Big Chemical Encyclopedia

Chemical substances, components, reactions, process design ...

Articles Figures Tables About

Functional hazard analysis limitations

Prototyping FDA (1995) An approach to accelerate the software development process by facilitating the identification of required functionality during analysis and design phases. A limitation of this technique is the identification of system and software problems and hazards. [Adapted.]... [Pg.946]

At this point in development, the safety requirements and constraints are documented and traced to the design features used to implement them. A hazard log contains the hazard information (or links to it) generated during the development process and the results of the hazard analysis performed. The log will contain embedded links to the resolution of each hazard, such as functional requirements, design constraints, system design features, operational procedures, and system limitations. The information documented should be easy to collect into a form that can be used for the final safety assessment and certification of the system. [Pg.347]

Structures, systems, and components (SSCs) that are important to safety and that are identified as Safety SSCs are based on criteria contained in DOE-STD-3009 (p. xix) and the results of safety analyses, which determine the safety contributions of specific SSCs. The degree of consequence mitigation is the basis for identification of Safety SSCs and associated Safety Functions". These Safety Functions are the essential performance requirements that are imposed on Safety SSC s which maintain the consequences of accident scenarios within bounds that are described in the SAR accident analysis. The use of the term Safety Function will be limited to these essential performance requirements in this SAR. While many SSCs provide a material safety benefit and could be considered to perform a safety function, SSCs that are not relied upon to effect an acceptable outcome will not have an associated Safety Function as the term is used in this S/VR. Safety SSCs and associated Safety Functions are based on the results of hazard evaluation and accident analysis described in Chapter 3, and are specifically identified in Section 3.3.2.3. The specific safety functions important to safety are described in Chapter 4, and form the basis of the derivation of Technical Safety Requirements presented in Chapter 5. [Pg.75]

The second and more common hardware FMEA examines actual system assemblies, subassemblies, individual components, and other related system hardware. This analysis should also be performed at the earliest possible phase in the product or system life cycle. Just as subsystems can fail with potentially disastrous effects, so can the individual hardware and components that make up those subsystems. As with the functional FMEA, the hardware FMEA evaluates the reliability of the system design. It attempts to identify single-point failures, as well as all other potential failures, within a system that could possibly result in failure of that system. Because the FMEA can accurately identify critical failure items within a system, it can also be useful in the development of the preliminary hazard analysis and the operating and support hazard analysis (Stephenson 1991). It should be noted that FMEA use in the development of the O SHA might be somewhat limited, depending on the system, because the FMEA does not typically consider the ergonomic element. Other possible disadvantages of the FMEA include its purposefiil omission of multiple-failure analysis within a system, as well as its failure to evaluate any operational interface. Also, in order to properly quantify the results, a FMEA requires consideration and evaluation of any known component failure rates and/or other similar data. These data often prove difficult to locate, obtain, and verify (Stephenson 1991). [Pg.114]

Introductory Information The analyst should provide basic information in this section of the report which describes the purpose and scope of the FMEA along with any limitations imposed on the analysis as a result (i.e., items not specifically within the scope of the analysis). The scope will also identify the type of FMEA (i.t., functional or hardware). Also included in the introduction section is an explanation of the methodology used to perform the analysis such as, but not limited to drawing reviews, examination of previous analyses (if applicable), evaluation of lessons learned, use of Preliminary Hazard List and/or Preliminary Hazard Analysis, and so on. Finally, any preestablished ground rules that may have been agreed upon should be provided here. Such ground rules typically limit or further narrow the scope of the FMEA, or just a portion of it, and should therefore be explained in the introductory pages of the report. [Pg.121]

The extent of accommodation and characterization of uncertainty in exposure assessment must necessarily be balanced against similar considerations with respect to hazard, since the outcome of any risk assessment is a function of comparison of the two. If, for example, there is limited information to inform quantitatively on hazard and, as a result, a need to rely on defaults, there is limited benefit to be gained in developing the exposure analysis such that any increase in certainty is cancelled by uncertainties of greater magnitude associated with quantification of critical hazard, as a basis for a complete risk assessment. [Pg.10]

The approach used for the estimation of loss of life in floods shows considerable resemblance to the approach that is used in the Dutch major hazards policy. In both cases, the probability of a critical event (loss of containment or flood) is estimated using fault tree analysis, after which the physical effects associated with that critical event are considered (using e.g. dispersion or flood propagation models) and related to mortality estimates (using dose-response functions or flood mortality functions). But while the potential for evacuation is often limited when it comes to explosions or toxic releases, it could be significant when it comes to floods. [Pg.1978]

Part II of this Basic Guide to System Safety presents and briefly discusses some of the more common system safety analytical tools used in the performance of the system safety function. Through example analyses of hypothetical mechanical and/or electrical systems, the reader should become familiar with each type of system safety analysis method or technique discussed. However, it must be understood that it is not within the limited scope of this volume to provide a detailed explanation of each of these methods and/or techniques. The intention is to merely introduce the reader to the various tools associated with the system safety process. The value of each concept in the analysis of hazard risk will vary according to the individual requirements of a given organization or company. [Pg.64]

ANSI/ISA-84.00.01-2004-1, Clause 8, requires that a Hazard and Risk Analysis (H RA) be performed to determine the initiating causes for process hazards and to identify safety functions that can be used to mitigate each initiating cause. ANSI/ISA-84.00.01-2004-1 restricts the assumptions made with regard to the dangerous failure rate for a control function allocated to the BPCS layer that does not fully comply with the requirements of the standard. The dangerous failure rate must not be assumed to be less than 10-5/hour (ANSI/ISA-84.00.01-2004-1 Clause 8.2.2). This limitation is related to potential systematic and hardware failures within the BPCS ... [Pg.118]

Authorization is necessary for software modification under the procedures specified during planning. Major issues involved in authorization shall include but are not limited to Hazard to be affected, and proposed change with necessary reason (duly documented). It is necessary to ensure that the required SIL is maintained. In this connection for detailing, clause number 7.8 of the standard may be referenced. The modification process involves an analysis on the impact of the proposed on functional safety and how much of the safety life cycle must be repeated. [Pg.440]

Abstract. Autonomous systems operating in the vicinity of humans are critical in that they potentially harm humans. As the complexity of autonomous system software makes the zero-fault objective hardly attainable, we adopt a fault-tolerance approach. We consider a separate safety channel, called a monitor, that is able to partially observe the system and to trigger safety-ensuring actuations. A systematic process for specifying a safety monitor is presented. Hazards are formally modeled, based on a risk analysis of the monitored system. A model-checker is used to synthesize monitor behavior rules that ensure the safety of the monitored system. Potentially excessive limitation of system functionality due to presence of the safety monitor is addressed through the notion of permissiveness. Tools have been developed to assist the process. [Pg.262]


See other pages where Functional hazard analysis limitations is mentioned: [Pg.197]    [Pg.152]    [Pg.198]    [Pg.116]    [Pg.207]    [Pg.354]    [Pg.158]    [Pg.545]    [Pg.195]    [Pg.516]    [Pg.263]    [Pg.134]    [Pg.35]    [Pg.435]    [Pg.259]    [Pg.435]    [Pg.173]    [Pg.125]    [Pg.281]    [Pg.536]    [Pg.346]    [Pg.241]    [Pg.1170]    [Pg.3164]    [Pg.237]    [Pg.170]   
See also in sourсe #XX -- [ Pg.57 ]




SEARCH



Function hazard

Function limit

Functional analysis

Functions analysis

Hazard analyses analysis

Hazard analysis

Hazardous analysis

Hazardous function

© 2024 chempedia.info