Review and comparison of the modeling approaches and risk analysis methods for complex ship system. Author: Sunil Basnet
Outline Introduction Methodology Case study with RR Conclusions Future research 26.7.2019
Aim of the research Review and comparison of safety engineering techniques: Risk analysis methods: For identifying and mitigating risks in a system. Modeling approaches: For presenting a graphical model of the structural composition and behavior of a system. 26.7.2019
“ Safety is more important than convenience”- Don Hambidge Motivation “ Safety is more important than convenience”- Don Hambidge Autonomous projects – unavailability of data for probabilistic methods. Development of advanced technologies – need to focus on new types of risks. i.e. software errors,design errors and risks due to unsafe interactions. Dominant risk analysis methods: Failure Mode and effects analysis (1949) Fault Tree Analysis (1962) Image: Rolls- Royce
Key concern: Research questions: Can these traditional methods , developed for simpler systems, co-op with the issues due to rapid technological change? OR Should we implement modern tools and methods developed for complex systems? Research questions: Which approach is suitable for modeling a complex ship system? Which method is suitable at identifying risks in a complex ship system? Can the risk analysis method identify increasing emergent failures such as component interaction issues? 26.7.2019
Research limitations: Probabilistic methods are not considered due to unavailability of the data about system failure and risks. To limit the scope, only one widely used traditional method (from the methods implemented in R-R) are reviewed and assessed against one modern method. 26.7.2019
Methodology: Initial literature review for selection of methods. Detailed review of Modeling approaches (Tree structure method and System Modeling Language) and risk analysis methods (Fault Trees Analysis and Systems-Theoretical Process Analysis). Case Study for analysis with experts of Rolls-Royce 26.7.2019
Modelling approaches Tree structure method: Presents structural composition of a system in a hierarchial approach. Simple method but it is limited on the representation of component interactions. System Modeling Language (SysML): Developed in 2006 A graphical modeling language that presents the structural composition, behavior, and requirements of a system. Aims to support the analysis, specification, design, and validation of complex systems. 26.7.2019
Type of diagrams in SysML Block definition diagram Internal block diagram Activity diagram Requirement diagram Parametric diagram Package diagram Image: SysML TM. 26.7.2019
Risk analysis methods Fault Trees Analysis An approach to identify risks in a system in sequential events. Uses boolean logic gates and symbols to denote the combination. 26.7.2019
Risk analysis methods STPA A systemic and systematic approach for identifying risks in a complex system Implementation procedure: Accident definition Hazard identification Develop safety constraints Create a control structure Identify unsafe control actions Redefine safety constraints Safety Control Structue 26.7.2019
Case study (28.05.2018) Case: Implementation of methods in some parts of Azimuth thruster. Location: Rolls-Royce research and development center, Turku, Finland Aim: Test and evaluation of the methods with experts in R-R. Tools: Edraw Max ( Tree structure method and Fault Trees Analysis) RMStudio (STPA) Modelio / Astah SysML (SysML) Image: Edraw Image: RM Studio Image: SysML TM. 26.7.2019
Description of the case The methods were implemented to model and identify risks in a part of the azimuth thruster. Experts of Rolls-Royce (with diverse backgrounds) and familiar to the functionality of the azimuth thruster (R-R AZ123) implemented the methods. Image: Azimuth thurster Rolls-Royce
Modeling approaches Tree structure method 26.7.2019
SysML Package diagram A tool to manage or group the diagrams and it’s elements. Package can be created on multiple ways. By diagram kind (e.g. behavior, requirements) By system hierarchy (e.g. enterprise, system, component) 26.7.2019
SysML Activity diagram Presents the interactions among components when executing a certain activity. 26.7.2019
SysML Requirement diagram Presents the requirements for the system 26.7.2019
SysML Block definition diagram Presents the structural composition of the system. Can also include properties of the components. 26.7.2019
SysML Internal Block diagram Presents a layout of the interconnection between the components inside the system 26.7.2019
SysML Parametric diagram A tool for conducting efficiency, stress analysis and other engineering analysis 26.7.2019
Risk analysis methods Fault Tree Analysis 26.7.2019
