• Created by Unknown User (lundteig), last modified on 15.05.2014

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 37 Next »

******* This page is under development and will during the spring and summer of 2014 be subject to many changes.****

TPK 5170 RAMS Assessment and Optimization

Brief background of course

This course is the specialization course in reliability, availability, maintenance and safety (RAMS) in the last fall semester of the (2 year) international master program in RAMS and the (5 year) master program in Mechanical Engineering (in Norwegian: Produktdesign og Produksjon - PUP). The course introduces some new methods, and makes a more thorough presentation of methods introduced in previous RAMS-related courses.

Two examples:

  • Consider a wind turbine: We want this system to be reliable, meaning that it generates the power according to the turbine's operating profile. To ensure that the costs of producing power is sufficiently low, it is necessary to find more cost-efficient wind turbine designs and more cost-efficient ways of operating and maintaining them. This course aims to give you knowledge and competence in RAMS tools and methods help you to solve such tasks. 

  • Consider an instrumented pressure protection system installed in relation to a subsea pipeline which is tied into a topside platform. The system is installed to protect the pipeline from over-pressuring upon certain events, such as a downstream blockage. A failure of this instrumented pressure protection system may result in a pipe burst. If the pipe bursts close to the platform, it may eventually create a gas cloud nearby with the potential of escalating into an explosion and fire. If the pipeline bursts on the seabed, it may damage the sea environment. This course aims to give you a set of tools that are needed to define how reliable such safety-systems must be, how they should be designed to meet the reliability requirements, and how the reliability performance may be traced in operation.

The course belongs to the large envelope of RAMS courses given from the department of Production and Quality Engineering at NTNU.  The course is adminstred by the RAMS group at this department. It is expected that the students already have taken (or have relevant background corresponding to):

  • TPK 4120: Safety and Reliability
  • TPK 4140: Maintenance Management 
  • TPK 5160: Risk Analysis 

This course replaces the earlier arrangement with two specialization modules in RAMS, one in risk and reliability and one in maintenance optimization (each with 3.75 credit points). This means that TPK 5170 includes some subjects from both areas: risik and reliability and maintenance optimization, and gives 7.5 credits (i.e., as a regular course normally does at NTNU).

  • You may ask why this is necessary, if the you (for example) are focusing mainly on risk analysis in the specialization project and master thesis. The answer from our This course should give you the remaining topics that we - as a RAMS group - think you should have when you leave NTNU with a specialization in RAMS.

The responsible person for TPK 5170 in the fall of 2014 is Professor Mary Ann Lundteigen. She will give approximately 60% of the lectures. Since this is a specialization course, some "specialists" are brought in for specific topics. For example, Associate Professor Yiliu Liu  will lecture methods like PetriNets. Lectures that belong to the topic maintenance optimization are planned to be lectures by Professor Jørn Vatn our new Professor Anne Barros.

It may be remarked that this course may, from the fall of 2015, change the name to "Asset management methods". A new course in "Reliability of safety-critical systems" ("SIS course") will at the same time be introduced (from spring 2015). Topics related to  reliability assessment will be transferred to the new ("SIS") course, and it is planned that TPK 5170 with its new profile will expand on topics related to maintenance optimization and the estimation of remaining useful life. The changes will be available http://www.ntnu.edu/studies/courses, once implemented.

Course objective and motivation

The main objective of this course is to increase the depth of understanding about RAMS assessment and optimization models and methods. Such models and methods may be useful for several purposes, including:

  • Definition of requirements (how reliable must a system be?)
  • Implementation of requirements (how should we design the system in order to meet stated reliability?)
  • How may we operate the system in order to minimize costs and time?
  • How may it be required to operate the system to be sufficiently safe?
  • How can we support our models and methods with data, and can these data be determined?

As already mentioned, the course aims to study already lectured methods and models in more detail, to add more perspectives to the understanding. Some new models methods are also introduced so that the students, after having taken the course, will have a solid toolbox of models and methods to use in their future work career.  

