CN111061245A - Error action evaluation method of safety instrument system - Google Patents

Error action evaluation method of safety instrument system Download PDF

Info

Publication number
CN111061245A
CN111061245A CN201911151154.XA CN201911151154A CN111061245A CN 111061245 A CN111061245 A CN 111061245A CN 201911151154 A CN201911151154 A CN 201911151154A CN 111061245 A CN111061245 A CN 111061245A
Authority
CN
China
Prior art keywords
safety
failure
instrument system
calculating
false operation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911151154.XA
Other languages
Chinese (zh)
Inventor
戚萌
赵东风
阚钰烽
酒江波
张婷婷
李伟
周超
王效天
韩续增
张洪玉
臧洪龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qingdao Oasis Environmental & Safety Technology Co ltd
Original Assignee
Qingdao Oasis Environmental & Safety Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qingdao Oasis Environmental & Safety Technology Co ltd filed Critical Qingdao Oasis Environmental & Safety Technology Co ltd
Priority to CN201911151154.XA priority Critical patent/CN111061245A/en
Publication of CN111061245A publication Critical patent/CN111061245A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B23/00Testing or monitoring of control systems or parts thereof
    • G05B23/02Electric testing or monitoring
    • G05B23/0205Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults
    • G05B23/0218Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults characterised by the fault detection method dealing with either existing or incipient faults
    • G05B23/0243Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults characterised by the fault detection method dealing with either existing or incipient faults model based detection method, e.g. first-principles knowledge model
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/20Pc systems
    • G05B2219/24Pc safety
    • G05B2219/24065Real time diagnostics

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Automation & Control Theory (AREA)
  • Testing And Monitoring For Control Systems (AREA)

Abstract

The invention discloses a false operation evaluation method of a safety instrument system, which belongs to the field of safety instrument systems and comprises the following steps: analyzing the redundant voting structure of the functional safety loop of the safety instrument system to obtain the redundant voting structure of each functional safety loop subsystem, and judging whether the functional safety loop subsystem meets the conditions; calculating the false operation rate of each safety instrument system function safety loop subsystem caused by independent failure; selecting a proper common cause failure model, and calculating the false operation rate of each safety instrument system function safety loop subsystem caused by common cause failure; calculating the failure probability of each safety instrument system function safety loop subsystem when the average requirement is met; and calculating the total false operation rate of the functional safety loop of the safety instrument system. The invention can effectively evaluate and reduce the occurrence frequency of false actions, and provides an analysis basis for reducing the number of false actions and reducing economic and safety risks in the process of opening and closing the parking of an enterprise.

