Failure Modes, Effects, And Diagnostic Analysis Research Articles

Reliability enhancement of LNG fuel gas supply system in combined-cycle power plant

This article aims to present a technique to enhance reliability of liquefied natural gas (LNG) fuel gas supply system (FGSS) of gas turbine unit in a combined-cycle power plant. In order to prevent unplanned plant shutdowns, the proposed technique is based on the use of failure modes, effects, and diagnostic analysis (FMEDA) to identify and evaluate the effects of possible failure modes, to determine what could minimize the chance of failures, and to design a new safety interlock. The studied FGSS consists of gas analytical system (GAS) in 2-out-of-2 voting scheme, shutdown valve system (SDV) in 1-out-of-2 voting scheme, fuel gas controller (FGC), and engineering/operator workstations. Two automatic GAS subsystems with different measurement methods are installed in the GAS. One of two GAS subsystems uses three gas chromatography analyzers in 2-out-of-3 voting scheme. The gas chromatography results and diagnostic alarm historian are utilized to consider the failure behavior. The reliability models for the GAS subsystem using gas chromatography and the overall FGSS are also included to confirm the effectiveness of utilizing diagnostic information from the gas analyzers. Based on the FMEDA results, the new safety interlock with no additional software and hardware costs can be achieved. The workability of the proposed safety interlock is demonstrated by test results.

The FMEDA Based DC Calculation for Railway Safety Computer

This paper presents a new algorithm to compute the Diagnostic coverage (DC) for railway safety computer using the Failure modes effects and diagnostic analysis (FMEDA) theory. The importance to work out the DC accurately is stressed. A certain type of railway safety computer's output element is taken as an example to show how the DC is worked out using the FMEDA method. The probability of dangerous failures per hour (PFH) of one certain safety computer is obtained considering the DC. The final results show that the DC is 99.6% and the PFH of the safety is 1.165 fit, which means 1.165 dangerous failures may occur during 1 billion hours' working time, running up to the requirement of the Safety integrity level 4 (SIL4). This paper provides an example to come up with the DC for safety computer, thus making the PFH calculation more accurate and so is the Safety integrity level.

Implementation of ITER Fast Plant Interlock System Using FPGAs With CompactRIO

Interlocks are the instrumented functions of ITER that protect the machine against failures of the plant system components or incorrect machine operation. Regarding instrumentation and control, the interlock control system (ICS) ensures that no failure of the conventional ITER controls can lead to a serious damage of the machine integrity or availability. The ICS is in charge of the supervision and control of all the ITER components involved in the instrumented protection of the tokamak and its auxiliary systems. It is constituted by the central interlock system (CIS), different plant interlock systems (PISs), and its networks. The ICS does not include the sensors and actuators of the plant systems, but it is in charge of their control. The ITER interlock system shall be designed, built, and operated according to the highest quality standards. The international standard IEC-61508 has been chosen as the reference. In both CIS and PIS cases, two main architectures are used: 1) a slow architecture, for those functions with response time requirements slower than 100 ms (300 ms for central interlock functions), based on programmable logic controller technologies and 2) a fast architecture, based on field programmable gate array (FPGA) technologies, for the functions with faster requirement times. The proposed design for fast PIS is based on the use of reconfigurable input/output (RIO) technology from National Instruments (NI CompactRIO platform). In order to provide a high integrity solution, failure modes, effects, and diagnostic analysis (FMEDA) has been conducted to analyze the component behavior. According to the output of the FMEDA, a set of diagnostics has been defined and additional redundancy was added to the architecture to improve the integrity figures. The defined configuration has been called the “double-decker solution,” with two chassis running in parallel, communicated between them using a synchronous high-speed serial line, and using redundant modules to implement the input and output measurements/excitations and redundant analog and digital modules to implement the diagnostics of these input/output modules. The integrity figures for the “double-decker” solution are obtained from the classification of the failure rates, obtaining for different configurations a safe failure fraction of 85% and a probability of dangerous failure per hour of less than 1E−07. The FPGA design includes all the hardware to support the data acquisition from the input modules, the implementation of the diagnostic functionalities for analog and digital modules, the voting schema, and the activation/deactivation of digital outputs. The platform includes an external test platform, also based on NI CompactRIO technology, to perform the validation of the system and to register the performance of different interlock functions implemented. The response time obtained for the transistor–transistor logic (TTL) input to TTL output interlock function ranges from 5 to $20~\mu \text{s}$ ; for the analog input to TTL output, the response time is in the range of 41– $90~\mu \text{s}$ , and for interlock functions using 24-V digital input to 24-V digital output, the time can rise up to $643~\mu \text{s}$ .

