徐明,阳宪惠

DOI: https://doi.org/10.3321/j.issn:1000-0054.2008.10.023

2008-01-01

Abstract:The average probability of failure on demand is the main basis used to determine the safety integrity level of safety instrumented systems.This paper presents a discrete Markov model for analyzing the PFD_(avg).Eigenvalue decomposion is used to improve the efficiency and accuracy.This technique is used to relate the system states transition rate and the eigenvalues.This relation describes the changes in PFD_(avg) with time and the key reasons controlling the system.

Amirali Davoodi,Yongheng Yang,Tomislav Dragicevic,Frede Blaabjerg

DOI: https://doi.org/10.23919/epe20ecceeurope43536.2020.9215604

2020-01-01

Abstract:Conventionally, for reliability studies in power systems, a constant failure rate is assumed for power generation units. If these units consist of power electronic converters, this assumption might not be valid due to the aging of power components, and it will lead to an unrealistic prediction of reliability. On the other hand, at the system-level, commonly-used reliability calculation tools, such as Monte Carlo Simulation (MCS) and Continuous Markov Process (CMP), are either time-consuming or not possible to be applied to the systems with non-constant failure rates. Therefore, in this paper, a methodology is proposed to calculate system-level reliability for a Power-Electronic-based Power System (PEPS), consisting of several converters with non-constant failure rates. By doing so, not only is the effect of mission profiles integrated into the system-level reliability model, but also the wear-out failures and corrective maintenance are considered. Finally, for a case study PEPS, the system-level indices are calculated using the proposed method. It is shown that assuming constant failure rates for PEPS units is inaccurate and misleading. Moreover, the impacts of various factors, e.g., mission profile, repair rate, topology, and rating of converters, on the system-level reliability are investigated and analyzed.

Rongyao Cai,Xiao Xv,Zhengming Lu,Kexin Zhang,Yong Liu

DOI: https://doi.org/10.1109/isas61044.2024.10552597

2024-01-01

Abstract:Fault tree analysis is the most commonly used methodology in industrial safety analysis to predict the probability or frequency of system failure. Although fault tree analysis has been proposed for more than six decades, the assumptions used in most commercial fault tree analysis codes have not changed significantly, which limits the ability of the method to represent design, operation, and maintenance characteristics in the context of the increasing complexity and specialization of modern industrial systems. The basic setup of traditional fault trees is unable to include dependencies between events, time-varying failures, and repair rate realities to explain complex maintenance strategies. To address the above shortcomings, we propose a fusion tree model combining fault tree and attack tree, and simplify the causal structure of the fusion tree by modularization, and utilize the dynamic Markov model to represent the complex coupling relationship between components or nodes. Finally, we demonstrate the calculation process of fusion tree in pressure vessel systems with temporal control.

Haitao Guo,Xianhui Yang

DOI: https://doi.org/10.1016/j.ress.2006.08.002

IF: 7.247

2007-01-01

Reliability Engineering & System Safety

Abstract:IEC 61508 requires safety integrity verification for safety related systems to be a necessary procedure in safety life cycle. PFDavg must be calculated to verify the safety integrity level (SIL). Since IEC 61508-6 does not give detailed explanations of the definitions and PFDavg calculations for its examples, it is difficult for common reliability or safety engineers to understand when they use the standard as guidance in practice. A method using reliability block diagram is investigated in this study in order to provide a clear and feasible way of PFDavg calculation and help those who take IEC 61508-6 as their guidance. The method finds mean down times (MDTs) of both channel and voted group first and then PFDavg. The calculated results of various voted groups are compared with those in IEC61508 part 6 and Ref. [Zhang T, Long W, Sato Y. Availability of systems with self-diagnostic components-applying Markov model to IEC 61508-6. Reliab Eng System Saf 2003;80(2):133–41]. An interesting outcome can be realized from the comparison. Furthermore, although differences in MDT of voted groups exist between IEC 61508-6 and this paper, PFDavg of voted groups are comparatively close. With detailed description, the method of RBD presented can be applied to the quantitative SIL verification, showing a similarity of the method in IEC 61508-6.