Description

Error action evaluation method of safety instrument system
Technical Field
The invention relates to the technical field of safety instrument systems, in particular to a method for evaluating misoperation of a safety instrument system.
Background
Safety Instrumentation Systems (SIS) is widely used in petrochemical, chemical or other manufacturing industries as an important Safety protection means. The traditional calculation method of the false operation rate (STR) of the safety instrument system is divided into three types, and the first type of false operation rate calculation only assumes that the false operation failure of the element can cause false operation; the second category is that false action failures and danger detectable failures of the assumed elements respectively cause false actions; the third category is that malfunction failures and dangerously detectable failures of the elements are assumed to combine to cause malfunction. Because the third kind of hypothesis better accords with the actual safety requirement of process unit operation, the third kind of method is considered as a representative false operation rate quantification method in the international scope at present, and the method better accords with the evaluation of the false operation of the actual safety instrument system.
Along with the complexity of the redundant structure of the safety instrument system and the centralization and maximization of the process flow of the process device, economic and safety risks brought by the misoperation of the safety instrument system are more and more not ignored. However, the method can only calculate the redundancy voting structure of the common safety instrument system at present, and reasonable calculation of common cause failure is lacked.
Disclosure of Invention
The invention provides a false operation evaluation method of a safety instrument system, which solves the problems that only common safety instrument system redundancy voting structures can be calculated and reasonable calculation of common cause failure is lacked in the prior art.
The technical scheme of the invention is realized as follows:
a malfunction evaluation method for a safety instrument system specifically comprises the following steps:
analyzing a redundancy voting structure of a safety instrument system function safety loop to obtain the redundancy voting structure of each function safety loop subsystem, and judging whether the function safety loop subsystem meets the conditions;
b, calculating the false operation rate of each safety instrument system function safety loop subsystem caused by independent failure;
c, selecting a proper common cause failure model, and calculating the false operation rate of each safety instrument system function safety loop subsystem caused by common cause failure;
d, calculating the failure probability of each safety instrument system function safety loop subsystem when the average requirement is met;
and E, calculating the total false operation rate of the functional safety loop of the safety instrument system according to the steps B-D.
As a preferred embodiment of the present invention, in step A, the functional safety loop subsystem includes a sensor, a logic solver and an actuator subsystem, the redundancy voting structure is a KooN redundancy voting structure, and the determining whether the condition is met specifically means determining whether the condition K-1< N-K or K-1 ≧ N-K is met.
As a preferred embodiment of the present invention, step B specifically includes the following steps:
b1, acquiring element failure probability data of each functional safety loop subsystem, wherein the element failure probability data comprises misoperation failure probability or safety failure probability, danger detectable failure probability, danger undetectable failure probability of the element and average repair time corresponding to each failure probability;
b2, calculating the error action rate of the actuator caused by independent failure;
b3, calculating the false operation rate of the sensor and the logic solver caused by independent failure under the K-1< N-K redundant voting structure;
and B4, calculating the false operation rate of the sensor and the logic solver caused by independent failure under the condition that K-1 is more than or equal to N-K redundancy voting structure.
As a preferred embodiment of the present invention, step C specifically includes the following steps:
c1, selecting a proper common cause failure model;
c2, calculating the false action rate of the actuating mechanism caused by common cause failure;
c3, calculating the false action rate of the sensor and the logic solver caused by common cause failure.
As a preferred embodiment of the present invention, the common cause failure model is the conventional β model and the improved β model.
Step D, which is a preferred embodiment of the present invention, specifically includes calculating the average required failure probability of the logic solver and the actuator.
As a preferred embodiment of the present invention, step E specifically includes:
calculating the total false operation rate of the safety circuit of the safety instrument system function according to the following formula;
STR=STRIE(1-PFDLS)(1-PFDFE)+STRLS(1-PFDFE)+STRFE
STR typeIE、STRLS、STRFEThe false operation rates of the sensor, the logic solver and the actuating mechanism are respectively; PFDLS、PFDFEThe average requirements of the logic solver and the actuator are the failure probability.
The invention has the beneficial effects that: the method for calculating the false action rate of the safety instrument system aiming at all the redundant voting structures and the method for calculating the false action rate of the safety instrument system aiming at the common cause failure comprise the steps of correcting reasonable calculation aiming at the common cause failure, effectively and accurately evaluating the false action of the complex redundant safety instrument system, reducing the frequency of the false action, and providing an analysis basis for reducing the number of false action times and reducing economic and safety risks in the process of turning on and off the vehicle for enterprises.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a flow chart of an embodiment of a method for assessing malfunctions in a safety instrumented system in accordance with the present invention;
FIG. 2 is a flow chart of step B of FIG. 1;
FIG. 3 is a flow chart of step C of FIG. 1.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, the present invention provides a method for evaluating a malfunction of a safety instrument system, which specifically includes the following steps:
analyzing a redundancy voting structure of a safety instrument system function safety loop to obtain the redundancy voting structure of each function safety loop subsystem, and judging whether the function safety loop subsystem meets the conditions;
in the step A, the functional safety loop subsystem comprises a sensor, a logic solver and an execution mechanism subsystem, the redundancy voting structure is a KooN redundancy voting structure, and the judgment of whether the condition is met specifically means that whether the condition K-1 is met and is less than N-K or K-1 is more than or equal to N-K. K and N are positive integers.
As shown in fig. 2, B, calculating the malfunction rate of each safety instrument system function safety loop subsystem caused by independent failure;
b1, acquiring element failure probability data of each functional safety loop subsystem, wherein the element failure probability data comprises misoperation failure probability or safety failure probability, danger detectable failure probability, danger undetectable failure probability of the element and average repair time corresponding to each failure probability;
and judging whether each functional safety loop subsystem is a sensor or a logic solver or an execution mechanism, if the functional safety loop subsystem is a sensor or a logic solver, judging the condition of the redundant voting structure, and executing the corresponding steps.
B2, calculating the error action rate of the actuator caused by independent failure;
the error action rate of the execution mechanism caused by independent failure is calculated according to the formula (1),
Figure BDA0002283583930000041
Figure BDA0002283583930000042
in the formula ofSOindFor independent fault-operation failure probability, λDDindFor independent DD failure probability, MTTRSOMean time to repair for faulty operation failure, MTTRDDFor the risk detectable failure mean time to repair, N and K represent the number of voting elements and the total number of elements, respectively, in the redundant voting architecture KooN of the safety instrument system.
B3, calculating the false operation rate of the sensor and the logic solver caused by independent failure under the K-1< N-K redundant voting structure;
the malfunction rate caused by the sensor or logic solver subsystem is calculated according to equations (2) - (7),
Figure BDA0002283583930000043
Figure BDA0002283583930000044
calculated by equation (2)
Figure BDA0002283583930000045
When the first element malfunctions, the repair time is prolongedMTTRSOWithin the range, at least K-1 false operation failures occur in other N-1 elements.
Figure BDA0002283583930000046
Calculated by formula (3)
Figure BDA0002283583930000047
When the first element malfunctions, the repair time MTTR is setSOWithin the range, at least N-K combined failures consisting of malfunction failures and danger detectable failures occur in other N-1 elements.
Figure BDA0002283583930000051
Calculated by equation (4)
Figure BDA0002283583930000052
When the first element malfunctions, the repair time MTTR is setSOWithin the range, at least K-1 and more than K-1 malfunction failures occur in other N-1 elements.
Figure BDA0002283583930000053
Calculated by equation (5)
Figure BDA0002283583930000054
In order to provide a time to repair MTTR when a dangerously detectable failure of the first component occursDDWithin the range, at least N-K combined failures consisting of malfunction failures and danger detectable failures occur in other N-1 elements.
Figure BDA0002283583930000055
Calculated by equation (6)
Figure BDA0002283583930000056
In order to provide a time to repair MTTR when a dangerously detectable failure of the first component occursDDWithin the range, at least K and more than K malfunction failures occur in other N-1 elements.
Figure BDA0002283583930000057
And B4, calculating the false operation rate of the sensor and the logic solver caused by independent failure under the condition that K-1 is more than or equal to N-K redundancy voting structure.
The malfunction rate caused by the sensor or logic solver subsystem is calculated as equations (8) - (10),
Figure BDA0002283583930000058
Figure BDA0002283583930000059
calculated by equation (8)
Figure BDA00022835839300000510
When the first element fails due to misoperation, the first element is repaired at the time MTTRSOWithin the range, at least N-K and more than N false operation failures occur in other N-1 elements, N-K danger detectable failures occur, and the combined failure probability is formed by the N-K false operation failures and the danger detectable failures.
Figure BDA00022835839300000511
Calculated by equation (9)
Figure BDA00022835839300000512
In order to provide a time to repair MTTR when a dangerously detectable failure of the first component occursDDWithin the range, at least N-K and more than N false operation failures occur in other N-1 elements, N-K danger detectable failures occur, and the combined failure probability is formed by the N-K false operation failures and the danger detectable failures.
Figure BDA00022835839300000513
And C, judging whether all the subsystems are calculated, and entering the step C if the calculation is finished.
As shown in fig. 3, C, selecting a suitable common cause failure model, and calculating a malfunction rate of each safety instrument system functional safety loop subsystem caused by common cause failure;
the step C specifically comprises the following steps:
c1, selecting a proper common cause failure model, wherein the common cause failure model comprises a traditional β model and an improved β model, and the improved β model can be divided into an improved β model in International electrotechnical Commission standard IEC 61508 (hereinafter referred to as IEC standard) and an improved β model in Norwegian SINTEF PDS method (hereinafter referred to as PDS method).
And judging that each functional safety loop subsystem is a sensor or a logic solver or an execution mechanism, and then executing corresponding steps.
C2, calculating the false action rate of the actuating mechanism caused by common cause failure;
the common cause failure of the traditional β model is calculated according to the formula (11) or the common cause failure of the improved β model is calculated according to the formula (12), the error action rate of the actuator caused by the common cause failure is calculated,
Figure BDA0002283583930000061
Figure BDA0002283583930000062
Figure BDA0002283583930000063
