MOCUS algorithm
MOCUS (Method for Obtaining Cut Sets) is the canonical top-down procedure for enumerating the minimal cut sets of a fault tree. It was published by Fussell and Vesely in the early 1970s and remains the workhorse implementation in most FTA tools because it's simple, deterministic, and produces auditable intermediate state.
How it works
Start with a single working set containing only the top event. Then walk top-down:
- Pick a gate-event in the current working sets that hasn't been expanded.
- If it's an AND gate with inputs
{a, b, c}, replace the gate in each working set with all three inputs (each working set grows in size). - If it's an OR gate with inputs
{a, b, c}, copy each working set three times — one witha, one withb, one withc(the number of working sets grows). - Repeat until every working set contains only basic events.
- Reduce: drop any working set that's a strict superset of another (the dropped set is non-minimal). Deduplicate.
The output is the list of minimal cut sets. Their union (interpreted as a Boolean expression) is the top event.
Worked example
Consider the tree TOP = OR(AND(a, b), c):
Step 0: { {TOP} }
Step 1 (expand TOP, OR): { {AND(a,b)}, {c} }
Step 2 (expand AND): { {a, b}, {c} }
Step 3 (reduce): { {a, b}, {c} } ← already minimal
The minimal cut sets are {a, b} and {c} — meaning the top event occurs if both a and b fail, OR if c alone fails.
MOCUS vs BDD
The main alternative is Binary Decision Diagrams (BDD). Both compute the same minimal cut sets but make different trade-offs:
- MOCUS is simple, deterministic, and gives auditable intermediate state. Worst-case set count grows multiplicatively with OR-gate fan-out, so very wide trees with many ORs blow up combinatorially.
- BDD uses canonical Boolean representation — typically faster and more memory-efficient on large trees, but the intermediate structure is harder to inspect and the result depends on variable ordering.
For trees up to a few thousand nodes, MOCUS is fine and its auditability is a real benefit when reviewers need to trace the analysis. For tens of thousands of nodes, BDD-based tools tend to scale better.