Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fault Tree Analysis Pages Fault Tree Symbols and Logic

Published byBarbra Perkins Modified over 9 years ago

Similar presentations

Presentation on theme: "Fault Tree Analysis Pages Fault Tree Symbols and Logic"— Presentation transcript:

1 Fault Tree Analysis Pages 127 - 143 7.1 Fault Tree Symbols and Logic
7.2 Finding Cut Sets 7.3 Fault Tree Quantification 7.4 Example of a Fault Tree Construction of a Motor-pump Pressure System 7.5 Common Mistakes in Fault Trees

2 Fault Tree Analysis Used in both reliability engineering and system safety engineering Developed in 1961 for US ICBM program Guide published in 1981 Used in almost every engineering discipline Not a model of all system or component failures Page 127 1. Used in both reliability engineering and system safety engineering (More well known in reliability) 2. Developed in 1961 for US ICBM program 3. Guide published in 1981 Published by US Nuclear Regulatory Commission 4. Used in almost every engineering discipline From Mass Transit to commercial nuclear power plants Chemical process plants Oil drilling platforms NASA satellites Aircraft control centers Used to recreate events leading up to Challenger accident 5. Not a model of all system or component failures It is a model of particular system failure modes Can be events associated with any element that makes up the complete system

3 Applying Fault Tree Analysis
Postulate top event (fault) Branch down listing faults in the system that must occur for the top event to occur Consider sequential and parallel or combinations of faults Use Boolean algebra to quantify fault tree with event probabilities Determine probability of top event Page 1. Postulate top event (fault) 2. Branch down listing faults in the system that must occur for the top event to occur 3. Consider sequential and parallel or combinations of faults 4. Use Boolean algebra to quantify fault tree with event probabilities 5. Determine probability of top event

4 Fault Tree Logic Use logic gates to show how top event occurs
Higher gates are the outputs from lower gates in the tree Top event is output of all the input faults or events that occur Page 128 Use logic gates to show how top event occurs Higher gates are the outputs from lower gates in the tree Top event is output of all the input faults or events that occur

5 Terms Faults and failures System and subsystem faults
Primary and secondary failure Command fault Page 128 1. Faults - something does not perform the action you desire, even though it operates as designed Failures - something has broken 2. System faults - the top event of the fault tree Subsystem faults - component faults below top event 3. Primary failures - failure that occurs under normal operating and environmental conditions Secondary failure - failure outside of normal conditions 4. Command fault - occurs when a component performs as designed but produces the output signal at the wrong time

6 Fault Tree Symbols Primary Event Symbols Gate Symbols
Basic Event Conditioning Event Undeveloped Event External Event Primary Event Symbols Gate Symbols AND OR Exclusive OR Priority AND Inhibit Intermediate Event Symbol Transfer Symbols Transfer IN Transfer OUT

7 Fault Tree Symbols Primary Event Symbols Basic Event
Conditioning Event Undeveloped Event External Event

8 Fault Tree Symbols Gate Symbols AND OR Exclusive OR Priority AND
Inhibit

9 Fault Tree Symbols Intermediate Event Symbol Transfer Symbols
Transfer IN Transfer OUT

10 Union A B C A=B + C A=B Union C B OR C must occur for event A to occur
No Current Switch A Open Battery B 0 Volts A B C A=B + C A=B Union C B OR C must occur for event A to occur

11 Intersection D E F D=E * F D= E Intersection F E AND F must occur
Over-heated Wire 5mA Current in System Power Applied t >1ms D E F D=E * F D= E Intersection F E AND F must occur for D to occur

12 Fault Tree Quantification
Fault tree analysis - is not a quantitative analysis but can be quantified How to Draw fault tree and derive Boolean equations Generate probability estimates Assign estimates to events Combine probabilities to determine top event Fault tree analysis - is not a quantitative analysis but can be quantified How to Draw fault tree and derive Boolean equations and minimal cuts sets Generate probability estimates from failure data, human error estimation, maintenance frequency Assign probability estimates to events Use laws of probability to combine probabilities to determine top event

13 Fault Tree Example Motor Pump Relay K1 Relay K2 Pressure Tank
Outlet Valve Relay K1 Pressure Switch S Relay K2 Pressure Tank Switch S1 Timer Relay Motor Pump

14 Common Mistakes in Fault Trees
Inputs with small probabilities Passive components Does quantified tree make sense Don’t fault tree everything Careful with Boolean expressions Independent Vs dependent failure modes Ensure top event is high priority Don’t put too many inputs with small probabilities into gates Don’t spend too much time on passive components If results of quantified tree don’t make sense, don’t give them too much weight Don’t fault tree everything, too expensive Don’t treat Boolean algebra expressions as regular algebraic equations Look closely at failure modes to determine if they are independent or dependent. This is important in probability manipulations. Ensure top event is high priority