Tong Wang,Xi Chen,Zhikai Cai,Junnan Mi,Xiaomin Lian

DOI: https://doi.org/10.1177/0954407018755613

2019-01-01

Abstract:In order to ensure safety and reliability, some safety-related electrical and electronic (E/E) systems in vehicles need to be designed as a whole-redundancy system. Although ISO 26262 provides guidance for the analysis of random hardware failure, the problem of estimating whether the safety-related E/E systems, especially whole-redundancy system can meet the index of the ASIL level in ISO 26262 is still unsolved. Fault tree analysis (FTA) is one of the basic methods to analyze random hardware failure of a vehicle's E/E systems quantitatively. In generic FTA, the quantitative analysis of dynamic logic gates, which usually exist in the fault tree of whole-redundancy system, cannot be calculated. Meanwhile, Markov chain can solve the problem of quantitative calculation of dynamic fault tree, but brings a side-effect of complicating the calculation of static logic gates in fault trees. In order to evaluate random hardware failure of a vehicle E/E system more concisely and effectively, and to estimate if a new safety-related E/E system's random hardware failure rate can meet the index demand in ISO 26262, this study proposed a mixed model based on FTA and Markov chain. First, the definition of random hardware failure and fault classification were clarified. Then, a mixed model based on FTA and Markov chain was proposed. Finally, a whole-dual-redundancy steer by wire system was used as an example to test the validity of the mixed model. This study not only proposed a new mixed model based on FTA and Markov chain for the calculation of a whole-redundancy system's random hardware failure rate, but also provided a new quantitative validation method for safety-related E/E systems in vehicles that need to meet the reliability index requirement in ISO 26262.

Zhang Bin,Yang Xianhui,Kang Rongxue

DOI: https://doi.org/10.1109/CHICC.2008.4605419

2008-01-01

Abstract:When evaluating safety integrity level of safety instrumented system, uncertainties are often brought into the analysis and will work on the result. This article explains where uncertainties come from and mainly discuss the problem of common cause failure. Based on the simple beta factor model referred in IEC61508, we introduce an advanced Improved Beta Factor Model to reduce the uncertainty of the safety index PFDavg better. The result from calculating common cause failure or not is compared, as well as different beta factor models.

Haitao Guo,Xianhui Yang

DOI: https://doi.org/10.1016/j.ress.2007.03.029

IF: 7.247

2008-01-01

Reliability Engineering & System Safety

Abstract:After the release of new international functional safety standards like IEC 61508, people care more for the safety and availability of safety instrumented systems. Markov analysis is a powerful and flexible technique to assess the reliability measurements of safety instrumented systems, but it is fallible and time-consuming to create Markov models manually. This paper presents a new technique to automatically create Markov models for reliability assessment of safety instrumented systems. Many safety related factors, such as failure modes, self-diagnostic, restorations, common cause and voting, are included in Markov models. A framework is generated first based on voting, failure modes and self-diagnostic. Then, repairs and common-cause failures are incorporated into the framework to build a complete Markov model. Eventual simplification of Markov models can be done by state merging. Examples given in this paper show how explosively the size of Markov model increases as the system becomes a little more complicated as well as the advancement of automatic creation of Markov models.

D. Sornette,T. Maillart,W. Kröger

DOI: https://doi.org/10.1016/j.ijdrr.2013.04.002

IF: 4.842

2013-12-01

International Journal of Disaster Risk Reduction

Abstract:From biotechnology to cyber-risks, most extreme technological risks cannot be reliably estimated from historical statistics. Therefore, engineers resort to predictive methods, such as fault/event trees in the framework of probabilistic safety assessment (PSA), which consists in developing models to identify triggering events, potential accident scenarios, and estimate their severity and frequency. However, even the best safety analysis struggles to account for evolving risks resulting from inter-connected networks and cascade effects. Taking nuclear risks as an example, the predicted plant-specific distribution of losses is found to be significantly underestimated when compared with available empirical records. Using a novel database of 99 events with losses larger than $50000 constructed by Sovacool, we document a robust power law distribution with tail exponent μ≈0.7. A simple cascade model suggests that the classification of the different possible safety regimes is intrinsically unstable in the presence of cascades. Additional continuous development and validation, making the best use of the experienced realized incidents, near misses and accidents, is urgently needed to address the existing known limitations of PSA when aiming at the estimation of total risks.

