1 / 38

Fault Tree Analysis

Fault Tree Analysis. Part 4: Digraph-Based Fault Tree Synthesis Procedure (NFFL and Lapp-Powers Algorithm). Glossary. Feed Forward Loop (FFL): Two or more paths from one node in a digraph to another different node in the digraph .

charles-bailey
Download Presentation

Fault Tree Analysis

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Fault Tree Analysis Part 4: Digraph-Based Fault Tree Synthesis Procedure (NFFL and Lapp-Powers Algorithm)

  2. Glossary Feed Forward Loop (FFL): Two or more paths from one node in a digraph to anotherdifferent node in the digraph . Negative Feed Forward Loop (NFFL): A FFL in which the sign of the product of the normal gains of one of the branches of the FFL is different from the others . +1 +1 -1 -1 -1

  3. Glossary Variable with the start of the NFFL as an input . start

  4. [Example] HEAT EXCHANGER WITH TEMPERATURE FEEDFORWARD LOOP The process shown in the next figure tries to maintain T3 at a set temperature by sensing the temperature of stream 1 and changing the flow of cold fluid in stream 7. The top event of fault tree in this example is T3 (+1).

  5. P6

  6. THE GENERAL FAULT-TREE STRUCTURES FOR NFFL Two Paths on NFFL : (1) T1 (+1) T2 (+1) T3 (+1) (2) T1 (+1) P5 (+1) P6 (-1) M7 (+1) T3 (-1) Apply the FT structure of a tree along process path (1) T3 (+1) T3 (+1) T2 (+1) T2 (+1) AND AND T1 (+1) NOT (M7(+1)) T1 (+1) OR M7 (0) M7 (-1)

  7. Generalize T3 (+1) T3 (+1) T2 (+1) T2 (+1) AND AND T1 (+1) NOT (M7(+1)) T1 (+1) OR M7 (0) M7 (-1) Event before the start of NFFL AND Disturbance propagates Disturbances on alternate down both loop paths paths fail to cancel one another

  8. OUTPUT (value) THE GENERAL FT STRUCTURE FOR NFFL OR OR AND INPUTS (value to give INPUTS (value with the desired output value) too large or too fast WHICH DO NOT START disturbances to give THE NFFL the desired output value) WHICH STARTS THE NFFL INPUT (value to give FAIL THE OTHER The desired output value) SIDE(S) OF THE WHICH STARTS NFFL NFFL OR OR “EOR” ALL EDGE CONDITIONS ON ALL EDGE CONDITIONS ON THE OTHER BRANCH(ES) OF THE OTHER BRANCH(ES) OF THE NFFL TO GIVE ZERO GAIN THE NFFL TO GIVE REVERSE GAIN

  9. T3 (+1) OR M7 (-1) T7 (+1) M3 (+1) M2 (+1) M4 (-1) Ext. Flre at Heat Exchanger OR OR OR M1(+1) T8 (+1) * T2 (+1) M8 (-1) Plug In P6 (+1) C.W. Line (+1) OR OR OR AND Temp Set Pt. (+1 ) P5 (-1)* OR No. Input T1 (+10) T1 (+1) OR Off NFFL Temp T1 (-10) AND Sensor (Inconsistent) Low OR “EOR” T1 (-1) OR Control TRC Temp Control TRC Temp Valve on Sensor Valve Reversed Sensor Stuck Manual Stuck Reversed Reversed (No. Zero (No. rev Gain Edges) Edges)

  10. THE LAPP-POWERS ALGORITHM Principles : The procedure starts at the top event and asks for the local input events which cause the top event. Each of these inputs is then checked for (1) Conditional edges, (2) Whether it is on a negative feedback loop, (3) Whether it is the node before the start of a NFFL.

  11. THE LAPP-POWERS FAULT TREE SYNTHESIS ALGORITHM The procedure discussed below is a systematic means for generating fault trees. Once the method is learned, it is possible to accurately and rapidly generate fault trees for a wide range of processes. When learning the method, keep several things in mind : The definitions of feedback and feed orward loops are the keys to the method. Make sure you can find these loops in the process and digraph model. The value of a process variable deviation (-10, -1, +1, +10) is important to the fault tree development. Make sure you understand the definitions of these deviations and how feedback and feed forward loops behave when encountering variables with different ranges. Take the input variables one at time and don’t jump ahead.

