165,358 research outputs found
Multi criteria risk analysis of a subsea BOP system
The Subsea blowout preventer (BOP) which is latched to a subsea wellhead is
one of several barriers in the well to prevent kicks and blowouts and it is the
most important and critical equipment, as it becomes the last line of protection
against blowout. The BOP system used in Subsea drilling operations is
considered a Safety – Critical System, with a high severity consequence
following its failure. Following past offshore blowout incidents such as the most
recent Macondo in the Gulf of Mexico, there have been investigations, research,
and improvements sought for improved understanding of the BOP system and
its operation. This informs the need for a systematic re-evaluation of the Subsea
BOP system to understand its associated risk and reliability and identify critical
areas/aspects/components.
Different risk analysis techniques were surveyed and the Failure modes effect
and criticality analysis (FMECA) selected to be used to drive the study in this
thesis. This is due to it being a simple proven cost effective process that can
add value to the understanding of the behaviours and properties of a system,
component, software, function or other. The output of the FMECA can be used
to inform or support other key engineering tasks such as redesigning, enhanced
qualification and testing activity or maintenance for greater inherent reliability
and reduced risk potential. This thesis underscores the application of the
FMECA technique to critique associated risk of the Subsea BOP system.
System Functional diagrams was developed with boundaries defined, a FMECA
were carried out and an initial select list of critical component failure modes
identified. The limitations surrounding the confidence of the FMECA failure
modes ranking outcome based on Risk priority number (RPN) is presented and
potential variations in risk interpretation are discussed.
The main contribution in this thesis is an innovative framework utilising
Multicriteria decision making (MCDA) analysis techniques with consideration of
fuzzy interval data is applied to the Subsea BOP system critical failure modes
from the FMECA analysis. It utilised nine criticality assessment criteria deduced
from expert consultation to obtain a more reliable ranking of failure modes. The MCDA techniques applied includes the technique for order of Preference for
similarity to the Ideal Solution (TOPSIS), Fuzzy TOPSIS, TOPSIS with interval
data, and Preference Ranking Organization Method for Enrichment of
Evaluations (PROMETHEE). The outcome of the Multi-criteria analysis of the
BOP system clearly shows failures of the Wellhead connector, LMRP hydraulic
connector and Control system related failure as the Top 3 most critical failure
with respect to a well control. The critical failure mode and components
outcome from the analysis in this thesis is validated using failure data from
industry database and a sensitivity analysis carried out. The importance of
maintenance, testing and redundancy to the BOP system criticality was
established by the sensitivity analysis. The potential for MCDA to be used for
more specific analysis of criteria for a technology was demonstrated.
Improper maintenance, inspection, testing (functional and pressure) are critical
to the BOP system performance and sustenance of a high reliability level.
Material selection and performance of components (seals, flanges, packers,
bolts, mechanical body housings) relative to use environment and operational
conditions is fundamental to avoiding failure mechanisms occurrence. Also
worthy of notice is the contribution of personnel and organisations (by way of
procedures to robustness and verification structure to ensure standard expected
practices/rules are followed) to failures as seen in the root cause discussion.
OEMs, operators and drilling contractors to periodically review operation
scenarios relative to BOP system product design through the use of a Failure
reporting analysis and corrective action system. This can improve design of
monitoring systems, informs requirement for re-qualification of technology
and/or next generation designs. Operations personnel are to correctly log in
failures in these systems, and responsible Authority to ensure root cause
analysis is done to uncover underlying issue initiating and driving failures
A synthesis of logic and bio-inspired techniques in the design of dependable systems
Much of the development of model-based design and dependability analysis in the design of dependable systems, including software intensive systems, can be attributed to the application of advances in formal logic and its application to fault forecasting and verification of systems. In parallel, work on bio-inspired technologies has shown potential for the evolutionary design of engineering systems via automated exploration of potentially large design spaces. We have not yet seen the emergence of a design paradigm that effectively combines these two techniques, schematically founded on the two pillars of formal logic and biology, from the early stages of, and throughout, the design lifecycle. Such a design paradigm would apply these techniques synergistically and systematically to enable optimal refinement of new designs which can be driven effectively by dependability requirements. The paper sketches such a model-centric paradigm for the design of dependable systems, presented in the scope of the HiP-HOPS tool and technique, that brings these technologies together to realise their combined potential benefits. The paper begins by identifying current challenges in model-based safety assessment and then overviews the use of meta-heuristics at various stages of the design lifecycle covering topics that span from allocation of dependability requirements, through dependability analysis, to multi-objective optimisation of system architectures and maintenance schedules
Integrating model checking with HiP-HOPS in model-based safety analysis
The ability to perform an effective and robust safety analysis on the design of modern safety–critical systems is crucial. Model-based safety analysis (MBSA) has been introduced in recent years to support the assessment of complex system design by focusing on the system model as the central artefact, and by automating the synthesis and analysis of failure-extended models. Model checking and failure logic synthesis and analysis (FLSA) are two prominent MBSA paradigms. Extensive research has placed emphasis on the development of these techniques, but discussion on their integration remains limited. In this paper, we propose a technique in which model checking and Hierarchically Performed Hazard Origin and Propagation Studies (HiP-HOPS) – an advanced FLSA technique – can be applied synergistically with benefit for the MBSA process. The application of the technique is illustrated through an example of a brake-by-wire system
Use of COTS functional analysis software as an IVHM design tool for detection and isolation of UAV fuel system faults
