6 July 2000CSAM Team1 CERN Safety Alarm Monitoring Invitation to Tender Strategy CERN Safety Alarm System Supervisory Board 3st meeting CSAM project team.

Slides:



Advertisements
Similar presentations
Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.
Advertisements

Introduction to IRRIIS testing platform IRRIIS MIT Conference ROME 8 February 2007 Claudio Balducelli.
Module 3 UNIT I " Copyright 2002, Information Spectrum, Inc. All Rights Reserved." INTRODUCTION TO RCM RCM TERMINOLOGY AND CONCEPTS.
The Islamic University of Gaza
CERN Safety Alarm Monitoring (CSAM) CERN Safety Alarm System Supervisory Board 6st meeting Luigi Scibile & CSAM project team.
Reliability Risk Assessment
1 Certification Chapter 14, Storey. 2 Topics  What is certification?  Various forms of certification  The process of system certification (the planning.
Software Engineering CSE470: Requirements Analysis 1 Requirements Analysis Defining the WHAT.
UGDIE PROJECT MEETING Bled September WP6 – Assessment and Evaluation Evaluation Planning  Draft Evaluation plan.
Vectus Ltd Copyright Page 1 Safety Process in Vectus ’ PRT Project Inge Alme: Safety Manager Jörgen Gustafsson: CTO.
SWE Introduction to Software Engineering
1 Risk evaluation Risk treatment. 2 Risk Management Process Risk Management Process.
Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO RISK IDENTIFICATION 2.
Tony Gould Quality Risk Management. 2 | PQ Workshop, Abu Dhabi | October 2010 Introduction Risk management is not new – we do it informally all the time.
Lucas Phillips Anurag Nanajipuram FAILURE MODE AND EFFECT ANALYSIS.
1 CMPT 275 Software Engineering Requirements Analysis Process Janice Regan,
Annex I: Methods & Tools prepared by some members of the ICH Q9 EWG for example only; not an official policy/guidance July 2006, slide 1 ICH Q9 QUALITY.
Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.
Codex Guidelines for the Application of HACCP
Software Project Management
Case 1: Optimum inspection and maintenance rates (wind turbine is available during inspection) Case 2: Optimum inspection and maintenance rates (wind turbine.
MethodGXP The Solution for the Confusion.
 Copyright © 2010 Pearson Education, Inc. Publishing as Prentice Hall Chapter 7 Quality and Innovation in Product and Process Design.
EE551 Real-Time Operating Systems
Process Safety Management
October 2009 Klaus Grensemann, Division WS 23 St. Petersburg 1 Development and Implementation of an Overall E-Navigation Strategy.
Information ITIL Technology Infrastructure Library ITIL.
Risk Management - the process of identifying and controlling hazards to protect the force.  It’s five steps represent a logical thought process from.
Guidance Notes on the Investigation of Marine Incidents
IRSN STRATEGY TO ASSESS A NEW MAINTENANCE POLICY / Nesebar, Bulgaria Presented by Naoëlle MATAHRI, IRSN.
WHAT IS SYSTEM SAFETY? The field of safety analysis in which systems are evaluated using a number of different techniques to improve safety. There are.
Safety-Critical Systems 6 Certification
Consolidation of access systems for the injector Complex ATOP days 4-6 March 2009 P. Ninin & R, Nunes in behalf of the PS and SPS access project teams…
CERN Safety Alarm Monitoring Presented by Luigi Scibile ST division / MO group.
Essentials of Machine Safety Standards in Perspective.