  12. LAPP-POWERS FAULT TREE SYNTHESIS ALGORITHM 1. SELECT A TOP EVENT 2. CONSTRUCT A DIGRAPH FOR THE PROCESS WITH THE TOP EVENT AS THE OUTPUT VARIABLE 3. FIND AND CLASSIFY ALL LOOPS IN THE DIGRAPH A. NEGATIVE FEEDBACK LOOPS (NFBL) NEGATIVE FEEDFORWARD LOOPS (NFFL) B. LIST THE VARIABLES ON THE NFBL LIST THE VARIABLES ON THE BRANCHES OF THE NFFL C. LIST THE LOCAL INPUT VARIABLES LIST THE VARIABLES ON THE NFFL WHICH HAVE OFF THE NFBL FOR EACH OF THE THE START OF THE NFFL AS THEIR INPUT NFBL VARIABLES D. DETERMINE THE CAPABILITY OF THE LOOPS TO CONTROL SLOW CHANGES OF MAGNITUDE , IN THE LOCAL INPUT VARIABLES OFF THE NFBLs AND THE VARIABLE AT THE START OF THE NFFLs. E. DETERMINE THE CAPABILITY OF THE LOOPS TO CONTROL RAPID CHANGES OF MAGNITUDE IN THE LOCAL INPUT VARIABLES OFF THE NFBLs AND THE VARIABLE AT THE START OF THE NFFLs. . STEP 4 ON THE NEXT PAGE

  13. LAPP-POWERS FAULT TREE SYNTHESIS ALGORITHM (Continued) 4. ARE THERE ANY YES 5. SELECT ONE AND 6. IS THE OUTPUT NONPRIMAL VARIABLES CALL IT THE CURRENT VARIABLE ON IN THE FAULT TREE ? OUTPUT VARIABLE A NFBL ? NO NO YES 7. IS THE OUTPUT VARIABLE 8. DOES THE OUTPUT ON A NFFL AND DOES IT VARIABLE HAVE HAVE THE START OF THE VALUE = 0 ? NFFL AS AN INPUT ? NO YES OUTPUT (VALUE = 0) NO OUTPUT (VALUE) OR OR LOCAL EDGE INPUT (VALUE = 0 ) CONDITIONS WHICH ON THE NFBL GIVE ZERO GAIN ON THE NFBL INPUT (VALUE TO GIVE THE DESIRED OUTPUT VALUE) REMOVE INCONSISTENT VARIABLES AND GO TO STEP 4 REMOVE INCONSISTENT VARIABLES AND GO TO STEP 4 Output (value) OR OR AND INPUTS (VALUE TO GIVE THE INPUT (VALUE WITH TOO LARGE INPUT (VALUE TO GIVE FAIL THE OTHER SIDE(S) DEGIRED OUTPUT VALUE) OR TOO FAST DISTURBANCE TO THE DESIRED OUTPUT VALUE) OF THE NFFL WHICH DO NOT START THE NFFL GIVE THE DESIRED OUTPUT VALUE) WHICH STARTS THE NFFL WHICH STARTS THE NFFL OR OR “EOR” ALL EDGE CONDITIONS ON THE OTHER BRANCH (ES) OF THE NFFL TO GIVE ZERO GAIN. ALL EDGE CONDITIONS ON THE OTHER BRANCH(ES) OF THE NFFL TO GIVE REVERSED GAIN. REMOVE INCONSISTENT VARIABLES AND GO TO STEP 4 NFBL

  14. LAPP-POWERS FAULT TREE SYNTHESIS ALGORITHM (Continued) NFBL Output (VALUE) OR UNCONTROLLABLE INPUTS CONTROL LOOP CAUSES PASS THROUGH THE NFBL THE DEVIATION OR EOR INPUTS (VALUE TO GIVE LARGE OR LOCAL EDGE CONDITIONS INPUT (VALUE TO FAST DISTURBANCE) NOT ON NFBL OR WHICH CAUSE REVERSED GIVE DESIRED OUTPUT SET POINT GAIN ON THE NFBL VALUE) ON THE NFBL CONTROLLABLE DISTURBANCES PASS THROUGH THE NFBL AND OR LOOP INACTIVE OR INPUTS (VALUE FOR CONTROLLABLE DISTURBANCE INTO THE NFBL) NOT ON NFBL LOCAL EDGE CONDITIONS INPUT (VALUE=0) WHICH GIVE A ZERO GAIN ON THE NFBL ON THE NFBL REMOVE INCONSISTENT VARIABLES AND GO TO STEP 4

  15. [EXAMPLE] HEAT EXCHANGER WITH TEMPERATURE FEEDBACK CONTROL The process shown in the next figure is used to cool nitric acid prior to mixing with benzene in a nitration reactor. The temperature of stream 8 is important. If it is too high (T8 (+1)), the nitration becomes too fast and an explosion may occur.