This paper presents a new approach to the development of health management solutions which can be applied to both new and legacy platforms during the conceptual design phase. The approach involves the qualitative functional modelling of a system in order to perform an Integrated Vehicle Health Management (IVHM) design – the placement of sensors and the diagnostic rules to be used in interrogating their output. The qualitative functional analysis was chosen as a route for early assessment of failures in complex systems. Functional models of system components are required for capturing the available system knowledge used during various stages of system and IVHM design. MADe™ (Maintenance Aware Design environment), a COTS software tool developed by PHM Technology, was used for the health management design. A model has been built incorporating the failure diagrams of five failure modes for five different components of a UAV fuel system. Thus an inherent health management solution for the system and the optimised sensor set solution have been defined. The automatically generated sensor set solution also contains a diagnostic rule set, which was validated on the fuel rig for different operation modes taking into account the predicted fault detection/isolation and ambiguity group coefficients. It was concluded that when using functional modelling, the IVHM design and the actual system design cannot be done in isolation. The functional approach requires permanent input from the system designer and reliability engineers in order to construct a functional model that will qualitatively represent the real system. In other words, the physical insight should not be isolated from the failure phenomena and the diagnostic analysis tools should be able to adequately capture the experience bases. This approach has been verified on a laboratory bench top test rig which can simulate a range of possible fuel system faults. The rig is fully instrumented in order to allow benchmarking of various sensing solution for fault detection/isolation that were identified using functional analysis
Engineering failure analysis and design optimisation with HiP-HOPS
The scale and complexity of computer-based safety critical systems, like those used in the transport and manufacturing industries, pose significant challenges for failure analysis. Over the last decade, research has focused on automating this task. In one approach, predictive models of system failure are constructed from the topology of the system and local component failure models using a process of composition. An alternative approach employs model-checking of state automata to study the effects of failure and verify system safety properties. In this paper, we discuss these two approaches to failure analysis. We then focus on Hierarchically Performed Hazard Origin & Propagation Studies (HiP-HOPS) - one of the more advanced compositional approaches - and discuss its capabilities for automatic synthesis of fault trees, combinatorial Failure Modes and Effects Analyses, and reliability versus cost optimisation of systems via application of automatic model transformations. We summarise these contributions and demonstrate the application of HiP-HOPS on a simplified fuel oil system for a ship engine. In light of this example, we discuss strengths and limitations of the method in relation to other state-of-the-art techniques. In particular, because HiP-HOPS is deductive in nature, relating system failures back to their causes, it is less prone to combinatorial explosion and can more readily be iterated. For this reason, it enables exhaustive assessment of combinations of failures and design optimisation using computationally expensive meta-heuristics. (C) 2010 Elsevier Ltd. All rights reserved
Probabilistic Model-Based Safety Analysis
Model-based safety analysis approaches aim at finding critical failure
combinations by analysis of models of the whole system (i.e. software,
hardware, failure modes and environment). The advantage of these methods
compared to traditional approaches is that the analysis of the whole system
gives more precise results. Only few model-based approaches have been applied
to answer quantitative questions in safety analysis, often limited to analysis
of specific failure propagation models, limited types of failure modes or
without system dynamics and behavior, as direct quantitative analysis is uses
large amounts of computing resources. New achievements in the domain of
(probabilistic) model-checking now allow for overcoming this problem.
This paper shows how functional models based on synchronous parallel
semantics, which can be used for system design, implementation and qualitative
safety analysis, can be directly re-used for (model-based) quantitative safety
analysis. Accurate modeling of different types of probabilistic failure
occurrence is shown as well as accurate interpretation of the results of the
analysis. This allows for reliable and expressive assessment of the safety of a
system in early design stages
A controlled experiment for the empirical evaluation of safety analysis techniques for safety-critical software
Context: Today's safety critical systems are increasingly reliant on
software. Software becomes responsible for most of the critical functions of
systems. Many different safety analysis techniques have been developed to
identify hazards of systems. FTA and FMEA are most commonly used by safety
analysts. Recently, STPA has been proposed with the goal to better cope with
complex systems including software. Objective: This research aimed at comparing
quantitatively these three safety analysis techniques with regard to their
effectiveness, applicability, understandability, ease of use and efficiency in
identifying software safety requirements at the system level. Method: We
conducted a controlled experiment with 21 master and bachelor students applying
these three techniques to three safety-critical systems: train door control,
anti-lock braking and traffic collision and avoidance. Results: The results
showed that there is no statistically significant difference between these
techniques in terms of applicability, understandability and ease of use, but a
significant difference in terms of effectiveness and efficiency is obtained.
Conclusion: We conclude that STPA seems to be an effective method to identify
software safety requirements at the system level. In particular, STPA addresses
more different software safety requirements than the traditional techniques FTA
and FMEA, but STPA needs more time to carry out by safety analysts with little
or no prior experience.Comment: 10 pages, 1 figure in Proceedings of the 19th International
Conference on Evaluation and Assessment in Software Engineering (EASE '15).
ACM, 201
Recommended from our members
Building safe software
Murphy is a set of techniques and tools under investigation for their potential in enhancing the safety of software. This paper describes some of the work which has been done and some which is planned
- …