Handbook of Reliability, Availability, Maintainability and Safety in Engineering Design - Part 16 pdf

The analysis at systems level involves identifying potential equipment failure modes and assessing the con-sequences they might have on the system’s performance.. Analysis at equipment l

The overall performance index, OPI, can be calculated as

OPI= 1

mn



m

∑

i=1

n

∑

j=1(PPI)(SPI)



(3.92)

where m is the number of performance parameters, and n is the number of systems.

Computation: propagation rule 1:

(only X ) and (only Y ) and G ⇒ (only Range (G, X, Y ))

OPI [corners (PPI, SPI)]

= [1/12 × ((1.2 × 1.6) + (1.2 × 1.7) + (1.2 × 1.7)+ (1.2 × 1.5) + (2.1 × 1.6) + (2.1 × 1.7) + (2.1 × 1.7) + (2.1 × 1.5)

+ (1.8 × 1.6) + (1.8 × 1.7) + (1.8 × 1.7) + (1.8 × 1.5))] ,

[1/12 × ((7.4 × 9.0) + (7.4 × 7.0) + (7.4 × 7.0)+ (7.4 × 6.6) + (7.5 × 9.0) + (7.5 × 7.0) + (7.5 × 7.0) + (7.5 × 6.6)

+ (7.1 × 9.0) + (7.1 × 7.0) + (7.1 × 7.0) + (7.1 × 6.6))]

OPI [range (PPI, SPI)]

= < [1/12 × 33.2] , [1/12 × 651.2] >

and:

OPI = < all-parts only %2.8 54.3 >

Description:

The overall performance index, OPI, is a combination of the parameter perfor-mance index, PPI, and the system perforperfor-mance index, SPI, and indicates the

over-all performance of the operational parameters (PPI), and the overover-all contribution

of the system’s items on the system (SPI) itself

The numerical value of OPI lies in the range 0–100 and can thus be indicated as

a percentage value, which is a useful measure for conceptual design optimisation The reverse jet scrubber system has an overall performance in the range of 2.8

to 54%, which is not optimal

The critical minimum performance level of 2 8% as well as the upper perfor-mance level of 54% indicate design review.

3.3.2 Analytic Development of Reliability Assessment

in Preliminary Design

The most applicable techniques selected as tools for reliability assessment in

intelli-gent computer automated methodology for determining the integrity of engineering

design during the preliminary or schematic design phase are failure modes and

ef-fects analysis (FMEA), failure modes and efef-fects criticality analysis (FMECA), and fault-tree analysis However, as the main use of fault-tree analysis is perceived to

be in designing for safety, whereby fault trees provide a useful representation of the

different failure paths that can lead to safety and risk assessments of systems and processes, this technique will be considered in greater detail in Chap 5, Safety and Risk in Engineering Design Thus, only FMEA and FMECA are further developed

at this stage with respect to the following:

i FMEA and FMECA in engineering design analysis

ii Algorithmic modelling in failure modes and effects analysis

iii Qualitative reasoning in failure modes and effects analysis

iv Overview of fuzziness in engineering design analysis

v Fuzzy logic and fuzzy reasoning

vi Theory of approximate reasoning

vii Overview of possibility theory

viii Uncertainty and incompleteness in design analysis

ix Modelling uncertainty in FMEA and FMECA

x Development of a qualitative FMECA.

3.3.2.1 FMEA and FMECA in Engineering Design Analysis

Systems can be described in terms of hierarchical system breakdown structures (SBS) These system structures are comprised of many sub-systems, assemblies and components (and parts), which can fail at one time or another The effect of func-tional failure of the system structures on the system as a whole can vary, and can

have a direct, indirect or no adverse effect on the performance of the system In

a systems context, any direct or indirect effect of equipment functional failures will

result in a change to the reliability of the system or equipment, but may not neces-sarily result in a change to the performance of the system.