formula (III) βSO、βDDCommon cause failure factors, C, for faulty operation failure and hazard detectable failure, respectivelyKooNRedundant voting architecture correction factor lambda of β factorSO *And λDD *Representing 1ooN or NooN redundant voting structuresThe malfunction failure and hazard of (a) may detect a common cause failure probability of the failure.
C3, calculating the false action rate of the sensor and the logic solver caused by common cause failure.
The common cause failure of the conventional β model is calculated as equation (12) or the common cause failure of the improved β model is calculated as equation (14), the false operation rate of the sensor or the logic solver caused by the common cause failure,
Figure BDA0002283583930000064
Figure BDA0002283583930000065
Figure BDA0002283583930000066
and D, judging whether all the subsystems are calculated, and entering the step D if the calculation is finished.
D, calculating the failure probability of each safety instrument system function safety loop subsystem when the average requirement is met;
and E, calculating the total false operation rate of the functional safety loop of the safety instrument system according to the steps B-D.
The step E specifically comprises the following steps: calculating the total false operation rate of the safety circuit of the safety instrument system function according to the following formula;
STR=STRIE(1-PFDLS)(1-PFDFE)+STRLS(1-PFDFE)+STRFE
STR typeIE、STRLS、STRFEThe false operation rates of the sensor, the logic solver and the actuating mechanism are respectively; PFDLS、PFDFEThe average requirements of the logic solver and the actuator are the failure probability.
The following data were used: the failure probability of misoperation is lambdaSOind=1.00×10-6The danger detectable failure probability is λDDind=5.00×10-6Mean Time To Repair (MTTR) for faulty operationSOWith danger detectable failureMean time to repair MTTRDDAll 8 hours, common cause failure factor for misoperation failure βSO0.2, hazard detectable failure cofactoring failure factor βDDCommon cause failure probability λ of misoperation failure in voting structure of 0.1, 1ooN and NooNSO *Hazard detectable failure common cause failure probability lambda of 1ooN and NooN voting structureDD *=1.00×10-7
The results of calculation of the error ratios of 5 different quantization methods, such as an American Instrument Association ISA method (hereinafter referred to as an ISA method), a PDS method (only calculating common cause failure), an error operation method caused by error operation failure and danger detectable failure respectively, an error operation method caused by combination of error operation failure and danger detectable failure, an execution mechanism calculation method and the like, are compared and analyzed. The results of the calculation of the malfunction rate due to the independent failure are shown in table 1, and the results of the calculation of the malfunction rate due to the common cause failure are shown in table 2.
TABLE 1 comparison of results of different independent failure induced malfunction calculation methods
Figure BDA0002283583930000071
TABLE 2 comparison of results of different common cause failures resulting in malfunction calculation methods
Figure BDA0002283583930000081
From the false operation calculation result caused by independent failure, the result obtained by the ISA method is greatly different from other methods, the results obtained by the redundant voting structures of 2oo2, 2oo3 and 2oo4 have differences of several orders of magnitude, and the false operation rate calculation is ideal. The error action rate of the calculation method considering that error operation failure and dangerous detectable failure respectively and combined cause error actions is approximate, the difference is only generated between 2oo2 and 3oo4, the situations of error action causing reasons caused by combined failure are increased, and the error action rate result is larger. And for the false operation rate of the actuating mechanism, when N is the same, the result of the false operation rate is the same. According to the actual strategy of the operation of the safety instrument system, the numerical value of the result calculated by the prior method in the redundant structure is small and is too ideal. The method has the advantages that the assumed conditions are more in line with the actual conditions (for the sensor and the logic controller, the calculation result of the false operation rate of the false operation caused by the combination of the misoperation failure and the dangerous detectable failure is considered, and for the execution mechanism, the calculation result of the false operation rate is calculated according to the particularity of the execution mechanism), and the calculation result of the false operation rate is more reasonable.
For the false operation caused by common cause failure, the result of the traditional β model is similar to that of the improved β model, the calculated result of the redundant voting structures of 2oo3, 2oo4 and 3oo4 is smaller by using the traditional β model, the false operation rate of the redundant voting structures of 2oo3, 2oo4 and 3oo4 of the executing mechanism is different from that of the sensor and the logic controller, and the result is smaller.
And performing difference analysis on 5 different misoperation quantification methods, such as an ISA method, a PDS method, a misoperation failure and danger detectable failure which respectively cause misoperation, a misoperation failure and danger detectable failure which are combined to cause misoperation, an actuating mechanism and the like. The false operation rate calculation of the method (considering the combination of misoperation failure and danger detectable failure to cause false operation) is a method for accurately and reasonably evaluating the false operation, which is more in line with the actual operation of a safety instrument system, and the reduction of common cause failure of the voting structure is the key for reducing the total false operation times of the functional safety loop.
The invention relates to a method for calculating the false operation rate of a safety instrument system aiming at all redundant voting structures, and comprises the steps of correcting reasonable calculation aiming at common cause failure, effectively and accurately evaluating the false operation rate of the complex redundant safety instrument system, reducing the false operation occurrence frequency, and providing an analysis basis for reducing the false operation times and reducing the economic and safety risks in the process of opening and closing a parking lot for an enterprise.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.

