Frequency Analysis

1
Frequency Analysis
2
Objective

• Frequency Analysis determines the likelihood of
  an event to occur
• The larger the number, the bigger the likelihood
  or chance for the event to occur.

3
Techniques

• Among others, two techniques are frequently used
• Event-Tree analysis
• Fault Tree Analysis

4
Fault Tree Analysis

• Fault Tree is a method by which a particular
  undesired system failure mode can be expressed in
  terms of component failure modes and operator
  actions.
• The system failure mode to be considered is
  termed the top event and fault tree is
  developed in branches below this event showing it
  causes., connected by using logic gate

5
Example Fault Tree of Pool Fire
6
Event Tree Analysis

• An event tree is a visual representation of all
  the events which can occur in a system.
• The goal of an event tree is to determine the
  probability of an event based on the outcomes of
  each event in the chronological sequence of
  events leading up to it.
• As the number of events increases, the picture
  fans out like the branches of a tree.
• By analyzing all possible outcomes, you can
  determine the percentage of outcomes which lead
  to the desired result.

7
Example
This event tree was constructed to analyze the
possible outcomes of a system fire. The system
has 2 components designed to handle this event a
sprinkler system and an automated call to the
fire department. If the fire department is not
notified, the fire will be mostly contained by
the sprinkler system. If the sprinkler system
fails as well, the system will be destroyed.
8
Fault Tree Analysis
9
Failures in Process Industries

• Single Component Failure
• Data for failure rates are compiled by industry
• Single component or single action
• Multiple Component Failure
• Failures resulting from several failures and/or
  actions
• Failure rates determined using FTA

10
Failure Rates Data
Instrument
Faults/year Controller 0.29 Control
valve 0.60 Flow measurements
(fluids) 1.14 Flow measurements
(solids) 3.75 Flow switch 1.12 Gas
liquid chromatograph 30.6 Hand
valve 0.13 Indicator lamp 0.044 Level
measurements (liquids) 1.70 Level measurements
(solids) 6.86
11
Failure Rates Data
Instrument Faults/year Oxygen
analyser 5.65 pH meter 5.88 Pressure
measurement 1.41 Pressure relief
valve 0.022 Pressure switch 0.14 Solenoid
valve 0.42 Stepper motor 0.044 Strip chart
recorder 0.22 Thermocouple temperature
meas. 0.52 Thermometer temperature
meas. 0.027 Valve positioner 0.44
12
Failure Rates Data

• Some data are per hour

Component Failure Frequency (hr-1) Component Failure Frequency (hr-1)
Gasket Failure (leak) 1.00 x 10-06 Pump Seal Failure 8.00 x 10-07
Gasket Failure (total) 1.00 x 10-07 Alarm Failure 1.00 x 10-05
Pipe Rupture (gt 3 in) 1.00 x 10-10 Operator Error 2.00 x 10-05
Pipe Rupture (lt 3 in) 1.00 x 10-09 Hose Rupture 2.00 x 10-05
Valve Rupture 1.00 x 10-08
13
Frequency, Reliability and Probability
Component Failure Rate m (faults/year) Reliability Re(-mt) Failure Probability P1-R
Control Valve 0.6 0.55 0.45
Controller 0.29 0.75 0.25
DP Cell 1.41 0.24 0.76
p 1- e-mt where p is the annual probability of
occurrence, m is the annual frequency and t is
time period (i.e., 1 year).
Conversion is important in OR gate (dimensional
homogeneity)
14
Frequency and Probability - Example
taking the case of gasket failure and assuming
that we have 10 gaskets, the annual probability
of occurrence is
15
What is Fault Tree Analysis

• Fault Tree is a method by which a particular
  undesired system failure mode can be expressed in
  terms of component failure modes and operator
  actions.
• The system failure mode to be considered is
  termed the top event and fault tree is
  developed in branches below this event showing it
  causes.

16
Fault Tree Analysis

• Fault tree analysis is typically carried out by a
  group or people or an individual.
• These individuals must have knowledge on the
  process so that causes of undesirable events can
  be understood
• The following information is important
• process and equipment description and
  specification
• process flow diagram, process instrumentation
  diagram and design information
• plant operation, human factors and environmental
  factors

17
Two basic Element

• The two mostly used gate symbol are and or
  gates.
• And gate is used to indicate that output
  event occurs if all input event occurs
  simultaneously.
• Or gate is used when output event occurs if any
  one of the input event occurs.
• Event symbol mostly used is Rectangle to show
  any event. Signify the TOP EVENT by a double box.

