Scribd
Upload
257 views23 pages

Engineering Risk Analysis Guide

The document discusses risk analysis methods including failure mode and effects analysis (FMEA). It describes defining system functions, identifying failure modes and their causes, and determining failure effects. The FMEA process involves analyzing these factors at different levels of a complex system from components to overall functions.

Uploaded by

Minhaj Rafi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
257 views23 pages

Engineering Risk Analysis Guide

The document discusses risk analysis methods including failure mode and effects analysis (FMEA). It describes defining system functions, identifying failure modes and their causes, and determining failure effects. The FMEA process involves analyzing these factors at different levels of a complex system from components to overall functions.

Uploaded by

Minhaj Rafi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Risk analysis methods

L EC T U R E 1 0 : FAIL U R E M O D ES EF F EC T S AN D C R IT IC ALIT Y AN ALYSIS

D r Pe te r D . D u n n i n g

ENGINEERING RISK & RELIABILITY ANALYSIS


Risk analysis of a complex system
o A complex system often has several levels that interact to provide the overall
functions of the system
o Correct functioning at one level depends on correct functioning at a lower level

System

Sub-system Sub-system

Component Component Component Component Component Component

ENGINEERING RISK & RELIABILITY ANALYSIS 2


Risk analysis of a complex system
o To fully analyse the risk of a complex system we should consider the accident sequence
at each level of detail
o What are the functions of the system or component?
o What are the ways that functionality is not met (failure)? – Failure Modes
o What are the mechanisms that can lead to failure? – Failure Causes
o What are the consequences of the failures modes? – Failure Effects

Accident / Undesired
Hazard
failure event consequences

Causes Mode Effects

ENGINEERING RISK & RELIABILITY ANALYSIS 3


Failure mode and effects analysis
o FMEA aims to systematically identify the functions, failure modes, failure causes
and failure effects of a system.
o Information is recorded in a FMEA table. For example:
Y
Component Function Failure mode Failure causes Failure effects
Bearing seizes
Impeller breaks
Level in tank Y drops
Unable to Impeller jammed
Pump water to critical in 20 mins,
pump water Coupling hub shears (fatigue) Pump
from tank X to then alarm sounded.
Motor fails
Pump tank Y, no less Inlet valve jams closed, etc …
than 800 litres
per minute Water
Impeller worn Level in tank Y drops.
pumped at
Partially blocked suction line Alarm sounded when
less than 800
etc… level reaches critical. X
litres / minute

ENGINEERING RISK & RELIABILITY ANALYSIS 4


Defining functions
o Failures are defined in terms of functions (see lecture 1)
o Function definitions should be specific and complete as possible
➢ Pump: Pump water from tank X to tank Y, no less than 800 litres per minute
➢ Power station: Supply at least 1 GW of electricity to the grid
➢ Engine: Provide up to 400W power at up to 2500 rpm to input shaft of gear box
o Function statements should contain:
➢ A verb: pump, supply, provide, contain etc…
➢ Object(s): water to tank Y, electricity to grid, power to gear box shaft
➢ Desired performance standard:
(at least) 800 l/min, 1 GW, 400W at 2500rpm

ENGINEERING RISK & RELIABILITY ANALYSIS 5


Types of function
o Primary: related to the main purpose of the component or system (see previous slide)
o Secondary: important additional functions that also need to be met (ESCAPES)
➢ Environmental integrity: Power station – emit no more than N micrograms of a chemical per cubic metre
➢ Safety/structural integrity: Wall – support the weight of the roof (and other relevant loading)
➢ Control/containment/comfort: Car – driver is able to control speed at will between -10 and 80 Mph
➢ Appearance: Paintwork – prevent corrosion (primary), secondary (enhance visibility)
➢ Protection: Devices that prevent or reduce the harm or damage a failure causes (pressure relief valve)
➢ Economics/efficiency: Fossil fuel power station – export at least 45% of latent energy in fuel as electricity
➢ Superfluous functions: Can appear after equipment modification, failure can have unwanted consequences

o Exact categorisation does not matter – as long as all important functions are defined

ENGINEERING RISK & RELIABILITY ANALYSIS 6


Operating context
o Effects the nature, frequency and severity of failure modes
o Thus, needs to be clearly defined before functions are identified
o The operating context can include:
➢ Environmental standards (acceptable levels of emissions)
➢ Safety standards (Heath and Safety regulations)
➢ Quality standards (tolerances, surface finish)
➢ Redundancy (back-up, alternative method)
➢ Operating mode (installation, idle, start-up, normal running)
➢ Organisational factors (availability of workers, logistics)
➢ Existing failures or faults in the system