Expected learning outcome

Knowledge:
Obtain a more thorough understanding of the theoretical foundation and the practical applications of RAMS assessment and optimization methods. 

Skills:
Being able to identify suitable frameworks, methods, and software and to use these to solve RAMS assessment and optimization tasks.

General competence:
Understand RAMS as an important cornerstone of industrial and commercial systems and in the public administration. 

Industry relevance

Reliability assessments of safety-critical systems are key services provided by many consultancy companies, such as with Safetec, Lloyd's Register Consulting, and DNV-GL (link to the GL-part of the services), and Lilleaker Consulting. Manufacturers like ABB, Siemens, AkerSolutions, FMC, Kongsberg Maritime and many others need to design systems in light of reliability requirements, and also demonstrate (sometimes with assistance of the consultancy companies) that the reliability requirements are met. End users, like railway service providers like Jernbaneverket, oil companies like Statoil, Det Norske, GDF-Suez, Shell and Conoco-Phillips, and Wintershall, and other industries like smelting plants and water power suppliers must be competent to select proper system design, follow up the system performance and select the most suitable maintenance strategies to keep costs and safety within the accepetable limits.

Topics covered

With the prevailing profile of the course, there are three main subject areas of this course:

  • Subject area 1: Reliability assessment methods with focus on the application with safety-critical systems (approximately 50% weight)
  • Subject area 2: Maintenance optimization models and methods which have a broader application area (approximately 40%)
  • Subject area 3: Barrier management (approximately 10%)

Lectured topics within these three subject areas are indicated in the lecture plan below.

 

WeekDate

 

Subject
area

Lectured topicsMotivationLecturerTutorials
3525. & 26.8All

1st hour:

  • Introduction to the course
  • Organization of student groups
    (3 persons per group) 

2nd-3rd hours

  • Introduction to two case studies
  • Group work and summary in
    plenum

Inform the students about the course objectives, intended learning outcomes, and practicalities.

  • Give a more thorough introduction to two systems where the lectured models and methods
    may be applicable.
  • Explain and discuss the technologies involved, with focus on attributes like
    reliability, availability, maintenance, and safety  
Mary Ann
  • Student seminar
    this day 
362.-3.91

Safety-critical systems:
Key concepts and
requirements

(Textbook: chapter 2) 

IEC 61508 is a key standard on design of safety-critical systems, when the technology used include electrical,
electronic, and programmable electronic systems. Many authority regulations Petroleum, railway, nuclear,
automotive, etc) refer to this standard, or standards that are under the "umbrella" of this standard.
The standard introduces several key concepts including equipment under control, safety integrity level (SIL),
safety lifecycle, functional safety, risk reduction factor, and many more.  Safety design principles, such as
fail-safe design and architectural constraints, are also discussed.

Mary Ann
  • Selected
    problems 
379.-10.91Safety-critical systems:
Development of SIL
requirements 		The mentioned IEC standard(s) require a structured process for defining SIL requirements. Methods like layers of protection
analysis (LOPA) and risk graph are often used for this purpose. Risk graph is used with many applications, such as for
machinery and process industry, whereas LOPA is mainly used in the process industry. In the oil and gas industry,
for example, it is common to have LOPA-sessions/workshops in an early planning of new systems. A special case of defining
SIL requirements is the minimum SIL, advocated in a Norwegian guideline for offshore oil and gas facility, Norsk Olje og Gass
guideline 070. This approach builds on principles called GALE or GAMAB. 		Mary Ann
  • Selected
    problems 
3816.-17.91

Safety-critical systems:
Quantification of reliability
for systems operating
on demand.

