Reliability of Technical Systems

Similar documents
Common Cause Failure (CCF)

Time Dependent Analysis with Common Cause Failure Events in RiskSpectrum

AP1000 European 19. Probabilistic Risk Assessment Design Control Document

Development of Multi-Unit Dependency Evaluation Model Using Markov Process and Monte Carlo Method

Common Cause Failures: Extended Alpha Factor method and its Implementation

Evaluating the Core Damage Frequency of a TRIGA Research Reactor Using Risk Assessment Tool Software

Presentation of Common Cause Failures in Fault Tree Structure of Krško PSA: An Historical Overview

Reliability of Technical Systems

Causal & Frequency Analysis

Study on Quantification Methodology of accident sequences for Tsunami Induced by Seismic Events.

Risk Analysis of Highly-integrated Systems

Methods for including uncertainty in seismic PSA L Raganelli K Ardron

SITRON: Site risk assessment approach developed for Nordic countries Ola Bäckström

Module No. # 03 Lecture No. # 11 Probabilistic risk analysis

Safety analysis and standards Analyse de sécurité et normes Sicherheitsanalyse und Normen

PSA on Extreme Weather Phenomena for NPP Paks

ANALYSIS OF INDEPENDENT PROTECTION LAYERS AND SAFETY INSTRUMENTED SYSTEM FOR OIL GAS SEPARATOR USING BAYESIAN METHODS

Overview of Control System Design

Reliability of Technical Systems

Application of Common Cause Failure Methodology to Aviation Safety Assessment Model

Modeling Common Cause Failures in Diverse Components with Fault Tree Applications

HAZUS-MH: Earthquake Event Report

System Reliability Thory 6. Common-Cause Failures

6. STRUCTURAL SAFETY

Failures in Process Industries

Multi-Unit Nuclear Plant Risks and Implications of the Quantitative Health Objectives

Evaluating the Safety of Digital Instrumentation and Control Systems in Nuclear Power Plants

Issues in Dependency Modeling in Multi- Unit Seismic PRA

Advanced Simulation Methods for the Reliability Analysis of Nuclear Passive Systems

AIR CONDITIONER (SPLIT TYPE) SERVICE MANUAL

Seismic Issues for California's Nuclear Power Plants. Norman Abrahamson University of California, Berkeley

of an algorithm for automated cause-consequence diagram construction.

Experiment for Justification the Reliability of Passive Safety System in NPP

Effect of Correlations of Component Failures and Cross-connections of EDGs on Seismically Induced Core Damage of a Multi-unit Site

UILLIS: Urban Infrastructures and Lifelines Interaction of Systems

Chemical Health and Safety General Program

A BAYESIAN SOLUTION TO INCOMPLETENESS

Uncertainty of the Level 2 PSA for NPP Paks. Gábor Lajtha, VEIKI Institute for Electric Power Research, Budapest, Hungary

S-882Z Series ULTRA-LOW VOLTAGE OPERATION CHARGE PUMP IC FOR STEP-UP DC-DC CONVERTER STARTUP. Rev.1.2_00. Features. Applications.

However, reliability analysis is not limited to calculation of the probability of failure.

Risk and Safety in Civil, Surveying and Environmental Engineering

Reliability Assessment of Water Distribution Networks Considering Mechanical-Hydraulic Behavior Using Informational Entropy

Reliability Analysis of Hydraulic Steering System with DICLFL Considering Shutdown Correlation Based on GO Methodology

ASSESSMENT OF DYNAMIC PRA TECHNIQUES WITH INDUSTRY- AVERAGE COMPONENT PERFORMANCE DATA

1. INTRODUCTION Japan c Osaka University; 2-1 Yamada-oka, Suita, Osaka, Japan

TEPCO s Activities on the Investigation into Unsolved Issues in the Fukushima Daiichi NPS Accident

Severe accident risk assessment for Nuclear. Power Plants

Unit 1 Fire Engineering Science (Zone 1)

AS STANDARD

Chapter 12. Spurious Operation and Spurious Trips

RISK-INFORMED OPERATIONAL DECISION MANAGEMENT (RIODM): RISK, EVENT TREES AND FAULT TREES

EMERGENCY PREPAREDNESS AND RESPONSE PROTOCOL: EARTHQUAKES

Reliability of Safety-Critical Systems Chapter 8. Probability of Failure on Demand using fault trees

ATTACHMENT Mitigating Systems

FP release behavior at Unit-2 estimated from CAMS readings on March 14 th and 15 th

State of Shimane Nuclear Power Station

A New Reliability Allocation Method Based on FTA and AHP for Nuclear Power Plant!