geosciences, multidisciplinary,meteorology & atmospheric sciences,water resources

Gilles Deleuze,Nicolae Brinzei,Nicolas Villaume

DOI: https://doi.org/10.48550/arXiv.1412.3687

2014-12-09

Software Engineering

Abstract:The purpose of this study is the representation of Common Cause Failures (CCF) in large digital systems. The system under study is representative of a control system of a nuclear plant. The model for CCF is the generalized Atwood model. It can represent independent failures, CCF non-lethal for some system elements and CCF lethal to all. The Atwood model was modified to "direct" non-lethal DCC on certain parts of the system and take into account the different possible origins of DCC. Maintenance and repairs are taken into account in the model that is thus dynamic. The main evaluation results are probabilistic, the considered indicator is the probability of failure on demand (PFD). A comparison is made between the estimator of the PFD taking into account all the failures and the estimator taking into account only the detected failures.

Guillaume Chennetier,Hassane Chraibi,Anne Dutfoy,Josselin Garnier

2023-06-07

Abstract:Piecewise deterministic Markov processes (PDMPs) can be used to model complex dynamical industrial systems. The counterpart of this modeling capability is their simulation cost, which makes reliability assessment untractable with standard Monte Carlo methods. A significant variance reduction can be obtained with an adaptive importance sampling (AIS) method based on a cross-entropy (CE) procedure. The success of this method relies on the selection of a good family of approximations of the committor function of the PDMP. In this paper original families are proposed. They are well adapted to high-dimensional industrial systems. Their forms are based on reliability concepts related to fault tree analysis: minimal path sets and minimal cut sets. The proposed method is discussed in detail and applied to academic systems and to a realistic system from the nuclear industry.

Computation,Probability,Applications

Shu Yidan,Zhao Jinsong

DOI: https://doi.org/10.3969/j.issn.1001-4160.2011.12.023

2011-01-01

Abstract:Safety instrumented system(SIS) is important for safety of industrial production.IEC 61508 require the establishment of safety integrity levels(SIL) for all the SIS for confirmation that they meet the requirement for functional safety.SIS in process industry are commonly in low demand rate.Research andvances of SIL verification for SIS in this mode is reviewed in this article,with summary of research on common cause failure modeling and caculation of average probability of failure on demand(PFD_(avg)).In the aspect of caculation of PFD_(avg),three common methods are introduced,including reliability block diagram,fault tree analsis and Markov model.Finally,several commercial softwares with SIL verificition function are introduced.

Yidan Shu,Jinsong Zhao

DOI: https://doi.org/10.1016/j.jlp.2014.03.013

IF: 3.916

2014-01-01

Journal of Loss Prevention in the Process Industries

Abstract:Safety integrity level (SIL) verification is a critical step in the life cycle of safety instrumented systems (SIS). For the chemical process industry (CPI), SIL verification often means calculation of average probability of failure on demand (PFDavg) of a SIS. Markov analysis covers most aspects of the quantitative safety evaluation and shows great flexibility. However, for a complex SIS, the model building is so cumbersome that industrial users always try to avoid using it. A simplified approach by conducting Markov analysis on each channel of a SIS with any type of architecture and combining the results together is proposed in this paper. A case study is performed and the results prove that the simplified approach can simplify Markov modeling without loss of accuracy if a proper common cause failure (CCF) model is adopted.

