CHAPTER 28 DEPENDENT FAILURE ANALYSIS CONTENTS

Similar documents
Reliability of Safety-Critical Systems Chapter 10. Common-Cause Failures - part 1

Every things under control High-Integrity Pressure Protection System (HIPPS)

Understanding safety life cycles

PI MODERN RELIABILITY TECHNIQUES OBJECTIVES. 5.1 Describe each of the following reliability assessment techniques by:

Reliability of Safety-Critical Systems Chapter 3. Failures and Failure Analysis

A study on the relation between safety analysis process and system engineering process of train control system

New Thinking in Control Reliability

Sharing practice: OEM prescribed maintenance. Peter Kohler / Andy Webb

Purpose. Scope. Process flow OPERATING PROCEDURE 07: HAZARD LOG MANAGEMENT

Advanced Test Equipment Rentals ATEC (2832) OMS 600

Reliability engineering is the study of the causes, distribution and prediction of failure.

Review and Assessment of Engineering Factors

C. Mokkapati 1 A PRACTICAL RISK AND SAFETY ASSESSMENT METHODOLOGY FOR SAFETY- CRITICAL SYSTEMS

SAFETY PLAN REVIEW. FirstElement Safety Plan Review Submission for the California Energy Commission General Funding Opportunity GFO

Hazard Identification

Engineering Safety into the Design

PLANT/EQUIPMENT/ASSET HAZARD REPORT

Managing for Liability Avoidance. (c) Lewis Bass

Workshop Information IAEA Workshop

Lecture 04 ( ) Hazard Analysis. Systeme hoher Qualität und Sicherheit Universität Bremen WS 2015/2016

FIRE PROTECTION. In fact, hydraulic modeling allows for infinite what if scenarios including:

Chapter 5: Comparison of Inspection and Testing Results

CHEMICAL ENGINEEERING AND CHEMICAL PROCESS TECHNOLOGY Vol. IV - Process Safety - R L Skelton

Ultima. X Series Gas Monitor

Marine Risk Assessment

Permit-Required Confined Space Entry Program

Reliability of Safety-Critical Systems Chapter 4. Testing and Maintenance

Advanced LOPA Topics

GSA POLICY ON LOCAL EXHAUST AND OTHER VENTILATION (FUME CUPBOARDS)

Safety Analysis: Event Classification

Understanding the How, Why, and What of a Safety Integrity Level (SIL)

Three Approaches to Safety Engineering. Civil Aviation Nuclear Power Defense

Proof Testing A key performance indicator for designers and end users of Safety Instrumented Systems

Combining disturbance simulation and safety analysis techniques for improvement of process safety and reliability

Status Date Prepared Reviewed Endorsed Approved

Safety Critical Systems

Workshop Information IAEA Workshop

Safety models & accident models

E PGN-11. Part of NTW (O)32 Estates Operations and Maintenance Policy Paul McCabe Head of Estates and Facilities-NTW Solution Ltd

Top 5 system engineers omissions that make safety engineer s lives harder

Safety Engineering - Hazard Identification Techniques - M. Jahoda

Hazard Operability Analysis

Using what we have. Sherman Eagles SoftwareCPR.

Phase B: Parameter Level Design

PLANT/EQUIPMENT/ASSET HAZARD REPORT

4. Hazard Analysis. Limitations of Formal Methods. Need for Hazard Analysis. Limitations of Formal Methods

Safety Management in Multidisciplinary Systems. SSRM symposium TA University, 26 October 2011 By Boris Zaets AGENDA

Safety-critical systems: Basic definitions

Quality Management Determined from Risk Assessment

Safe management of industrial steam and hot water boilers A guide for owners, managers and supervisors of boilers, boiler houses and boiler plant

George Cleland 6 th December 2011

MDEP Common Position No AP

THE CANDU 9 DISTRffiUTED CONTROL SYSTEM DESIGN PROCESS

ONR GUIDE. Internal Hazards. Nuclear Safety Technical Assessment Guide. NS-TAST-GD-014 Revision 4

ADVISORY MATERIAL JOINT AMJ

THE IMPROVEMENT OF SIL CALCULATION METHODOLOGY. Jinhyung Park 1 II. THE SIL CALCULATION METHODOLOGY ON IEC61508 AND SOME ARGUMENT

Common Discrepancies Uncovered on ADCI Diving Contractor & Training Program Audits

QUANTIFYING THE TOLERABILITY OF POTENTIAL IGNITION SOURCES FROM UNCERTIFIED MECHANICAL EQUIPMENT INSTALLED IN HAZARDOUS AREAS

OIL & GAS. MTS DP Committee. Workshop in Singapore Session 4 Day 2. Unwanted Thrust

Implementing IEC Standards for Safety Instrumented Systems

Manuals Mandatory! New EU Legislation for Electrical Appliances. Matthias Schulz, Erkelenz AXELENT ProfiServices

TECOTHERM NEO. Instructions for Use. MEDICAL EQUIPMENT for HYPOTHERMIA of NEONATES and INFANTS. Addendum 1 to

Regulatory requirements with respect to Spent Fuel Pool Cooling

INTERIM ADVICE NOTE 171/12. Risk Based Principal Inspection Intervals

Adaptability and Fault Tolerance

Instrumented Safety Systems

Considerations for the Practical Application of the Safety Requirements for Nuclear Power Plant Design

3. Real-time operation and review of complex circuits, allowing the weighing of alternative design actions.

A systematic hazard analysis and management process for the concept design phase of an autonomous vessel.