Forces in Earth s Crust

Non-observable failure progression

WM 07 Conference, February 25 March 01, 2007, Tucson, AZ

Raven Facing the Problem of assembling Multiple Models to Speed up the Uncertainty Quantification and Probabilistic Risk Assessment Analyses

A General Cause Based Methodology for Analysis of Common Cause and Dependent Failures in System Risk and Reliability Assessments

STATE OF COLORADO DESIGN CRITERIA FOR POTABLE WATER SYSTEMS WATER QUALITY CONTROL DIVISION. Price: $5.00. Revised March 31, 1997

Cold Weather Preparation

INCIDENT DURING NITRATION IN A BATCH REACTOR. K DIXON-JACKSON C.CHEM MRSC MSc*

Calculation method for the determination of leak probabilities for complex structural geometries and load conditions

EARTHQUAKES AND EARTHQUAKE-RESISTANT DESIGN OF STRUCTURES. Er. K. S. BHARGAV LECTURER Department of Civil Engineering, GGSGP CHEEKA

Uncertainty Analysis on Containment Failure Frequency for a Japanese PWR Plant

Chapter 9 Development of Risk Assessment Methodology Against External Hazards for Sodium-Cooled Fast Reactors

Revision of the AESJ Standard for Seismic Probabilistic Risk Assessment (2) Seismic Hazard Evaluation

UGRC 144 Science and Technology in Our Lives/Geohazards

6.1 Dependability Modeling. General Rules. Analysis

12 Moderator And Moderator System

Chapter 18 Section 8.5 Fault Trees Analysis (FTA) Don t get caught out on a limb of your fault tree.

Reliability of Safety-Critical Systems 5.4 Petrinets

Installation guide 862 MIT / MIR

AP1000 European 15. Accident Analyses Design Control Document

Chapter 6. a. Open Circuit. Only if both resistors fail open-circuit, i.e. they are in parallel.

Estimation of accidental environmental release based on containment measurements

Actual practices of seismic strong motion estimation at NPP sites

Tsunami fragility assessment framework for probabilistic risk assessment of nuclear power plants

Quantitative Reliability Analysis

Chapter 8. Calculation of PFD using FTA

RELIABILITY ANALYSIS OF PISTON MANUFACTURING SYSTEM

IG-WRDRR, UNESCAP, UNESCO-IOC, WMO. Yukio Tamura Chairman, International. Group. Tuesday 10 May, , Room 13. for Disaster. Risk.

WELCOME TO PERIOD 18: CONSEQUENCES OF NUCLEAR ENERGY

PARAMETRIC STUDY OF THE STRUCTURAL CAPACITY OF REINFORCED CONCRETE CONTAINMENT SUBJECTED TO LARGE COMMERICAL AIRCRFAT IMPACT

Correlation between neutrons detected outside the reactor building and fuel melting

LOCAL FUSION OF AN ENSEMBLE OF SEMI-SUPERVISED SELF ORGANIZING MAPS FOR POST-PROCESSING ACCIDENTAL SCENARIOS

PROBABILISTIC STRESS ANALYSIS OF CYLINDRICAL PRESSURE VESSEL UNDER INTERNAL PRESSURE USING MONTE CARLO SIMULATION METHOD

Lecture 5 Probability

Terminology and Concepts

Availability analysis of nuclear power plant system with the consideration of logical loop structures

Kaliopa Mancheva. Reliability, Safety and Management Engineering and Software Development Services

Dynamic and Interactive Approach to Level 2 PRA Using Continuous Markov Process with Monte Carlo Method

Research Collection. Basics of structural reliability and links with structural design codes FBH Herbsttagung November 22nd, 2013.

PART 7 - TOPIC 2 CONSEQUENCE MODELING USING ALOHA

Chip tantalum capacitors (Fail-safe open structure type)

Unit 1: Fire Engineering Science (A/505/6005)

CHAPTER 3 METHODOLOGY

Transcription:

Reliability of Technical Systems

Main Topics. Short Introduction, Reliability Parameters: Failure Rate, Failure Probability, etc. 2. Some Important Reliability Distributions 3. Component Reliability 4. Introduction, Key Terms, Framing the Problem 5. System Reliability I: Reliability Block Diagram, Structure Analysis (Fault Trees), State Model. 6. System Reliability II: State Analysis (Markovian chains) 7. System Reliability III: Dependent Failure Analysis 8. Static and Dynamic Redundancy 9. Advanced Methods for Systems Modeling and Simulation (Petri Nets, network theory, object-oriented modeling) 0. Software Reliability, Fault Tolerance. Human Reliability Analysis 2. Case study: Building a Reliable Methods System of Technical Risk Assessment in a Regional Context

Inclusions of common cause failures and geographically distributed events (seismic hazard analysis) Dependent failures. Definitions. Modeling approaches: Explicit method inclusion of DF in Fault Trees. Modeling approaches: Implicit methods. Marshall-Olkin-Model (fundamental modeling). β-factor-model. Multiple-Greek-Letter-Model (MGL-Model).