15 FMECA, Human Factors, and Software Safety
Pages 8.1 Failure Modes, Effects, and Criticality Analysis Conducting a Failure Modes & Effects Analysis Failure Modes, Effects, & Criticality Analysis 8.2 Human Factors Safety Analysis Performance and Human Error Human Factors Safety Analysis Brief example of human factors safety analysis 8.3 Software Safety Software Safety Analysis Software Testing and IV&V

16 Non-Safety Tools Failure Modes, Effects, and Criticality Analysis
Human Factors Analysis Software Safety Analysis Three types of analysis

17 FMEA Reliability engineering tool Originated in 1960s OSHA recognized
Limitation - failure does not have to occur for a hazard to be present in system Used to investigate how a particular failure can come about Page Reliability engineering tool Not a primary safety tool Originated in 1960s US missile program OSHA recognized Legitimate safety analysis tool Limitation - failure does not have to occur for a hazard to be present in system Used to investigate how a particular failure can come about

18 FMEA Process Define system & analysis scope Construct block diagrams
Assess each block for effect on system List ways that components can fail Assess failure effects for each failure mode Identify single point failures Determine corrective actions Document results on worksheet Define system & analysis scope Construct block diagrams - that indicate how different indenture levels are related Assess each block for effect on system - Ignore block if there is no effect on the system List ways that components can fail - modes Assess failure effects for each failure mode - assess worst credible case Identify single point failures - failure that could bring down entire system Determine corrective actions - prevent failure or mitigate effects Document results on worksheet - FMEA Review Table 8.1

19 System Breakdown Total System Subsystem 1 Subsystem 2 Subsystem 3
Assembly 1 a Assembly 1 b Assembly 1 c Subassembly 1c.1 Subassembly 1c.2 Subassembly 1c.3 Component 1c.3.1 Component 1c.3.2 Component 1c.3.3 Total System Part 1c.3.3.a Part 1c.3.3.b Part 1c.3.3.c

20 FMEA Worksheet Component #, name, function Failure modes Mission phase
Failure effects locally Failure propagation to the next level Single point failure Risk failure class Controls, recommendations Page 150 Component #, name, function Failure modes - describes how component can fail See next side for list Mission phase - indicates typical phase during mission life cycle such as installation, operation, maintenance, & repair Failure effects locally - failure mode effect on assembly Failure propagation to the next level - how failure affects other assemblies or total system Single point failure - designates failures that could shut down entire system Risk failure class - severity and probability of occurrence Controls, recommendations - eliminate or prevent failure, reduce effects

21 Failure Modes Premature operation Failure to operate on time
Intermittent operation Failure to cease operation on time Loss of output or failure during operation Degraded output or operational capability Unique failure conditions Review worksheet form on page 148 Component #, name, function Failure modes Premature operation Failure to operate on time Intermittent operation Failure to cease operation on time Loss of output or failure during operation Degraded output or operational capability Unique failure conditions Mission phase Failure effects locally Failure propagation to the next level Single point failure Risk failure class Controls, recommendations

22 Failure Modes, Effects, & Criticality Analysis
Virtually same as FMEA Identifies criticality of components Emphasizes probability of failure Criticality components Failure effect probability Failure mode ratio Part failure rate Operating time Page 151 Virtually same as FMEA Identifies criticality of components Emphasizes probability of failure Criticality components Failure effect probability - conditional probabilities that failure effect will result in the identified criticality classification, given the failure mode occurs Failure mode ratio - probability expressed as a decimal fraction that the part will fail in identified mode Part failure rate - failure rate of individual piece Operating time - amount of time in hours or the number of operating cycles per mission

23 Human Factors Safety Analysis
Many different techniques Human element must be considered in engineering design The merging of three fields: Human factors Ergonomics Human reliability Page 151 70 to 90% of system failures are due to human error Many different techniques including (1) confusion matrix (2) expert estimation (3) THERP (4) HEART (5) SLIM-MAUD (6) human cognitive reliability model (7) operator action tree (8) sociotechnical assessment of human reliability Human element must be considered in engineering design A normal tendency to forget that people are a integral part of a system HF Safety Analysis is the merging of: Human factors How people act and react Ergonomics Designing equipment that helps people do their jobs better Human reliability Make the system more reliable in spite of the human element HF Safety Analysis - the study of human activities associated with the interfaces among people, machines, and the operating environment

24 Performance & Human Error
Why do people make mistakes? Combination of causes - internal/external Performance shaping factors (factors that influence how people act) External PSF Internal PSF Stressor PSF Page 153 Why do people make mistakes? Combination of causes - internal/external Causes are within individual (knowledge, lack of training, etc.) External to individual (environment) Performance shaping factors (factors that influence how people act) External PSF - Conditions that individual encounters Work environment Equipment design Written and oral instructions Internal PSF - factors related to previous training and experience State of current skill Personality and motivation Emotional state Physical condition Stressor PSF - Positive or negative stress affecting performance Physiological - fatigue, pain, hunger, temp extremes, pressure, vibration Psychological - task speed & load, boring, repetition, distractions