DATA ITEM DESCRIPTION Title: Failure Modes, Effects, and Criticality Analysis Report

Wilkins Safety Group

HEALTH & SAFETY ARRANGEMENTS FOR MANAGEMENT OF WORK AT HEIGHT

Reliability Risk Management. August 2012 g Earl Shockley, Senior Director of Reliability Risk Management

Pressure Systems Safety Regulation

DISTRIBUTION LIST. Preliminary Safety Report Chapter 19 Internal Hazards UK HPR1000 GDA. GNS Executive. GNS all staff. GNS and BRB all staff CGN EDF

The «practical elimination» approach for pressurized water reactors

Major Hazard Facilities. Hazard Identification

Hazardous material transport accidents: analysis of the D.G.A.I.S. database

STPA Systems Theoretic Process Analysis John Thomas and Nancy Leveson. All rights reserved.

FLIGHT CREW TRAINING NOTICE

Quantitative Risk Analysis (QRA)

GIBRALTAR MARITIME ADMINISTRATION (Ministry of Maritime Affairs)

Incorrect Relief Valve Material Causes Release

HAZARD ANALYSIS PROCESS FOR AUTONOMOUS VESSELS. AUTHORS: Osiris A. Valdez Banda Aalto University, Department of Applied Mechanics (Marine Technology)

SEMS II: BSEE should focus on eliminating human error

SAFETY APPROACHES. The practical elimination approach of accident situations for water-cooled nuclear power reactors

Amusement Device Safety Council. Safety of Amusement Devices: Pre-use inspection

Best Practice RBI Technology Process by SVT-PP SIMTECH

Codex Seven HACCP Principles. (Hazard Identification, Risk Assessment & Management)

Safe Work Practices and Permit-to-Work System

CONTROL OF SUBSTANCES HAZARDOUS TO HEALTH PROCEDURE

Operational Risk Using BowTie Methodology

The Safety Case. Structure of Safety Cases Safety Argument Notation

EQUIPMENT. (See also: Management of Health & Safety (51); Fork Lift Trucks (32); Warehousing (87); Work Equipment (91))

Session One: A Practical Approach to Managing Safety Critical Equipment and Systems in Process Plants

Application of pipeline risk assessment to proposed developments in the vicinity of high pressure Natural Gas pipelines

Safety Manual. Process pressure transmitter IPT-1* 4 20 ma/hart. Process pressure transmitter IPT-1*

Unless this copy has been taken directly from the Trust intranet site (Pandora) there is no assurance that this is the most up to date version

GUIDELINES FOR THE FITTING AND USE OF FALL PREVENTER DEVICES (FPDs)

COMMON MISUNDERSTANDINGS ABOUT THE PRACTICAL APPLICATION OF IEC 61508

Transcription:

Applied R&M Manual for Defence Systems Part C - Techniques CHAPTER 28 DEPENDENT FAILURE ANALYSIS CONTENTS Page 1 Introduction 2 2 Causes of Dependent Failures 3 3 Solutions 4 Issue 1 Page 1

Chapter 28 Leaflet 0 Dependent Failure Analysis 1 INTRODUCTION 1.1 General 1.1.1 This Chapter gives an overview of the various causes of dependency failures, with a list of reference documents that cover the subject in more detail. 1.1.2 Fault Tree Analysis (FTA) and Success Tree Analysis (STA) provides an objective basis for analysing system design, performing trade-off studies, analysing Common Cause (or Mode) Failures, assessing compliance with safety requirements and justifying design improvements or additions (see PtCCh29). 1.1.3 The reliability of a system cannot be improved or even evaluated unless there is a thorough understanding of how each of its elements function and how these functions affect system operation. The accurate representation of these relationships is an integral part of this understanding and is particularly important for meaningful predictions, apportionment's and assessments. A Reliability Block Diagram (RBD) provides a method of representing this information in a form, which is easy to comprehend because it is simple and has visual impact. Due allowance for the effect of common cause failures should be allowed for in the RBD. When such failures occur all the elements affected by the common mode event will fail (see PtCCh30). 1.1.4 DEF STAN 00-41/3 1 states that, as part of Reliability Modelling common mode failures, i.e. failures which can simultaneously affect elements in parallel should be identified and allowed for in the analysis. 1.2 Definitions 1.2.1 A set of standardised definitions are given in the Procedures Guide 2 thus: a) Dependent Failure (DF): The failure of a set of events, the probability of which cannot be expressed as the simple product of the unconditional failure probabilities of the individual events. b) Common Cause Failure (CCF): This is a specific type of dependent failure where simultaneous (or near-simultaneous) multiple failures result from a single shared cause. c) Common Mode Failure (CMF): This term is reserved for common-cause failures in which multiple equipment items fail in the same mode. d) Cascade Failures: These are propagating failures. The term dependent failure as defined above is designed to cover all definitions of failures that are not independent. From this definition of dependent failures it is clear that an independent failure is one where the failure of a set of events is expressible as the simple product of individual event unconditional failure probabilities. Page 2

