Impact of common cause failure on reliability performance of redundant safety related systems subject to process demand

Acknowledgments The authors would like to thank the anonymous reviewers for their constructive comments and feedback.Peer reviewedPostprin

Reliability modelling of redundant safety systems without automatic diagnostics incorporating common cause failures and process demand

Sriramula’s work within the Lloyd’s Register Foundation Centre for Safety and Reliability Engineering at the University of Aberdeen is supported by Lloyd’s Register Foundation. The Foundation helps to protect life and property by supporting engineering-related education, public engagement and the application of re-search.Peer reviewedPostprin

Requirements Elicitation for Barrier Monitoring System

Master's thesis in Industrial asset managementThe activities undertaken by operator companies in the Norwegian Continental Shelf pose a very high risk to human life and the environment. Leading causes of accidents are poor maintenance, inadequate risk assessment and failure of barrier safety valves. A combination of all the listed accident causes are investigated with a focus on barrier valves (PMV, PWV, DHSV). Despite the fact that PSA has defined regulations and recommended standards related to barriers managements, operators in the Norwegian continental shelf still fail to implement the regulatory requirements regarding safety barriers. This stems from challenges related to interpretation and uncertainty of barrier testing requirements. Challenges related to interpreting barrier requirements arise from terminological inconsistencies or the use of non-standard syntax in documenting requirements. The purpose of this study was to illuminate the challenges encountered by operator companies in adhering to standards recommended by Petroleum Safety Authority of Norway. There will be a focus on clarity of testing requirements from standards, technical challenges which prevent standard adherence and technical capabilities of current condition monitoring systems. To understand how these requirements and generate primary data, semi-structured interviews (with customers or via representative) were performed to get specific clarification and standard based requirements, customer-based requirements are analyzed and verified. Secondary data was also collected and analyzed from di erent case studies. The requirements elicitation discovered that companies preferred to follow NOR-SOK D-10 as opposed to PSAN recommendation of NOG 070, since NOG 070 gives little weight to uncertainties during PFD calculation. Commonest failure modes cited during valve failure were mechanical failure due to leakage, general mechanical failure and corrosion. Findings also suggested that operator companies did not follow the maintenance procedure strictly. Also, condition monitoring systems provided by monitoring service providers did not could not detect certain failure modes that operators faced

Operational Data Framework for Safety Instrumented Systems : A Case Study in Functional Safety and Reliability

In various industries, companies are adopting functional safety measures to address safety concerns, adhere to standards, and manage complex systems. This research is focused on ensuring the reliable operation of Safety Instrumented Systems (SISs) by emphasizing the reliability data. The study examines methodologies for collecting data, classifying failures, mitigating risks, and complying with international safety standards. Through a case study in the energy and marine power industry, a theoretical framework is developed to utilize operational data for assessing SIS performance in the form of a new Engine Safety System (ESS). By complying with IEC standards 61508 and 61511 and incorporating the framework into the ESS's Functional Safety Management Plan, the research addresses key challenges such as data collection, failure analysis, and performance verification. The primary research questions involve determining the type of data to be collected and establishing guidelines for analysing and evaluating that data. A mixed method approach is chosen, with a greater emphasis on qualitative aspects due to the nature of interpreting standards and establishing procedures. The developed framework is presented using tables that outline the required data inputs for reporting actual demands, spurious trips, failures of other barriers, and SIS element failures. Failure report templates are provided, emphasizing the importance of identifying root causes and categorizing failures into Safe or Dangerous failures, as well as Undetected or Detected. The reliability assessment involves comparing actual performance data against the criteria defined in the Safety Integrity Requirements that have been established for the SIS, based on the outcome of the risk assessment. Different risk assessment techniques, such as Layer of Protection Analysis, Fault tree analysis, and risk matrices, are presented in this context, while key performance indicators like demand rates and failure rates are explored to highlight their role in verifying SIS performance. The established framework, designed for the ESS to execute safety functions at Safety Integrity Level 2, is versatile and can serve as a robust foundation for the development of future Functional Safety projects within the organisation and can be applied to other SISs with different Safety Integrity level targets. The study concludes by addressing challenges associated with reliability and various data sources, such as human error and lack of functional safety training, emphasizing the significance of comprehending functional safety when operating with data of SISs