25 Human Error Out of tolerance action within human/machine system
Mismatch of task and person Significant contributor to many accidents False assumptions Human error is inevitable People are careless More complex systems must be less dependent on how well people operate them Page 154 Out of tolerance action within human/machine system Mismatch of task and person Training is often used when redesigning the system may solve problem Human errors are significant contributors to many accidents if not the cause Understanding how people act and react to PSFs can help in designing systems more tolerant to human error Assumptions Human error is inevitable People are careless More complex systems must be engineered to be less dependent on how well people operate them

26 Human Error Categories
Omission - leaving out a task Commission Selection error Error of sequence Time error Qualitative error Page Omission - leaving out a task, forgetting to do something Commission - committing improper action Selection error Selecting wrong control Mispositioning control Issuing wrong command Error of sequence - not performing tasks in proper sequence Time error - task done too early or too late Qualitative error - too much or too little

27 HF Safety Analysis The Process
Describe system goals and functions List & analyze related human operations Analyze human errors Screen errors & select Quantify errors & affect on system Recommend changes to reduce impact of human error Page Describe system goals and functions - Understand where people fit into the system goals and functions System functions that may be influenced by human error Focus on hazards identified in in other system safety analyses List & analyze related human operations - use TASK ANALYSIS Look at how work is performed and aids required to support performance List human operations involved in situations from step 1 that create hazards Analyze human errors - Study relevant human elements in tasks and their potential for human error How can task fail? What errors can occur? How can system recover? Document on tabular form Screen errors & select - Which ones are worthy of quantifying? Pick out human errors and tasks that have significant consequences Quantify errors & affect on system - Which errors have largest impact on the safety of the system Recommend changes to reduce impact of human error - Reduce likelihood that error will occur Reduce severity of effect Strong point: human-machine interface is studied comprehensively Review Brief example on pages

28 Software Safety Newest member of system safety field
Software controls millions of systems Treat software like any system component Determine the hazards If software is involved in hazard - deal with it Common tools Software Hazard Analysis Software Fault Tree Analysis Software Failure Modes & Effects Page Newest member of system safety field Software controls millions of systems Computers and micro processors are being used for everything Treat software like any system component Determine the hazards If software is involved in hazard - deal with it Common tools Software Hazard Analysis Software Fault Tree Analysis Software Failure Modes & Effects These tools are a good start but insufficient if used alone

29 Software Facts Software is not a hazard Software doesn’t fail
Health monitoring of software only assures it performs as intended Every line of code cannot be reviewed Fault tolerant is not the same as safe Shutting down a computer may aggravate a an already dangerous situation Page 161 Software is not a hazard Support or mitigates hazardous situation Software doesn’t fail Cannot break but can get stuck in a loop Health monitoring of software only assures it performs as intended Does not assure system is safe Every line of code cannot be reviewed To costly and time consuming Fault tolerant is not the same as safe Fault tolerant is good if the resulting fault would create a hazard If not, it does not add to system safety Shutting down a computer may aggravate a an already dangerous situation Complex system sometime require complex backout procedures

30 Software Safety Analysis (SSA) Flow Process
Software Requirements Development Top-level System Hazards Analysis Detailed Design Hazard Analysis Code Hazard Analysis Software Safety Testing Software User Interface Analysis Software Change Analysis Page Software safety program must be integral part of system safety program Software engineers must work closely with other system and hardware engr Develop software safety requirements at same time as other software requirements Software Requirements Development - Early in system’s requirements phase - identify commands that could create hazard Top-level System Hazards Analysis - Safety critical software identified - each functional module evaluated for hazards Detailed Design Hazard Analysis - Software analysis performed at level of databases, files, and algorithms Code hazard Analysis - Safety-critical subsystem modules analyzed at code level Software Safety Testing - Identified software tested to verify correct operation Software User Interface Analysis - Ties human (& other hardware) together with software. Can an operator interpret what the software is saying? Software Change Analysis - Verify that changes do not invalidate hazard controls

31 SSA Required when software is used to: Identify a hazard
Control a hazard Verify a control is in place Provide safety-critical information or safety related system status Recovery from a hazardous condition Page 163 Decide whether there are any software controls in subsystems that have potentially hazardous situations Required when software is used to: Identify a hazard - If software monitors for hazards then failure could allow an undetected hazardous situation to arise, analyze it Control a hazard - If software does not operate as planned and a hazard is no longer controlled, analyze it Verify a control is in place - If software monitors and indicates whether a control is viable, analyze it Provide safety-critical information or safety related system status - If software detects safety-critical system fault or failure, analyze it Recovery from a hazardous condition - If software assists system to recover form a hazardous situation, analyze it

