Beta-factor CCF model

The model

λ_total           = component total failure rate
λ_independent     = (1 − β) · λ_total
λ_common-cause    = β · λ_total

The Beta factor β is the fraction of failures that are common-cause — defeating all redundant channels simultaneously. The remaining 1 − β fraction is independent across channels.

Typical β values:

• β ≈ 0.10 (10%) — identical hardware, identical software, identical environment. Worst-case redundancy.
• β ≈ 0.05 (5%) — identical hardware with diverse software, separated environments.
• β ≈ 0.01 (1%) — diverse hardware AND diverse software AND segregation. Best practice for ARP 4761 DAL-A and IEC 61508 SIL 4.

Worked example

A 2-out-of-3 voter system with three identical channels, each λ = 10⁻⁵/h, β = 0.05:

λ_indep    = 0.95 · 1e-5 = 9.5e-6 / h
λ_common   = 0.05 · 1e-5 = 5.0e-7 / h

Probability of 2-out-of-3 failure over 1000 h mission, with naïve independence:
P(2-out-of-3 indep) ≈ 3 · (1e-5 · 1000)^2 ≈ 3.0e-4

With Beta CCF:
P(common-cause failure) ≈ 5.0e-7 · 1000 = 5.0e-4
This DOMINATES the independence term.

The Beta-factor contribution alone (5.0e-4) is larger than the independent 2-out-of-3 path (3.0e-4) — the redundancy buys less than you'd think. Quantifying this is the whole point.

When to graduate to MGL or Alpha-factor

Beta is single-parameter — it lumps every dependent failure mode into one number. For systems with more than 2 redundant trains, or where the goal is to distinguish 2-of-N from 3-of-N from N-of-N common modes, the more refined models are:

• Multiple Greek Letter (MGL) — adds γ, δ, ... for the conditional probability that a CCF, given it's already affecting two trains, also affects a third, fourth, etc.
• Alpha-factor — used widely in nuclear PRA; parameter set drawn from NUREG/CR-6268.

For automotive ASIL work and most process-industry SIL verification, Beta is sufficient and is what FTA Studio's CCF block defaults to. Both Beta and MGL are supported in Enterprise.