Applied R&M Manual for Defence Systems Part C - Techniques 2 CAUSES OF DEPENDENT FAILURES 2.1 The causes of dependent failures may be categorised under two broad headings: a) Common Component Failures; or b) Supply Failures. 2.2 Both categories can arise due to deficiencies during: a) design; b) manufacture; c) installation; d) maintenance and testing, including calibration; or e) operation including modifications to the plant and/or the process. 2.3 The main contributory factors for dependent (and independent) failures include: a) Acts of a God., i.e. the classic external and internal hazards; b) use of inappropriate people, ( i.e. people with inadequate knowledge or experience) c) inadequate training; d) inappropriate or inadequate procedures; e) inadequate controls and/or supervision; f) use of inappropriate materials g) use of inadequate components or supplies, including spare parts; h) use of the systems beyond their design life; or i) the operational environment. 2.4 Generally speaking, potential dependent failures that arise from the design, manufacture, and installation stages of a project can be detected during the commissioning and field testing stages. Consequently, there are fewer instances arising from these phases than those arising directly during the operational phase. While deficiencies in the design (e.g. incorrect choice of materials) can give rise to common failures, it is less likely that these will be concurrent although component reliability will be markedly reduced. Contrary to the general situation, by their nature, software dependent failures are less likely to be detected during commissioning. 2.5 Maintenance and testing is a most likely cause of dependent failures, with poor procedures and training the prime reasons for such failures. This is especially applicable if accompanied by inadequate checking and supervision. Calibration errors are an obvious cause of common component failure to perform as intended. 2.6 Dependent failures that occur as a result of a supply fault may be more readily comprehended than those form concurrent common component failures. Such failures and potential failures can occur as a result of errors or defects occurring at all stages of a project. Issue 1 Page 3

Chapter 28 Leaflet 0 Dependent Failure Analysis 2.7 It is important that the correct consideration be given to improvements in reliability by replication or diversification, and to minimising common mode supply failures. 3 SOLUTIONS 3.1 Acts of a God are generally beyond the control of the design engineer, who should attempt to mitigate their effects by the application of good engineering practice. The second line of defence is to make the equipment resistant to the cause of dependent failure, e.g. using components resistant to radio frequency interference, or that can withstand the surrounding conditions, e.g. splashing with water. The last line of defence is to protect the equipment from the external hazard, e.g. protective barriers, or administrative protection, e.g. checks to limit the amount of combustible materials held on site. 3.2 Design and installation errors can be largely eliminated by good engineering practice. For example: a) An independent review of all work should be carried out. b) Check and agree all the assumptions, the starting data and the criteria for acceptability. c) The high level specifications and design rules should be agreed and circulated, especially across the various engineering disciplines. d) Produce detailed low level specifications that should include comprehensive and detailed sequence of operations, hazard/fault documents, protection requirements, and interlock definitions. e) Ensure an effective change control procedure is implemented and used. 3.3 Operational decisions have the potential to be the cause of a dependent fault based upon human error. Human error dependency analysis is discussed in PtCCh32. Page 4

LEAFLET 28/0 Applied R&M Manual for Defence Systems Part C - Techniques RELATED DOCUMENTS 1. DEF STAN 00-41 Issue 3. 25 June 1993. Reliability and Maintainability MOD Guide to Practices and Procedures. 2. SRD R418. SRD Dependent Failures Procedures Guide. UKAEA. 1989. 3. SRD R146. A Study of Common-Mode Failures. UKAEA. 1979. 4. NUREG-0492. Fault Tree Handbook. US Nuclear Regulator Commission. January 1981. 5. A E Green & A J Bourne. Reliability Technology. Wiley. 1972. 6. D J Smith. Reliability Maintainability and Risk. Butterworth Heinemann. 1993. Issue 1 Page 5

Chapter 28 Dependent Failure Analysis Intentional blank page Page 6

2024 © sportdocbox.com Privacy Policy | Terms of Service | Feedback