32 Safety Tool Categories
Software safety requirements analysis Flowdown analysis Criticality analysis Architectural design analysis Detailed design analysis Soft tree analysis Petri-Net Code analysis Page Software safety requirements analysis Flowdown analysis - verify proper safety requirements have been communicated to appropriate parties (correct, consistent, complete) Criticality analysis - identify program requirements that affect safety Safety-critical requirements are tracked through entire software development process Architectural design analysis - analyze the software architectural module design & identify what hazards are in the system System level hazards identified Detailed design analysis Soft tree analysis - starts with top-level fault and works down Identify events that make the top event occur Petri-Net - Mathematical model describing system in graphical symbols Maps the dynamic process as the system transitions from one state to another. Consider timing issues in sequencing. Code analysis - verifies that the coded program actually accomplishes what it is designed to

33 Software Testing Software testing System safety testing
Software changes IV &V organization Page 166 Software testing Assures that software meets all specifications System safety testing Verifies that all safety aspects have been identified and dispositioned Software changes All changes must be analyzed to ensure there are no new hazards and ensure other hazard controls are not rendered invalid IV &V organization Independent Verification & Validation Activity that verifies and validates but is not ensure software systems are safe

34 Other Techniques Pages 169 - 176 9.1 MORT
9.2 Energy Trace Barrier Analysis 9.3 Sneak Circuit Analysis 9.4 Cause-Consequence Analysis 9.5 Dispersion Modeling 9.6 Test Safety 9.7 Comparing the various techniques Advantages and Disadvantages Other commonly used analyses System safety Society documented 90 safety methodologies

35 MORT Qualitative tool used in 1970s
Merges safety mgt & safety engineering Analyses mgt policy in relation to RA and hazard analysis process Uses a predefined graphical tree Analyze from top event down Too large and doesn’t tailor well to smaller problem Page Qualitative tool used in 1970s Fallen into disuse More commonly used for accident investigations Merges safety management & safety engineering Analyze and identify the relationships among plant operations and management organizations Analyses management policy in relation to risk assessment (RA) and hazard analysis process Uses a predefined graphical tree Similar to fault tree Analyze from top event down Determine what oversights and omissions were in place to that caused the accident Too large and doesn’t tailor well to smaller problem 98 generic problems 1500 basic events Takes time to learn

36 Energy Trace Barrier Analysis (ETBA)
Qualitative tool for hazard analysis Developed as part of MORT Traces energy flow into, through, & out of system Four typical energy sources Energy transfer points & barriers analyzed Advantages Page 170 Qualitative tool for hazard analysis ETBA hazards are energy sources that adversely affect unprotected or vulnerable target Developed as part of MORT Traces energy flow into, through, & out of system Follow energy path to determine if adequate controls are in place to assure that there is no undesired energy release Four typical energy sources Electrical, Mechanical, Chemical, Radiation Energy transfer points & barriers analyzed Barrier -- keeps energy from being released in undesired fashion Gloves, pressure container walls, insulated wires and boxes Advantages Perform anytime in life cycle, inexpensive, fast

37 ETBA Procedure Examine system / identify energy sources
Trace each energy source through system Identify vulnerable targets to energy Identify all barriers in energy path Determine if controls are adequate Page 170 Examine system / identify energy sources Trace each energy source through system Identify vulnerable targets to energy Identify all barriers in energy path Determine if controls are adequate

38 Sneak Circuit Analysis
Standardized by Boeing in 1967 Formal analysis of all paths that a process could take Find sneak paths, timing, or procedures that could yield an undesired effect Review engineer drawings, translate, & identify patterns Disadvantages Page Standardized by Boeing in 1967 Formal analysis of all paths that a process could take Most common process is electrical circuits, can use on process flow Find sneak paths, timing, or procedures that could yield an undesired effect Sneak is a latent path found in systems that are not operated frequently Example is automated inverter circuitry on aircraft, only operated when fault occurs which is very seldom, switches power from primary to secondary or auxiliary inverter Review engineer drawings, translate, & identify patterns Review engineer drawings Translate the system drawings into topological patterns describing circuits Five basic patterns identified Set of questions or clues are applied to each node to identify sneak paths Disadvantages Use complex computer codes Expensive Only cost effective on subsystems that are safety-critical

39 Cause-Consequence Analysis
Uses symbolic logic trees Determine accident or failure scenario that challenges the system Develop a bottom-up analysis Failure probabilities calculated Consequences identified from top event Consequence may have variety of outcomes Page Uses symbolic logic trees Similar to fault tree Determine accident or failure scenario that challenges the system Develop a bottom-up analysis Failure probabilities calculated Incorporated into each step of analysis Consequences identified from top event Consequence may have variety of outcomes Different outcomes may represent incremental levels of failure or success

40 Dispersion Modeling Quantitative tool for environmental and system safety engineering Used in chemical process plants, can determine seriousness of chemical release Internationally recognized model - CAMEO Features of the system Advantages Page 172 Quantitative tool for environmental and system safety engineering Used in chemical process plants, can determine seriousness of chemical release Internationally recognized model - CAMEO Computer-Aided Management of Emergency Operations Features of the system Hazardous chemical database Facility Information database Chemical inventory database Hazard analysis functions Incident reporting database Population information database Transportation database Shipper information Advantages Does not have to look at unlikely worst-case scenarios

