Use of TDC software at ENSIAME & LAMIH

Use of TDC software for a dynamic process of negotiation between the exploiter and supplier of innovative system


The dependability of a complex system is characterized by its RAMS parameters (Reliability, Availability, Maintainability and Safety). Before any innovative system becomes sufficiently mature, early failures may occur at the beginning of its life, which are difficult to forecast without long lasting series of physical tests.

In the case of railway transportation systems, most of these early failures are limited in severity, but lead to a more or less long period of unavailability, which highly penalizes the exploiters of such systems, inducing delays, traffic jams, and users’ dissatisfaction. For this reason, the system should be ordered only when the rate of occurrence of these small failures becomes very low, which may require a heavy testing effort for suppliers.

Alternatively, heavy contractual penalties might be required to the system’s suppliers by the exploiters. Indeed, the increase in the number of tests during the process of integration of subsystems can reduce the uncertainty about the effective reliability of the system, but it is very expensive. So, deciding an acceptable rate of early failures is a critical task, from the respective points of views of both the supplier and the exploiter of these systems. Moreover, these two points of views must converge toward a common acceptable rate which becomes contractual.

Our goal is to control and supervise the convergence process toward a reference scheme of early failures, common to the supplier and the exploiter of a complex system (a guided transportation system).
To establish a reference by progressive convergence (reason why we call it dynamic reference scheme), we propose a collaborative methodology to help better control the uncertainty about the future reliability of a complex system at the beginning of its operation. This methodology highlights a process of negotiation between the exploiter and the supplier of the system, supporting the emergence of a common reference of the anticipated reliability increase in function of time, which can be expressed by the failure rate plotted Figure 1.

The components of this methodology are based on:

  • A product model, providing the actors with the ability to characterize the system’s dependability and a design process model capable of integrating their computation, valuation and their assessment across the design process stages. The existing models only refer to the technical aspects of the product. However, design decisions must be taken based not only on physical or technical criteria (geometry, topology, stiffness, etc.) but also considering criteria such as dependability, cost and value throughout the life cycle. We intend to use Knowllence software to specify the structure of both product and process models.

  • A convergence process model, supported by recurrent negotiation tasks, which improves the probability to reach a solution acceptable for the different actors. This process is controlled by the decision model which assesses the dependability throughout design steps, taking into account the points of views of the exploiter and of the designer of the system. This model provides both with the ability to analyze cost vs risk, cost vs potential benefit and risk vs potential benefit, according to the respective perception of actors. The sought reference scheme is a balance between an acceptable level of risk and an acceptable level of dedicated resources ensuring a target safety level. It helps decision makers objectively decide among a list of candidate alternatives. To this extent, cost / benefit / risk can provide criteria that are consistent and objective.


The proposed method must provide a more effective communication between the actors. Actually, trade-offs must be made early, avoiding misunderstanding and late deception. Typically, improving the RAMS parameters reduces the life cycle costs, but the implementation of the corresponding decisions increases the development efforts. The main sources of risk can be highlighted earlier, suggesting further discussions about the clauses of the contract between supplier and exploiter.
The use of TDC- Needs, Structure, FMEA and FTA modules must allow us to implement the proposed methodology, i.e.: the product model, the design process model, the decision making process based on risk / cost/ benefit parameters and the convergence process model based on negotiation.

Dominique DENEUX & Laurent CAUFFRIEZ
Université de Valenciennes et du Hainaut-Cambrésis
Le Mont Houy - 59313 Valenciennes cedex 9 - France

June 2009







Pour en savoir plus

TDC Need
Logiciel d'analyse fonctionnelle du besoin et CdCF

TDC Structure
Logiciel d'analyse fonctionnelle technique

Logiciel AMDEC Produit - AMDEC Process

Le blog Knowllence

Retour d'expériences de clients

Inscrivez-vous à nos événements