An evaluation approach using a HARA and FMEDA for the hardware SIL

Safety instrumented systems (SIS) are becoming increasingly complex, and form a growing proportion of programmable electronic parts. The IEC 61508 global standard was established to ensure the functional safety of SIS; however, it was expressed in highly macroscopic terms. The safety integrity level (SIL) is a criterion describing whether a component meets the safety requirements of a SIS. The safety requirements give a target SIL for the expected risks using hazard analysis and risk assessment (HARA). The SIL must correspond to the safety requirements. This study introduces an evaluation process for determining the hardware SIL through failure modes, effects, and diagnostic analysis (FMEDA). First, the components of the SIS subsystem are defined in terms of failure modes and effects, and then the failure rate and failure mechanism distribution are assigned to each component. The safety mode and detectability of each failure mode are determined for each component and, finally, the hardware SIL is evaluated. We perform a case study to evaluate the hardware SIL of the flame scanner system using HARA and FMEDA, where the safety requirement of the flame scanner was determined using the risk graph method. We verified that the hardware SIL of the flame scanner corresponded to the safety requirement.

SIL 인증을 위한 FMEDA 프로세스 연구 : 화염검출기 사례를 중심으로

In this article, we introduced the estimation method by 'Safety Integrity Level'(SIL) for the criterion of safety assurance and performed a case study on a flame scanner. SIL requires probabilistic evaluation of each set of equipment used to reduce risk in a safety related system. FMEDA(Failure Modes, Effects and Diagnostic Analysis) method is widely used to evaluate the safety levels and provides information on the failure rates and failure mode distributions necessary to calculate a diagnostic coverage factor for a part or a component. Basically, two parameters resulting from FMEDA are used for SIL classification of the device : SFF(Safe Failure Fraction) and PFD(Probability of Failure on Demand). In this case study, it is concluded that the flame scanner is designed to fulfill the condition of SIL 3 in the aspect of SFF and PFD.

FMEDA 기법을 적용한 SIL 등급 판정에 관한 사례연구

As the number, complexity and interaction of electrical, electronic and programmable electronic (E/E/PE) systems increase, a growing emphasis has been placed on the concept of functional safety during product development. IEC 61508 provides guidelines and standardized procedures in the development of reliable and dependable E/E/PE systems to assure functional safety. Determining risk classes (i.e., safety integrity levels, SILs) associated to a specific E/E/PE item may be recognized as one of the most crucial activities in the product development per IEC 61508 since SILs are used to specify necessary safety requirements for achieving an acceptable residual risk. This article presents a case study on the assessment of SILs applying failure modes, effects and diagnostic analysis (FMEDA) from which failure rates may be derived for each important failure category by combining a standard FMEA with online diagnostic techniques.

The FMEDA approach to improve the safety assessment according to the IEC61508

According to the Standard IEC61508, the paper presents a case study concerning the evaluation of both the safe failure fraction (SFF) and the probability of failure on demand (PFD) for a complex system. After a preliminary presentation of the criteria for the safety integrity level (SIL) verification, the work focuses the attention on the method to achieve the PFD. In particular, an approach based on failure modes, effects and diagnostic analysis (FMEDA) is proposed and then a comparison with the approach described in the Standard. The paper aims to clarify both the knowledge and the application of the IEC61508 and proposes a technique to satisfy the hardware safety integrity requirements.

Using a failure modes, effects and diagnostic analysis (FMEDA) to measure diagnostic coverage in programmable electronic systems

Abstract One of the key issues in the quantitative evaluation of programmable electronic systems is the diagnostic capability of the equipment. This is measured by a parameter called the Coverage Factor, C . This factor can vary widely. The range of possible values is often the subject of great debate. Within limits, the diagnostic coverage factor can be calculated by knowing which component failure modes are detected by diagnostics. An extension of the Failure Modes and Effects Analysis (FMEA) can be used to show this information. This extension, called a Failure Modes, Effects and Diagnostic Analysis can serve as a useful design verification tool as well as a means to provide more precise input to reliability and safety modeling.