41 Test Safety Not an analysis technique
Assures safe environment during testing Must integrate system safety process into test process Three layers of test environment Safety analysis needed at each level Test readiness review Page Not an analysis technique Assures safe environment during testing Testing of systems and prototypes Program developed for research and development oriented organizations Must integrate system safety process into test process Three layers of test environment Test facility Test bed Test article Safety analysis needed at each level Test facility - conducted with facility hazard analysis Test bed - hazard analysis used to determine if safe Test article - item to be tested Test readiness review Test preparations reviewed by test engineers and conductors Safety analysis review completed

42 Comparing Techniques Complex Vs simple
Apply to different phases of system life cycle Quantitative Vs qualitative Expense Time and personnel requirements Some are more accepted in certain industries Page Complex Vs simple More complex is not necessarily better Apply to different phases of system life cycle Quantitative Vs qualitative Expense Cost to implement Time and personnel requirements Time and personnel are limitations to consider Some are more accepted in certain industries Some analyses are more suited to certain industries Multiple techniques may be used All analysis techniques have their advantages and disadvantages

43 Selecting A Technique All techniques are good analyses
Consider advantages and disadvantages Select technique most suited to the problem, industry, or desired outcome Ask yourself a few questions What’s the purpose? What is the desired result? Does it fit your company and achieve goals? What are your resources and time available? Page All techniques are good analyses Consider advantages and disadvantages Review Table 9.1 page 174 Select technique most suited to the problem, industry, or desired outcome Compare characteristics of each technique Ask yourself a few questions See Table 9.1, page What’s the purpose? What is the desired result? Does it fit your company and achieve goals? What are your resources and time available?

44 Data Sources and Training
Pages 10.1 Government Data Banks 10.2 Industry Data Banks 10.3 Creating Your Own Data Bank 10.4 Safety Training Employee Training Emergency Preparedness and Response Training Personnel Certification for Hazardous Operations Sample Safety Training Course Outline for a Microprocessor Production Plan 10.5 Safety Awareness

45 Data Reliability Start with company historical data
Analyses only as good as the data that is used Caution about misunderstanding data Quantifiable data is not always the best Always cite sources and assumptions Page Start with company historical data Provides data on similar systems Consult past accidents, near-misses, trend analyses, engineer reports Analysis only as good as data that goes in Obtain government, industry, and international standards Caution about misunderstanding data Can lead to faulty analyses Quantifiable data is not always the best Number crunching determined that the NASA mission to the moon was too high a risk Always cite sources and assumptions

46 Data Limits Most failure data is generic
Break large items into smaller parts Data may not consider environmental changes Use expert judgement to convert generic data into realistic values Page Most failure data is generic The generic data must be manipulated to consider system and environment Break large items into smaller parts Data may only be available for the smaller components of the system Data may not consider environmental changes Failure rates may change due to environmental changes (temp extremes, humidity, etc.) Use expert judgment to convert generic data into realistic values Consult experts to change generic data into a usable form

47 Government Data Banks Government Printing Office
Books from DoD, NASA, EPA, & OSHA Government-Industry Data Exchange Program Army, Navy, FAA, Dept of Labor, Dept of Energy, National institute of Standards and Technology Databases of other countries Page Government Printing Office Books from DoD, NASA, EPA, & OSHA Government-Industry Data Exchange Program Army, Navy, FAA, Dept of Labor, Dept of Energy, National Institute of Standards and Technology Databases of other countries Atomic Energy Commission of UK has systems reliability data bank

48 Industry Data Banks Corporations Insurance companies
Electronics Industries Associations Consumer Product Commission System Safety Society Material Safety Data Sheets Page 183 Corporations Data may be releasable for the asking Insurance companies Always concerned with risk Electronics Industries Associations Consumer Product Commission System Safety Society On the internet Material Safety Data Sheets Great source of data on chemicals and hazards

49 Creating Your Own Databank
Collect data on system Design Assessments Hazard identification Compliance verification Make the data easily accessible and consolidated in one place Computers and new software make collection easier Pages Collect data on system Design Assessments Hazard identification Compliance verification Make the data easily accessible and consolidated in one place Computers and new software make collection easier

50 Data Bank Systems Info System Safety Data Hazardous materials MSDS
System design info Safety critical systems Best design practices Testing history Failure history Safety analyses Accident histories Safety Standards Identified hazards Causes of hazards Proven hazard controls Hazard consequences Hazard tracking system

51 Safety Training Twofold approach Types of training Employee training
Emergency response Types of training Initial training Refresher training New training for changes Page Twofold approach Employee training - concerning everyday hazards Emergency response - how to respond appropriately Types of training Initial training Refresher training New training for changes

52 Employee Training Training needs assessment Purpose of training
Assess current operations Review hazard analysis data Develop and implement training Record training Page 186 Training needs assessment Analyze needs to use scarce dollars wisely Purpose of training Know what it is that you are trying to achieve Don’t train for the sake of training Assess current operations Look at how the employees are currently working Review hazard analysis data Know the hazards and tailor training to prevent hazardous situations Develop and implement training Develop the program within the budget Get the greatest bang for the buck Record training Keep records on training Who, when, subjects covered, make up Review Table Training Course Outline