(Textbook chapter 8)

Students that take this course are familiar with simplified formulas for calculating the average probability of failure on demand (PFD).
The deriving of these formulas is not repeated here, but extensions are discussed, including:

  • IEC 61508-6 formulas
  • PDS method (selected topics, with focus on the inclusion of C_MooN)
  • Fault tree analysis (compensating for the Schwartz' inequality)

 

Mary Ann

  • Selected
    problems
3923.-24.91Safety-critical systems:
Quantification of reliability
for systems operating
on demand (continued)
with focus on PetriNets
(Textbook chapter 5 and 8) 		PetriNets is an alternative approach for calculating the the PFD. PetriNets have not been much used for this particular purpose,
but the approach is widely used in many other application areas such as the modeling of communication and software. In our context,
PetriNets have got increased attention as the newest version of IEC 61508 and a new technical guideline published by ISO, the
ISO/TR 12489) mention and give application examples.  		Yiliu
  • Selected
    problems 
4030.9-1.101Safety-critical systems:
Quantification of reliability
for systems operating on
demand (continued) with
focus on partial and imperfect
testing 		   
41      
42      
43      
4427&28.102Age, block, and minimal repair
strategies

Maintenance optimization:
The intervals of maintenance for safety-critical systems are normally determined from the reliability analyses.
For other systems, we may use decide upon intervals of testing using different maintenance strategies
established by the RCM decision logic. These models include parameters like costs, failure rates, and aging.
The models come of with the answer to the following two questions: When should we do maintenance and 
what tasks and equipment should be included. The application of these methods are many. Two examples are
maintenance planning of railway tracks and another is planning of intervention (for maintenance purposes) of
subsea equipment. Sub-topics also covered under the same "umbrella" are:

  • Modeling of effective failure rate: Maintenance interval and and intervention level (extensiveness of
    maintenance) is obviously influencing the failure rate of the components. This topic concerns the modeling of the
    relationship between these two parameters and what we can refer to as the effective (or resulting) failure rate.
  • Weibull renewal: **Say something here** 
  • PF models and state based models: **Say something here** 
Jørn 
454&5.112Age, block, and minimal repair
strategies (continued)		 Jørn 
4611&12.112Spare-part optimizationSpare parts may be costly to have on the stock, but at the same time it is costly not to have a spare part available
when it is needed. This topic concern how to calculate the probability of running out of spares, using simple formulas
and Markov analyses. The use of PetriNets for this purpose is also shown. This topic may not be some relevant for very 
specialized systems, where it is not possible to acquire a spare within short time. For a manufacturer that develops
products, such as sensors, in a large scale to e.g. the oil and gas industry, it may be relevant to find the optimal number
of spare parts for warranty and repair services. 

Yiliu

(Mary Ann
at the ESREL
conference) 

 
47

18.&19.11

N/AStudent presentations
(also using tutorial hours) 		Students get the possibility to reflect on the lectured
topics and in particular to see how these are related to
their specialization project, and how they may be
applicable for their master project. 		  
48  Summary   
       
       

 

 

Reliability assessment of safety-critical systems       

 Lecture material: 

Lectured topic

MotivationTopics by key words

Development of reliability requirements

 

"Safety integrity level (SIL) is a key reliability performance measure used for safety-critical systems. Reliability requirements are therefore often given as SIL requirements are identified in an extension of the risk analysis, using methods often refered to as SIL allocation, SIL targeting and SIL classification. Key methods like Layers of protection analysis (LOPA), risk graph, and minimum SIL are presented and discussed."  

SIL allocation

LOPA

Risk graph

Minimum SIL

 New reliability assessment methods In TPK 4120, some analytical formulas were introduced to calculate the average probability of failure on demand (PFD). It was also shown how the average PFD may be calculated using Markov methods and fault tree analysis. This reliability measure is of high importance in relation to SIL, as a relationship is established between a SIL requirement and the maximum PFD tolerated for a safety function. In this course, we go a step further and introduce the foundations for analytical formulas presented in IEC 61508 (a key standard for reliability of safety-critical systems), the PDS method (a method along with a set of analytical formulas widely adapted in the Norwegian oil and gas industry, but which has a wider application area), and dynamic modeling, using Petri Nets."

