most industrial applications, is often neglected even though it plays a fundamental role in the reliability of an operating system.

There are books detailing in a very rigorous way the theoretical methods used to approach these different themes, but they often remain very academic and difficult to master in the industrial field. In addition, we often address theoretical equations that do not have explicit solutions. In some cases, numerical solutions exist, but they can present certain problems, such as inconsistent results, without really realizing them, and they do not allow us to directly understand which parameters intervene in the variable of interest.

However, some renowned scientists often discovered revolutionary theories simply through thought experiments, well before these theories were experimentally verified. Therefore, it seems quite legitimate to want to simulate random events such as moments of failure, repairs or, more generally, the appearance of the feared or hoped-for fact under the assumption of probability distributions. Monte Carlo simulations can be an effective tool for resolving the various problems mentioned above.

The objective of this book, in an industrial context of operational safety, is therefore twofold:

• We propose theoretical solutions adapted to the problems encountered.
• The corresponding Monte Carlo simulations are presented when explicit solutions are not available or to verify the proposed theoretical approximations or numerical calculations.

In accordance with Figure I.1, the structure of the book is composed of four distinct parts. For each of them, we present a theoretical analysis for systems operated without maintenance as well as a theoretical analysis and Monte Carlo simulations for systems with maintenance. If an explicit solution exists, we use only this one. If, on the other hand, only a numerical solution is possible, we will then use simulations to corroborate the results obtained. Finally, if no analytical solution is possible, either because it does not exist or because it is not known to us, we will systematically use simulations either by the failure probability inversion method or by the rejection method when the reciprocal function has no explicit expression. The simulations carried out are either created in Python code or using the "Weibull++" or "BlockSim" software from ReliaSoft®.

We begin with Part 1 on Reliability because if there is one area where uncertainty is very present, it is that of reliability. Regardless of how well we know the physics of the technology used, the failure times of technological entities being tested or operated are always random.

During the so-called specification phase, a reliability objective is generally required by the client, which translates either into a probability of successfully completing a specific mission for systems operating without maintenance or into an "MTBF" for those with maintenance. Thus, at the end of the design phase, since the final (series) version of the system is not yet available (only prototypes are functional), a predictive reliability analysis is carried out to verify that the objective is met. The realism of this predictive analysis is therefore very important, particularly the estimation of the levels of physical contributions (life profile) to which the system will be exposed during its operational life.

Thus, Chapter 1 propose to evaluate the sensitivity of the forecast reliability estimate to the parameters of the life profile of a system. Therefore, instead of constructing it from constant levels, we propose, when necessary, to assume a probability law chosen according to the information collected. We then use Monte Carlo simulations to estimate the variability of the system reliability.

On the other hand, in certain specific cases, reliability tests on a component deemed "at risk" (with respect to the reliability of the entire system) may be deemed necessary or even essential. This may be a component with an insufficient reliability level on a previous generation and that has undergone a design change, a new technology component, a single-source component for which the manufacturer does not provide reliability information, etc. In contrast to the general case where we want to minimize the number of system failures, particularly during the design phase, we will therefore do everything possible to induce failures to obtain an "intrinsic" reliability model of the component with a given accuracy. The notions of bias and variance of the estimators of the reliability model parameters are then of the utmost importance. Chapter 2 therefore proposes a theoretical approach with explicit solutions when possible and Monte Carlo simulations when this is not the case.

Finally, so-called...