53 Emergency Preparedness and Response Training
Train all personnel affected by possible emergency Training subjects Evacuation procedures Shutdown of equipment Firefighting and first aid Crowd control and panic prevention Conduct exercises Page 187 Train all personnel affected by possible emergency Training subjects Evacuation procedures Shutdown of equipment Firefighting and first aid Crowd control and panic prevention Conduct exercises Full dress rehearsal may be too expensive and time consuming Consider table top exercises Discuss best response techniques Conduct after action review Update plans Document rehearsals

54 Certification for Hazardous Operations
Determine personnel that require training Certification program elements Certification examination Physical examination Classroom and hands-on training Test of safe working practices Recertification schedule Page 188 Determine personnel that require training High-voltage electricians Welders Power tools operators Heavy equipment operators and riggers Aerial basket and truck platform operators Boiler plant operators Certification program elements Certification examination - comprehensive and minimum score required Physical examination Blood pathologin base lines Physically capable of operating in environment Classroom and hands-on training Conduct as necessary Test of safe working practices - general knowledge, hazard reporting procedures Recertification schedule

55 Safety Awareness Highlight safety in organization Positive incentives
Establish safety representatives in each area Conduct meetings to discuss safety program Safety reps should be trained in workplace safety inspections and program monitoring Pages Highlight safety in organization Posters Newsletters Workshops Safety awareness days Positive incentives Negative responses to accidents only stifle reporting Establish safety representatives in each area Each process should have a representative to act as the eyes and ears of the program Conduct meetings to discuss safety program Conduct at specific intervals and after accidents Safety reps should be trained in workplace safety inspections and program monitoring

56 Accident Reporting, Investigation, and Documentation
11.1 Reporting the Accident Setting up a Closed Loop Reporting system Example of an Automated System 11.2 Forming an investigation Board Selecting the Investigation Board Conducting the Investigation Investigation Report 11.3 Documenting the Accident Retention of Records Public Release of Information Accident investigations allow us to learn from our mistakes if conducted properly and recommendations are implemented

57 Reporting the Accident
Accident reporting without retribution Posting of reportable accidents New-employee briefing Management involvement Page 192 Accident reporting without retribution Accidents will not be reported if employees are concerned about loosing their job - leads to hidden incidents Posting of reportable accidents OSHA requirement to post accidents New-employee briefing Accident reporting - forms Hazards in their area Purpose of investigations - determine cause and effect to prevent future accidents Management involvement Reaction to how accident is handled may increase or decrease moral Positive - key to establishing & maintaining a safety culture Negative - Can destroy the trust that employees have in the management

58 Setting Up a Closed-Loop Reporting System
Pre-accident plan Report within 24 hours Pass data up the chain Initiate board Capture perishable information Investigate all accidents Page 192 Pre-accident plan All employees know what to do and who must be notified Report within 24 hours Pass data up the chain - decisions made at appropriate level Initiate board - contact board president, discuss place & time, notify other board members Capture perishable information - Interviews, photos of site conditions, wreckage distribution Investigate all accidents Small accidents or incidents may be indicators of a larger problem Investigator may be a safety manager

59 Forming a Board Company policy Selecting the Board members
Accident classification Standing list of board candidates Selecting the Board members Various backgrounds Voting members and advisors Board responsibilities Pages Company policy Accident classification - severity and cost Establish company policy on who investigates Establish who takes the outbrief Standing list of board candidates Have a list of potential members that are the experts in different disciplines Selecting the Board members Various backgrounds - design, engineering, management, operations Voting members and advisors Primary board members vote during deliberations Advisors are called in for a specific expertise and may summarize their technical findings t be included in the report Board responsibilities Investigate Complete written report Develop conclusions Develop recommendations

60 Conducting the Investigation
Preparing for investigation Gathering evidence and information Analyzing the data Discussion of analysis and conclusions Recommendations Pages Preparing for investigation - after notification 7 classification Board chairperson assigns duties and requests special technical support Impound necessary records Personnel; Equipment; Operations; Management; Safety. Board meeting times established to cross-level information Establish security of accident site Gathering evidence and information Gather and protect evidence from the site - bag, tag, label Create grid map and photo graph scene before moving evidence Attain records concerning engineering drawings, t est reports, maintenance reports, quality control logs, lab reports, design specs, reliability and system design analyses Witness interviews Analyzing the data - develop actual sequence of events, create fault tree, accident simulation Discussion of analysis and conclusions - site substantiating evidence Recommendations - the actions required to prevent future accidents

61 Investigation Report Abstract of report Summary of F & R
Procedure used Background Sequence of events Analysis methodology Analysis results Conclusions Detailed F & R Minority reports Appendixes Page Abstract of report - executive summary may precede or be in lieu of Summary of F & R - shortened version (tracking) Procedure used - investigative technique Background and Inter - the mission or operation being performed Sequence of events - the history of the accident Analysis methodology - techniques and methods used Analysis results - Army Accident reports - the narrative contains the history (events prior to the accident, the accident, and the response), human factors (personnel background and data), materiel factors (materiel failures or design problems), and the analysis Conclusions - what and why it happened based on evidence Detailed F & R Minority reports - if one or more members strongly disagree with the findings a minority report may be filed stating the disagreement and the reasons why Appendixes - Lab reports, photos, interview summaries, maint & opns records, weather reports, etc.

