Handbook of Reliability, Availability, Maintainability and Safety in Engineering Design - Part 76 pptx

5.4 Application Modelling of Safety and Risk in Engineering Design 735Table 5.27 Simple 2-out-of-4 vote arrangement truth table Valve 1 Valve 2 Valve 3 Valve 4 System Working Working Wor

Fig 5.88 Monte Carlo simulation of RBD and FTA models

During the simulation process, the model will be able to determine whether the system will fail, by examining the developed network diagram The model does this by determining whether there are any open paths from the input node or block

to the output node or block An open path is a path that does not cross any failed component or sub-system blocks

Network diagrams may also be used to represent voting arrangements Nodes

to the right of a parallel arrangement may be given a vote number to indicate how many success paths must be available through the parallel arrangement (if a vote number is not specified, then only one path need be available) The simple parallel arrangement of the four blocks 1, 2, 3 and 4 in Fig 5.88, with a vote number (number

of available paths required for success) of 2, would result in the truth table given in

Table 5.27

Figure 5.89 illustrates the use of the fault-tree diagram in determining potential

system failures in a parallel control valve configuration of a high-integrity protection system (HIPS) This is developed from the imbedded Isograph AvSimc

Availabil-ity Simulation Model (Isograph 2001) Fault-tree diagrams graphically represent the interaction of failures and other events within a system Basic events at the bottom

of the fault tree are linked via logic symbols (known as gates) to one or more TOP events These TOP events represent identified hazards or system failure modes for

5.4 Application Modelling of Safety and Risk in Engineering Design 735

Table 5.27 Simple 2-out-of-4 vote arrangement truth table

Valve 1 Valve 2 Valve 3 Valve 4 System

Working Working Working Working Working

which predicted reliability or availability data are required Basic events at the bot-tom of the fault tree generally represent component failures, although they may also represent other events such as operator actions Fault trees may be used to analyse large and complex systems, and are particularly adept at representing and analysing redundancy arrangements

Figures 5.90 and 5.91 illustrate the Monte Carlo simulation results in the form of

a Weibull cumulative failure probability graph, and an unavailability profile of the HIPS

The Weibull analysis module (Isograph 2001) analyses the simulation data by

assigning probability distributions that represent the failure or repair characteris-tics of a given failure mode In the integration of complex systems, the purpose of determining equipment criticality, or combinations of critical equipment, is to as-sess the times to wear-out failures The Weibull distribution is particularly useful because it can be applied to all three phases of the hazard rate curve The failure distribution assigned to a given set of times to failure (known as a dataset) may be assigned to failure models that are attached to blocks in a network diagram or events

in a fault-tree diagram The model automatically fits the selected distribution to the data and displays the results graphically in the form of cumulative probability plots, unconditional probability density plots, and conditional probability density plots Figure 5.90 illustrates Monte Carlo simulation results of unreliability displayed

in the form of a Weibull cumulative failure probability graph

Unavailability profile graphs display the mean unavailability values for each time

interval Unavailability values may be displayed for several sub-systems, assemblies and components of a system, or integrated systems, which are concurrently being designed Figure 5.91 illustrates the Monte Carlo simulation results in the form of

an unavailability profile of the high-integrity protection system (HIPS)

Fig 5.89 FTA modelling in designing for safety

As stated in Sect 4.4.1, dynamic system simulation in engineering design

pro-vides for virtual prototyping of engineering processes, making design verification

faster and less expensive To fully exploit the advantages of virtual prototyping, dy-namic system simulation is the most efficient and effective Dydy-namic system sim-ulation provides various design teams in a collaborative design environment with immediate feedback on design decisions, allowing for a comprehensive exploration

of design alternatives and for optimal final designs However, dynamic simulation modelling can be very complex, resulting in a need for simulation models to be easy

to create and analyse

To take full advantage of virtual prototyping (i.e developing PEMs), it is

neces-sary for dynamic system simulation modelling to be integrated with the design

en-vironment (through the AIB blackboard), and to provide a simple and intuitive user interface that requires a minimum of analysis expertise Figure 5.92 illustrates the AIB blackboard model selection menu with the process flow diagramming (PFD) option that includes systems modelling and systems simulation Access to a simula-tion modelling capability by design engineers in a collaborative design environment

is a powerful feature provided by the AIB blackboard

Many engineered installations have a modular architecture that is based on the optimum selection and composition of systems, assemblies and components from

