fault tree analysis 1
TRANSCRIPT
-
8/17/2019 Fault Tree Analysis 1
1/14
FAULT TREE ANALYSIS
-
8/17/2019 Fault Tree Analysis 1
2/14
Fault Tree Analysis (FTA)
A FTA is a deductive (top-down) approach that
graphically and logically represents events at a lower
level which can lead to a top undesirable event.
A common tool using graphics and statistics toanalyze an event and predict how and how often it
will fail.
Fault tree analysis is a graphical representation of the major faults or critical failures associated with
a product, the causes for the faults, and potential
countermeasures.
-
8/17/2019 Fault Tree Analysis 1
3/14
Applying Fault Tree Analysis
EVENT SYMBOLS:
Basic Event
Conditioning Event
Undeveloped Event
External Event
Primary Event Symbols Intermediate Event Symbol
-
8/17/2019 Fault Tree Analysis 1
4/14
EVENTS:
The BASIC event indicates a basic initiating event at the limit of
resolution; i.e. we do not wish to develop this fault any further
in this particular analysis.
The UNDEVELOPED event is undeveloped because there we
either lack information, or the event is of no consequence.
The EXTERNAL event is an event that is expected to happen in
the course of normal operation of the system.
The INTERMEDIATE event is neither the top-most undesiredevent, nor a primary event. Further events are attached to the
INTERMEDIATE event, usually via gates.
The final event is the CONDITIONING event. It is used
primarily with the INHIBIT and PRIORITY AND gates
-
8/17/2019 Fault Tree Analysis 1
5/14
GATE SYMBOLS
Gate Symbols
AND
OR
Exclusive OR
Priority AND
Inhibit
-
8/17/2019 Fault Tree Analysis 1
6/14
GATES
The AND gate indicates that the output fault (drawn
above the gate) only occurs if the two (or more) input
faults (drawn below the gate) occur.
The OR gate indicates that the output fault occurs if at least one of the two (or more) input faults occur.
The EXCLUSIVE OR gate indicates that the output fault
occurs if exactly one of the two (or more) input faults
occur.
The PRIORITY AND gate indicates that the output fault
only occurs if all the input faults occur in a specified
order (left to right on the page).
-
8/17/2019 Fault Tree Analysis 1
7/14
GATES
The INHIBIT gate is another special case of the
AND gate: The output event is caused by a single
input event, but a particular condition (given by a
CONDITIONING event) must be satisfied beforethe input can produce the output.
This condition may be probabilistic. The difference
from the AND gate here is one of emphasis: the
condition given is not a fault or external event as
such, but something to do with the environment,
e.g. a particular temperature.
-
8/17/2019 Fault Tree Analysis 1
8/14
FTA:
The two transfer symbols, TRANSFER IN and
TRANSFER OUT allow a large tree to be broken upinto multiple pages; it also allows for the analysis
to be broken into more manageable parts, and for
duplication to be reduced.
Transfer Symbols
Transfer IN Transfer OUT
-
8/17/2019 Fault Tree Analysis 1
9/14
FTA:EXAMPLE
AND OR
PSV does not
relieve
Process
pressure
rises
Control
fails high
PSV too
small
Set point
too high
PSV stuck
closed
Fouling inlet
or outlet
Pressure
rises
Process
vessel over
pressured
AND
-
8/17/2019 Fault Tree Analysis 1
10/14
PRILIMINARY STEPS
Define precisely the top event. Events such as "high
reactor temperature" or "liquid level too high" are
precise and appropriate. Events such as "explosion of
reactor" or "fire in process" are too vague, whereas anevent such as "leak in valve” is too specific.
Define the existing event. What conditions are sure to
be present when the top event occurs?
Define the unallowed events. These are events that areunlikely or are not under consideration at the present.
This could include wiring failures, lightning
tornadoes, and hurricanes.
-
8/17/2019 Fault Tree Analysis 1
11/14
PRILIMINARY STEPS
Define the physical bounds of the process. What
components are to be considered in the fault tree?
Define the equipment configuration. What valves are
open or closed? What are the liquid levels? Is this anormal operation state?
Define the level of resolution. Will the analysis
consider just a valve, or will it be necessary to
consider the valve components?
-
8/17/2019 Fault Tree Analysis 1
12/14
PROBABILITY
Once a fault tree has been constructed, then we
can consider calculating probabilities of failure.
Essentially, for each event, we attempt to assign a
probability. For primary events, this probabilitymust be derived from external information.
For all other events, their probability is calculated
from their immediate descendant events and theintervening gate.
-
8/17/2019 Fault Tree Analysis 1
13/14
ADVANTAGES
Quantitative - defines probabilities to each event
which can be used to calculate the probability of
the top event
Easy to read and understand hazard profile
Easily expanded to bow tie diagram by addition of
event tree.
Effective way to diagram problems in a system Helps to organize possible causes of a problem in
the system.
-
8/17/2019 Fault Tree Analysis 1
14/14
LIMITATIONS
Time-consuming in constructing the graphs
Many systems involve many dependencies
Difficult to detect inconsistencies
Difficult to focus only on the most critical parts of the design on high
coupling systems
Not always easy to spot
Fault trees also assume that failures are "hard," that a particular item of
hardware does not fail partially. Leaking valve is a good example of a
partial failure.