Fault Tree Analysis (FTA)

Table of Contents:

Introduction

When a serious failure happens, teams often rush to ask, “What went wrong?” But for high-risk systems, a better question is, “What combinations of failures could make this happen at all?” That is exactly where Fault Tree Analysis (FTA) becomes powerful. NIST defines fault tree analysis as a top-down, deductive failure analysis in which an undesired system state, called the top event, is analyzed using Boolean logic to identify realistic ways it can occur.

FTA is widely used in safety, reliability, engineering, manufacturing, aerospace, energy, and process industries because it helps teams move from a visible failure back to the chain of causes beneath it. The U.S. Nuclear Regulatory Commission’s Fault Tree Handbook describes FTA as a systematic way to model the parallel and sequential combinations of faults that can lead to a predefined undesired event. NASA similarly describes it as one of the best methods for systematically identifying and graphically displaying the many ways something can go wrong. 

This guide explains what FTA is, why it matters, which symbols you need to know, how to perform it step by step, and how to understand it through a simple example.

What Is Fault Tree Analysis?

Fault Tree Analysis is a deductive, top-down method. That means you start with one clearly defined failure at the top and work downward to identify the lower-level faults, conditions, and combinations that could cause it. Instead of beginning with component-level failures and asking what they might cause, FTA begins with the unwanted outcome and asks what must happen for that outcome to occur.

The “tree” in FTA is a logic diagram. It shows how basic events, such as equipment failure, human error, power loss, or control malfunction, combine through logic gates like AND and OR to produce the top event. One of FTA’s biggest strengths is that it can be used qualitatively to understand cause paths and quantitatively to estimate failure likelihood if probability data is available.

Why Is Fault Tree Analysis Useful?

FTA is useful because serious failures are rarely caused by a single issue. In many systems, the real problem is a combination of conditions: a component fails, a backup does not start, an operator misses an alarm, and a protective barrier is unavailable at the same time. FTA helps teams visualize the logic clearly, rather than treating incidents as isolated events. 

Industry Insight

Major system failures typically result from multiple contributing factors, not a single cause.

The NRC handbook highlights that FTA is especially effective for analyzing catastrophic occurrences and complete failures, while NASA notes that it is one of the best methods for systematically identifying and displaying many ways a hazard can happen. Bosch’s FTA guide also shows its value in both qualitative interpretation, such as identifying critical cut sets, and quantitative interpretation, such as estimating the probability of occurrence. 

FTA is Especially Useful When You Need To:

  • Investigate critical failures
  • Understand multiple interacting causes
  • Identify single-point weaknesses
  • Support safety and reliability decisions
  • Prioritize risk reduction actions
  • Document failure logic for audits or reviews

What Are the Main Fault Tree Analysis Symbols and Gates?

To read or build an FTA, you need to understand a few core symbols. According to the NRC handbook, the most common event symbols include the basic event for an initiating fault, the intermediate event for a fault caused by lower-level events, the undeveloped event for something not analyzed further, the external event for something expected or outside the system, and the conditioning event for a condition that must exist for a gate to produce its output. 

The most important logic gates are:

OR Gate

The output event occurs if at least one input event occurs. This is used when any one of several failures can produce the problem. 

AND Gate

The output event occurs only if all input events occur together. This is used when multiple failures or conditions must align to create the undesired event. 

Other Gates You May See

The NRC handbook also notes symbols such as exclusive OR, priority AND, and inhibit gates, which are helpful when order, exclusivity, or enabling conditions matter.

Visual Reference

Bosch’s guide includes a gate types overview and an example fault tree that can help readers understand the notation visually:

How Do You Perform Fault Tree Analysis Step by Step?

A practical way to perform FTA is to combine the logic discipline from the NRC handbook with the workflow structure described in Bosch’s guide. Together, they produce a clear, usable method. 

1. Define the Top Event Clearly

Start by stating the exact undesired event. Be precise about what failed and under what condition. The NRC handbook stresses that event statements should clearly describe the fault and when it occurs. Bosch also treats top-event definition as the formal starting point of the analysis. 

2. Set the Scope and Objective

Decide whether the analysis is only qualitative or also quantitative. Bosch recommends defining the objective criteria early, such as checking for single-point failures, compliance with safety goals, or estimating top-event probability. 

3. Break the Top Event Into Immediate Causes

Do not jump directly to root causes. The NRC handbook recommends the “think small” rule: identify the immediate necessary and sufficient causes first, then continue expanding each branch.

4. Add the Correct Logic Gates

Use an OR gate if any one cause can trigger the parent event. Use an AND gate if several causes must happen together. This is where the structure of the tree becomes meaningful. 

5. Continue Downward Until You Reach Basic Events

Keep decomposing intermediate events until you reach basic, externally given, or intentionally undeveloped causes. Bosch refers to these as the smallest units for the fault structure.