Optimization of maintenances following proof tests for the final element of a safety-instrumented system

2019 The Authors Safety-instrumented systems (SISs) have been widely installed to prevent accidental events and mitigate their consequences. Mechanical final elements of SISs often become vulnerable with time due to degradations, but the particulars in SIS operations and assessment impede the adaption of state-of-art research results on maintenances into this domain. This paper models the degradation of SIS final element as a stochastic process. Based on the observed information during a proof test, it is essential to determine an optimal maintenance strategy by choosing a preventive maintenance (PM) or corrective maintenance (CM), as well deciding what degree of mitigation of degradation is enough in case of a PM. When the reasonable initiation situation of a PM and the optimal maintenance degree are identified, lifetime cost of the final element can be minimized while keeping satisfying the integrity level requirement for the SIS. A numerical example is introduced to illustrate how the presenting methods are used to examine the effects of maintenance strategies on cost and the average probability of failure on demands (PFDavg) of a SIS. Intervals of the upcoming tests thus can be updated to provide maintenance crews with more clues on cost-effective tests without weakening safety

Digital Sensor Technology

The nuclear industry has been slow to incorporate digital sensor technology into nuclear plant designs due to concerns with digital qualification issues. However, the benefits of digital sensor technology for nuclear plant instrumentation are substantial in terms of accuracy, reliability, availability, and maintainability. This report demonstrates these benefits in direct comparisons of digital and analog sensor applications. It also addresses the qualification issues that must be addressed in the application of digital sensor technology

Programmable Electronic Mining Systems: Best Practice Recommendations (In Nine Parts) - Part 6: 5.1 System Safety Guidance

This report (System Safety Guidance 5.1) is the sixth in a nine-part series of recommendations and guidance addressing the functional safety of processor-controlled mining equipment. It is part of a risk-based system safety process encompassing hardware, software, humans, and the operating environment for the equipment s life cycle. Figure 1 shows a safety framework containing these recommendations. The reports in this series address the various lifecycle stages of inception, design, approval and certification, commissioning, operation, maintenance, and decommissioning. These recommendations were developed as a joint project between the National Institute for Occupational Safety and Health and the Mine Safety and Health Administration. They are intended for use by mining companies, original equipment manufacturers, and aftermarket suppliers to these mining companies. Users of these reports are expected to consider the set in total during the design cycle. 1.0 Safety Introduction (Part 1). This is an introductory report for the general mining industry. It provides basic system/software safety concepts, discusses the need for mining to address the functional safety of programmable electronics (PE), and includes the benefits of implementing system/software safety program. 2.1 System Safety (Part 2) and 2.2 Software Safety (Part 3). These reports draw heavily from International Electrotechnical Commission (IEC) standard IEC 61508 [IEC 1998a,b,c,d,e,f,g]and other standards. The scope is surface and underground safety-related mining systems employing embedded, networked, and nonnetworked programmable electronics. System safety seeks to design safety into all phases of the entire system. Software is a subsystem; thus, software safety is a part of the system s safety. 3.0 Safety File (Part 4). This report contains the documentation that demonstrates the level of safety built into the system and identifies limitations for the system s use and operation. In essence, it is a proof of safety that the system and its operation meet the appropriate level of safety for the intended application. It starts from the beginning of the design, is maintained during the full life cycle of the system, and provides administrative support for the safety program of the full system. 4.0 Safety Assessment (Part 5). The independent assessment of the safety file is addressed. It establishes consistent methods to determine the completeness and suitability of safety evidence and justifications. This assessment could be conducted by an independent third party. Safety Framework Guidance. It is intended to supplement the safety framework reports with guidance providing users with additional information. The purpose is to assist users in applying the concepts presented. In other words, the safety framework is what needs to be done and the guidance is how it can be done. The guidance information reinforces the concepts, describes various methodologies that can be used, and gives examples and references. It also gives information on the benefits and drawbacks of various methodologies. The guidance reports are not intended to promote a single methodology or to be an exhaustive treatment of the subject material. They provide information and references so that the user can more intelligently choose and implement the appropriate methodologies given the user s application and capabilities. The guidance reports comprise parts 6 through 9 of the series and are listed below: [< 5.1 System Safety Guidance (Part 6). This guidance supplements 2.1 System Safety. < 5.2 Software Safety Guidance (Part 7). This guidance supplements 2.2 Software Safety. < 6.0 Safety File Guidance (Part 8). This guidance supplements 3.0 Safety File. < 7.0 Independent Functional Safety Assessment Guidance (Part 9). This guidance supplements 4.0 Independent Functional Safety Assessment.] [

