FMEA RBD FT - lab activity

pdf

School

Concordia University *

*We aren’t endorsed by this school

Course

410

Subject

Mechanical Engineering

Date

Jan 9, 2024

Type

pdf

Pages

Uploaded by AdmiralMetal10488

Problem 1 For the following RBD 1. Compute the reliability of the system 2. Convert the RBD into FTA 3. Compute the probability of occurrence of the top event. Problem 2

Problem 3 – version 1 The system in the figure below is intended to trigger an alarm in the case of a pressure increase in a reactor which operates 24/7.. Should an over pressure occur, the tower indicates an alarm, and the intervention team secures the reactor. When the pressure in the reactor reaches a value above the acceptable level, an alarm is activated either manually by the supervisor or automatically by the automatic sensor. The alarm tower is fed either by a line of main energy or, in case of any failure of the main line, by an auxiliary stand-by power generator (the switch from main to auxiliary is automatic if the main power shows any kind of failure or degradation performance). The standby power generator (wind mill turbine) operates continuously. The following failure modes and numerical probabilities per 1h of continuous operation provided: Item Failure consequence Probability /1h of operation Stand-by power Complete loss of power 3.81E-4 Alarm tower (sound & visual) Loss of alarm Compute from the following failure times, use lower limit with 80% CL: 6,591.39 - 35,527.96 - 440.36 -4,100.20 - 12,154.23 - 2,242.37 - 1,201.00 - 12,133.46 - 7,271.23 - 14,288.25 Main electric power Complete loss of power 7.4E-4 Supervisor human error (external event) Does not react 4.4E-2 Automatic sensor Does not transmit an alarm 3.14E-6 Reactor Overpressure 2.97E-5 Manometer Does not indicate 2.56E-4 Main electric power

1. Build the FMEA using the provided template. 2. Build the RBD of the system operating without explosion 3. Compute the reliability of the system operating without explosion 4. Build the equivalent qualitative FT 5. Calculate the probability of the top event using the cut-sets. 6. Comment the cut-sets 7. Propose an improvement and calculate the new probability of failure. Provide the SIL level of the proposed solution. 8. What is the probability of an explosion during a shift of 8h? 9. How does the answer to Q5 and to Q8 change if we add the following constraint: “ If the outside temperature drops below -40°C, the main electric circuit reduces the delivered power and the stand-by power supply shuts down. ” The system is located in Montreal area. Note: the expectations are that all students understand this first “ simplified ” problem, the conversion of an RBD to an FTA, how to implement an FTA in ArbreAnalyst, how to compute the top probability using both the software tool and the Boolean logic, how to identify a single point of failure 1 in a fault tree, etc. . 1 A single point of failure (SPOF) describes a type of vulnerability within a system. A SPOF exists when the malfunction of a single component causes the failure of the entire system.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

(same) problem 3 – version 2 The system in the figure below is intended to trigger an alarm in the case of a pressure increase in a reactor which operates 24/7. Visual alarm (pulsing with 60Hz, one pulse every 1 second) is used as a secondary confirmation of the audible alarm, as well as a continuous confirmation of the operating state of the alarm, as the alarm pole emits a visual light flash every 3 seconds, to offer a visual confirmation of the system working (and to protect against aircraft collision with the pole). It is considered that the average time for a person to observe only the visual alarm (pulsing every 1 second) and to react (shut down the reactor) is 2 minutes. This reaction time can be modeled by a normal distribution of mean = 2 minutes and sigma = 0.5minutes. When the pressure in the reactor reaches a value above the acceptable level, an alarm is activated manually by the supervisor or automatically by the automatic sensor. From the moment the reactor reached the maximum acceptable level, the time to reach a dangerous level is on average 4 minutes and can be modeled by a normal distribution of mean = 4minutes and sigma =0.75minutes. For simplicity, reaching a dangerous level is equivalent to an explosion, inducing multiple casualties (workers and civilians). The alarm tower is fed either by a line of main energy or, in case of any failure of the main line, by an auxiliary stand-by power generator (the switch from main to auxiliary is automatic if the main power shows any kind of failure or degradation performance). The standby power generator (wind mill turbine) operates continuously and is also used to provide the electricity used for illumination in the reactor building and for the electrical circuits inside, including the automatic sensor and the switch. The reactor operates on its own separate and independent power supply embedded into the reactor. If the alarm is fed by a lower than nominal power, the audio alarm function is cancelled and only the visual indication remains. If the outside temperature drops below -40°C, the main electric circuit reduces the delivered power, and the stand-by power supply shuts down. Main electric power

The following failure modes and numerical probabilities per 1h of continuous operation provided: Item Failure consequence Probability /1h of operation Stand-by power Low (reduced) power 4.96E-5 Complete loss of power 3.81E-4 Alarm tower (sound & visual) Loss of audible alarm (sound) 1.3E-6 Loss of visual alarm Compute from the following failure times, use lower limit with 80% CL: 6,591.39 - 35,527.96 - 440.36 -4,100.20 - 12,154.23 - 2,242.37 - 1,201.00 - 12,133.46 - 7,271.23 - 14,288.25 Main electric power Low (reduced) power 1.2E-3 Complete loss of power 7.4E-4 Supervisor human error (external event) Does not react 4.4E-2 Automatic sensor Does not transmit an alarm 3.14E-6 Falsely sends an alarm (nuisance) 5.47 E-4 Reactor Overpressure 2.97E-5 Manometer Does not indicate 2.56E-4 Drift: indicates lower pressure than actual (real) value 3.84E-5 1. What is the safety objective (based on SIL) of the system? 2. Build the FMEA using the provided template. 3. Build the equivalent qualitative FT 4. Calculate the probability of the top event using the cut-sets. Is this probability compliant to the SIL level defined in Q1? 5. Comment the cut-sets. 6. What is the maximum downtime accepted for the main electric power? 7. Propose an improvement and calculate the new probability of failure. Provide the SIL level of the proposed solution. 8. What is the probability of an explosion during a shift of 8h? Note: the intended academic outcome of this second part of the exercise is to identify common modes 2 and the associated common causes 3 , as well as to observe how the fault trees deal with events that show multiple times in the fault tree. A second desired outcome is to help students organize the functional failure decomposition into sub-failures (failures of subfunctions) and only then into failures of the components. 2 the simultaneous outage of two or more components due to a common cause. Common Mode Analysis (CMA) provides evidence that the failures assumed to be independent are truly independent. 3 systems affected by common cause failures are systems in which two or more events have the potential of occurring due to the same cause. Some typical common causes include impact, vibration, pressure, grit, stress and temperature.