Equipment (i.e assemblies and components) showing functional failures that

degrade system performance, or render the system inoperative, is termed system-critical Equipment functional failures that degrade the reliability of the system are classified as reliability-critical (Aslaksen et al 1992).

a) Reliability-Critical Items

Reliability-critical items are those items that can have a quantifiable impact on system performance but predominantly on system reliability These items are

usu-ally identified by appropriate reliability analysis techniques The identification of reliability-critical items is an essential portion of engineering design analysis, es-pecially since the general trend in the design of process engineering installa-tions is towards increasing system complexity It is thus imperative that a sys-tematic method for identifying reliability-critical items is implemented during the

engineering design process, particularly during preliminary design Such a

system-atic method is failure modes and effects criticality analysis (FMECA) In practice, however, development of FMECA procedures have often been considered to be ar-duous and time consuming As a result, the benefits that can be derived have often been misunderstood and not fully appreciated The FMECA procedure consists of three inherent sub-methods:

• Failure modes and effects analysis (FMEA).

• Failure hazard analysis.

• Criticality analysis.

The methods of failure modes and effects analysis, failure hazard analysis and criticality analysis are interrelated Failure hazard analysis and criticality analysis

cannot be effectively implemented without the prior preparations for failure modes and effects analysis Once certain groundwork has been completed, all of these anal-ysis methods should be applied This groundwork includes a detailed understanding

of the functions of the system under consideration, and the functional relationships

of its constituent components Therefore, two necessary additional techniques are

imperative prior to developing FMEA procedures, namely:

• Systems breakdown structuring.

• Functional block diagramming.

As previously indicated, a systems breakdown structure (SBS) can be defined

as “a systematic hierarchical representation of equipment, grouped into its logical systems, sub-systems, assemblies, sub-assemblies, and component levels”.

A functional block diagram (FBD) can be defined as “an orderly and structured means for describing component functional relationships for the purpose of systems analysis”.

An FBD is a combination of an SBS and concise descriptions of the operational and physical functions and functional relationships at component level Thus, the

FBD need only be done at the lowest level of the SBS, which in most cases is at component level It is from this relation between the FBD and the SBS that the

combined result is termed a functional systems breakdown structure (FSBS).

Some further concepts essential to a proper basic understanding of FSBS are considered in the following definitions:

A system is defined as “a complete whole of a set of connected parts or com-ponents with functionally related properties that links them together in a system process”.

A function is defined as “the work that an item is designed to perform”.

This definition indicates, through the terms work and design, that any item con-tains both operational and physical functions Operational functions are related to the item’s working performance, and physical functions are related to the item’s design.

Functional relationships, on the other hand, describe the actions or changes in

a system that are derived from the various ways in which the system’s components and their properties are linked together within the system Functional relationships

thus describe the complexity of a system at the component level Component func-tional relationships describe the actions internal in a system, and can be regarded as the interactive work that the system’s components are designed to perform

Com-ponent functional relationships may therefore be considered from the point of view

of their internal interactive functions Furthermore, component functional relation-ships may also be considered from the point of view of their different cause and effect changes, or change symptoms, or in other words, their internal symptomatic functions.

In order to fully understand component functional relationships, concise descrip-tions of the operational and physical funcdescrip-tions of the system must first be defined, and then the functional relationships at component level are defined The descrip-tions of the system’s operational and physical funcdescrip-tions need to be quantified with respect to their limits of performance, so that the severity of functional failures can

be defined at a later stage in the FMECA procedure The first step, then, is to list the components in a functional systems breakdown structure (FSBS)

b) Functional Systems Breakdown Structure (FSBS)

The identification of the constituent items of each level of a functional systems breakdown structure (FSBS) is determined from the top down This is done by iden-tifying the actual physical design configuration of the system, in lower-level items of the systems hierarchy The various levels of an FSBS are identified from the bottom

up, by logically grouping items or components into sub-assemblies, assemblies or sub-systems Operational and physical functions and limits of performance are then defined in the FSBS Once the functions in the FSBS have been described and limits

of performance quantified, then the various functional relationships of the compo-nents are defined, either in a functional block diagram (FBD) or through functional modelling.

The functional block diagram (FBD) is a structured means for describing com-ponent functional relationships for design analysis However, in the development

of an FBD, the descriptions of these component functional relationships should be

limited to two words if possible: a verb to describe the action or change, and a noun

to describe the object of the action or change In most cases, if the component func-tional relationships cannot be stated using two words, then more than one funcfunc-tional relationship exists.