La valutazione del livello di integrità dei sistemi di protezione delle macchine, dall'analisi dei rischi ai dati affidabilistici

Through the application of several different methods of analysis it was showed definitely that a risk analysis conducted on an industrial machine, taking into account the human factor from the beginning, has a significant impact in the assignment of SIL to all Safety Integrity Function (SIF). The same phenomenon occurs in the verification and computation of the performance level for each device of the press. Comparing these methods and the results obtained through the development of a further case study carried out during the Spring at Trinity College of Dublin it was possible to define a useful logical model of analysis to describe and assess the risks related to human-interface and usable to verify and calculate the safety integrity level of the safety functions of the machine. This methodology is a combination between the Integrated Dynamic Decision Analysis (IDDA) and the Technique for Human Error Rate Prediction (THERP). The application of the Decision Analysis has been made possible through a careful reconstruction of the operating procedure regarding the use of the press applying an using an ad hoc Failure Mode and Effects Analysis (FMEA) template. The system of the study was described by IDDA in a random sequence of events where the given values of probability derived from the THERP model for human error and from the method of calculation set out by the standard technique (EN IEC 62061) for dangerous failures of safety devices. This integrated approach has allowed to take into account human factors with greater detail and in a quantitative way describing where and why the operator can cheat or by-pass the safety system, unlike other methods of risk assessment where you could only identify where the man-machine interface should be analyzed in dept

Bridges Structural Health Monitoring and Deterioration Detection Synthesis of Knowledge and Technology

INE/AUTC 10.0

Reliability Analysis of Subsea Blowout Preventers with Condition-based Maintenance using Stochastic Petri Nets

Blowout Preventer (BOP) has maintained its function as a safety barrier and the last line of defence against oil and gas spills since its development in the early 1900s. However, as drilling and exploration activities move further offshore, challenges pertaining to reliable operation of the subsea BOP systems continue to be a source of concern for stakeholders in the industry. In spite of recent advancements in reliability analysis of safety instrumented systems (SISs), the research on reliability assessment of BOP is still lacking in some regards. There are gaps in the literature with respect to the incorporation of preventive maintenance (PM) strategies as well as dynamic operating conditions into BOP reliability analysis. To address these gaps, this paper develops an advanced analysis method using stochastic Petri nets (SPN) to estimate the reliability of subsea BOP systems subject to condition-based maintenance (CBM) with different failure modes. The BOP system is divided into five subsystems which are connected in series with each other and categorised into degrading and binary units. The performance of the BOP system in terms of availability, reliability and mean-time-between failures (MTBF) is obtained and analysed. A sensitivity analysis is also performed to evaluate the effect of fault coverage factor and redundancy design on system performance. The results show that both the fault coverage factor and redundancy have significant impact on the BOP's reliability, availability and MTBF