Claims (7)

1. A malfunction evaluation method of a safety instrument system is characterized by comprising the following steps:
analyzing a redundancy voting structure of a safety instrument system function safety loop to obtain the redundancy voting structure of each function safety loop subsystem, and judging whether the function safety loop subsystem meets the conditions;
b, calculating the false operation rate of each safety instrument system function safety loop subsystem caused by independent failure;
c, selecting a proper common cause failure model, and calculating the false operation rate of each safety instrument system function safety loop subsystem caused by common cause failure;
d, calculating the failure probability of each safety instrument system function safety loop subsystem when the average requirement is met;
and E, calculating the total false operation rate of the functional safety loop of the safety instrument system according to the steps B-D.
2. The method for evaluating the malfunction of the safety instrument system according to claim 1, wherein in the step a, the functional safety loop subsystem comprises a sensor, a logic solver and an execution mechanism subsystem, the redundancy voting structure is a KooN redundancy voting structure, and the judgment of the condition is specifically to judge whether the condition is satisfied, that is, whether the condition is satisfied is that K-1 is less than N-K or that K-1 is greater than or equal to N-K.
3. The method for evaluating the malfunction of the safety instrument system according to claim 2, wherein the step B specifically comprises the steps of:
b1, acquiring element failure probability data of each functional safety loop subsystem, wherein the element failure probability data comprises misoperation failure probability or safety failure probability, danger detectable failure probability, danger undetectable failure probability of the element and average repair time corresponding to each failure probability;
b2, calculating the error action rate of the actuator caused by independent failure;
b3, calculating the false operation rate of the sensor and the logic solver caused by independent failure under the K-1< N-K redundant voting structure;
and B4, calculating the false operation rate of the sensor and the logic solver caused by independent failure under the condition that K-1 is more than or equal to N-K redundancy voting structure.
4. The method for evaluating the malfunction of the safety instrument system according to claim 2, wherein the step C specifically comprises the steps of:
c1, selecting a proper common cause failure model;
c2, calculating the false action rate of the actuating mechanism caused by common cause failure;
c3, calculating the false action rate of the sensor and the logic solver caused by common cause failure.
5. The method of claim 4, wherein the common cause failure model is a conventional β model and an improved β model.
6. The method for assessing malfunction of a safety instrument system according to claim 2, wherein step D specifically includes calculating an average required failure probability of the logic solver and the actuator.
7. The method for assessing malfunction of a safety instrument system according to claim 6, wherein step E specifically includes:
calculating the total false operation rate of the safety circuit of the safety instrument system function according to the following formula;
STR=STRIE(1-PFDLS)(1-PFDFE)+STRLS(1-PFDFE)+STRFE
STR typeIE、STRLS、STRFEThe false operation rates of the sensor, the logic solver and the actuating mechanism are respectively; PFDLS、PFDFEThe average requirements of the logic solver and the actuator are the failure probability.
CN201911151154.XA 2019-11-21 2019-11-21 Error action evaluation method of safety instrument system Pending CN111061245A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911151154.XA CN111061245A (en) 2019-11-21 2019-11-21 Error action evaluation method of safety instrument system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911151154.XA CN111061245A (en) 2019-11-21 2019-11-21 Error action evaluation method of safety instrument system

