Versions Compared

Old Version 30

changes.mady.by.user Unknown User (lundteig)

Saved on

compared with

New Version 31

changes.mady.by.user Unknown User (lundteig)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Reliability assessments of safety-critical systems are key services provided by many consultancy companies, such as with Safetec, Lloyd's Register Consulting, and DNV-GL (link to the GL-part of the services), and Lilleaker Consulting. Manufacturers like ABB, Siemens, AkerSolutions, FMC, Kongsberg Maritime and many others need to design systems in light of reliability requirements, and also demonstrate (sometimes with assistance of the consultancy companies) that the reliability requirements are met. End users, like railway service providers like Jernbaneverket, oil companies like Statoil, Det Norske, GDF-Suez, Shell and Conoco-Phillips, and Wintershall and other industries like smelting plants and water power suppliers must be competent to select proper system design, follow up the system performance and select the most suitable maintenance strategies to keep costs and safety within the accpetable accepetable limits.

Topics covered

With the prevailing profile of the course, there are two main subject areas of this course: (info) Reliability assessment methods with focus on the application with safety-critical systems, and (info)(info) Maintenance optimization models and methods which have a broader application area.

...

Reliability assessment of safety-critical systems       

 Lecture material: 

Lectured topic

MotivationTopics by key words

Development of reliability requirements

 

"Safety integrity level (SIL) is a key reliability performance measure used for safety-critical systems. Reliability requirements are therefore often given as SIL requirements are identified in an extension of the risk analysis, using methods often refered to as SIL allocation, SIL targeting and SIL classification. Key methods like Layers of protection analysis (LOPA), risk graph, and minimum SIL are presented and discussed."  

SIL allocation

LOPA

Risk graph

Minimum SIL

 New reliability assessment methods In TPK 4120, some analytical formulas were introduced to calculate the average probability of failure on demand (PFD). It was also shown how the average PFD may be calculated using Markov methods and fault tree analysis. This reliability measure is of high importance in relation to SIL, as a relationship is established between a SIL requirement and the maximum PFD tolerated for a safety function. In this course, we go a step further and introduce the foundations for analytical formulas presented in IEC 61508 (a key standard for reliability of safety-critical systems), the PDS method (a method along with a set of analytical formulas widely adapted in the Norwegian oil and gas industry, but which has a wider application area), and dynamic modeling, using Petri Nets."

 PDS method

PetriNet

Special topics (one or two are selected among these)

Architectural constraints: According to standards like IEC 61508, it is not sufficient to demonstrate that a SIL requirement has been met by showing that the average PFD or PFH is sufficiently low and within the specified range of the SIL  requirement. A SIL requirement also poses some restrictions on how a safety-critical function can be designed, in terms of architecture. These requirements are sometimes referred to as architectural constraints.

Partial testing: For some type of components, like valves, it has been more common to also do partial stroke testing in addition to full functional testing. The reason for introdocing this testing strategy may be to improve safety, or to maintain safety while extending the intervall of full function testing. Analytical models have been suggested for this purpose, and we will review these.

Imperfect testing: Many of the methods used to calculate the average PFD assumes that the functional tests are perfect, meaning that all dangerous undetected (DU) falures are revealed by the test. This is not always the case, and the effect of not taking this "imperfectness" into account will be that the average PFD is underestimated. The way this situation is treated overlaps to some extent with how partial testing is modeled.

SIL follow-up in operation: It is important to maintain the reliability performance throughout the whole operational life of a safety-critical system. This may explained by using a car as an example. You may buy a car with a certain designed-in performance, including reliability, based on the engine type, safety features, type of chassis, and so on. Still, the experienced performance of the same type of car may be different for different drivers. If we exclude fabrication errors, the performance of the car is influenced by the driver's driving habits, amount of driving, environment (icy, cold, hot,..), age and so on.

 

Architectural constraints

 

Partial stroke testing

 

Imperfect testing

 

SIL follow-up

Maintenance optimization and management (1)

 Lecture material: 
 Lectured topicsMotivation Topics by key words

Age, block and minimal repair strategies.

(2 lectures - Jørn V, Anne)

The intervals of maintenance for safety-critical systems are normally determined from the reliability analyses. For other systems, we may use decide upon intervals of testing using different maintenance strategies established by the RCM decision logic. These models include parameters like costs, failure rates, and aging. The models come of with the answer to the following two questions: When should we do maintenance and what tasks and equipment should be included. The application of these methods are many. Two examples are maintenance planning of railway tracks and another is planning of intervention (for maintenance purposes) of subsea equipment. Sub-topics also covered under the same "umbrella" are:

 

  • Modeling of effective failure rate: Maintenance interval and and intervention level (extensiveness of maintenance) is obviously influencing the failure rate of the components. This topic concerns the modeling of the relationship between these two parameters and what we can refer to as the effective (or resulting) failure rate.
  • Weibull renewal: **Say something here** 
  • PF models and state based models: **Say something here** 
  

Spare part optimization:

(1 lecture - Yiliu)

Spare parts may be costly to have on the stock, but at the same time it is costly not to have a spare part available when it is needed. This topic concern how to calculate the probability of running out of spares, using simple formulas and Markov analyses. The use of Monte-carlo simulations PetriNets for this purpose is also shown. This topic may not be some relevant for very specialized systems, where it is not possible to aquire a spare within short time. For a manufacturer that develops products, such as sensors, in a large scale to e.g. the oil and gas industry, it may be relevant to find the optimal number of spare parts for warranty and repair services.  Prognostics and remaining useful life 
MLE and graphical methods (1 lecture - Anne - kan flyttes til senere)Nelson Aalen, TTT plot, Kaplan Meier, 
  Bayesian methods  
  Counting processes  

  

Tutorials & Project

There will be mandatory problems/tasks to solve as part of the course.

...