18
FTA Procedure

• Define top event
• Choose events identified by hazard identification
  method (i.e HAZOP) which can lead to this top
  event.
• Decide on the hierarchical construction of fault
  tree
• Construct fault tree. All inputs to a particular
  gate should be completely defined before further
  analysis of one of them is undertaken.
• Quantify the base events
• Quantify the top event

19
FTA Procedure

• Analyze results to determine the significance of
  particular base events or combination events
• Carry out sensitivity analysis to test the
  following factors
• uncertainty of basic data
• effect of improving reliability of plant and
  control systems
• effect of varying method of operation on the
  plant
• effect of plant modernization
• effect of improved training of operators

20
Underlying Principles

• Causes of undesirable events can only be
  understood with knowledge on how the system
  functions through
• chemical/physical processes in the plant
• specific information on the whole process
• data on hazardous properties of materials
• process flow diagram and process instrumentation
  diagram
• equipment specification
• plant operation
• human factors and environmental factors

21
Example Pump

• A system to pump acetic acid from the supply tank
  to the process is illustrated in figure.
• The system function automatically.
• When the regulator is energized, one of the pumps
  is started and acid passes through the feed
  pipes if no acid is detected in the feed pipe
  the second pump is started.
• Construct a fault tree with the top event no
  flow to the process.
• To make your life easier, consider failure modes
  listed here.
• Is there any other notable failures not listed
  should be considered?

22
Example Pump
P1
C1, C2 CABLES
23
Failure Modes to Consider
Component Symbol Failure Mode Cables C1
C2 short-circuit Electricity supply
E power cut Feed pipes F1 F2 rupture of
pipe Manifold M rupture Pumps P1
P2 fail to start Regulator R fail to
open on Supply tank S level too low
24
Fault Tree
NO FLOW TO PROCESS
PROBLEM 1 -
SIMPLIFIED SYSTEM
PROBLEMS WITH PUMPS
GENERAL PROBLEMS
PUMP P1 PROBLEMS
PUMP P2 PROBLEMS
Tanks level too low
Manifold M fails
Pump P1 fails to start
Pipe P2 ruptures
Cable C2 short circuits
Power cut
Cable C1 short circuits
Pumps P2 fails to start
Pipe P1 ruptures
Regulator fails
25
Unit on Fault Tree and Rules
Frequency (failure/year) probability of failure
per operation number of operation per year AND
GATE rules can multiply P and P unit of
probability can multiply P and F unit of
F cannot multiply F and F unit F2 (for example
failure/yr2) OR GATE rules can add P and P
unit of P can add F and F unit F cannot add
F and P different unit RULES for AND
GATES P(A.B) PA.PB F(AB) FA.PB
26
Boolean Algebra and Minimal Cut Set
A CUT SET combination of basic events which
will produce TOP EVENT In the example M, M.Z,
W.M, W.Z are all cut set But Minimal CUT SET is
a CUT SET if any basic event is removed the TOP
EVENT will not occur Therefore MINIMAL CUT SET is
M and W.Z can redraw the FAULT TREE..
Boolean Rules Differences to numerical
manipulation Indempotent AAA A.AA Absorption
AA.BA A.(AB)A For example (MW) . (MZ)
M.M M.Z W.M W.Z M M.Z W.M W.Z (M
M.Z M.W) W.Z M W.Z
27
Example Minimal Cut Set
PROBLEM 1 -
SIMPLIFIED SYSTEM
PUMP FAIL
PUMP B FAILS
PUMP A FAILS
Failure of Power Supply
Pump A Mechanical Failure
Failure of Power Supply
Pump B Mechanical Failure
W
M
Z
M
28
Unit on FTA

• Quantify Fault Tree
• Electrical supply failure, P 0.1
• Single pump failure, P 0.25
• Referring to Fault Tree
• Before minimal cut set, Probability of pump fail
  0.1225
• After minimal cut set, Probability of pump fail
  0.1625

29
Example -Minimum Cut Set
PROBLEM 1 - SIMPLIFIED
SYSTEM
PUMP FAIL
FAILURE OF POWER SUPPLY
MECHANICAL FAILURE OF PUMPS
M
Pump A Mechanical Failure
Pump B Mechanical Failure
Z
W
30
Boolean Algebra-Minimum Cut Set
TOP EVENT
A
B
E
D
E
C
D
C
31
Boolean Algebra-Minimum Cut Set
(A B) . (C D) . (E C) (D.E) (A B)
. (C.E D.E C.C D.C D.E ) (A B) . (C.E
D.E C D.C D.E ) (A B) . (C C.E
D.E D.C D.E ) (A B) . (C C.D C.E
D.E D.E ) INDEMPOTENT LAW (A B) . (C C.D
C.E D.E) ABSORPTION LAW (A B) . (C D.E )
32
Boolean Algebra-Minimum Cut Set
TOP EVENT
C
A
B
E
D
33
Event Tree Analysis
34
Consequence spectrum

• An accidental event is defined as the first
  significant deviation from a normal situation
  that may lead to unwanted consequences (e.g., gas
  leak, falling object, start of fire)
• An accidental event may lead to many different
  consequences. The potential consequences may be
  illustrated by a consequence spectrum

C1
C2
Accidental Event
Cn
35
Barrier

• Most well designed systems have one or more
  barriers that are implemented to stop or reduce
  the consequences of potential accidental events.
• The probability that an accidental event will
  lead to unwanted consequences will therefore
  depend on whether these barriers are functioning
  or not.
• Barriers are also called safety functions or
  protection layers, and may be technical and/or
  administrative (organizational).