ENGINEERING RISK & RELIABILITY ANALYSIS 7


Failure modes
o There may be more than one way in which a function can fail to be met
o Failure modes are the ways that a function is not met
o Important to list all possible modes, as they will likely have different causes and effects
➢ Full failure: Unable to pump water
➢ Partial failure: Water pumped at less than 800 litres / minute

Component Function Failure mode


1. Unable to channel gas at all
Channel hot turbine exhaust gas
2. Gas flow restricted
without restriction to a fixed point
3. Fails to contain gas
10m above turbine hall room
Turbine 4. Fails to convey gas to the fixed point
exhaust Reduce exhaust noise levels to
1. Noise level exceeds ISO Rating 30 at 150m
ISO Noise Rating 30 at 150m
etc..

ENGINEERING RISK & RELIABILITY ANALYSIS 8


Failure causes
o Describe all “likely” possible causes of a failure mode
o Example: falling capability
➢ Deterioration (fatigue, corrosion, abrasion, erosion, evaporation)
➢ Lubrication failure (insufficient amount, wrong type, degraded)
➢ Dirt (contamination, interference with mechanisms)
➢ Disassembly (components coming loose / detaching completely)
➢ Human errors (incorrect operation, maintenance etc..)
➢ Sub-component failure
o Example: overloading capacity
➢ Sustained deliberate (e.g. overproduction) / unintentional
➢ Sudden unintentional (e.g. impact from foreign source – bird strike)
➢ Processing of materials out of specification (e.g. hardness, pH)

ENGINEERING RISK & RELIABILITY ANALYSIS 9


Failure effects
o Describe what happens when a failure mode occurs
o Different from failure consequences (how bad is the failure mode)
o Useful information to record for failure effects:
➢ Evidence that the failure mode occurred (alarms, smoke, noises)
➢ Any threat to safety or environment (hazardous chemical release, structural collapse)
➢ Any threat to production or operations (downtime, reduced quality)
➢ Possible physical damage caused (to other components / systems)

ENGINEERING RISK & RELIABILITY ANALYSIS 10


FMEA process
o First, the aim and scope of the analysis should be defined:
➢ What is being analysed? system, project, process
➢ What is the operating context? environment, operating mode
➢ What is the level of detail to include? sub-systems, assemblies, components, interfaces

o The FMEA process can be summarised as: identify…


1. individual items and their functions – by referring to the required level of detail
2. their failure modes – in terms of the item functions
3. potential failure causes (mechanisms) – in the level of detail below
4. possible failure effects – in terms of the system functionality and local effects

ENGINEERING RISK & RELIABILITY ANALYSIS 11


Increasing detail

FMEA cascade
o Identifying the level of detail is important because:
➢ Failure causes are failure modes at a more detailed level
➢ Failure modes are failure effects at a more detailed level
o Leads to a “bottom up” inductive approach
➢ Often start with the most detailed level (smallest parts) Inductive

Component Function Failure mode Failure causes Failure effects


Contain enough Loss of lubricant,
Bearing Lubricant leaks Poorly fitted,
lubricant to prevent resulting in bearing
lubricant seal past seal Damaged
bearing seizure seizure
Allow motor to rotate
Not enough
Motor bearing freely (for specific Bearing seizes Motor fails
lubricant
loading & speed)

ENGINEERING RISK & RELIABILITY ANALYSIS 12


Criticality Analysis
o FMEA can be taken one step further by analysing the criticality of each failure mode
o FMECA, Failure Modes, Effects and Criticality Analysis
o Assume worst case conditions when evaluating failure mode criticality
o The criticality analysis usually considers the following:
➢ Occurrence, or probability of failure cause (OCC)
➢ Severity of failure mode (SEV)
➢ Detection rate of failure mode (DET)
➢ Risk Priority Number: RPN = OCC × SEV × DET

ENGINEERING RISK & RELIABILITY ANALYSIS 13


Occurrence rating
o The probability of occurrence is given a rating from 1 (remote) to 10 (very high)
o Example:

ENGINEERING RISK & RELIABILITY ANALYSIS 14


Severity rating
o The severity of a failure mode is given a rating from 1 (minor) to 10 (very high / major)
o Example:

ENGINEERING RISK & RELIABILITY ANALYSIS 15


Detection rating
o The likelihood of detection is given a rating from 1 (very high) to 10 (non-detection)
o Example:

ENGINEERING RISK & RELIABILITY ANALYSIS 16


FMECA table
o Extract from example FMECA table:
O S D R
Operating Failure
Item Function Failure causes Failure effects C E E P
mode mode
C V T N
3 4 1 12
1. Bearing seizes
2. Impeller breaks 1 6 1 6
3. Impeller jammed Level in tank Y drops 6 5 1 30
Unable to
4. Coupling hub shears to critical in 20 mins,
Pump water pump water 2 6 1 12
(fatigue) then alarm sounded.
from tank X to 5. Motor fails
Normal 2 6 1 12
Pump tank Y, no less 6. Inlet valve jams closed
production 4 5 2 40
than 800 litres
per minute Water
pumped at 1. Impeller worn Level in tank Y drops. 5 3 2 30
less than 2. Partially blocked suction Alarm sounded when
800 litres / line level reaches critical. 4 3 2 24
minute

ENGINEERING RISK & RELIABILITY ANALYSIS 17


Risk reduction prioritisation
o Criticality analysis can identify areas for improvement (risk reduction)
o Use RPN as a guide, high = priority areas, but there are no fixed rules
o Some limitations of using RPN for risk reduction prioritisation:
➢ The same RPN is obtained with different combinations of OCC, SEV & DET, but do not
necessarily mean the same level of risk:
OCC=3, SEV=7, DET=2, RPN=42
OCC=7, SEV=6, DET=1, RPN=42 This would seem like a higher risk failure!

➢ Even if RPN is low, OCC or SEV may be high, so we may want to take action:
OCC=9, SEV=2, DET=1, RPN=18
OCC=2, SEV=8, DET=1, RPN=16

ENGINEERING RISK & RELIABILITY ANALYSIS 18


Prevention / control measures
o To reduce risk, prevention and/or control measures can be suggested
o Should be recorded in the FMECA table – with effect on RPN
o Prevention / control measures can improve the system by:
1. Eliminating the failure mode (not always possible)

2. Reducing the occurrence (probability of failure): e.g. change design to add redundancy

3. Reduce severity: e.g. add subsystem to mitigate effects of the failure (sprinkler system)

4. Increasing the detection rate: e.g. increase number of sensors, or frequency of checks

ENGINEERING RISK & RELIABILITY ANALYSIS 19


Prevention / control measures
o Example:
O S D R
Operating Failure
Item Function Failure causes Failure effects C E E P
mode mode
C V T N
Pump water from
Unable Level in tank Y drops to
Normal tank X to tank Y, no
Pump to pump 6. Impeller jammed critical in 20 mins, then 6 5 1 30
production less than 800 litres
water alarm sounded.
per minute

o The occurrence of the failure is reduced by suggesting a redesign:


Responsible Target
Prevention measure Action taken OCC SEV DET RPN
person date
Redesign to add filter
Redesign completed
to reduce probability of Manufacturer 3 months 2 5 1 10
and installed
impeller jamming

ENGINEERING RISK & RELIABILITY ANALYSIS 20


When to do FMECA
o Can perform in early stages of the design
➢ Helps prevent design changes late in the design cycle

o Should be updated throughout the life cycle – living document


➢ as new information becomes available
➢ design detail, operational experience, change of environment, incidents

o It is most effectively used with a product that is either:


➢ mission critical
➢ has novel use of existing technology
➢ remotely operated or difficult to maintain
➢ has a poor reliability record
➢ intended for high volume production

ENGINEERING RISK & RELIABILITY ANALYSIS 21


Benefits / Limitations of FMECA
o Benefits:
➢ Insight and understanding of factors that effect system reliability and risks
➢ Identify all failure modes that have significant effect on system reliability and risks
➢ Identify areas for risk reduction – prevention / control measures
➢ Use to identify inputs for other risk assessment methods – more detailed analysis

o Limitations:
➢ Single component failure only, does not consider combinations of failed components
➢ Time consuming

ENGINEERING RISK & RELIABILITY ANALYSIS 22


Further reading
o FMECA presentation:
https://www.ntnu.edu/documents/624876/1277590549/chapt03-fmeca.pdf

o Chapter 9

ENGINEERING RISK & RELIABILITY ANALYSIS 23

You might also like