STPA ID Accident Description A1 Loss of the azimuth thruster. The azimuth thruster gets detached from the vessel. A2 Failure of the azimuth thruster. The azimuth thruster fails. ID Hazard Description Relationship H1 Vessel grounding. Grounding of vessel occurs. A1, A2 H2 Vessel collision Vessel collides with an object. Hazards Safety Constraints H1. Vessel grounding. SC1. The vessel should be designed to withstand harsh weather conditions. SC2. Proper routing and constant weather and sea state monitoring. SC3. Hardware and software redundancy. SC4. Intensive software testing. H2. Vessel collision. SC2. Object detection sensor and radars redundancy. SC3. Intensive testing of sensors and radars. 26.7.2019
Control Structure 26.7.2019
Identification of potentially unsafe control actions. Not providing the action causes a hazard Providing the action causes a hazard. Providing the action too late causes a hazard Provided the action too early causes a hazard Operator: Change speed Not reducing the speed when needed. Increasing speed without vessel’s surrounding awareness. Reducing speed too late. Change direction Not changing direction when needed. Changing direction without vessel’s surrounding awareness. Changing direction too late. Start Lubrication Not lubricating the bearings and components Identification of potentially unsafe control actions. Analysing how these actions could occur. Define requirements to prevent them. 26.7.2019
Evaluation 26.7.2019
Systems Modeling Language Systems Modeling Language Expert’s Evaluation: Modelling Approaches 0 – 1.0 Poor 1.1 – 2.0 Satisfactory 2.1 – 3.0 Average 3.1 – 4.0 Good 4.1 – 5.0 Excellent Tree structure method Criteria's Expert 1 Expert 2 Expert 3 Expert 4 Expert 5 Average rating Method complexity 5 4 4.2 Modeling time 3 3.6 System's structural modeling 2 2.8 System's behavior modeling 1 1.6 Functionality 2.6 Systems Modeling Language Criteria's Expert 1 Expert 2 Expert 3 Expert 4 Expert 5 Average rating Method complexity 2 3 2.4 Modeling time 1 2.0 System's structural modeling 5 4 4.2 System's behavior modeling 4.0 Functionality 3.6 Criteria's Average Rating Tree structure method Systems Modeling Language Method complexity 4.2 2.4 Modeling time 3.6 2.0 System's structural modeling 2.8 System's behavior modeling 1.6 4.0 Functionality 2.6 SysML involves more detailed modeling of the system. Thus, it is more complex and time consuming than Tree structure method. However, SysML presents component interconnection, interactions, requirements and tool for analysis of the system which is not modeled in Tree structure method. 26.7.2019
Systems-Theoretical Process Analysis Expert’s Evaluation: Risk analysis methods 0 – 1.0 Poor 1.1 – 2.0 Satisfactory 2.1 – 3.0 Average 3.1 – 4.0 Good 4.1 – 5.0 Excellent Fault Trees Analysis Criteria's Expert 1 Expert 2 Expert 3 Expert 4 Average rating Method complexity 4 5 4.3 Analysis time 3 Risk Identification 2 3.3 Risk Mitigation 1 2.0 Structure of the model 4.0 Systems-Theoretical Process Analysis Criteria's Expert1 Expert 2 Expert 3 Expert 4 Average rating Method complexity 3 2 2.5 Analysis time 2.8 Risk Identification 4 3.5 Risk Mitigation 3.3 Structure of the model Criteria's Average Rating FTA STPA Method complexity 4.3 2.5 Analysis time 2.8 Risk Identification 3.3 3.5 Risk Mitigation 2.0 Structure of the model 4.0 FTA is simpler and faster to implement than STPA. However, STPA is better at identifying risks related to component interactions and human errors than FTA. The structure of the model prepared using FTA is easier to follow and understand than the model using STPA. 26.7.2019
Conclusions 26.7.2019
Modeling approaches Tree structure method SysML Complexity of the method Low High Time consumption Very high Level of detail for presenting structural composition Level of detail for presenting component interactions None Level of detail for presenting requirements of a system Level of support for conducting an engineering analysis Suitability of the method for modeling a complex ship system 26.7.2019
Risk analysis methods FTA STPA Complexity of the method Average High Time consumption Very high Level of effectiveness for identifying component failures Level of effectiveness for identifying unsafe component interactions Level of effectiveness for identifying human errors None Level of support for a systemic and systematic analysis Suitability for analyzing risks in a complex ship system (functionality) Suitability for analyzing risks in a complex ship system (available resources and complexity) 26.7.2019
Detected limitation in the modern methods and proposed solution Modern methods are complex and require higher resources implementation. A proposed solution: Create a code template to generate diagrams instead of graphical interface. (graphviz) 26.7.2019
Future research Review considering the effectiveness of methods at initial design phase. Review of methods with a proper weight factor assigned to each criterion. Implementation study of the modern methods to develop a framework for safety assessment of autonomous vessels. 26.7.2019
Thank you