A verb–noun combination cannot be repeated in any one branch of the FBD’s descriptions of the component functional relationships If, however, repetition is apparent, then review of the component functional relationships in the functional block diagram (FBD) becomes necessary (Blanchard et al 1990)

As an example, some verb–noun combinations are given for describing

compo-nent functional relationships for design analysis during the preliminary design phase

in the engineering design process

The following semantic list represents some verb–noun combinations:

Circulate Current Close Overflow Compress Gas Confine Liquids Contain Lubricant Control Flow Divert Fluid Generate Power Provide Seal Transfer Signal Transport Material

It is obvious that the most appropriate verb must be combined with a correspond-ing noun Thus, the verb ‘control’ can be used in many combinations with different

nouns It can be readily discerned that these actions can be either operational func-tional relationships that are related to the item’s required performance, or physical functional relationships that are related to the item’s design For instance, current can be controlled operationally, through the use of a regulator, or physically through the internal physical resistance properties of a conductor.

What becomes essential is to ask the question ‘how?’ after the verb–noun com-bination has been established in describing functional relationships The question is directed towards an answer of either ‘operational’ or ‘physical’ In the case of an uncertain decision concerning whether the verb–noun description of the functional relationship is achieved either operationally (i.e related to the item’s performance)

or physically (i.e related to the item’s material design), then the basic principles used in defining the item’s functions can be referred to.

These principles indicate that the item’s functions can be identified on the basis

of the fundamental criteria relating to operational and physical functions, which are:

• movement and work, in the case of operational functions, and

• shape and consistence, in the case of physical functions.

c) Failure Modes and Effects Analysis (FMEA)

Failure modes and effects analysis (FMEA) is one of the most commonly used

tech-niques for assessing the reliability of engineering designs The analysis at systems level involves identifying potential equipment failure modes and assessing the con-sequences they might have on the system’s performance Analysis at equipment level involves identifying potential component failure modes and assessing the ef-fects they might have on the functional reliability of neighbouring components, and

then propagating these up to the system level This propagation is usually done in

a failure modes and effects criticality analysis (FMEA)

The criticality of components and component failure modes can therefore be assessed by the extent the effects of failure might have on equipment functional

reliability, and the appropriate steps taken to amend the design so that critical failure modes become sufficiently improbable

With the completion of the functional block diagram (FBD), development of the failure modes and effects analysis (FMEA) can proceed The initial steps of FMEA considers criteria such as:

• System performance specifications

• Component functional relationships

• Failure modes

• Failure effects

• Failure causes.

A complex system can be analysed at different levels of resolution and the

appro-priate performance or functions defined at each level The top levels of the system breakdown structure are the process and system levels where performance

specifica-tions are defined, and the lower levels are the assembly, component and part levels where not only primary equipment but also individual components have a role to

play in the overall functions of the system An FMEA consists of a combined top-down and bottom-up analysis From the top, the process and system performance

specifications are decomposed into assembly and component performance ments and, from the bottom, these assembly and component performance

require-ments are translated into functions and functional relationships for which system

performance specifications can be met

After determining assembly and component functions and functional relation-ships through application of the techniques of system breakdown structures (SBS) and functional block diagrams (FBD), the remaining steps in developing an FMEA

consider determining failure modes, failure effects, failure causes as well as failure detection.

Engineering systems are designed to achieve predefined performance criteria and, although the FMEA will provide a comparison between a system’s normal and faulty behaviour through the identification of failure modes and related descriptions

of possible failures, it is only when this behavioural change affects one of the per-formance criteria that a failure effect is deemed to have occurred The failure effect

is then described in terms of system performance that has been either reduced or not achieved at all

A survey of applied FMEA has shown that the greatest criticism is the inabil-ity of the FMEA to sufficiently influence the engineering design process, because the timescale of the analysis often exceeds the design process (Bull et al 1995b)

It is therefore often the case that FMEA is seen not as a design tool but solely as

a deliverable to the client To reduce the total time for the FMEA, an approach is re-quired whereby the methodology is not only automated but also integrated into the engineering design process through intelligent computer automated methodology Such an approach would, however, require consideration of qualitative reasoning in engineering design analysis In order to be able to develop the reliability technique

of FMEA (and its extension of criticality considerations into a FMECA) for ap-plication in intelligent computer automated methodology, particularly for artificial

intelligence-based (AIB) modelling, it is essential to carefully consider each pro-gressive step with respect to its related definitions It is obvious that the best point

of departure would be an appropriate definition for failure.