  16. 3 TEMPERATURE SENSOR 2 HEAT EXCHANGER 8 1 HOT NITRIC ACID TO REACTOR 5 4 AIR TO OPEN TRC SET POINT 6 7 COOLING WATER

  17. TOP EVENT: T8 (+1) • Normal Condition: Flow in streams 1, 2 , 3 , 4 , 7 and 8; Controller on automatic; Temperatures fluctuations in stream 1 and 7. • Equipment Behavior: Temperature Sensor : P5 increases when T2 increases. The sensor sticks or fails low. Temperature Recorder Controller : P6 increases when P5 increases. The controller set point may be changed. It may be put in the manual mode of operation, stick in a position, or be reversed. An external fire near the controller causes P6 to go down. Loss of instrument air sends P6 down. Valve : M4 increases when F6 increases. The valve might stick in position or it could be installed and reverse acting. Heat Exchanger : The exchanger is a shell and tube unit with countercurrent flow. The cooling water is on the shell-side. The tubes are of high quality and double tube sheets are used. Water will mix with the acid if the tubes leaks. This causes T2 to go up. Increases M1, T1, T4, causes T2 to increases. An external fire at the heat exchanger causes T2 to increase. .

  18. +1 +1 -1 +1 +1 +1 0 (HX FOULED) +1 +1 +1 0 VALVE STUCK -1 +1 -1 (CONTROL VALVE REVERSED) +1 0 (TEMP. SENSOR STUCK) +1 +1 +1 -1 (TRC REVERSED) -10 0 (TRC STUCK) 0 (ON MANUAL) -1 +1 +1

  19. TEMPERATURE FEEDBACK CONTROL -1 +1 +1 +1 NFBL : T 2 M 4 P 6 P 5 T 2 Local Inputs Off NFBL Local Inputs on NFBL

  20. TEMPERATURE FEEDBACK CONTROL CAPABILITY Local Input Variable Off NFBL Slow Disturbance Fast Disturbance +1 Yes Yes T1 - 1 Yes Yes +10 No No - 10 No No +1 Yes Yes T4 - 1 Yes Yes +10 No No - 10 Yes Yes +1 Yes Yes M1 or - 1 Yes Yes M2 +10 No No -10 No No

  21. TEMPERATURE FEEDBACK CONTROL CAPABILITY Local Input Variable Off NFBL Slow Disturbance Fast Disturbance +1 Yes Yes M 3 -1 Yes Yes +10 No No -10 No No Water Leaks +1 Yes Yes Into Acid +10 No No Ext. Fire at +1 Yes Yes Heat Exchanger +10 No No

  22. TEMPERATURE FEEDBACK CONTROL CAPABILITY Local Input Variable Off NFBL Slow Disturbance Fast Disturbance +1 Yes Yes - 1 Yes Yes M 7 +10 Yes Yes - 10 No No No No Set Point ( commandment to system ) +1 Yes Yes Instrument Air - 1 Yes Yes Pressure +10 No No - 10 No No Temp. Sensor No No Fails Low

  23. T 8 (+1) Heat Exchanger with Single Temperature Feedback to Cold Stream OR T 2 (+1) OR NFBL OR EOR M3 (-10 ) M2 (+10 ) M1 (+10 ) Large T1 (+10 ) T4 (+10 ) Large Water Leak Ext. Fire OR Into Acid OR at Heal Exch. M8 (+10 ) (+10 ) (no rev. M4 (-1) edge) OR NFBL AND T7 (+10 ) M7 (-10 ) EOR ( Page 3 ) OR OR AND HX M4 ( 0 ) Fouled (* page 2) M7 (-1) P6(0) (** page 2) M3 (-1) M2 (+1) M1 (+1) T1 (+1) T4 (+1) Water Ext. Fire Leaks Into at Heal OR OR Acid Exch. (+1) T7 (+1) (+1) M8 (+1)