Chenyu Jiang,Zhanyu He,Fengjun Li,Fei Xie,Licheng Zheng,Jun Yang,Ming Yang

DOI: https://doi.org/10.1002/qre.3196

2022-09-08

Quality and Reliability Engineering International

Abstract:Nowadays, the emerging digital technologies and digitalization trend in safety‐critical industrial process systems are bringing great opportunities for system performance improvements. However, new big challenges are also encountered in the reliability and safety evaluation of large complex industrial process systems due to its multi‐state, multi‐phase dynamic interactions, resilience on software and inter‐dependencies among digital components. The objectives of this study are i) to present an introductory overview of a hybrid computing framework as a supplementary to conventional fault tree analysis toolkit for risk‐oriented reliability analysis in dynamic probabilistic safety assessment context; ii) to illustrate how to combine the three methods of DDET, Markov/CCMT, and GO‐FLOW for integrated risk solutions by a case study of small‐break LOCA in nuclear power plants. Within the hybrid computing framework, the DDET model is implemented based on graph‐based search and sequence diagram refactoring by linking with Markov/CCMT and GO‐FLOW solver for branch probability estimation. The dynamic event tree model is adopted to represent the accident sequence of small‐break LOCA, where the heading events of system failure of digital RPS and phased‐mission ECCS in realization of safety‐critical functions of reactivity control and emergency core cooling are respectively modeled and analyzed by Markov chain and GO‐FLOW method. The demonstration results show that the failure analysis of complex dynamic process interactions together with time‐dependent mission reliability analysis of safety systems involved in accident prevention and mitigation can be easily implemented with accurate modeling and fast evaluation within the hybrid integration platform. The core algorithms and principles implemented for dynamic risk scenarios development by DDET, modeling, and analysis of dynamic process interactions by Markov/CCMT, time‐dependent and multi‐phase mission reliability analysis by GO‐FLOW as well as their integration to provide comprehensive solutions for the application of dynamic reliability in risk assessment are also discussed as open problems for future research.

engineering, industrial, multidisciplinary,operations research & management science

Elsa Rosner,Florent Brissaud,Bruno Declerck,Yann Flauw,Valérie De Dianous

DOI: https://doi.org/10.48550/arXiv.1501.04936

2015-01-20

Probability

Abstract:The aim of this paper is to compare the probabilistic approach based on fault trees and event trees, to an approach called "semi-quantitative" as presented by the guide Omega 10 (INERIS, 2008), for the industrial risk management. A brief presentation of the ''classical'' probabilistic risk assessment as well as the ''semi-quantitative'' approach is proposed. Then, a case study is detailed to illustrate and compare their use. This case study focuses on a low pressure separator (water/gas/condensate) for which scenarios have been identified around the undesired event "gas leak due to overpressure in the separator.'' The system includes a control loop and the following safety barriers: an alarm with operator actions, a safety instrumented system, two safety relief valves, and a blast-proof partition. This case study therefore represents a relatively conventional system in the industry. Regarding to the implementation of the two approaches, the assessment according to the Omega 10 guide is easier and faster. In terms of results, differences can be observed, up to a factor 10.

Pooya Rezaei,Paul D. H. Hines,Margaret J. Eppstein

DOI: https://doi.org/10.1109/TPWRS.2014.2361735

2014-10-04

Abstract:The potential for cascading failure in power systems adds substantially to overall reliability risk. Monte Carlo sampling can be used with a power system model to estimate this impact, but doing so is computationally expensive. This paper presents a new approach to estimating the risk of large cascading blackouts triggered by multiple contingencies. The method uses a search algorithm (Random Chemistry) to identify blackout-causing contingencies, and then combines the results with outage probabilities to estimate overall risk. Comparing this approach with Monte Carlo sampling for two test cases (the IEEE RTS-96 and a 2383 bus model of the Polish system) illustrates that the new approach is at least two orders of magnitude faster than Monte Carlo, without introducing measurable bias. Moreover, the approach enables one to compute the sensitivity of overall blackout risk to individual component-failure probabilities in the initiating contingency, allowing one to quickly identify low-cost strategies for reducing risk. By computing the sensitivity of risk to individual initial outage probabilities for the Polish system, we found that reducing three line-outage probabilities by 50% would reduce cascading failure risk by 33%. Finally, we used the method to estimate changes in risk as a function of load. Surprisingly, this calculation illustrates that risk can sometimes decrease as load increases.