6. Review the Tree Qualitatively

Look for critical combinations of events, minimal cut sets, and obvious weak points. This is often where the most actionable improvement ideas emerge.

7. Quantify if Data is Available

If you have failure-rate or probability data, estimate the likelihood of basic events and compute the top-event probability. The NRC handbook and Bosch both note that FTA is especially useful because it can support quantitative risk work as well as qualitative reasoning. 

8. Define Corrective Actions and Document Everything

Bosch recommends concluding with actions, success monitoring, and documentation. If the analysis does not lead to clearer controls or design improvements, it has not fully delivered its value.

What Does a Simple Fault Tree Analysis Example Look Like?

Let’s use a simple example:

Top Event: Cooling Pump Fails to Start

Now work downward by asking: What immediate causes could make the pump fail to start?

A simple first-level tree might look like this:

That already tells us three independent paths can trigger the top event.

Now expand one of those branches:

Branch 1: No Power

Branch 2: Start Command Missing

Branch 3: Motor Fault

This gives us a reader-friendly FTA structure:

What Does this Example Tell Us?

It tells us that the top event can occur through any one of several failure paths, which is why the OR logic is used throughout this simple example. Even without probability data, the tree already improves understanding by separating electrical, mechanical, and control-related causes. That makes troubleshooting and preventive action much more targeted.

What Actions Might Come From This Example?

  • Add power-supply monitoring
  • Inspect breaker trip history
  • Monitor motor condition
  • Validate control-signal logic
  • Improve the operator startup procedure
  • An alarm for the missing start command

That is the practical value of FTA: it converts a vague failure into a structured cause map.

How Do You Interpret the Results of Fault Tree Analysis?

FTA results can be interpreted in two main ways.

Qualitative Interpretation

This means identifying the most important failure paths, single-point weaknesses, and combinations of events that deserve attention. Bosch specifically recommends looking at fault combinations and importance values during qualitative interpretation. 

Quantitative Interpretation

If you have failure probabilities, you can estimate the probability or frequency of the top event. The NRC handbook notes that fault trees are particularly convenient to quantify, even though the model itself is fundamentally qualitative in structure. 

What Are the Common Mistakes to Avoid in Fault Tree Analysis?

A good FTA is disciplined. A weak FTA becomes confusing fast.

Bosch warns that FTA requires a qualified moderator and a high level of discipline during preparation. It also notes that dynamic system behavior can be difficult to model and that quantitative precision depends heavily on the quality of the available data. \

The NRC handbook also gives several practical modeling rules, such as:

  • Define fault statements precisely
  • Complete the logic at one gate before diving deeper
  • Avoid connecting gates directly to gates without defined event statements
  • Assume normal function unless a fault is explicitly modeled
  • Keep working through immediate causes rather than jumping too far ahead 

What Are the Limitations of Fault Tree Analysis?

FTA is strong, but it is not universal. NASA notes that traditional FTA is often static, meaning it does not naturally capture dynamic system behavior, operator actions over time, or complex automated reconfiguration. Bosch makes a similar point, noting that time behavior and dynamic processes are difficult to model, and that quantitative analysis of complex systems can become elaborate. 

That means FTA works best when:

  • The top event is well defined
  • The system logic can be represented clearly
  • The main interest is failure causation
  • The analyst understands the system boundaries

For highly dynamic or adaptive systems, teams may need complementary methods.

When Should You Use Fault Tree Analysis?

FTA is a strong choice when you need to analyze:

  • A serious incident or near miss
  • A high-consequence hazard
  • System safety during design review
  • Equipment reliability and failure pathways
  • Control-system vulnerabilities
  • Compliance or audit evidence for safety reasoning

“As the safety expert explains, “Safety is not the absence of accidents, but the presence of defenses.” Fault Tree Analysis supports this principle by identifying where those defenses may fail, overlap, or be missing entirely.”

— James Reason,

It is especially useful when you already know the failure you care about and want to understand all credible ways it could happen. That aligns directly with the NIST and NRC definitions of the method. 

Conclusion

Fault Tree Analysis is most valuable when it leads to better decisions, not just better diagrams. By helping teams trace an undesired event back to its contributing failures, conditions, and logic paths, FTA creates a disciplined way to understand risk before it escalates into costly incidents. For professionals involved in quality, safety, process improvement, or operational reliability, strengthening this kind of analytical thinking through a Lean Six Sigma Green Belt or Lean Black Belt course can be especially useful, as these programs build problem-solving, root cause analysis, and risk-prioritization skills that support effective fault tree development.

At the same time, FTA should not be treated as a standalone fix. Its real value comes when it is applied by people who understand system behavior, have clear event definitions, and conduct structured risk evaluation. That is why it is often most effective in environments where teams also build capability through training in Root Cause Analysis. These disciplines help organizations move beyond reacting to failures and toward preventing them through stronger analysis, better controls, and more reliable system design.

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here