  24. M 4 ( 0 ) OR P 6 ( 0 ) Valve Stuck OR P 5 ( 0 ) TRC Stuck TRC on Manual OR Temp. Sensor Stuck T 2 ( 0 ) (inconsistent)

  25. EOR Control Valve Reversed P 6 (-1) ORNFBL OR EOR Set Point (+1) Ext. Fire At TRC (+10) Instrument Air Pressure (-10) TRC Reversed P 5 (-1) OR NFBL AND EOR Temp. Sensor Falls Low OR (none) AND Ext. Fire At TRC Instrument Air Pressure Low (-1) ( Go to  on Page 2 ) T 2 (-1) (Inconsistent) ( no +1 disturbance)

  26. [ Example ] HEAT EXCHANGER WITH TEMPERATURE CONTROL LOOP AND PUMP SHUTDOWN SYSTEM The process here maintains the temperature of stream 4 in two ways. First, there is a negative feedback loop from the outlet temperature ( T3 ) through the cooling water flow rate ( M6 ). Second, a sensor on the pump will completely close the nitric acid feed valve if the pump shuts down.

  27. M8 PUMP SHUTDOWN

  28. TEMPERATURE FEEDBACK/PUMP SHUTDOWN +1 +1 +1 +1 NFBL: Local Inputs Off NFBL Local Input On NFBL

  29. TEMPERATURE FEEDBACK/PUMP SHUTDOWN NFBL CAPABILITY Local Input Variable Off NFBL Slow Disturbance Fast Disturbance +1 Yes Yes -1 Yes Yes +10 No No -10 Yes Yes +1 Yes Yes -1 Yes Yes +10 No No -10 No No +1 Yes Yes -1 Yes Yes +10 No No -10 No No

  30. TEMPERATURE FEEDBACK/PUMP SHUTDOWN NFBL CAPABILITY Local Input Variable Off NFBL Slow Disturbance Fast Disturbance +1 Yes Yes -1 Yes Yes +10 No No -10 No No +1 Yes Yes +10 No No +1 Yes Yes -1 Yes Yes +10 Yes Yes -10 No No +1 No No -1 Yes Yes +10 No No -10 No No +1 Yes Yes +10 No No Ext. Fire at Heat Exchanger Instr. Air Pressure Ext. Fire at TRC

  31. TEMPERATURE FEEDBACK/PUMP SHUTDOWN -10 +1 -1 NFBL Branch 1 : Pump Shutdown Branch 2 : Pump Shutdown +1 -10 Start of NFFL = Pump Shutdown End of NFFL = *Variables which have the start of the NFFL (Pump Shutdown) as an input CAPABILITY SlowFast Pump Shutdown +1 Yes Yes (0, 1 only allowed values)

  32. OR NFBL OR EOR Large Ext. Fire at Heat Exch. (+10) (no rev. edge) OR OR OR OR NFBL OR AND EOR (page 2) OR NFFL OR AND (see * on page 3) OR OR (Value not Allowed) AND Ext. Fire at Heat Exch. (+1) OR OR OR OR Pump shutdown OR OR OR EOR (no rev. edge) Line 11 Plugged OR (page3) Valve stuck

  33. (page 2) EOR Water Control Valve Reversed OR NFBL OR EOR Ext. Fire at TRC (+10) Instrument Air Pressure (-10) TRC Reversed OR NFBL AND EOR (no –10 Inputs off NFBL) AND OR OR (no –1 Inputs off NFBL) (no rev. edge) (inconsistent) Ext. Fire At TRC (+1) Instrument Air Pressure (-1) TRC stuck OR Temp Sensor Stuck (Inconsistent)

  34. (page 3) OR (no zero Gain edge) (no zero Gain edge) OR * TRC stuck OR Temp. Sensor Stuck (Inconsistent)

  35. [Example] A HEAT EXCHANGER WITH TEMPERRATURE FEEDBACK TO THE HOT FEED STREAM AND PUMP SHUTDOWN The outlet temperature of this process is on feedback control through the flow rate of hot nitric acid. A pump shutdown closes valve v2. Using the digraph given on Figure 8, construct a fault tree for the event too high.

  36. OR NFFL AND Pump Shutdown OR Line 11 Plugged V2 Reversed V2 Stuck

More Related