According to the US Military Standard (MIL-STD-721B), a failure is defined as

“the inability of an item to function within its specified limits of performance” This implies that system functional performance limits must be clearly defined before

any functional failures can be identified The task of defining system functional performance limits is not straightforward, especially with complex integration of systems A thorough analysis of systems integration complexity requires that the FMEA not only considers the functions of the various systems and their equipment but that limits of performance be related to these functions as well

As previously indicated, the definition of a function is given as “the work that an item is designed to perform” Thus, failure of the item’s function means failure of

the work that the item is designed to perform

Functional failure can thus be defined as “the inability of an item to carry-out the work that it is designed to perform within specified limits of performance”.

It is obvious from this definition that there are two degrees of severity of func-tional failure:

i) A complete loss of function, where the item cannot carry out any of the work

that it was designed to perform

ii) A partial loss of function, where the item is unable to function within specified

limits of performance

Potential failure may be defined as “the identifiable condition of an item indicat-ing that functional failure can be expected” In other words, potential failure is an identifiable condition or state of an item on which its function depends, indicating

that the occurrence of functional failure can be expected

From an essential understanding of the implications of these definitions, the var-ious steps in the development of an FMEA can now be considered

STEP 1: the first criterion to consider in the FMEA is failure mode.

The definition of mode is given as “method or manner”.

Failure mode can be defined as “the method or manner of failure”.

If failure is considered from the viewpoint of either functional failure or potential failure, then failure mode can be determined as:

i) The method or manner in which an item is unable to carry out the work that it

is designed to perform within limits of performance This would imply either the mode of failure in which the item cannot carry out any of the work that it

is designed to perform (i.e complete loss of function), or the mode of failure

in which the item is unable to function within specified limits of performance

(i.e partial loss of function).

ii) The method or manner in which an item’s identifiable condition could arise,

indicating that functional failure can be expected This would imply a failure mode only when the item’s identifiable condition is such that a functional failure can be expected

Thus, failure mode can be described from the points of view of:

• A complete functional loss.

• A partial functional loss.

• An identifiable condition.

For reliability assessment during the preliminary engineering design phase, the first two failure modes, namely a complete functional loss, and a partial functional loss, can be practically considered The determination of an identifiable condition is

considered when contemplating the possible causes of a complete functional loss or

of a partial functional loss

STEP 2: the following step in developing an FMEA is to consider the criteria of

failure effects.

The definition of effect is given as “an immediate result produced”.

Failure effects can be defined as “the immediate results produced by failure” Failure consequence can be defined as “the overall result or outcome of failures”.

It is clear that from these definitions that there are two levels—firstly, an imme-diate effect and, secondly, an overall consequence of failure.

i) The effects of failure are associated with analysis at component level of the

immediate results that initially occur within the component’s or assembly’s environment

ii) The consequences of failure are associated with analysis at systems level of

the overall results that eventually occur in the system or process as a whole For the purpose of developing an FMEA at the higher systems level, some of the

basic principles of failure consequences need to be described The consequences

of failure need not have immediate results However, as indicated before, typical

FMEA analysis of failure effects on functional reliability at component level and propagated up to the system level is usually done in a failure modes and effects criticality analysis (FMEA)

Operational and physical consequences of failure can be grouped into five

sig-nificant categories:

• Safety consequences.

Safety operational and physical consequences of functional failure are alternately termed critical functional failure consequences These functional failures affect

either the operational or physical functions of systems, assemblies or components

that could have a direct adverse effect on safety, with respect to catastrophic

incidents or accidents

• Economic consequences.

Economic operational and physical consequences of functional failure involve

an indirect economic loss, such as the loss in production, as well as the direct cost of corrective action.

• Environmental consequences.