FAULT TREE ANALYSIS (FTA). QUANTITATIVE RISK ANALYSIS Some of the commonly used quantitative risk assessment methods are; 1.Fault tree analysis (FTA)
Are You Ready for an SIS? What to do before starting on your SIS…and after it’s installed March 24, 2009.
SIPI61508 Soft computing based qualitative method for determination of SILs István Ajtonyi 1 – László Ormos 2 1 University of Miskolc, Institute of Electric.
1 User’s perspectives on the management of Elements Important for Safety (EIS) AMMW - CERN Anne Funken, Marc Tavlet / BE-ASR-SU.
Safety-Critical Systems T Ilkka Herttua. Safety Context Diagram HUMANPROCESS SYSTEM - Hardware - Software - Operating Rules.
TS Workshop, Archamps, May 24 – May 26, 2005 The LHC Access System Status report – May 2005 P. Ninin & the Access project team TS/CSE.
Safety-Critical Systems 7 Summary T V - Lifecycle model System Acceptance System Integration & Test Module Integration & Test Requirements Analysis.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 9 Slide 1 Critical Systems Specification 1.
PLC Workshop at ITER, 4-5 th of December 2014 A. Nordt, ESS, Lund/Sweden.
Use of Fieldbus in safety related systems, an evaluation study of WorldFIP according to proven-in-use concept of IEC Jean Pierre Froidevaux WorldFIP.
Software Safety Case Why, what and how… Jon Arvid Børretzen.
Review of the operation scenarios and required manning of the activities P. Schnizer and L. Serio.
Product & Technology Quality. Excellence. Support SIL Explanation 27.JAN 2006 Automation & Safety.
Over View of CENELC Standards for Signalling Applications
Specific Safety Requirements on Safety Assessment and Safety Cases for Predisposal Management of Radioactive Waste – GSR Part 5.
RISK MANAGEMENT YULVI. Introduction Time Quality Cost Project Constraints Success Introduction.
Reliability Applied to KM3NET
Review of the operation scenarios and required manning of the activities P. Schnizer and L. Serio.
Attributes Availability Reliability Safety Confidentiality Integrity Maintainability Dependability Means Fault Prevention Fault Tolerance Fault Removal.
Overview PRINCE Hogeschool Rotterdam. 2 Project definition  A project is a temporary organization that is created for the purpose of delivering.
Safety Assessment: Safety Integrity Levels
Dillon: CSE470: ANALYSIS1 Requirements l Specify functionality »model objects and resources »model behavior l Specify data interfaces »type, quantity,
Failure Modes, Effects and Criticality Analysis
ON “SOFTWARE ENGINEERING” SUBJECT TOPIC “RISK ANALYSIS AND MANAGEMENT” MASTER OF COMPUTER APPLICATION (5th Semester) Presented by: ANOOP GANGWAR SRMSCET,
ISO17799 / BS ISO / BS Introduction Information security has always been a major challenge to most organizations. Computer infections.
Introduction to Safety Engineering for Safety-Critical Systems Seo Ryong Koo Dept. of Nuclear and Quantum Engineering KAIST Lab. Seminar.
Information ITIL Technology Infrastructure Library ITIL.
PRA: Validation versus Participation in Risk Analysis PRA as a Risk Informed Decision Making Tool Richard T. Banke– SAIC
Dependability Requirements of the LBDS and their Design Implications
ESET 419 Engineering Technology Capstone I
Software Engineering B.Tech Ii csE Sem-II
Quality Risk Management
BEAM LOSS MONITORS DEPENDABILITY
Safety Instrumented Systems
Unit I Module 3 - RCM Terminology and Concepts
Presentation transcript:

6 July 2000CSAM Team1 CERN Safety Alarm Monitoring Invitation to Tender Strategy CERN Safety Alarm System Supervisory Board 3st meeting CSAM project team

6 July 2000CSAM Team2Outline u IEC basics S. Grau ST/MO u CSAM Safety requirements F. Balda ST/AA, A. Chouvelon TIS/GS, S. Grau, ST/MO u Contract Strategy P. Ninin ST/MO

6 July 2000CSAM Team3 IEC basics u Functional safety  Analysis of your system that provides you a justified confidence on the delivered service u Functional safety of electrical / electronic / programmable electronic safety-related systems structured via a Safety Lifecycle

6 July 2000CSAM Team4 How should the system diagnose errors ? Which auto tests should be defined? What should be the maintenance politic ? Will the user know if some functions are not available ? How much time do we accept system down-time per year ? Can the system become dangerous in case of functional or transmission path failure ? Reliability study Maintainability study Security study Availability study IEC basics

6 July 2000CSAM Team5 u Safety Integrity Level (SIL)  Associated to a function and to the risk that the function is dealing with SIL 1 SIL 2 SIL 3 SIL 4 Non redundant architectures with PLCs Integrated control system for subways Equipment of Electrical Substations Sub-system of boiler safeties for thermal power plants IEC basics

6 July 2000CSAM Team6 Why should we use it ? u Objectives definition è Accessible, realistic è quantify + Domain of tolerance or variability u Specification of requirements è Functional, service quality, dysfunctional behavior u Anticipate degraded modes and control the risks u Justify confidence in the system è Based on: experience, expertise, forecast, methods and standards. IEC basics

6 July 2000CSAM Team7 AIMS OF THE SPECIFICATION: u Define a safety strategy both for the team and CSAM developers u Trace a path for a RAMS-validated system u Prepare specific requirements u Be consistent with IEC u Use validated risk analysis techniques CSAM Safety Requirements

6 July 2000CSAM Team8 Contents Safety Requirements Based on IEC Constraints Undesired Events Objectives Safety functions and SIL assignment Risk analysis strategy CSAM Safety Requirements

6 July 2000CSAM Team9 u Basic safety conditions that the system must satisfy in order to be approved u Example: “The system must be in operation 24 hours a day, 365 days per year” 1.- Safety Constraints CSAM Safety Requirements

6 July 2000CSAM Team10 u Any accident, simple or complex event that the system users or the community want to avoid u Example: “Total loss of the system” u ACTION:  Foresee consequences  Require a frequency to make the risk acceptable  ALARP model (As Low As Reasonably Practicable) 2.- Undesired Events CSAM Safety Requirements

6 July 2000CSAM Team11 The consequence on the process can be "Catastrophic " 1: Assign a "Consequence Category" Total loss of the system 2.- Undesired Events: technique CSAM Safety Requirements

6 July 2000CSAM Team12 The maximum allowed frequency is "Remote" 4: Individuate threshold for tolerable risk 3: Use the "Risk Matrix " 2: Define risk classes Risk is no more “Intolerable” 2.- Undesired Events: technique CSAM Safety Requirements

6 July 2000CSAM Team13 The "Required frequency" for the UE is "Improbable" or "Negligible" 6: Individuate the "Required frequency" 5: Individuate the "Maximum frequency" meaning Common use: Decrease the “Maximum frequency” of 1 or 2 orders of magnitude 2.- Undesired Events: technique CSAM Safety Requirements

6 July 2000CSAM Team14 > > u Risk = Frequency x Consequence u Individual risk and collective risk 2.- Undesired Events: Risk recall CSAM Safety Requirements

6 July 2000CSAM Team15 Frequency of the recorded events (LEP period): u Fire / small system(minor) ~5/an u Fire / installation (severe)~1/an u Fire / building (major)~2/5ans u Fire / experience (catastrophic)? u Fatalities (catastrophic)6/15ans u Injured (major) ~10/an 2.- Undesired Events: Statistics at CERN CSAM Safety Requirements

6 July 2000CSAM Team Undesired Events: Consequences Categories CSAM Safety Requirements

6 July 2000CSAM Team17 u Detailed conditions which the system is expected to cope with u Example: “Any Undesired Event or chain of events leading to a similar scenario should be characterised by a frequency of at least one or two orders of magnitude less than the one required for an acceptable risk” 3.- Safety Objectives CSAM Safety Requirements

6 July 2000CSAM Team Safety Functions CSAM Safety Requirements

6 July 2000CSAM Team SIL Assignment CSAM Safety Requirements

6 July 2000CSAM Team SIL Assignment CSAM Safety Requirements

6 July 2000CSAM Team21 Example Function 1: > Related Undesired Events (UE): UE-8: Safety actions failure UE Consequences category: Catastrophic Event likelihood: Frequent SIL assignment: SIL SIL Assignment CSAM Safety Requirements