Dependent failures Source: [] Model assumptions up to now All failures of a system are due to independent failures at components ( elements ) level, i.e. The failure of an element has no functional influence on other system elements. The physical effects of an element failure on other elements are marginal. By adding (redundant) elements to the system the failure probability can be reduced as you like. These assumptions contradict common experience!

Definitions Dependent failure (DF) Event, of which the occurrence probability cannot be modelled as a product of single occurrence probabilities (mathematical), or Event, which is caused by any interdependent structures (multiple failure, technical). DF can be classified in the following categories: CCF (common cause failure) Description of a type of a dependent failure, at which a common single cause triggers several failures occurring (almost) simultaneously. CMF (common mode failure) Description for a specific CCF, in which several (system-)units fail in the same way. CF (cascading failures) Description for spreading of interdependent failures. Common cause initiating events Description for initiating events which can cause several events or event scenarios, e.g. area event such as earthquakes or flooding. Note: DF are only important in redundant (parallel) systems.

Example of a well-known accident resulting from a common cause failure The fire at the Browns Ferry nuclear power plant Decatur, Alabama, March 22, 975. The fire started when two of the operators used a candle to check for air leaks between the cable room and one of the reactor buildings, which was kept at a negative air pressure. The candle s flame was drawn out along the conduit and the urethane seal used where the cables penetrate the wall caught fire. The fire continued until the insulation of about 2000 cables was damaged. Among these were all the cables to the automatic emergency shutdown (ESD) systems and also the cables to all the manually operated valves, apart from four relief valves. With these four valves it was possible to close down the reactor so that a nuclear meltdown was avoided. This accident resulted in new instructions requiring that the cables to the different emergency shutdown systems be put in separate conduits and prohibit the use of combustible filling (e.g. urethane foam).

Modeling Approaches to Consider DF Explicit Methods Event specific models Consideration special consequences from e.g. earthquakes, fire, floods, broken pipes or leakages in general. Event tree and fault tree analysis Consideration of functional interdependencies (units). Models for the quantification of human actions Consideration of interdependencies between single human actions such as coupling models in THERP. Explicit methods comprise structural and functional interdependencies, they are system-specific but they don t cover impact of potential DF on safety of systems completely.

Example of dependent failure identification: Emergency power supply A data processing service centre of a major bank has a largely redundant emergency power supply. Four emergency power engines (EPE) are installed, one engine guarantees the operability of the centre for two days. If one engine fails, the next will be started (stand-by operation). Further in formation about the system: Operator Startsignal for an EPE A B C Control room Signal Signal Signal Starting of an EPE A B C Start: Battery driven starter EPE A EPE B EPE C Fuel: Gasoline tank EPE are started by an operator in the control room. Each EPE has its own control device. Each EPE has its own starter, battery and tank. All EPE are maintained and fuelled in one process. / D Signal D EPE D

Modelling approaches: Explicit method inclusion of DF in Fault Trees T System failure Failure of redundant components Failure of common support system q SS Independent failure of component A Independent failure of component B Dependent failure q A q B q DF(A,B)

Implicit Methods (to consider residual DF fractions) Marshall-Olkin-Model, b-factor-model, MGL-Model (Multiple Greek Letter), BFR-Model (Binominal Failure Rate) et al. General In principle, implicit methods can completely cover dependent failures, but large uncertainties arise because of insufficient data and data solely based on the level of considered items (CMF). Rigorous application bears the danger of insufficient system (e.g. fault tree) analyses, e.g. failure to notice structural/functional dependencies.

Modeling approaches: Implicit methods Marshall-Olkin-Model (fundamental modeling). System modeling excluding DF Example: 2-out-of-3-system with units A, B and C System failure, when two units fail: {A, B}, {A, C}, {B, C} Probability of system failure: Q s = q a q b +q a q c + q b q c 2 q a q b q c Simplification and notation Failure probabilities for all units are identical: q a = q b = q c = Q k= k (k =, 2,, n): Number of units involved in the failure Simplification: Pr(a b) Pr(a) + Pr(b) System failure probability of a 2-out-of-3-system excluding DF Q s = q a q b +q a q c + q b q c = 3 2 Q

2. Inclusion of DF Probabilities of failure combinations q AB, q BC, q AC q ABC Assumption: equality of all units: q AB = q BC = q AC = = Q k=2 q ABC = Q k=3 Example: 2-out-of-3-system : Probability of a DF including two units: 3 Q 2 Combination of three (all) failures: q ABC = Q 3 3. System failure probability System failure probability Q s including DF: Q s = ΣPr(independent failures) + ΣPr(dependent failures) 2-out-of-3-system : 2 Q s = 3 Q + 3 Q 2 + Q 3.