Environmental operational and physical consequences of functional failure in

engineered installations relate to environmental problems predominantly

associ-ated with treatment of wastes from mineral processing operations, hydrometal-lurgical processes, high-temperature processes, and processing operations from

which by-products are treated Any functional failures in these processes would most likely result in environmental operational and physical consequences.

• Maintenance consequences.

Maintenance operational and physical consequences of functional failure in-volve only the direct cost of corrective maintenance action.

• Systems consequences.

Systems operational and physical consequences of functional failure involve

in-tegrated failures in the functional relationships of components in process

engi-neering systems with regard to their internal interactive functions, or internal symptomatic functions.

STEP 3: the following step in developing an FMEA is to consider the criteria of

failure causes.

The definition of cause is “that which produces an effect”.

Failure causes can be defined as “the initiation of failures which produce an effect”.

The definition of functional failure was given as “the inability of an item to carry-out the work that it is designed to perform within specified limits of performance” Considering the causes of functional failure, it is practical to place these into hazard categories of component functional failure incidents or events These hazard cate-gories are determined through the reliability evaluation technique of failure hazard analysis (FHA), which is considered later.

The definition of potential failure was given as “the identifiable condition of an item indicating that functional failure can be expected” The effects of potential failure could result in functional failure In other words, the causes of functional failure can be found in potential failure conditions The most significant aspect of potential failure is that it is a condition or state, and not an incident or event such as with functional failure.

In being able to define potential failure in an item of equipment, the identifiable conditions or state of the item upon which its functions depend must then also be identified The operational and physical conditions of the item form the basis for

defining potential failures arising in the item’s functions This implies that an item, which may have several functions and is meant to carry out work that it is designed

to perform, will be subject to several conditions or states on which its functions

depend, from the moment that it is working or put to use In other words, the item is subject to potential failure the moment it is in use.

Potential failure is related to the identifiable condition or state of the item, based

upon the work it is designed to perform, and the result of its use The causes of potential failure are thus related to the extent of use under which the system or

equipment is placed

In summary, then, developing an FMEA includes considering the criteria of

fail-ure causes—the causes of functional failfail-ure can be found in potential failfail-ure

condi-tions and, in turn, the causes of potential failure can be related to the extent of use

of the system or equipment

Despite the fairly comprehensive and sound theoretical approach to the defini-tions of the relevant criteria and analysis steps in developing an FMEA, it still does not provide exhaustive lists of causes and effects for full sets of failure modes

A complete analysis, down to the smallest detail, is generally too expensive (and often impossible) The central objective of FMEA in engineering design therefore

is more for design verification This would require an approach to FMEA that

con-centrates on failure modes that can be represented in terms of simple linguistic or

logic statements, or by algorithmic modelling in the case of more complicated

fail-ure modes In the design of integrated engineering systems, however, most failfail-ure modes are not simple but complex, requiring an analytic approach such as algorith-mic modelling

3.3.2.2 Algorithmic Modelling in Failure Modes and Effects Analysis

All engineering systems can be broken down into sub-systems and/or assemblies and components, but at which level should they be modelled? At one extreme, if the FMEA is concerned with the process as a whole, it may be sufficient to represent the inherent equipment as single entities Conversely, it may be necessary to consider the effects of failure of single components of the equipment Less detailed analysis could be justified for a system based on previous designs, with relatively high reli-ability and safety records Alternatively, greater detail and a correspondingly lower system-level analysis is required for a new design or a system with unknown relia-bility history (Wirth et al 1996)

The British Standard on FMEA and FMECA (BS5760, 1991) requires failure modes to be considered at the lowest practical level However, in considering the use

of FMEA for automated continual design reviews in the engineering design process,

it is prudent to initially concentrate on failure modes that could be represented in terms of simple linguistic or logic statements Once this has been accomplished, the problem of how to address complicated failure modes can be addressed This is considered in the following algorithmic approaches (Bull et al 1995b):

• Numerical analysis

• Order of magnitude

• Qualitative simulation

• Fuzzy techniques.

a) Numerical Analysis

There are several numerical and symbolic algorithms that can be used to solve dy-namic systems However, many of these algorithms have two major drawbacks: firstly, they might not be able to reach a reliable steady-state solution, due to con-volutions in the numerical solution of their differential equations, or because of the