KEMBAR78
Introduction To Fault Tree Analysis in Risk Assessment | PDF | Systems Science | Systems Theory
Scribd
Upload
255 views26 pages

Introduction To Fault Tree Analysis in Risk Assessment

fault tree analysis

Uploaded by

Gurunath Epili
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
255 views26 pages

Introduction To Fault Tree Analysis in Risk Assessment

fault tree analysis

Uploaded by

Gurunath Epili
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 26

Introduction to Fault Tree Analysis

in
Risk Assessment

FAULT TREE ANALYSIS

Colin S. Chip Howat Ph.D.

Kurata Thermodynamics Laboratory


Department of Chemical & Petroleum Engineering
University of Kansas

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis


in
Risk Assessment

Lecture:

Three Class Periods

Title:

Introduction to Fault Tree Analysis

Thoughts:

It is good to have an end to journey toward; but


it is the journey that matters, in the end.
Ursula K. LeGuin

The journey is the reward.


Chinese Saying

Question:

Congress has considered and will consider again


using risk assessment to evaluate the suitability
of regulations governing safety and environment.
Given what you know about the uncertainties
associated with risk evaluation, is this a suitable
tool for governing?

Purpose:

Introduce Fault Tree Analysis


Continue Scenario Path Development
C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis


in
Risk Assessment

The architects . . . who relied only upon theories


and scholarship were obviously hunting the
shadow, not the substance.
Vitruvius, Book 1
Ten Books of Architecture

It is not the same to talk of bulls as to be in the


bullring.
Spanish Proverb

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

This is the Event Tree which we developed in class to represent the Loss of
Cooling for the simple reactor system. The question is, is this all possible
routes to the runaway reactor event? The Event Tree does not tell us this.
Loss of
Cooling

Initiating Event A

Alarm

Notice
Temperature

Restart
Cooling

Automatic
Shut-down

RUNAWAY

RUNAWAY

RUNAWAY
4

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Event Tree Analysis


This is an inductive procedure which shows all possible outcomes resulting
from an initiating event, e.g. equipment failure or human error.
In the example, the initiating event was the loss of cooling.

What other possibilities are there for arriving at a runaway condition?

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Example
In order to determine the Risk, we need the frequency. For the Simple
Reactor Problem, we need to determine the frequency of all runaway
situations. For this, we need all possible paths to runaway.

Consider an example of a flat tire. What is the frequency that this will occur?
In order to answer this and other questions, we need to recognize that the
accident can be a sequence of events, each of which has its own frequency.

Tire Failure

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Suppose that the Flat Tire is the terminating (top?) event. How might we represent this?

Flat Tire

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Fault Tree Analysis is


used to find all possible
causes of an event.

Fault Tree Representation of Flat Tire

Top Event

Flat Tire

Logic Gate

A
Tire Failure

Road
Debris

Minimum Cut
Sets

3
B
Worn
Tire

Defect

1
8

Basic
Event

3
B

1
2

Minimum Sequence of Steps


to Cause Top Event from Basic
Events
C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Fault Tree Analysis


This is a deductive technique focusing on on particular event or consequence.
The purpose is to identify all scenarios, i.e. initiating events that lead to this
consequence. In LOPA we call a scenario a cause/consequence pair. A
completed fault tree shows many scenarios, all with the same consequence.
HazOp might have been used to discover this event.
This method uses logic gates to determine the combination of equipment
failures and human errors which lead to the event. The minimum number is
determined (minimum cut sets).

~Pr(x)
9

Detailed understanding of how plant


functions, detailed process drawings and
procedures, knowledge of failure modes
and their effects.

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Fault Tree Analysis

Strengths -

Systematic
Minimal Cut Sets

Weaknesses -

Complete understanding required


Very Large Trees developed
Trees not unique

Education research indicates that engineers tend to be


inductive. That is, engineers prefer to go from the specific
to general. A deductive approach is from the general to
specific. The primary weakness of fault tree analysis is
that it is deductive in its approach to Hazard Evaluation.
The analyst must see the whole picture.
10

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Symbols Used in Fault Tree Analysis

Cond

The resulting output event requires


the simultaneous occurrence of all
input events.

AND Gate

The resulting output event requires


the occurrence of any individual
input event..

OR Gate

The output event will occur if the


input occurs and inhibit event occurs.

A fault event that needs no further


definition.

11

INHIBIT Event

BASIC Event

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Symbols Used in Fault Tree Analysis (cont.)


An event that results due to the
interaction of a number of other
events.

INTERMEDIATE Event

An event that cannot be developed


further due to lack of suitable
information.

UNDEVELOPED Event

An event that is a boundary


condition to the fault tree.

Out

12

In

Use to transfer the fault tree in and


out of a sheet of paper.

