Fault Tree Analysis case studies

Tliis particular case study does illustrate how event tree and fault tree analysis can be used in a hazard operability (HAZOP) study. 

The steps Usted below are needed for carrying out a fault tree analysis. The first step is largely a matter of organization. It is not dealt with here a detailed treatment is foimd in [21]. In what follows the remaining steps are discussed in detail and illustrated by a number of examples and case studies. 

The possibility and expected frequency of a runaway reaction and hence an explosion of the nitration of hexamine for producing hexogen described in Case study 4.2 is examined below using fault tree analysis. 

The remainder of the paper is organized as follows. In Section 2, the fault tree associated with the studied SBLC system is presented. In Section 3, the Bayesian and possibilistic approaches to fault tree analysis are briefly reviewed, and details on the hybrid approach are provided. In Section 4, the results of the application of the different approaches to the case study of Section 2 are presented, setting the stage for the discussion in Section 5. Section 6 concludes the work. 

Frequency Phase 3 Use Branch Point Estimates to Develop a Ere-quency Estimate for the Accident Scenarios. The analysis team may choose to assign frequency values for initiating events and probability values for the branch points of the event trees without drawing fault tree models. These estimates are based on discussions with operating personnel, review of industrial equipment failure databases, and review of human reliability studies. This allows the team to provide initial estimates of scenario frequency and avoids the effort of the detailed analysis (Frequency Phase 4). In many cases, characterizing a few dominant accident scenarios in a layer of protection analysis will provide adequate frequency information. 

In order to calculate the fault probability of the component under study on the basis of its fault tree, it is possible to proceed directly combining the various probabilities of the events represented in the tree. This method, however, except for rather simple cases, can be rather tiresome and doesn t highlight the most important factors. The method more generally used, instead, is based on the use of Boolean algebra (the algebra of binary systems Is and Os) and on the fact that a correspondence exists between its results, when applied to a fault tree, and the results of a direct probabilistic analysis, mentioned above. 

Once a fault tree has been developed, failure rate data for individual components in the system can be entered into the tree so that an estimate of the likelihood of the undesired event (the Top Evenf ) can be made. Frequently the quality of the failure rate data is poor nevertheless, through use of the Pareto Principle, or the 80/20 rule discussed above, a quantified analysis still provides useful insights because it identifies which items in the system contribute the most to system failure. Moreover, once the model has been developed, and preliminary estimates as to failure rates have been made, case studies that examine changes to the process and the effects of additional safeguards can be carried out. Also, as improved data for equipment failure rates and repair times becomes available, the quality of the analysis will improve. 

In analyzes of risk of adverse events event tree or fault tree may be used for the case of the railway system. In (Albrechtsen Hokstad 2003) this kind of analysis has been extended to include the risk influencing factors. The issue has been shown on the example of a single-track line, for which the peak event is the collision of two trains coming from the opposite directions. An analysis of the factors affecting the risk shows the relationships and sequences of cause and effect going beyond a simple event tree analysis. In the studies case it... 

ABSTRACT In most cases, Model Based Safety Analysis (MBSA) of critical systems focuses only on the process and not on the control system of this process. For instance, to assess the dependability attributes of power plants, only a model (Fault Tree, Markov chain. ..) of the physical components of the plant (pumps, steam generator, turbine, alternator. ..) is used. In this paper, we claim that for repairable and/or phased-mission systems, not only the process but the whole closed-loop system Proc-ess/Control must be considered to perform a relevant MBSA. Indeed, a part of the control functions aims to handle the dynamical mechanisms that change the mission phase as well as manage repairs and redundancies in the process. Therefore, the achievement of these mechanisms depends on the functional/dysfunctional status of the control components, on which these functions are implemented. A qualitative or quantitative analysis method which considers both the process and the control provides consequently more realistic results by integrating the failures of the control components that may lead to the non-achievement of these mechanisms. This claim is exemplified on an industrial study case issued from a power plant. The system is modeled by a BDMP (Boolean logic Driven Markov Process), assuming first that the control components are faultless, i.e. only the faults in the process are considered, and afterwards that they may fail. The minimal cut sequences of the system are computed in both cases. The comparison of these two sets of minimal cut sequences shows the benefit of the second approach. 

The system safety case of corrrse varies from sector to sector. The core of a nuclear system safety case is (i) a deterministic analysis of the hazards and farrlts which could arise and cause injury, disability or loss of life fiom the plarrt either on or off the site, and (ii) a demonstration of the sufficiency and adequacy of the provisions (engineering and procedural) for ensuring that the combined frequencies of such events will be acceptably low. Safety systems will feature amongst the risk reducing provisions comprised in this demonstration, which will thus include qualitative substantiations of compliance with appropriate safety engineering standards supplemented (where practicable) by probabihstic analyses of their reliabilities. Other techniques which may be used for stracturing the safety case include fault and event tree analysis, failure mode and effects analysis (FMEA) and hazard and operability studies (HAZOPS). 

---