5.4 Application Modelling of Safety and Risk in Engineering Design 737

Fig 5.90 Weibull cumulative failure probability graph of HIPS

older designs When the new design is created, these system compositions are se-lected and then connected together in a systems configuration Figures 5.93 to 5.97 illustrate the overall systems configuration of an extend process simulation model with PEM blocks

Multiple logical flow configurations can represent a particular system

composi-tion, and are bound to the system’s configuration interface The industrial systems simulation option of the Extendc Performance Modelling (Extend 2001) software

has been modified and imbedded into the AIB blackboard to include a wide range

of process equipment models (PEMs) These PEMs are held in a general systems

simulation database library that can be accessed by various programming options

in the AIB blackboard (either imbedded as third-party software or as developed application software) A PEM system can be represented either as a single block

(model component) or as a configuration of several blocks These configurations are

equivalent PEM specifications of the same blocks, and the choice of configuration

is independent of the PEM system behaviour

Figure 5.93 shows a specific section’s process flow diagram (PFD) consisting

of ten systems, each system graphically represented by a virtual prototype process equipment model (PEM) The systems, or PEM blocks, are linked together with logical flows.

Fig 5.91 Profile modelling in designing for safety

In many process designs, the physical or real-world systems are designed using

model components In such processes, these model components are selected,

con-figured and assembled in such a way that the design specifications are met A model component is a modular design entity with a complete specification describing how

it may be connected to other model components in a model configuration A model

configuration is created when two or more model components are connected to each

other via their interfaces A model component can itself encapsulate a

configura-tion of numerous model components, thus allowing for a hierarchical structure of sub-models as illustrated in Fig 5.94

Each block pertaining to a PEM has connectors that are the interface points of the block Connections are lines used to specify the logical flow from one model component to another, as illustrated in Fig 5.94 As will be shown later, a model

component is instantiated in the design by specifying instantiation parameters that

describe its specification

Figures 5.95 and 5.96 illustrate the PEM simulation models process informa-tion This information is generated either in a document layout of system perfor-mance variables (such as system contents, flows and surges, in the case of Fig 5.95)

or in a graphical display of system performance variables (such as in the case of Fig 5.96)

5.4 Application Modelling of Safety and Risk in Engineering Design 739

Fig 5.92 AIB blackboard model with system simulation option

Figure 5.95 illustrates system performance variables that describe PEM spec-ifications In this case, the PEM specifications are represented by the modelling component called ‘holding tank’, relating to the PEM system, ‘reverse jet scrub-ber’ These PEM specifications include performance variables such as operating contents, maximum contents, minimum contents, initial inflow, final inflow, initial outflow, final outflow, initial contents, final contents, initial flow surge, final flow surge, and accumulative surge Several simulation run options are available, such

as for operating contents going below minimum contents, or for steady-state flow (outflow=inflow)

The graphical display (plotter) shows both a graphical representation of the

pro-cess values of a performance variable during a simulation run, as well as a table of the numerical values of the performance variable A powerful feature of the graph-ical display in engineering design is that plots of a performance variable taken in previous simulation runs is ‘remembered’ (up to four previous simulation runs), to allow for a comparative analysis in the event a performance variable is changed for design cost/performance trade-off Such a trade-off would not be considered in as-sessing safety criteria related to a specific performance variable, where an increase

in safety might result in a decrease in performance as shown in previous simulation runs

Fig 5.93 PFD for simulation modelling

Figure 5.96 illustrates the graphical display model component for system be-haviour of the performance variable ‘operating contents’ of the PEM system ‘re-verse jet scrubber’, indicating a trend towards steady state

Petri net-based optimisation algorithms are usefully applied in dynamic systems

simulation—in this case, the determination of pressure surge through a continuous process flow line Petri nets have been used as mathematical graphical tools for mod-elling and analysing systems of which the dynamic behaviours are characterised by synchronous and distributed operation, as well as non-determinism A basic Petri net

structure consists of places and transitions interconnected by directed arcs Places are denoted by circles and represent conditions, while transitions are denoted by bars or rectangles and represent events The directed arcs in a Petri net represent

flow of control where the occurrence of events is controlled by a set of conditions that can be either instantaneous or gradual (averaged)

