• International Journal of Naval Architecture and Ocean Engineering
• /
• v.8 no.3
• /
• pp.262-276
• /
• 2016

Generally, the Safety Integrity Level (SIL) of a subsea Blowout Preventer (BOP) is evaluated by determining the Probability of Failure on Demand (PFD), a low demand mode evaluation indicator. However, some SIL results are above the PFD's effective area despite the subsea BOP's demand rate being within the PFD's effective range. Determining a Hazardous Event Frequency (HEF) that can cover all demand rates could be useful when establishing the effective BOP SIL. This study focused on subsea BOP functions that follow guideline 070 of the Norwegian Oil and Gas. Events that control subsea well kicks are defined. The HEF of each BOP function is analyzed and compared with the PFD by investigating the frequency for each event and the demand rate for the components. In addition, risk control options related to PFD and HEF improvements are compared, and the effectiveness of HEF as a SIL verification for subsea BOP is assessed.

• Proceedings of the KIEE Conference
• /
• 2007.07a
• /
• pp.1934-1935
• /
• 2007

본 논문은 원자력발전소 안전계통인 비상전원 공급용 디젤발전기의 여자시스템에 대해서 신뢰성 불럭선도를 이용하여 시스템을 모델링하고, 신뢰성 분석을 수행하고 그 결과 기동요구시 실패확률을 산출하는 방법과 결과를 기술하였다. 비상디젤발 전기 여자시스템을 구성하는 모든 부품의 고장률을 Telcordia SR-332 기준서의 부품수 방법을 이용하여 분석하고 FMEA (Failure Mode Effect Analysis)를 수행하며 IEC 61508에서 제시하고 있는 기동요구 시 실패확률(Probability of Failure on Demand, PFD)을 산출하였다.

• IE interfaces
• /
• v.25 no.4
• /
• pp.422-430
• /
• 2012

In this article, we introduced the estimation method by 'Safety Integrity Level'(SIL) for the criterion of safety assurance and performed a case study on a flame scanner. SIL requires probabilistic evaluation of each set of equipment used to reduce risk in a safety related system. FMEDA(Failure Modes, Effects and Diagnostic Analysis) method is widely used to evaluate the safety levels and provides information on the failure rates and failure mode distributions necessary to calculate a diagnostic coverage factor for a part or a component. Basically, two parameters resulting from FMEDA are used for SIL classification of the device : SFF(Safe Failure Fraction) and PFD(Probability of Failure on Demand). In this case study, it is concluded that the flame scanner is designed to fulfill the condition of SIL 3 in the aspect of SFF and PFD.

• Journal of Applied Reliability
• /
• v.16 no.3
• /
• pp.231-237
• /
• 2016

Purpose: It is not easy to suggest a quantitative data related to safety analysis. The objective of this paper is to propose a method of Safety Integrity Level (SIL) analysis and to suggest a SIL analysis result for single station controller in nuclear power plant based on IEC 61508. Methods: The Failure Modes and Effects Diagnostic Analysis (FMEDA) and average probability of failure on demand (PFD) are used for SIL assessment. Results: A SIL of single station controller is evaluated 4 by a reliability analysis results and PFD. Conclusion: A SIL analysis method and result for single station controller based on IEC 61508 are proposed in this paper. It can applicable for a manufacturer data in safety-related system.

• IE interfaces
• /
• v.25 no.4
• /
• pp.405-415
• /
• 2012

The reliability performance measures for low and high or continuous demand modes of operation of safety instrumented systems(SISs) are examined and compared by analyzing the official definitions in IEC 61508 standard. This paper also presents a status of common cause factor(CCF) models used in IEC 61508 and problems relating CCF modelling are discussed and ideas to solve these ones are suggested. An example with mixed M-out-of-N architecture is carried out to illustrate the proposed methods.