EXTERNAL Event

TRANSFER Symbol

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Fault Tree Rules


1. State what, where, when fault is.
Define Top Event.
Define Existing Events.
Define Unallowed Events.
Define the Physical Bounds of the Analysis.
Define the Equipment Configurations.
Define the Level of Resolution.

Cr

l!
a
c
iti

2. Ask whether this fault can be caused by equipment failure.


3. No miracles are allowed.
If Normal Operation propagates a fault, then assume Normal
Operation.
4. Complete the gate.
All inputs to a Gate must be defined before going to the next Gate.
5. No Gate to Gate connections are allowed.
Input to gates should be a fault.
13

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Fault Tree Resolution (Determining Minimum Cut Sets)


1. Uniquely Identify Gates and Basic Events.
Gates are identified with letters.
Basic Events are identified with numbers.
2. Resolve all Gates into Basic Events.
3. Remove duplicate Events within a set.
4. Delete all supersets.

Or Gate forms new line in development. And Gate forms a new column. The
resolution is complete when outcome is defined by Basic Events. See Flat Tire
analysis for a simple example.

14

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Qualitative Probabilities can be used


as an initial estimate of each sequence
of events.

Pr( ) Increasing

Estimating the Probability


Human Error
Active Equip
Error
Passive Equip
Error

Notes on Probability Estimation


Pr(A and B) = Pr(A) Pr(B)
Pr(A or B) = Pr(A) + Pr(B) - Pr(A) Pr(B)
Of course, we know more probabilities than implied on this slide since we have
covered LOPA and Event Tree.
15

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Steps
Define

Top Event
Existing Event
Unallowed Events
Physical Bounds
Equipment Configurations
Level of Resolution

Example
Top Event:
Storage Tank Overflows

16

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis


Storage Tank Overflows

What Next?

17

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis


Storage Tank Overflows

Operator Does Not Stop


Flow

High Level Shut Down


Fails

Operator not Aware of


High Level

Control
Valve
Fails
1

Level
Switch
Fails

Solenoid
Valve
Fails

Level Indicator
Failure

In

18

C1

Alarm Does Not


Go Off
In

C2

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

C1

Out

Out

Level
Measure
Error

C2

F
Strip
Chart
Fails

Level
Measure
Error

Alarm
Failure

This completes the fault tree for the event of storage tank overfills.

Human error could be added if it were allowed. The addition point would be
before the gate D, wouldnt it? What would the addition of Human Error look
like?

19

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Resolution of the Fault Tree Example


The resolution of the Fault Tree is to determine the most probable
event leading to the top event.
A
A

B
1
D
D

1
1

20

C
C
C
C
C
C
C
C
C
C
2
3
2
2
2
2
3
3
3
3

E
4
5
4
4
5
5

F
F
F
4
6
4
6

4
4
5
5
4
4
5
5

4
6
4
6
4
6
4
6

This process
continues adding
a new column for
each and gate.
A new row is
added for each
or gate.
This process
continues until
all gates are
resolved into
basic events.
C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Resolution of the Fault Tree Example


Can you prove that the minimum cut sets are:
1,2
1,3
2,4
3,4
2,5,6
3,5,6
This is accomplished by removing all duplicate steps and by recognizing which
sets contain supersets. That is those multiple steps which have as part of
them some other minimum set.

21

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

The Columns are for Reference Only


Valving and Instrumentation Incomplete

STM
LC

CWS
TC

PI
PC
H
TA
TC

LC

KURATA THERMODYNAMICS LABORATORY


UNIVERSITY OF KANSAS

Proposed Cyclopentadiene Installation


For Discussion Purposes Only - Draft for HazOp
CWS

22

JOB:

HazOP

BY:

C. S. Howat

DATE:

3/08/04

DWG:

REV:

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Fault Tree Example


Stable Condition reached if Quench Valve Opens adding
material to reactor and Inlet Valve Closes

Top Event
Damage due to High Process Temperature

23

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Top Event?

Existing Event?

Unallowed Events?

Physical Bounds?

Equipment Considerations?

Level of Resolution?

24

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis


Damage Due to High
Process Temperature

What Next?

25

C. S. Howat Fault Tree Analysis - 2008

Introduction to Fault Tree Analysis

Conclusions
Fault Tree Analysis -- Deductive Approach to resolve Top Events into all
possible initiating events. It is used to test the most probable sequence of
events which lead to the undesirable top event. Probabilities of undesirable
outcomes can be calculated with most probable outcome identified.

Five Rules to Fault Tree Analysis


1) Identify what, when, where fault occurs.
2) Ask whether fault can be caused by equipment
failure.
3) No miracles are allowed.
4) Complete each gate.

5) No gate-to-gate connections are allowed.

26

C. S. Howat Fault Tree Analysis - 2008

You might also like