The pressure surge Petri net depicted in Fig 5.97 includes conditions of flow surge criteria such as outlet diameter and fluid modulus, together with events

repre-senting the combination and manipulation of criteria in the flow surge algorithm to obtain results in graphical displays

Design automation (DA) environments typically contain a design representation

or design database through which the design is controlled The design automation

5.4 Application Modelling of Safety and Risk in Engineering Design 741

Fig 5.94 PEMs for simulation modelling

environment usually interacts with a set of resident computer aided design (CAD)

tools and will attempt to act as a manager of the CAD tools by handling input/output requirements, invocation parameters and, possibly, automatically sequencing the CAD tools Thus, a DA environment provides a design framework that, in effect, shields the designer from cumbersome details and enables the designer to work at

a high level of abstraction Design automation environments have great potential

in CAD because they can encapsulate expert design knowledge as well as rapidly changing domain knowledge, typical of process engineering design Since they can

be easily extended and modified, rule-based systems allow for limited automated design

Figure 5.98 illustrates the AIB blackboard data browser option with access to

a database library of integrated CAD data relevant to each PEM

CAD models provide a comprehensive and detailed knowledge source for the

AIB blackboard, which can be integrated with an expert systems knowledge base for process information The most useful CAD model for knowledge integration is the three-dimensional CAD (3D CAD), which entails parametric solid modelling

that requires the user to apply what is referred to as ‘design intent’ Some

soft-ware packages provide the ability to edit parametric as well as non-parametric ge-ometry without the need to understand or undo the design intent history of the

Fig 5.95 PEM simulation model performance variables for process information

geometry by use of direct modelling functionality Parametric designs require the user to consider the design sequence carefully, especially in a collaborative design environment What may be a simple design now could be worst case later

Figure 5.99 shows a three-dimensional CAD model of process configuration in-formation, accessed from a database library of integrated CAD data relevant to each PEM in the AIB blackboard

Knowledge training is an important application of three-dimensional CAD

mod-elling, especially for training operators and engineers for the engineered installation, notably during the ramp-up and warranty stages A CAD modelling system can be seen as built up from the interaction of a graphical user interface (GUI) with bound-ary representation data via a geometric modelling kernel A geometry constraint engine is employed to manage the associative relationships between geometry, such

as wire frame geometry in a schematic design or components in a detail design Ad-vanced capabilities of these associative relationships have led to a new form of pro-totyping called digital propro-totyping In contrast to physical prototypes, digital proto-types allow for design verification and testing on screen, enabling three-dimensional CAD to be more than simply a documentation tool (representing designs in graphi-cal format) but, rather, a more robust designing tool that assists in the design process

as well as post-design testing and training

5.4 Application Modelling of Safety and Risk in Engineering Design 743

Fig 5.96 PEM simulation model graphical display of process information

Figure 5.100 shows a typical CAD integrated training data library in the AIB blackboard of performance variable data relevant to each PEM

Artificial neural network (ANN) computation, unlike more analytically based

information processing methods, effectively explores the information contained within input data, without further assumptions Statistical methods are based on cer-tain assumptions about the input data (i.e a priori probabilities, probability density functions, etc.) Artificial intelligence encodes deductive human knowledge with simple IF THEN rules, performing inference (search) on these rules to reach a con-clusion Artificial neural networks, on the other hand, identify relationships in the input datasets, through an iterative presentation of the data and intrinsic mapping

characteristics of neural topologies (referred to as learning) There are two basic phases in neural network operation: the training or learning phase, where sample data are repeatedly presented to the network, while their weights are updated to ob-tain a desired response; and the recall or retrieval phase, where the trained network

is applied to prototype data.

Figure 5.101 shows the AIB blackboard ANN computation option with access to

an imbedded NeuralExpertc program (NeuroDimension 2001).

A neural expert program (Lefebvre et al 2003) is a specific knowledge source

of the AIB blackboard for processing time-varying information, such as non-linear