36
Cause of a Consequence

• Failure of barrier
• Other Factors
• Whether a gas release is ignited or not
• Whether or not there are people present when the
  accidental event occurs
• Wind direction when the accidental event

37
Event Tree Analysis

• An event tree analysis (ETA) is an inductive
  procedure that shows all possible outcomes
  resulting from an accidental (initiating) event,
  taking into account whether installed safety
  barriers are functioning or not, and additional
  events and factors.
• By studying all relevant accidental events (that
  have been identified by a preliminary hazard
  analysis, a HAZOP, or some other technique), the
  ETA can be used to identify all potential
  accident scenarios and sequences in a complex
  system.
• Design and procedural weaknesses can be
  identified, and probabilities of the various
  outcomes from an accidental event can be
  determined.

38
Event Tree Analysis

• Simpler than fault-tree analysis
• Sequence frequencies are products
• Can combine sequences by taking sums
• However, more judgment is required in how to
  model a system as an event tree
• Basic goal is to keep the model as simple as
  possible
• By taking advantage of independence and
  conditional independence relations

39
Example Explosion
40
Steps in Constructing Event Tree

1. Identify (and define) a relevant accidental
   (initial) event that may give rise to unwanted
   consequences
2. Identify the barriers that are designed to deal
   with the accidental event
3. Construct the event tree
4. Describe the (potential) resulting accident
   sequences
5. Determine the frequency of the accidental event
   and the (conditional) probabilities of the
   branches in the event tree
6. Calculate the probabilities/frequencies for the
   identified consequences (outcomes)
7. Compile and present the results from the analysis

41
Accidental Event

• When defining an accident event, we should answer
  the following questions
• What type of event is it? (e.g., leak, fire)
• Where does the event take place? (e.g., in the
  control room)
• When does the event occur? (e.g., during normal
  operation, during maintenance)
• In practical applications there are sometimes
  discussions about what should be considered an
  accidental event (e.g., should we start with a
  gas leak, the resulting fire or an explosion).
  Whenever feasible, we should always start with
  the first significant deviation that may lead to
  unwanted consequences.

42
Accidental Event

• An accidental event may be caused by
• System or equipment failure
• Human error
• Process upset
• The accidental event is normally anticipated.
  The system designers have put in barriers that
  are designed to respond to the event by
  terminating the accident sequence or by
  mitigating the consequences of the accident.

43
Accidental Event

• For each accidental event we should identify
• The potential accident progression(s)
• System dependencies
• Conditional system responses

44
Barriers

• The barriers that are relevant for a specific
  accidental event should be listed in the sequence
  they will be activated.
• Examples include
• Automatic detection systems (e.g., fire
  detection)
• Automatic safety systems (e.g., fire
  extinguishing)
• Alarms warning personnel/operators
• Procedures and operator actions
• Mitigating barriers

45
Additional Events/Factors

• Additional events and/or factors should be listed
  together with the barriers, as far as possible in
  the sequence when they may take place.
• Some examples of additional events/factors were
  given on a previous slide

46
Event Sequence

• Each barrier should be described by a (negative)
  statement, e.g., Barrier X does not function
  (This means that barrier X is not able to
  performs its required function(s) when the
  specified accidental event occurs in the
  specified context).
• Additional events and factors should also be
  described by (worst case) statements, e.g., gas
  is ignited, wind blows toward dwelling area.

True
By this way the most severe consequences will
come first
False
47
Outcome Alternatives

• In most applications only two alternatives
  (true and false) are considered. It is,
  however, possible to have three or more
  alternatives, as shown in the example below

48
End Outcomes

• In practice, many event trees are ended before
  the final consequences are reached
• Including these final consequences may give
  very large event trees that are impractical for
  visualization
• This is solved by establishing a consequence
  distribution for each end event and the
  probability of each consequence is determined for
  each end event
• In effect, this is an extension of the event
  tree, but it gives a more elegant and simpler
  presentation and also eases the summary of the
  end results

49
Results in Decision Making

• The results from the event tree analysis may be
  used to
• Judge the acceptability of the system
• Identify improvement opportunities
• Make recommendations for improvements
• Justify allocation of resources for improvements

50
End Events
51
Pros and Cons

• Positive
• Visualize event chains following an accidental
  event
• Visualize barriers and sequence of activation
• Good basis for evaluating the need
• Negative
• No standard for the graphical representation of
  the event tree
• Only one initiating event can be studied in each
  analysis
• Easy to overlook subtle system dependencies
• Not well suited for handling common cause
  failures in the quantitative analyses
• The event tree does not show acts of omission

52
Generic Example
53
Frequencies of Outcome
Let ? denote the frequency of the accidental
(initiating) event. Let Pr(Bi) denote the
probability of event B(i). When we know that the
accidental event has occurred, the probability of
Outcome 1 is
Note that all the probabilities are conditional
given the result of the process until barrier i
is reached. The frequency of Outcome 1 is
The frequencies of the other outcomes are
determined in a similar way.
54
Pipeline Leak Event Tree
55
Gas pipeline Rupture Event
Check for error