FMEA 20fgt

Component
Product Function What is the process step?
Potential Failure Mode In what ways can the Component, Subsystem or System potentially fail and cause a safety risk?
Potential Failure Effects What is the impact on Safety?
S E V How Severe is effect to Safety?
Potential Causes List every conceivable failure and/or failure mechanism for each failure mode
O C C How frequent is cause likely to Occur?
Current Process Controls What are the Existing Controls, Procedures or Specifacations that prevent either the cause or the failure mode
D E T
R P N
Actions Recommended What are the actions for reducing the Occurrence of the cause, or improving Detection? Should have actions on high RPN's or EASY FIXES
Resp.& Target Date Who's Responsible for the recommende d action? What date?
Actions Taken What were the actions implemented? Include completion month/year. (Then recalculate resulting RPN.)
S E V
O C C
D E T
R P N
LH2 Storage (Dewar)
Contain LH2 @~30psi
Leakage/Rupture
Spill to Storage Area and Dissipation of H2 Spill to Storage Area and Combustion of Vapour Spill to Storage Area and Pooling of LH2
H2 Embrittlement
4 3 3 2 6
Specification: Supplier Specification: Supplier Specification: Supplier Design: Barrier Procedure: Restricted Access
10 Corrosion 9 Stress Cycling/Fatigue Mechanical damage (collision) Mechanical damage (impact)
Mechanical damage (attack) Mechanical damage (structural) Operator Error Vacuum Jacket Failure Mechanical damage (impact)
5 6 4 3 6 Procedure: Operator Training Control: Vent to Stack Specification: Supplier Procedure/Design: Restricted Access Procedure: Operator Training Specification: Supplier Design: Rupture Disk - Vent to Stack Specification: Supplier Procedure/Design: Restricted Access Procedure: Operator Training Specification: Supplier Design: Rupture Disk - Vent to Stack Specification: Supplier Control: Shutdown
Isolate LH2 from Environment
Allow Excess Heat Conduction
Excess Vapour Pressure
6 6
Vent Excessive Vapour PRD Fails Pressure
Excess Pressure Buildup
H2 Embrittlement
7 7
Corrosion Mechanical damage (impact)
3 6
Vent Line Blockage
7 7
Debris H2 Embrittlement
7 4
Provide Vapour Pressure Signal to Controller
No signal
System Fault
7 7 3
Corrosion Debris Electrical Damage (shock)
3 7 6
3 3 3 Signal Bias High Signal Bias Low Excess Vapour Pressure 6 6 3 3 3 3 7 7 3 3 3 3 3 1
Out of Range Power Failure Calibration Error Electrical Damage (shock) Calibration Error Electrical Damage (shock) Calibration Error Mechanical Wear H2 Embrittlement Corrosion Control Malfunction Incorrect Design Specifications Control Malfunction Mechanical Wear H2 Embrittlement Corrosion Control Malfunction Incorrect Design Specifications Control Malfunction
5 4 7 6 7 6 7 2 4 3 4 2 4 2 4 3 4 2 4
Specification: Supplier Procedure: Supplier Calibration Procedure: Supplier Calibration Design: Rupture Disk - Vent to Stack Procedure: Supplier Calibration Control: Shutdown Specification: Supplier Specification: Supplier Control: Vent to Stack Control: Shutdown Specification: Supplier Specification: Supplier
Cryo Pump
Boost LH2 Pressure
Low Pressure
System Fault
High Pressure Provide Flow Control (On/Off, Variable) Insufficient Flow
Excess Liquid Pressure System Fault
High Flow Printed:3/15/2013
Low Process Gas Temp
Control: System warning
Process FMEA Template
How probable is Detection of cause? Risk Priority # to rank order concerns 4 4 4 6 10 160 120 120 120 10 10 4 4 6 216 3 84 4 6 84 252 10 3 490 84 4 10 7 84 490 126 4 10 5 10 5 10 5 7 4 4 10 2 10 7 4 4 10 10 60 120 105 0 0 360 210 42 48 36 120 28 280 42 48 36 120 60 0
600 Restricted vehicle access, ensure structure can withstand impact. 500 600 Seismic Evaluation and certification. 160 72
Page 1 of 10
Contain LH2 @10000psi?
Leakage/Rupture
H2 Embrittlement
4 3 3 6
Specification: Supplier Specification: Supplier Specification: Supplier Procedure/Design: Restricted Access Procedure: Operator Training
4 4 4 6
160 120 120 360
10 Corrosion 9 Stress Cycling/Fatigue Mechanical damage (impact)
Thermally Isolate LH2 from Environment
Allow Excess Heat Conduction
6 6
Incorrect Design Specifications Control Malfunction Vacuum Jacket Failure Mechanical Damage Mechanical Damage
2 4 3 6 6
Control: Vent to Stack Procedure: Restricted Access Procedure: Operator Training Control: Vent to Stack
10 10 2 10 2
200 400 36 360 84
Pressure Regulator
Reduce LH2 Pressure from 10000psi to 7200psi
Pressure Too High
Excess Liquid Pressure
Pressure Too Low
System Fault
Thermally Isolate LH2 Allow Excess Heat from Environment Conduction Provide LH2 Flow Path Flow Blocked Insufficient Flow Capability Contain LH2 @10000psi Leakage/Rupture
Excess Vapour Pressure Excess Liquid Pressure Decreased Pressure
7 3 3 3 6 7 7 3 3 8
Debris Debris Mechanical Wear Incorrect Design Specifications Debris Mechanical Damage Incorrect Design Specifications Debris H2 Embrittlement
6 6 8 2 6 6 6 6 4 3 3 6
Control: Vent to Stack Control: Shutdown Control: Shutdown Control: Shutdown Control: Vent to Stack Control: Vent to Stack Control: Shutdown
2 7 7 7 2 2 10 7 10 4 4 4 6
84 126 168 0 24 84 420 126 180 160 120 120 360
Vapourizor
Flow Path: LH2-CH2
Flow Blocked
Excess Liquid Pressure Excess Vapour Pressure
7 6 6 3 3 3 3 8
Mechanical damage (collision) Mechanical Damage (attack) Incorrect Design Specifications Debris Corrosion Mechanical Damage Debris Corrosion Mechanical Damage Incorrect Design Specifications H2 Embrittlement
2 5 2 7 3 6 7 3 6 2 4 3 3 6
Control: Vent to Stack Control: Vent to Stack Specification: Supplier Control: Shutdown Specification: Supplier
10 10 10 2 4 10 7 4 10 10 4 4 4 6
200 500 200 98 72 360 147 36 180 60 160 120 120 360
Excessive Pressure Drop
Insufficient Process Pressure
Contain LH2 @72000psi?
Leakage/Rupture
Heat Exchange; LH2 to Low Pressure -30C with Air @Varying Ambient Temperature
System fault
Mechanical damage (collision) Mechanical Damage (attack) Incorrect Design Specifications Ambient temperature too low
2 5 2 10 Control: Shutdown
10 10 10 7
200 500 200 210
3 High Pressure Output Stream Too Cold Excess Vapour Pressure System Fault 6 1 1 6 6 Printed:3/15/2013
Freezing/ice reducing heat conduction Ambient temperature too high Incorrect Design Specifications Ambient Temperature too Low Ambient Temperature too Hot Incorrect Design Specifications
10 Control: Shutdown 10 Control: Vent to Stack 2 Control: Warning 10 10 Control: Vent to Stack 2
7 2 2 10 2 10
210 120 4 100 120 120 Page 2 of 10
Output Stream Too Hot Excess Vapour Pressure
Contain CH2 @7200psi
Leakage/Rupture
Release to Storage Area and Dissipation of H2 Release to Storage Area and Combustion of Vapour
H2 Embrittlement
4 3 3 6
4 4 4 6
160 120 120 360
10 Corrosion Stress Cycling/Fatigue Mechanical damage (impact)
Regenerator Thermal Storage
Moderate CH2 Temperature Too High Excess Vapour Pressure Temperature Variations
Mechanical damage (collision) Mechanical Damage (attack) Incorrect Design Specifications Incorrect Design Specifications
2 5 2 2
Control: Vent to Stack
10 10 10 2
200 500 200 24
Temperature Too Low
System Fault
Leakage/Rupture
6 6 6 1 1 1 1 8
Corrosion Mechanical Damage Debris Incorrect Design Specifications Corrosion Mechanical Damage Debris H2 Embrittlement
3 6 7 2 3 6 7 4 3 3 6
Specification: Supplier
Specification: Supplier
4 10 10 10 4 10 10 4 4 4 6
72 360 420 20 12 60 70 160 120 120 360
Low Pressure Drop Flow Path
System fault
3 3 3 3 6 6 6 8
Mechanical damage (collision) Mechanical Damage (attack) Incorrect Design Specifications Debris Corrosion Mechanical Damage Incorrect Design Specifications Debris Corrosion Mechanical Damage H2 Embrittlement
2 5 2 7 3 6 2 7 3 6 4 3 3 6
Control: Shutdown Specification: Supplier
10 10 10 7 4 10 10 2 4 10 4 4 10 6
200 500 200 147 36 180 60 84 72 360 160 120 300 360
Flow Blocked
Control: Vent to Stack Specification: Supplier Specification: Supplier Specification: Supplier
Buffer Storage Contain CH2 @-25C, 7200psi
Leakage/Rupture
Procedure/Design: Restricted Access Procedure: Operator Training
Flow Path: CH2 to Dispensor
Flow Blocked
6 6 6 3 3 3 3 9
Mechanical damage (collision) Mechanical Damage (attack) Incorrect Design Specifications Debris Corrosion Mechanical Damage Debris Corrosion Mechanical Damage Incorrect Design Specifications H2 Embrittlement
2 5 2 7 3 6 7 3 6 2 4 3 3 6 2 5 4 2 4 7 3 6
Control: Vent to Stack Specification: Supplier Control: Shutdown Specification: Supplier
10 10 10 2 4 10 7 4 10 10 4 4 4 10 10 4 10 10 2 4 10
200 500 200 84 72 360 147 36 180 60 160 120 120 0 200 500 160 200 400 84 72 360 Page 3 of 10
Low Process Pressure
Dispensor
Leakage/Rupture
Release into Occupied Area and Dissipation of H2 Release into Occupied Area and Combustion of Vapour
Specification: Supplier Specification: Supplier Specification: Supplier
10 Corrosion Stress Cycling/Fatigue Mechanical damage (impact) Mechanical damage (collision) Mechanical Damage (attack) Operator Error Incorrect Design Specifications Control Malfunction Debris Corrosion Mechanical Damage
Procedure: Operator Training
Flow Path: Vehicle CH2 Flow Blocked Supply @6000psi
6 6 6
Control: Vent to Stack Specification: Supplier
Printed:3/15/2013
Low Fueling Pressure
1 1 1 1 1 1 7 7 7 7 3
Debris Corrosion Mechanical Damage Incorrect Design Specifications Incorrect Design Specifications Control Malfunction Incorrect Design Specifications Control Malfunction Fueling Rate Too High Inlet Gas Too Warm Electrical Damage (shock)
7 3 6 2 2 4 2 4 6 5 6
Control: System Fault - abort fueling Specification: Supplier
0 4 10 10 2 2 7 7 7 7 7 12 60 20 4 8 98 196 294 245 126
Provide CH2 @6000psi @xxpsi
Low Pressure
Low Fueling Pressure
Control: Abort Fueling Control: Abort Fueling Control: Vent to Stack Control: Vent to Stack Control: Vent to Stack Control: Vent to Stack Control: Shutdown
High Pressure
Monitor Fueling Status No Signal & Communicate with Controller
System fault
Temp Bias Low
Excess Tank Pressure: Potential Rupture Decreased tank Pressure: Incomplete Fueling Excess Tank Pressure: Potential Rupture Decreased tank Pressure: Incomplete Fueling Potential Gas Leakage
3 3 3 10
Out of Range Power Failure Calibration Error Electrical Damage (shock)
5 4 7 6 7 6 7 6 7 6 7 6 4 4 3 3 6 2 7 3 6 7 3 6 2 2 6 4 3 6 4 4
Procedure: Supplier Calibration Control: Shutdown Procedure: Supplier Calibration Control: Shutdown Procedure: Supplier Calibration Control: Shutdown Procedure: Supplier Calibration Control: Shutdown Procedure: Supplier Calibration Control: Shutdown
10 10 5 7 5 7 5 7 5 7 5 7 10 4 4 4 6 10 2 4 10 7 4 10 10 2 10 4 4 6 10 4
150 120 105 420 350 42 35 420 350 42 35 420 400 160 120 120 360 200 98 84 420 147 36 180 60 24 360 80 60 180 200 112
Temp Bias High
10 Calibration Error 1 Electrical Damage (shock) 1 Calibration Error 10 Electrical Damage (shock) 10 Calibration Error 1 Electrical Damage (shock) 1 Calibration Error 10 Electrical Damage (shock) 10 Power Failure 8 H2 Embrittlement 10 Corrosion 9 Stress Cycling/Fatigue Mechanical damage (impact) Incorrect Design Specifications Debris Corrosion Mechanical Damage Debris Corrosion Mechanical Damage Incorrect Design Specifications Incorrect Design Specifications Mechanical Damage H2 Embrittlement Corrosion Mechanical damage (impact) Control Malfunction H2 Embrittlement
Pressure Bias Low
Pressure Bais High
Provide User Emergency Shutdown LH2 Valve Contain LH2 @10000psi?
No Shutdown Initiated
Leakage/Rupture
Specification: Supplier Specification: Supplier Specification: Supplier Design: Restricted Access Control: Vent to Stack Specification: Supplier Design: Rupture Disk - Vent to Stack Control: Shutdown Specification: Supplier
System Flow path
Flow Blocked
Excess Liquid Pressure Excess Pressure Buildup
7 7 7 3 3 3 3 6 6 5 5 5 5 7
Low System Pressure
Thermaly Isolate LH2 from Environment Isolate Flowpath (Open/Close)
Allow Excess Heat Conduction Fails Open
Cannot Isolate System Components:
Specification: Supplier Specification: Supplier Design: Restricted Access Control: Vent to Stack Specification: Supplier Specification: Supplier Design: Rupture Disk - Vent to Stack Design: Restricted Access Specification: Supplier Specification: Supplier Specification: Supplier Design: Restricted Access
Fails Closed
Corrosion
63
CH2 Valve
Leakage/Rupture
Release to Storage Area and Dissipation of H2 Release to Storage Area and Combustion of Vapour Release into Occupied Area and Dissipation of H2 Release into Occupied Area and Combustion of Vapour Excess Liquid Pressure
7 7 8
Mechanical damage (impact) Control Malfunction H2 Embrittlement
6 4 4 3 3 6 2 7
6 10 4 4 4 6 10 2
252 280 160 120 120 360 200 98 Page 4 of 10
10 Corrosion 9 Stress Cycling/Fatigue
10 Mechanical damage (impact) Incorrect Design Specifications Debris
System Flow path Printed:3/15/2013
Flow Blocked
Corrosion
Specification: Supplier Design: Rupture Disk - Vent to Stack Control: Shutdown Specification: Supplier
63
Low System Pressure
7 3 3 3 3 5 5 5 5 7
Mechanical Damage Debris Corrosion Mechanical Damage Incorrect Design Specifications H2 Embrittlement Corrosion Mechanical damage (impact) Control Malfunction H2 Embrittlement
6 7 3 6 2 4 3 6 4 4
10 7 4 10 10 4 4 6 10 4
420 147 36 180 60 80 60 180 200 112
Isolate Flowpath (Open/Close)
Fails Open
Cannot Isolate System Components:
Specification: Supplier Specification: Supplier Design: Restricted Access Control: Vent to Stack Specification: Supplier Specification: Supplier Design: Restricted Access Specification: Supplier Design: Rupture Disk - Vent to Stack Design: Restricted Access Control: Vent to Stack Design: Restricted Access Control: Vent to Stack Specification: Supplier Design: Rupture Disk - Vent to Stack Control: Shutdown Specification: Supplier
Fails Closed
7 7 7 7
Corrosion Mechanical damage (impact) Control Malfunction Corrosion
3 6 4 3
4 6 10 3
84 252 280 63
Thermaly Isolate LH2 from Environment Check Valve Provide Single Direction Flow Path
Allow Excess Heat Conduction Flow Blocked
7 7 6 6 7 7
Mechanical damage (impact) Control Malfunction Incorrect Design Specifications Mechanical damage (impact) Debris Corrosion
6 4 2
6 10 2 6 2 3
252 280 24 0 98 63
7 3
Low System Pressure
7 3 3 3 3 10 10 10 10 8
Mechanical Damage Debris Corrosion Mechanical Damage Incorrect Design Specifications H2 Embrittlement Corrosion Mechanical damage (impact) Incorrect Design Specifications H2 Embrittlement
6 7 3 6 2 4 3 6 2 4 3 3 6 2 2
10 7 4 10 10 4 4 6 10 4 4 4 6 10 2 6 2
420 147 36 180 60 160 120 360 200 160 120 120 360 0 24 0 36
Fails to Check
Backflow of Process Gases: Potential Rupture?
Specification: Supplier Specification: Supplier Design: Restricted Access Specification: Supplier Specification: Supplier Specification: Supplier Design: Restricted Access
Leakage/Rupture
Release to Storage Area and Dissipation of H2 Release to Storage Area and Combustion of Vapour Release into Occupied Area and Dissipation of H2 Release into Occupied Area and Combustion of Vapour Excess Vapour Pressure
10 Mechanical damage (impact) Incorrect Design Specifications Incorrect Design Specifications Mechanical damage (impact) Vacuum Jacket Failure
Thermaly Isolate LH2 from Environment Vacuum Jacket Thermally Isolate LH2 from Environment Lines (LH2)
Allow Excess Heat Conduction Allow Excess Heat Conduction
6 6 6
Control: Vent to Stack Design: Restricted Access Control: Vent to Stack
6 6
Incorrect Design Specifications Mechanical damage (impact)
2 Procedure/Design: Restricted Access Procedure: Operator Training Specification: Supplier Specification: Supplier Specification: Supplier Procedure/Design: Restricted Access Procedure: Operator Training Procedure: Operator Training Control: Vent to Stack
10 6
120 0
Contain LH2 @1000psi Leakage/Rupture
H2 Embrittlement
4 3 3 6
4 4 4 6
160 120 120 360
Provide Flow Path A-B Flow Blocked Printed:3/15/2013
Operator Error Incorrect Design Specifications Debris
4 2 7
4 10 2
160 200 98 Page 5 of 10
Corrosion
Specification: Supplier Design: Rupture Disk - Vent to Stack Control: Shutdown Specification: Supplier
63
Low System Pressure
7 3 3 3 3 8
Mechanical Damage Debris Corrosion Mechanical Damage Incorrect Design Specifications H2 Embrittlement
6 7 3 6 2 4 3 3 6 2 7 6 7
10 7 4 10 10 4 4 4 6 10 5 10 5
420 147 36 180 60 160 120 120 360 200 0 0 245
Pressure Sensor (LH2)
Contain LH2 Under Pressure
Leakage/Rupture
Specification: Supplier Specification: Supplier Specification: Supplier Design: Restricted Access Procedure: Supplier Calibration
10 Corrosion 9 Stress Cycling/Fatigue Mechanical damage (impact) Incorrect Design Specifications Calibration Error Electrical Damage (shock) Calibration Error
Output Pressure Signal High Pressure Bias
Low Pressure Bias
Electrical Damage (shock)
No Signal
System fault
Pressure Sensor (CH2)
Contain CH2 Under Pressure
Leakage/Rupture
Release to Storage Area and Dissipation of H2 Release to Storage Area and Combustion of Vapour Release into Occupied Area and Dissipation of H2 Release into Occupied Area and Combustion of Vapour
3 3 3 3 8
Electrical Damage (shock) Out of Range Power Failure Calibration Error H2 Embrittlement
6 5 4 7 4 3 3 6 2 7 6 7
Procedure: Supplier Calibration Design: Rupture Disk - Vent to Stack Procedure: Supplier Calibration Design: Rupture Disk - Vent to Stack Control: Shutdown Control: Shutdown Control: Shutdown Procedure: Supplier Calibration Specification: Supplier Specification: Supplier Specification: Supplier Design: Restricted Access
10
420
7 7 7 5 4 4 4 6 10 5 10 5
126 105 84 105 160 120 120 360 200 35 60 245
10 Mechanical damage (impact) Incorrect Design Specifications Calibration Error Electrical Damage (shock) Calibration Error
Output Pressure Signal High Pressure Bias
1 1 7
Procedure: Supplier Calibration
Low Pressure Bias
No Signal
System fault
Flow Meter (LH2)
Contain LH2 Under Pressure
Leakage/Rupture
7 3 3 3 3 8
Electrical Damage (shock) Electrical Damage (shock) Out of Range Power Failure Calibration Error H2 Embrittlement
6 6 5 4 7 4 3 3 6 2 7 6 6 7 6 5 4 7 7 3
Procedure: Supplier Calibration Design: Rupture Disk - Vent to Stack Control: Shutdown Control: Shutdown Control: Shutdown Control: Shutdown Procedure: Supplier Calibration Specification: Supplier Specification: Supplier Specification: Supplier Design: Restricted Access System Fault: Shutdown Procedure: Supplier Calibration Design: Rupture Disk - Vent to Stack Procedure: Supplier Calibration Control: Shutdown Control: Shutdown Control: Shutdown Procedure: Supplier Calibration Control: Vent to Stack Specification: Supplier Design: Rupture Disk - Vent to Stack Control: Shutdown Control: Shutdown
7 7 7 7 5 4 4 4 6 10 7 7 10 5 7 7 7 5 2 3
294 126 105 84 105 160 120 120 360 200 147 126 360 210 126 105 84 105 98 63
10 Corrosion 9 Stress Cycling/Fatigue Mechanical damage (impact) Incorrect Design Specifications Calibration Error Electrical Damage (shock) Electrical Damage (shock) Calibration Error Electrical Damage (shock) Out of Range Power Failure Calibration Error Debris Corrosion
Output FLow Signal
High Flow Bias
Decreased Process Flow
3 3 6 6 3 3 3 3 7 7
Low Flow Bias
Excess System Pressure Flow
No Signal
System fault
Flow Path: Low Restriction
Flow Blocked
Excessive Pressure Drop Printed:3/15/2013
Low System Pressure
7 3
Mechanical Damage Debris
6 7
7 7
294 147 Page 6 of 10
Flow Meter (CH2)
Contain CH2 Under Pressure
Leakage/Rupture
3 3 3 8
Corrosion Mechanical Damage Incorrect Design Specifications H2 Embrittlement
3 6 2 4 3 3 6 2 6 7
Specification: Supplier Control: Shutdown Control: Shutdown Specification: Supplier Specification: Supplier Specification: Supplier Design: Restricted Access System Fault: Shutdown Procedure: Supplier Calibration Design: Rupture Disk - Vent to Stack Control: Vent to Stack Procedure: Supplier Calibration Control: Shutdown Control: Shutdown Control: Shutdown Procedure: Supplier Calibration Control: Vent to Stack Specification: Supplier Design: Rupture Disk - Vent to Stack Control: Vent to Stack Control: Shutdown Specification: Supplier Control: Shutdown Control: Shutdown Specification: Supplier Specification: Supplier Specification: Supplier Design: Restricted Access
4 7 7 4 4 4 6 10 5
36 126 42 160 120 120 360 200 0 210
10 Corrosion Stress Cycling/Fatigue Mechanical damage (impact) Incorrect Design Specifications Electrical Damage (shock) Calibration Error
Output FLow Signal
High Flow Bias
Decreased Process Flow Excess System Pressure Flow
3 6
Low Flow Bias No Signal
Excess Liquid Pressure System fault
Flow Blocked
7 7 3 3 3 3 7 7
Electrical Damage (shock) Calibration Error Electrical Damage (shock) Out of Range Power Failure Calibration Error Debris Corrosion
6 7 6 5 4 7 7 3
2 5 7 7 7 5 2 3
84 245 126 105 84 105 98 63
Low System Pressure
7 3 3 3 3 8
Mechanical Damage Debris Corrosion Mechanical Damage Incorrect Design Specifications H2 Embrittlement
6 7 3 6 2 4 3 3 6 2 7 3
10 7 4 10 10 4 4 4 6 10 2 3
420 147 36 180 60 160 120 120 360 200 98 63
Fittings (High Pressure)
Contain LH2 under Pressure
Leakage/Rupture
Release to Storage Area and Dissipation of H2 Release to Storage Area and Combustion of Vapour Release into Occupied Area and Dissipation of H2 Release into Occupied Area and Combustion of Vapour Excess Liquid Pressure Excess Pressure Buildup
10 Mechanical damage (impact) Incorrect Design Specifications Debris Corrosion
Flow Blocked
7 7
Control: Vent to Stack Specification: Supplier Design: Rupture Disk - Vent to Stack Control: Vent to Stack Control: Shutdown Specification: Supplier Control: Shutdown Control: Shutdown Specification: Supplier Specification: Supplier Specification: Supplier Design: Restricted Access Control: Vent to Stack Specification: Supplier Design: Rupture Disk - Vent to Stack Control: Vent to Stack Control: Shutdown Specification: Supplier Control: Shutdown Control: Shutdown Control: Shutdown
Low System Pressure
7 3 3 3 3 9
Mechanical damage Debris Corrosion Mechanical damage Incorrect Design Specifications H2 Embrittlement
6 7 3 6 2 4 3 3 6 2 7 3
3 7 4 10 10 4 4 4 6 10 3 3
126 147 36 180 60 160 120 120 360 200 147 63
Fittings (Cryogenic)
Contain LH2 under Pressure
Leakage/Rupture
10 Corrosion 9 Stress Cycling/Fatigue Mechanical damage (impact) Incorrect Design Specifications Debris Corrosion
Flow Blocked
7 7
Low System Pressure
7 3 3 3 3 8
Mechanical damage Debris Corrosion Mechanical damage Incorrect Design Specifications Ignition Source
6 7 3 6 2 2
3 7 4 7 7 10
126 147 36 126 42 160
Vent Stack
Provide Safe Vent Stream for Process Gas
Combustion of Gas
Combustion Within Vent Stack
8 Printed:3/15/2013
Control Malfunction
4 Process FMEA Template
10
320 Page 7 of 10
Vent Stack
Blockage
Rupture Of Process Lines/Components
10 Corrosion 10 Mechanical damage (impact) 10 Mechanical damage (attack) 10 Mechanical damage (structural)
3 6 5 6
Specification: Supplier Design: Restricted Access
4 6 10 10
120 360 500 600 Structural Modifications and assesment 360 108 324 450 540 Structural Modifications and assesment
Restricted
Insufficient Venting
9 9 9 9 9
Debris Corrosion Mechanical damage (impact) Mechanical damage (attack) Mechanical damage (structural)
4 3 6 5 6
Specification: Supplier Design: Restricted Access
10 4 6 10 10
Printed:3/15/2013
Page 8 of 10
Process Step or Variable or Key Input What is the process step?
Potential Failure Mode In what ways can the Process Step, Variable, or Key Input go wrong? (chance of not meeting requirements)
Potential Failure Effects What is the impact on the Key Output Variables (customer requirements) or internal requirements?
S E V How Severe is effect to the customer?
Potential Causes What causes the Key Input to go wrong? (How could the failure mode occur?)
O C C How frequent is cause likely to Occur?
Current Process Controls What are the existing controls that either prevent the failure mode from occurring or detect it should it occur?
D E T How probable is Detection of cause?
R P N Risk Priority # to rank order concerns
Actions Recommended What are the actions for reducing the Occurrence of the cause, or improving Detection? Should have actions on high RPN's or Severity of 9 or 10.
Resp.& Target Date Who's Responsible for the recommended action? What date?
Actions Taken What were the actions implemented? Include completion month/year. (Then recalculate resulting RPN.)
S E V
O C C
D E T
R P N
######
9 of10
RATING FACTORS
RATING
DEGREE OF SEVERITY
PROBABILITY OF OCCURRENCE
FREQUENCY ( 1 in ) Cpk
ABILITY TO DETECT
Detection Certainty Sure that the potential failure will be found or prevented before producing a safety risk Almost certain that the potential failure will be found or prevented before producing a safety risk Low likelihood that the potential failure will be prevented before producing a safety risk Controls may detect or prevent the potential failure from occuring during operation Moderate likelihood that the potential failure will occur before producing a safety risk Controls are unlikely to detect or prevent the potential failure during operation
1 2 3 4 5
Safety or environmental impact is insignificant; customer will Likelihood of occurrence is not notice any adverse effects remote Safety or environmental impact is slight; customer will probably experience slight annoyance Low failure rate with supporting documentation
1,000,000 20,000 5,000 2,000 500
> 1.67 1.33 approx. 1.0 < 1.0
100% 99% 95 90 85
Safety and/or environmental impact will be affected due to Low failure rate without the slight degradation of performance of components; supporting documentation customer will experience annoyance Safety and/or environmental impact affected due to Occasional failures continually poor system performance; customer dissatisfied Considerable safety and/or environmental Impact due to failure of components; customer is made uncomfortable Relatively moderate failure rate with supporting documentation Considerable safety and/or environmental Impact due to Moderate failure rate without continued degredation of components; warranty repair, down supporting documentation time or significant manufacturing or assembly complaint High safety risk and/or severe environmental Impact without Relatively high failure rate with violating existing codes/standards; High degree of customer supporting documentation dissatisfaction; productivity impacted by high scrap or rework levels. High safety risk and/or severe environmental Impact violating existing codes/standards; very high degree of customer dissatisfaction High failure rate without supporting documentation
100
80
50
Poor likelihood that the potential failure will be detected or prevented before producing a safety risk
70
20
Very poor likelihood that the potential failure will be detected or prevented before producing a safety risk Current controls probably will not even detect the potential failure
60
Severe Safety impact with warning before failure or violation Failure is almost certain based of safety codes/regulations; customer endangered on specifications or significant DV testing
10
Absolute certainty that the current controls will not detect the potential failure
50
Severe Safety impact without warning before failure or violation of safety codes/regulations; customer endangered
10
Assured of failure based on specifications or significant DV testing
< 50
Page 10

FMEA 20fgt

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

FMEA 20fgt

Uploaded by

Copyright:

Available Formats

Component

Product Function What is the process step?

Potential Failure Effects What is the impact on Safety?

S E V How Severe is effect to Safety?

O C C How frequent is cause likely to Occur?

LH2 Storage (Dewar)

Contain LH2 @~30psi

10 Corrosion 9 Stress Cycling/Fatigue Mechanical damage (collision) Mechanical damage (impact)

Isolate LH2 from Environment

Allow Excess Heat Conduction

Excess Vapour Pressure

Vent Excessive Vapour PRD Fails Pressure

Excess Pressure Buildup

Corrosion Mechanical damage (impact)

Vent Line Blockage

Excess Pressure Buildup

Provide Vapour Pressure Signal to Controller

Corrosion Debris Electrical Damage (shock)

3 3 3 Signal Bias High Signal Bias Low Excess Vapour Pressure 6 6 3 3 3 3 7 7 3 3 3 3 3 1

Boost LH2 Pressure

High Pressure Provide Flow Control (On/Off, Variable) Insufficient Flow

Excess Liquid Pressure System Fault

High Flow Printed:3/15/2013

Low Process Gas Temp

Control: System warning

Process FMEA Template

Contain LH2 @10000psi?

160 120 120 360

10 Corrosion 9 Stress Cycling/Fatigue Mechanical damage (impact)

Thermally Isolate LH2 from Environment

Allow Excess Heat Conduction

Excess Vapour Pressure

200 400 36 360 84

Reduce LH2 Pressure from 10000psi to 7200psi

Pressure Too High

Excess Liquid Pressure

Pressure Too Low

Excess Vapour Pressure Excess Liquid Pressure Decreased Pressure

84 126 168 0 24 84 420 126 180 160 120 120 360

10 Corrosion 9 Stress Cycling/Fatigue Mechanical damage (impact)

Flow Path: LH2-CH2

Excess Liquid Pressure Excess Vapour Pressure

Excessive Pressure Drop

Insufficient Process Pressure

Contain LH2 @72000psi?

10 Corrosion 9 Stress Cycling/Fatigue Mechanical damage (impact)

200 500 200 210

210 120 4 100 120 120 Page 2 of 10

Output Stream Too Hot Excess Vapour Pressure

Process FMEA Template

Contain CH2 @7200psi

160 120 120 360

10 Corrosion Stress Cycling/Fatigue Mechanical damage (impact)

Regenerator Thermal Storage

Control: Vent to Stack

200 500 200 24

Temperature Too Low

Contain CH2 @7200psi

72 360 420 20 12 60 70 160 120 120 360

10 Corrosion Stress Cycling/Fatigue Mechanical damage (impact)

Low Pressure Drop Flow Path

Excessive Pressure Drop

Control: Shutdown Specification: Supplier