Big Chemical Encyclopedia

Chemical substances, components, reactions, process design ...

Articles Figures Tables About

Identifying Causal Scenarios

The hazard in figure 8.7 is that the door is open but the power is not turned off. Looking first at the controller itself, the hazard could result if the requirement is not passed to the developers of the controller, the requirement is not implemented [Pg.221]

More detailed causal analysis can be performed if a specific design is being considered. For example, the features of the communication channels used will determine the potential way that commands or feedback could be lost or delayed. [Pg.222]

Once the causal analysis is completed, each of the causes that cannot be shown to be physically impossible must be checked to determine whether they are [Pg.222]

The causal factors to be considered to create scenarios in step 3. [Pg.223]

Example of step 2b STPA analysis for the high power interlock. [Pg.224]

For the high power interlock example, the process model is simple and shown in figure 8.5. The general causal factors, shown in figure 4.8 and repeated here in figure 8.6 for convenience, are used to identify the scenarios. [Pg.221]

If necessary to assist in determining the actual incident scenario from two or more possible scenarios, a fact/hypothesis matrix may be employed to help resolve conflicting facts. This is most efficiently performed prior to identifying the causal factors. [Pg.226]

Once the timeline or sequence diagram based upon the actual scenario has been developed, the next phase of the investigation involves identifying the causal factors. Causal factors involve human errors and equipment failures that led to the incident, but can also be undesirable conditions and... [Pg.226]

The process of evidence gathering, timeline development, scenario determination, and causal factor identification is somewhat iterative, and therefore some of the tools and quality tests previously described may assist in causal factor identification. More specifically, barrier analysis and change analysis, together with a completeness test, can ensure that all valid causal factors are identified. [Pg.227]

Once the actual incident scenario is understood and its multiple causal factors identified, this information may be used to determine the incident s root causes. One means of performing root cause analysis involves the use of ready-made, predefined trees. A predefined tree provides a systematic approach for analyzing and selecting the relevant elements of the incident scenario. It is a deductive approach, looking backward in time to examine preceding events necessary to produce the specified incident. [Pg.233]

Using the augmented control structure, the remaining activities in STPA are to identify potentially hazardous control actions by each of the system components that could violate the safety constraints, determine the causal factors that could lead to these hazardous control actions, and prevent or control them in the system design. The process thus involves a top-down identification of scenarios in which the safety... [Pg.258]

First, the system is divided into sections, each section has the capabUity to effect a system process variable and contains a sensor that monitors the functioning of the variable of interest. The possible trends of the monitored variable are smdied and these are correlated to the states of the section. In this way, specific patterns are identified for each possible section failed state. Non-coherent Fault Trees (FTs) are then built to represent the causality relations between the failed state of the sections and the component failures (Hurdle et al., 2005 and 2007). The FTs are converted into BNs and these are finally coimected together in a unique network that represents aU system scenarios. The trends observed in the sensors are also included in the strucmre of the BN so that evidence can he introduced in the networks when the sensor are observed. Posterior probability is calculated for the component failure events in all scenarios and the list of component failures whose posterior prohahihty has increased with respect to their prior prohahUity is derived. This gives the lists of possible causes for all system scenarios. [Pg.204]

The causal sequence indicates that final failure committed by the operator is the effect of series of inadequate actions that begins at the organizational level, which the operator can not be blamed for. At each level should be specified vulnerabilities that are important in terms of providing safely of the process, personnel and environment. In probabilistic modeling of accident scenarios it is essential to identify possible dependencies between specified layers and their quantification in order to apply proper technical and organizational solutions. [Pg.310]

The sequence of identified intermediate conditions is termed the hazard development scenario . The consequences lit into one of the following categories predominantly safety related consequence, predominantly commercial consequence, predominantly environmental consequence, broadly safe condition. The combination of a causal model of a core hazard and the consequence model, of the same core hazard, results in the Core Hazard Cause-Consequence Model. The model calculates the frequencies or probabilities of occurrence for all the consequences within the model. [Pg.76]

See other pages where Identifying Causal Scenarios is mentioned: [Pg.221]    [Pg.221]    [Pg.211]    [Pg.136]    [Pg.142]    [Pg.635]    [Pg.350]    [Pg.638]    [Pg.1776]    [Pg.257]    [Pg.262]    [Pg.78]    [Pg.263]    [Pg.1254]    [Pg.51]    [Pg.93]    [Pg.768]    [Pg.403]    [Pg.254]    [Pg.140]    [Pg.465]   


SEARCH



Causal

Causality

Scenario, scenarios

Scenarios

© 2024 chempedia.info