 PDS method

PetriNet

Special topics (one or two are selected among these)

Architectural constraints: According to standards like IEC 61508, it is not sufficient to demonstrate that a SIL requirement has been met by showing that the average PFD or PFH is sufficiently low and within the specified range of the SIL  requirement. A SIL requirement also poses some restrictions on how a safety-critical function can be designed, in terms of architecture. These requirements are sometimes referred to as architectural constraints.

Partial testing: For some type of components, like valves, it has been more common to also do partial stroke testing in addition to full functional testing. The reason for introdocing this testing strategy may be to improve safety, or to maintain safety while extending the intervall of full function testing. Analytical models have been suggested for this purpose, and we will review these.

Imperfect testing: Many of the methods used to calculate the average PFD assumes that the functional tests are perfect, meaning that all dangerous undetected (DU) falures are revealed by the test. This is not always the case, and the effect of not taking this "imperfectness" into account will be that the average PFD is underestimated. The way this situation is treated overlaps to some extent with how partial testing is modeled.

SIL follow-up in operation: It is important to maintain the reliability performance throughout the whole operational life of a safety-critical system. This may explained by using a car as an example. You may buy a car with a certain designed-in performance, including reliability, based on the engine type, safety features, type of chassis, and so on. Still, the experienced performance of the same type of car may be different for different drivers. If we exclude fabrication errors, the performance of the car is influenced by the driver's driving habits, amount of driving, environment (icy, cold, hot,..), age and so on.

 

Architectural constraints

 

Partial stroke testing

 

Imperfect testing

 

SIL follow-up

Maintenance optimization and management (1)

 Lecture material: 
 Lectured topicsMotivation Topics by key words

Age, block and minimal repair strategies.

(2 lectures - Jørn V, Anne)

The intervals of maintenance for safety-critical systems are normally determined from the reliability analyses. For other systems, we may use decide upon intervals of testing using different maintenance strategies established by the RCM decision logic. These models include parameters like costs, failure rates, and aging. The models come of with the answer to the following two questions: When should we do maintenance and what tasks and equipment should be included. The application of these methods are many. Two examples are maintenance planning of railway tracks and another is planning of intervention (for maintenance purposes) of subsea equipment. Sub-topics also covered under the same "umbrella" are:

 

  • Modeling of effective failure rate: Maintenance interval and and intervention level (extensiveness of maintenance) is obviously influencing the failure rate of the components. This topic concerns the modeling of the relationship between these two parameters and what we can refer to as the effective (or resulting) failure rate.
  • Weibull renewal: **Say something here** 
  • PF models and state based models: **Say something here** 
 

Spare part optimization:

(1 lecture - Yiliu)

Spare parts may be costly to have on the stock, but at the same time it is costly not to have a spare part available when it is needed. This topic concern how to calculate the probability of running out of spares, using simple formulas and Markov analyses. The use of PetriNets for this purpose is also shown. This topic may not be some relevant for very specialized systems, where it is not possible to aquire a spare within short time. For a manufacturer that develops products, such as sensors, in a large scale to e.g. the oil and gas industry, it may be relevant to find the optimal number of spare parts for warranty and repair services.  
MLE and graphical methods (1 lecture - Anne - kan flyttes til senere)Nelson Aalen, TTT plot, Kaplan Meier, 
   
   

  

Tutorials & Project

There will be mandatory problems/tasks to solve as part of the course.

TopicProblems Software
Reliability assessmentProblems will be selected from the following booklet Matlab, Maple, Grif
Maintenance optimization Problems will be .... Excel


Software Matlab, Maple and Grif (the latter is a rather recent software for reliability assessment in use here at the NTNU) will be preferred to assist the reliability analyses.

 

 

  • No labels