62 Accident Documentation
Investigation Report Retained with supporting documents Corrective action implemented Available for future safety analysis Retain the records Public release of information Pages Investigation Report Retained with supporting documents Corrective action implemented Recommendation Tracking System Available for future safety analysis Retain the records Scan onto CD or other storage means and record accident data on data base Public release of information Leave it to the public affairs office Chairperson gives appropriate data to avoid impression of hiding something

63 Risk Assessment Pages 201 - 209 12.1 What is risk?
12.2 Risk Perception 12.3 Risk Assessment Methodology 12.4 Identifying Risk in a System 12.5 Risk Communication Risk is being studied by many diverse professions Engineers, sociologists, psychologists, biologists, chemists, medical doctors, economists, environmentalists Government concerned about how people react to risk

64 What is Risk? Severity of consequences of an accident times the probability of occurrence Risk perception may vary from actual risk Risk: realization of unwanted, negative consequences of an event (Rowe) Risk: summation of three elements Event scenario Probability of occurrence Consequence Pages Severity of consequences of an accident times the probability of occurrence Goes far beyond this basic approach Risk perception may vary from actual risk Perception changes with voluntary Vs forced risk Can be based on control that individual believes he has to avert an event Passenger in an airplane Vs driving a car Perception is reality and can drive policy Nuclear power plants Risk: realization of unwanted, negative consequences of an event (Rowe) Risk aversion is action taken to control risk Risk: summation of three elements Event scenario - description of event Probability of occurrence - likelihood it will occur Consequence - severity of the event

65 Risk Perception Factors concerning perception of risk
Voluntary Vs nonvoluntary Chronic Vs catastrophic Dreaded Vs common Fatal Vs nonfatal Known Vs unknown risk Immediate or delayed danger Control over technology Pages Factors concerning perception of risk Voluntary Vs nonvoluntary Higher risk if forced into event Chronic Vs catastrophic Risk perceived as higher if larger numbers of personnel die in event Dreaded Vs common Dreaded or feared event is perceived as higher risk rather than a more common event Fatal Vs nonfatal Risk is perceived as higher if event is considered fatal Known Vs unknown risk Risk perceived as higher if exposed without their knowledge Immediate or delayed danger Risk perceived as higher if danger is immediate rather than delayed over time Control over technology Risk perceived as lower if individual is in control of technology rather than someone else The newer the riskier - perception

66 Risk Assessment Methodology
Formal process of calculating risk and making a decision on how to react 1 Define objectives 2 Define system 3 Develop scenarios 4 Develop event trees 5 Quantify scenarios 6 Consequences 7 Risk evaluation 8 Risk management

67 Risk Assessment Methodology
Define Objectives System Develop Event Trees Scenarios Quantify Consequences Determination Risk Management Evaluation Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8

68 Identifying Risk in a System
Risk identified through analysis techniques Use several techniques Construct fault tree Use analysis tools to focus on which component is the trigger Pages Risk identified through analysis techniques Use techniques from chapters to analysis system Use several techniques Several techniques produce a better and more thorough analysis Construct fault tree Display relationships and quantify failures and risk Use analysis tools to focus on which component is the trigger FMEA Sneak circuit analysis Cause-consequence analysis Dispersion modeling

69 Risk Communication Communicating with public
Acknowledge the community Do not imply irrationality or ignorance Methods to promote communication Community participation Approach “group” appropriately Consultation with community Involve community in negotiations Be open with information Pages Communicating with public Acknowledge the community Importance and the power it wields Do not imply irrationality or ignorance Inform and instruct, hear the concerns Methods to promote communication Community participation - study, measure, and discuss issue with public Approach “group” appropriately - community, government, industry Consultation with community - required as part of process Involve community in negotiations - hear and respond to concerns Be open with information - allow independent assessment

70 Risk Evaluation Pages 13.1 A Probabilistic Approach 13.2 A Risk Analysis Model Developing Accident Scenarios and Initiating Events Event Trees Consequences Determination Uncertainty Risk Evaluation - The Use of Risk Profiles 13.3 Calculating Safety Costs 13.4 Brief Example: Risk Assessment of Launching a Space Shuttle Payload Risk assessment provides a means to rate and rank hazards and then use the info to decide whether changes should be made and what they should be Risk evaluation is taking the info and using it to make decisions