4. Failure probability of the units Q t is the total failure probability of an element in a group of redundant elements, inclusive of all dependencies. The interrelationship between Q t and Q k is asked for: Q t - = n n = - Q k k k with binominal coefficients: ( n! ) ( ) ( ) n k n k! k! Number of failure combinations of an element with (k-) different elements in a group of (n-) identical elements. Group of 3 redundant elements t 3-3- 3- Q = + + = + 2 + - Q 2- Q 3- Q Q Q Q 2 3 2 3

Calculation of Q k by using relative frequencies Q k nk = n k n k : Number of failures with k involved elements and the binominal coefficient for the calculation of the combinations with k of n elements. Annotation Ideally the different Q k can be drawn directly from of observation data. Some models simplify the consideration of DF by making additional assumptions, such as the β-factor-model.

β-factor-model Simplifying assumptions Failures in a group of redundant elements are either independent or all of the n elements fail. With k =, Q k= is the failure probability of independent failures. With k = n, Q k=n is the failure probability for (totally) dependent failures. All other failure combination are excluded by definition, so Q k = 0 for n > k > (for other failure combinations). For m-out-of-n-system it is generally: Q t = Q + Q n Definition of the β factor: β = Number of DF Number of all failures β = Qn Q + Q n = Q Q n t

From this it follows directly: β Qt= Qk= n ( ) β Q + Qn = Qk= n With Q = Q Q n t ( ) Q = = k Qt β follows: Finally, ( β ) Qt k = Qk = 0 m > k > β Qt k = n 2-out-of-3-system 2 System failure probability: Q s = 3 Q + 3 Q 2 + Q 3 Changes in the b-factor-model: ( ) 2 2 Q = 3 β Q + β Q s t t.

Discussion of the β-factor-model Advantages Easy to apply. b-parameter can be determined relatively easily by operational experiences. Disadvantages Too conservative in the case of simultaneous failures of more than two units. Results are too conservative if there are more than two groups of redundancies (n>2). Danger of too general application avoiding thorough system analysis with regard to functional dependencies.

Multiple-Greek-Letter-Model (MGL-Model) [] Assumptions identical to the b-factor-model, but combinations of failures are possible. Parameter, Definitions Example: Group of 3 Redundant Elements Q t total failure probability of a unit Q t = Q + 2Q 2 + Q 3 a single failures a = b all dependent failure probabilities relating to Q t g fraction of DF probability of a unit, with at least 2 units failing 2Q2+ Q3 2Q2+ Q3 β = = Q Q + 2Q + Q t Q3 γ = 2Q + Q 2 3 2 3 [] Further information, not part of the examinations.

To consider the MGL-factors the equation for Q t will be solved for Q k (k =, 2, 3). The resulting terms will be replaced by the parameters b, g, etc. Example: Group of 3 redundant elements given: Q t = Q + 2Q 2 + Q 3 ( 2 ) Q Q + Q 2 3 2 3 = = ( β ) = ( β) β = = t 2 3 Q Qt Qt Qt Q 2 ( ) Qt Qt ( β) + γ ( 2Q2 + Q3) Qt Q Q = = 2 2 Qt Qt + Qt Qt = =... = 2 2 + 3 ( β) γ ( β ) β ( γ ) 2Q + Q 2Q + Q Q3 γ = 2Q + Q Q Q + 2Q + Q t 2 3 2 3 Q 3... etc.

The results for a redundant group can be generalized by using the notation: Φ =, Φ = β, Φ = γ,..., Φ + = 0 2 3 m Q = ( + ) k k Φi Φk Qt n i = k Example: Redundant Group with 3 Elements Q k = = ( Φ) ( Φ2) Qt 3 = β Q ( ) t Q k = 2 = ( Φ Φ2) ( Φ3) Qt 3 2 = β ( γ ) Qt 2 Q k = 3 = ( Φ Φ2 Φ3) ( Φ4) Qt 3 3 = β γ 0 Q ( ) t

Example: Substituting Q k in the equation "System Failure Probability of a 2-out of-3- System Q s with DF 2 portion", Q s = 3 Q + 3 Q 2 + Q 3, equals: 2 2 3 s = 3 ( β ) t + β ( γ ) t + βγ t Q Q Q Q 2 Supposing the MGL-factors are unknown, they can be determined via the respective Q k (see above: parameters, definitions). The probabilities can be determined via: Q k nk = n k Equating γ = leads to the result of the b-factor-model, which is, in general, a special case of the MGL-Model

References. Amendola, A. Classification of Multiple Related Failures: Advanced Seminar on Common Cause Failure Analysis in PSA. in Ispra Courses on Reliability and Risk Analysis. 989. Ispra: Kluwer Academic Publishers. 2. Marvin Rausand, Arnljot Hoyland, System Reliability Theory, Wiley, 2004.

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback