Event tree analysis

Piero Baraldi

Politecnico di Milano
Dipartimento di Energia
Classical Techniques for PRA: Event Tree Analysis

Hazard Analysis
Accident
Hazop Scenarios
FMECA Identification

FTA Failure
ETA Probabilty
Markov Models Assessment
Monte Carlo Simulation International Standards
Best Practices Evaluation of
Lessons learnt
Expert judgments the
Flow and transport codes
Finite Element Methods consequences
DC/AC power flows, etc.

Risk
evaluation

4
3
RISK = {Si, pi, xi} 2
1
ALARP = as low as
reasonably practicable

pi/xi A B C D
 Event Tree Analysis (ETA)

Objectives
1. Identification of possible scenarios
(accident sequences), developing from a given
accident initiator
2. Computation of accident sequence probability

• Systematic and quantitative

• Inductive (search for consequences)
 ETA: procedure steps
1. Define an accident initiator event (I):
• a system/component failure
• an external, potentially disruptive event (e.g. an earthquake, hurricane,…)
 ETA: procedure steps
1. Define an accident initiator event (I):
• a system/component failure
• an external, potentially disruptive event (e.g. an earthquake, hurricane,…)
2. Identify “headings” Sk :
• safety/protection functions, systems, procedures demanded by I
• phenomena potentially influencing the development of an accident sequence

Safety System 1
Safety
System
2
 ETA: procedure steps
1. Define an accident initiator event (I):
• a system/component failure
• an external, potentially disruptive event (e.g. an earthquake, hurricane,…)
2. Identify “headings” Sk :
• safety/protection functions, systems, procedures demanded by I
• phenomena potentially influencing the development of an accident sequence
3. Specify failure/success states of Sk
4. Combine the states of all Sk to generate accident sequences
 ETA: procedure steps
1. Define an accident initiator event (I):
• a system/component failure
• an external, potentially disruptive event (e.g. an earthquake, hurricane,…)
2. Identify “headings” Sk :
• safety/protection functions, systems, procedures demanded by I
• phenomena potentially influencing the development of an accident sequence
3. Specify failure/success states of Sk
4. Combine the states of all Sk to generate accident sequences
Example 1: Fire protection system
Example 1: Event Tree

The sequences can be further split by adding the

smoke detector, the alarm and the emergency door
 ETA typologies

• Functional event tree [typically developed in the

design phase]
• First stage: safety functions are identified (cooling, venting, …)
• Second stage: safety functions are substituted by the actual
safety systems (→ It becomes a system event tree)

• System event tree

The accident sequences in a plant are identified with respect to the
protection and safety systems/components involved (valves, pumps,
pipes, tanks, etc.)

• Phenomenological event tree

Description of the accident phenomenological evolution outside the
plant (winds, sea currents, animals/plants, etc.)
 ETA: some general comments (1)

1. One event tree for each accident initiator

2. Time and logic of Sk interventions are important for the
tree structure (simplifications possible)
 ETA: some general comments (1)

1. One event tree for each accident initiator

2. Time and logic of Sk interventions are important for the
tree structure (simplifications possible)
3. Sk states are conditional on accident initiator and
previous Sj’s states
 ETA: some general comments (2)

4. Conditional probabilities are assigned to Sk states

(upon previous identification, e.g. by FTA)

Sequence probability = product of the conditional probabilities

of the events in a branch

𝑃 𝐼𝑆1 𝑆2 = 𝑃 𝑆2 𝑆1 𝐼 ∙ 𝑃 𝑆1 𝐼
 ETA: some general comments (2)

4. Conditional probabilities are assigned to Sk states

(upon previous identification, e.g. by FTA)

Sequence probability = product of the conditional probabilities

of the events in a branch

𝑃 𝐼𝑆1 𝑆2 = 𝑃 𝑆2 𝑆1 𝐼 ∙ 𝑃 𝑆1 𝐼
= 𝑃 𝑆2 𝑆1 𝐼 ∙ 𝑃 𝑆1 |𝐼 ∙ 𝑃(𝐼)
 ETA: some general comments (2)

4. Conditional probabilities are assigned to Sk states

(upon previous identification, e.g. by FTA)

Sequence probability = product of the conditional probabilities

of the events in a branch
“Failure” probability = sum of the probabilities of the
sequences leading to failures
 Example 2: release of flammable gas
IE S1 S2 S3

S4

𝑃 𝑃𝑟𝑜𝑙𝑜𝑛𝑔𝑒𝑑 𝐹𝑖𝑟𝑒 = 𝑃 𝑆𝑒𝑞𝐴 + 𝑃 𝑆𝑒𝑞𝐵 =

=𝑃 𝐼 ∙ 𝑃 𝑆1 |𝐼 ∙ 𝑃 𝑆2 𝑆1 𝐼 ∙ 𝑃 𝑆3 𝑆2 𝑆1 𝐼 + 𝑃 𝐼 ∙ 𝑃 𝑆1 |𝐼 ∙ 𝑃 𝑆2 𝑆1 𝐼 ∙ 𝑃 𝑆3 𝑆2 𝑆1 𝐼
 ETA + FTA
S2 =

Success state
S1

Failure state
F1 S2 =

• The FT top events must be conditioned on the sequences identified by

the ETA up to the intervention of the system of interest
• It may occur that the event of interest is independent of the previous ones
in the sequence