Physics and Society

Li Yuandan,Tong Jiejuan

2008-01-01

Abstract:Initiating event frequencies, as one of the most important set of data in Probabilistic Safety Assessment, are usually evaluated by following ways: 1) Statistic estimation of the historic events; e.g. Transient; 2) Experts judgment or the mechanism analysis, e.g. LOCA; 3) Specific system models (usually fault tree models), e.g. initiating events caused by the failure of support system. The way to evaluate initiating event frequency by fault tree method works theoretically, however, there are lots of difficulties in practical, such as dynamic switching among redundant trains, different maintenance and testing strategies and so on. This paper discusses the difficulties in using Fault Tree method to evaluate the initiating event probability. In order to account for these difficulties, a method based on Monte Carlo Simulation is proposed. Fundamental principles and processes of Monte Carlo Simulation used to simulate the system behaviors are introduced in the paper, and the specific issues during the application of Monte Carlo Simulation in initiating event frequency estimation are presented. A study based on a simplified sample seawater system in a nuclear power plant is also given. The feasibility of using Monte Carlo Simulation to estimate the initiating event frequencies can be basically approved by the study results.

Marco Behrendt,Meng-Ze Lyu,Yi Luo,Jian-Bing Chen,Michael Beer

DOI: https://doi.org/10.1016/j.probengmech.2024.103592

IF: 2.954

2024-02-25

Probabilistic Engineering Mechanics

Abstract:This work addresses the critical task of accurately estimating failure probabilities in dynamic systems by utilizing a probabilistic load model based on a set of data with similar characteristics, namely the relaxed power spectral density (PSD) function. A major drawback of the relaxed PSD function is the lack of dependency between frequencies, which leads to unrealistic PSD functions being sampled, resulting in an unfavourable effect on the failure probability estimation. In this work, this limitation is addressed by various methods of modeling the dependency, including the incorporation of statistical quantities such as the correlation present in the data set. Specifically, a novel technique is proposed, incorporating probabilistic dependencies between different frequencies for sampling representative PSD functions, thereby enhancing the realism of load representation. By accounting for the dependencies between frequencies, the relaxed PSD function enhances the precision of failure probability estimates, opening the opportunity for a more robust and accurate reliability assessment under uncertainty. The effectiveness and accuracy of the proposed approach is demonstrated through numerical examples, showcasing its ability to provide reliable failure probability estimates in dynamic systems.

engineering, mechanical,mechanics,statistics & probability

Manish Tripathi,Lalit Kumar Singh,Suneet Singh,Pooja Singh

DOI: https://doi.org/10.1109/tr.2021.3109059

IF: 5.883

2021-01-01

IEEE Transactions on Reliability

Abstract:Safety-critical systems (SCSs) of nuclear power plants (NPPs) are being designed and developed to meet high dependability requirements. Fault tree analysis (FTA) is widely used for risk and reliability analysis of NPPs. However, fault trees (FTs) are static and have only limited capability to represent dynamic systems. FTA is also not capable of modeling non-binary logic and or modelling the system's evolution in time. Dynamic reliability methods are being developed to deal with such limitations. Time series Markov chains and dynamic flowgraph methodology are the dynamic reliability methods alternate to traditional FTA, which can be used for the system performance analysis. In this article, Time series Markov chains and DFM methods, for the system reliability predictions for the SCS of NPP are compared. The benefits of the proposed method are brought out to the traditional methods. The approach is applied on passive residual heat removal system of pressurized heavy water reactor under the station blackout scenario.

engineering, electrical & electronic,computer science, software engineering, hardware & architecture

Xu Yujuan,Yang Xianhui

DOI: https://doi.org/10.3969/j.issn.1007-7324.2007.03.001

2007-01-01

Abstract:Safety Instrument System — SIS is widely used to decrease the risk of the process in petrochemical plants.The calculation of the failure probability for sensor subsystem in SIS is introduced.To take the pressure transmitter as an example,the fault tree analysis — FTA technique is applied to analysis the average probability of failure on demand — PFDavg and the probability of failing of safety — PFS for different architecture sensor subsystem,such as1 out of 1(1oo1);1 out of 2(1oo2);2 out of 2(2oo2) and 2 out of 3(2oo3).As a conclusion,it gives us a quantitative idea that different architecture will cause different transmitter's failure probability.