6 July 2000CSAM Team22 Preliminary Risk Assessment (PRA) Risk Analysis Keep into account the Maintenance politics Objectives: Identify and locate the hazards Individuate the weak points Point out causes and consequences of hazards Find corrective measures if necessary Set special protection systems if necessary Methods: HazOp, FMECA, Qualitative Fault Trees Objectives: Quantify the probability of foreseen accidents Quantify the consequences Estimate the risk Quantify reliability and availability Validate the good working of the system Verify that constraints are respected Iterate the process if corrective actions have to be undertaken Methods: Fault Trees, Event Trees, Markov graphs, Petri nets 5.- Risk analysis strategy for CSAM developers CSAM Safety Requirements

6 July 2000CSAM Team23 u A series of precise requirements have been defined u Requirements are based on IEC and on widely used safety techniques u A risk analysis strategy has been outlined for CSAM developers u Worst foreseen accidents have been identified u Safety Integrity Levels have been assigned Summary CSAM Safety Requirements

6 July 2000CSAM Team24  Product satisfying functional safety criteria of Availability, Reliability, Maintainability, Security  Upgrade of existing safety alarm systems Modularity, Standardisation, Integration  Operational and Maintenance service on a “per-alarm” driven and controlled by system performance indicators  INB compliant The Strategic Objectives Contract Strategy

6 July 2000CSAM Team25 1 contract -> 3 Work Packages (WP) Contract Strategy

6 July 2000CSAM Team26 WP Breakdown based on IEC Work Packages Breakdown Contract Strategy

6 July 2000CSAM Team27 u ds The CSAM commercial strategy Contract Strategy

6 July 2000CSAM Team28 u WP1: Concept validated -> payment u WP2: Migration of all Safety Zones u Bonus/Malus according to quality & deadlines u WP3: u Bonus/Malus according to system performance Results Oriented Contract Contract Strategy

6 July 2000CSAM Team29 Cost based on the level of integration Alarm Integration Cost Contract Strategy

6 July 2000CSAM Team30 u How the application of functional safety and the Operational and maintenance service will guarantee optimal contract performance? u The functional safety fixes clear measurable results for the functioning of the system u The O&M service has to satisfy the same functional requirements u Therefore there is an optimum when System is well functioning and Minimum O&M effort is required The CSAM commercial strategy Contract Strategy

6 July 2000CSAM Team31 System is not functioning System is well functioning Two Losers: CERN and the Contractor Two Winners: CERN and the Contractor Decrease the performance Increase the O&M effort to make it functioning LOWER THE GAINImprove the performance Maintain the minimum O&M effort to keep it functioning INCREASE THE GAIN The CSAM commercial strategy Contract Strategy

6 July 2000CSAM Team32 u Ds u ds The Safety Alarm Monitoring Center The Local Safety Alarms Controller The CERN Safety Alarm Network The CSAM commercial strategy

6 July 2000CSAM Team33 u Documentation structure u Detailed description of the safety alarm requirements The Technical Specification structure Contract Strategy

6 July 2000CSAM Team34 u Final version sent for approval to all the concerned parties u Replies expected by the end of June u Last Revision Mid-July The CSAM User Requirements Contract Strategy

6 July 2000CSAM Team35 u 18 Firms replied to the MS u 10 Fully qualified u 8 visit planned to take place June/July u Three types of companies: u Nuclear u Petrol-chemical u Security (intrusion and access control, fire detection, etc.) Status of the Market Survey Contract Strategy

6 July 2000CSAM Team36 u Real Outsourcing u Safety Objectives -> Contract (System, O&M) -> Result Oriented Payment u IEC as a safeguard (design, operation, benchmark) u The contractor needs to control its environment ! u Others u Open question on the Safety networks ( added in the IT2694) u IT under ST revision process, out of CERN end of September Conclusions Contract Strategy

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.