• Fire Science and Engineering
• /
• v.17 no.4
• /
• pp.76-85
• /
• 2003

In this study, we write down the definitions, their causes and the techniques of analysis as a theoretical consideration of common cause failures, and investigate the limitation and the importance of the common cause failures by applying to the analysis on the fire protection as a representative safety facility. As you can know in the reliability analysis, most impressive cause is the malfunctions of pumping operations; especially the common cause failure of two pumps is dominant. In other words, it is possible to assess system-reliability as twice as actual without CCF From these, CCF is extraordinarily important and the results are highly dependent on the CCF factor. And although it would increase with multiple installations, the reliability are not defined as linear with those multiplications. In addition, the differences in results due to the models for analysis are not significant, whereas the various sources of data produce highly different results. Therefore, we conclude that the reliabilities are dependent on the quality of the usable data much better than the variety of models. As a result, the basic and engineering device for the preventions of CCF of the multiple facilities is to design it as reliably as to design the fire-water pump. That is to say, we must assess those reliabilities using PFD whether they are appropriate to SIL (Safety Integrity Level) which is required for the reliability in SIS (Safety Instrumented System). The result of the analysis on the reliability of the fire-water supply with CCF shows that PFD is 3.80E-3, so that it cannot be said to be designed as safely as in the level of SIL5. However, without CCF, PFD is 1.82E-3 which means that they are designed as unsafely as before.

• Journal of Applied Reliability
• /
• v.14 no.1
• /
• pp.81-91
• /
• 2014

The IEC 61508 standard was established to specify the functional safety of E/E/PE safety-related systems. Safety life cycle to provide the framework and direction for the application of IEC 61508 is included in this standard. In this paper, we describe overviews, objects, scopes, requirements and activities of each phase in safety life cycle. In addition, we introduce safety integrity level(SIL) which is used for verifying the safety integrity requirements of E/E/PE system and perform a case study to estimate hardware SIL by FMEDA. The SIL is evaluated by two criteria. One of them is the architectural constraints which restrict the maximum SIL by combination of SFF and HFT. The other is the probability of failure which is classified into PFD and PFH based on frequency of demand and calculated by safe or dangerous failure rates.

• Fire Science and Engineering
• /
• v.20 no.3 s.63
• /
• pp.1-8
• /
• 2006

The purpose of this work is to analyze quantitatively if the safety instrumented system(SIS) like the pressure safety valves(PSV) in the processes of ethyl benzene plant have been designed relevantly to the safety integrity level because overpressure in the benzene or ethyl benzene columns causes the explosive reactions, fires and reactor explosions. The safety integrity level(SIL) 3 has been adopted as a target level of SIS based on the general data of the Probability of Failure on Demand of PSV, $1.00E-4{\sim}1.00E-3$. The standard model of the reliability has been set up and then the fault tree analysis of it has been carried out to get the PFD of SIS, and the results show 8.97E-04, 5.37E-04, 5.37E-04 for benzene prefractionator column, benzene column and EB column, respectively. Thus, we conclude that the SIS is designed to fulfill the condition of SIL3, and when the partial stroke test for the control valve are carried out every sixth month, the SIS of each column is expected to increase its reliability up to $22{\sim}27%$.

• Journal of the Korean Society of Safety
• /
• v.35 no.6
• /
• pp.1-8
• /
• 2020

In recent years, hydrogen has received much attention as an alternative energy source to fossil fuels. In order to ensure safety from the increasing number of hydrogen refueling stations, prevention methods have been required. In this regard, this study suggested an approach to reduce the risk of hydrogen refueling station by increasing Safety Integrity Level (SIL) for a Steam Methane Reformer (SMR) in On-Site Hydrogen Refueling Station. The worst scenario in the SMR was selected by HAZOP and the required SIL for the worst scenario was identified by LOPA. To verify the required SIL, the PFDavg.(1/RRF) of Safety Instrumented System (SIS) in SMR was calculated by using realistic failure rate data of SIS. Next, several conditions were tested by varying the sensor redundancy and proof test interval reduction and their effects on risk reduction factor were investigated. Consequently, an improved condition, which were the redundancy of two-out-of-three and the proof test interval of twelve months, achieved the tolerable risk resulting in the magnitude of risk reduction factor ten times greater than that of the baseline condition.