71 A Probabilistic Approach
Quantifying risk through probability of failure Hard to quantify probability of some events Understand the data, the sources, & the limitations Follow rules of probability Page 212 Quantifying risk through probability of failure Probabilities of equipment failure or human error Hard to quantify probability of some events “Pseudo-quantification” can be used through a hazard risk index Understand the data, the sources, & the limitations Fully understand the data and make adjustment for other factors such as environment, operations, etc Follow rules of probability Follow probability theory in manipulating data

72 Risk Analysis Model Developing accident scenarios & initiating event
Event Trees Consequences determination Uncertainty Risk evaluation - Risk profiles Pages Developing accident scenarios & initiating event Initiating or “trigger” event is that event that causes a departure from the normal operations (creates hazard scenario) Developing good scenarios is crucial to success Use preliminary hazard list Technique must be comprehensive in identifying hazards and causes Use fault trees to lay out sequence of events Event Trees - create tree from data SEE Fig 13.1 Study initiating events Review system to identify barriers that could prevent or mitigate event Determine probability of barrier failure Event tree may include: initiating event, barriers, damage states, and consequences Consequences determination - what happens if failure occurs Uncertainty - always some error in probability estimations Use classical statistics and through probabilistic methods Risk evaluation - Risk profiles Visual representation of event tree consequence determination Helps identify which scenarios to modify

73 Calculating Safety Costs
Tracking data costs System downtime (lost productivity) Equipment damage and replacement Accident clean-up Personnel injuries and death Expected value Cost-benefit analysis Pages Tracking data costs Costs used to calculate direct and indirect costs of accident System downtime (lost productivity) Equipment damage and replacement Accident clean-up Personnel injuries and death Medical, workman’s compensation, lawsuits Increased insurance costs Expected value Uses economics management theory Cost-benefit analysis Present value of costs of injury and death with costs of equipment damage

Download ppt "Fault Tree Analysis Pages Fault Tree Symbols and Logic"

Similar presentations

Museum Presentation Intermuseum Conservation Association.

Museum Presentation Intermuseum Conservation Association.
Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.

Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.
PROJECT RISK MANAGEMENT

PROJECT RISK MANAGEMENT
Integration of Quality Into Accident Investigation Processes ASQ Columbia Basin Section 614 John Cornelison January 2008.

Integration of Quality Into Accident Investigation Processes ASQ Columbia Basin Section 614 John Cornelison January 2008.
Modern Techniques of Accident Investigation C.Jayasuriya, S.V.Karthikeyan and S.E.Kannan IGCARKalpakkam.

Modern Techniques of Accident Investigation C.Jayasuriya, S.V.Karthikeyan and S.E.Kannan IGCARKalpakkam.
Reliability Risk Assessment

Reliability Risk Assessment
Projmgmt-1/33 DePaul University Project Management I - Risk Management Instructor: David A. Lash.

Projmgmt-1/33 DePaul University Project Management I - Risk Management Instructor: David A. Lash.
Overview Lesson 10,11 - Software Quality Assurance

Overview Lesson 10,11 - Software Quality Assurance
Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO RISK IDENTIFICATION 2.

Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO RISK IDENTIFICATION 2.
Bureau of Workers’ Comp PA Training for Health & Safety (PATHS)

Bureau of Workers’ Comp PA Training for Health & Safety (PATHS)
Annex I: Methods & Tools prepared by some members of the ICH Q9 EWG for example only; not an official policy/guidance July 2006, slide 1 ICH Q9 QUALITY.

Annex I: Methods & Tools prepared by some members of the ICH Q9 EWG for example only; not an official policy/guidance July 2006, slide 1 ICH Q9 QUALITY.
What is Fault Tree Analysis?

What is Fault Tree Analysis?
Basics of Fault Tree and Event Tree Analysis Supplement to Fire Hazard Assessment for Nuclear Engineering Professionals Icove and Ruggles (2011) Funded.

Basics of Fault Tree and Event Tree Analysis Supplement to Fire Hazard Assessment for Nuclear Engineering Professionals Icove and Ruggles (2011) Funded.
Presented by Dorian S. Conger Conger-Elsea, Inc. 2000 Riveredge Parkway, Suite 740 Atlanta, GA 30328 800-875-8709 phone 770-926-8305 fax

Presented by Dorian S. Conger Conger-Elsea, Inc Riveredge Parkway, Suite 740 Atlanta, GA phone fax
What is Business Analysis Planning & Monitoring?

What is Business Analysis Planning & Monitoring?
Introduction to Information System Development.

Introduction to Information System Development.
Incident Reporting Procedure

Incident Reporting Procedure
S/W Project Management

S/W Project Management
Quality in Product and Process Design Pertemuan 13-14

Quality in Product and Process Design Pertemuan 13-14
Risk Management - the process of identifying and controlling hazards to protect the force.  It’s five steps represent a logical thought process from.

Risk Management - the process of identifying and controlling hazards to protect the force.  It’s five steps represent a logical thought process from.

Similar presentations

Ads by Google