Publications (1)

Publication Number Publication Date
CN111061245A true CN111061245A (en) 2020-04-24

Family

ID=70298069

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911151154.XA Pending CN111061245A (en) 2019-11-21 2019-11-21 Error action evaluation method of safety instrument system

Country Status (1)

Country Link
CN (1) CN111061245A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130317780A1 (en) * 2012-05-23 2013-11-28 General Electric Company Probability of failure on demand calculation using fault tree approach for safety integrity level analysis
US8639646B1 (en) * 2010-09-30 2014-01-28 Applied Engineering Solutions, Inc. System to build, analyze and manage a computer generated risk assessment model and perform layer of protection analysis using a real world model in software of a safety instrumented system architecture
CN104678955A (en) * 2015-01-27 2015-06-03 中国石油化工股份有限公司 Risk-based optimization method for safety instrument system of heating furnace
CN104795113A (en) * 2015-04-08 2015-07-22 苏州热工研究院有限公司 Method and system for risk assessment on turbine trip and reactor shutdown of nuclear power plant unit
CN106959018A (en) * 2017-04-14 2017-07-18 中国石油化工股份有限公司 The method of controlling security for preventing tubular heater boiler tube from burning
CN110109359A (en) * 2019-05-21 2019-08-09 中国石油大学(华东) A kind of Safety Integrity Levels appraisal procedure of offshore oil well control equipment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8639646B1 (en) * 2010-09-30 2014-01-28 Applied Engineering Solutions, Inc. System to build, analyze and manage a computer generated risk assessment model and perform layer of protection analysis using a real world model in software of a safety instrumented system architecture
US20130317780A1 (en) * 2012-05-23 2013-11-28 General Electric Company Probability of failure on demand calculation using fault tree approach for safety integrity level analysis
CN104678955A (en) * 2015-01-27 2015-06-03 中国石油化工股份有限公司 Risk-based optimization method for safety instrument system of heating furnace
CN104795113A (en) * 2015-04-08 2015-07-22 苏州热工研究院有限公司 Method and system for risk assessment on turbine trip and reactor shutdown of nuclear power plant unit
CN106959018A (en) * 2017-04-14 2017-07-18 中国石油化工股份有限公司 The method of controlling security for preventing tubular heater boiler tube from burning
CN110109359A (en) * 2019-05-21 2019-08-09 中国石油大学(华东) A kind of Safety Integrity Levels appraisal procedure of offshore oil well control equipment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
王海清等: "石化装置安全仪表系统 KooN 表决结构的误跳车率定量分析", 《中国安全生产科学技术》 *
靳江红等: "安全仪表系统的可用性分析及其定量评估", 《测控技术》 *

Similar Documents

Publication Publication Date Title
CN111460392B (en) Magnetic suspension train and suspension system fault detection method and system thereof
WO2005111806A3 (en) Sensor fault diagnostics and prognostics using component model and time scale orthogonal expansions
CN114239377A (en) Method and system for evaluating health state of urban rail electromechanical equipment and storage medium
CN111780800A (en) Method and system for monitoring, isolating and reconstructing sensor fault
CN112799898A (en) Interconnection system fault node positioning method and system based on distributed fault detection
CN112685910A (en) Complex equipment power pack fault prediction method based on hybrid prediction model
CN111208802A (en) Intelligent diagnosis method and system for front-end redundancy of control system, memory and controller
CN115495924A (en) MOSFET service life prediction method based on ARIMA model
CN115800272A (en) Power grid fault analysis method, system, terminal and medium based on topology identification
CN104698833B (en) Redundancy control method and system
CN114676791A (en) Electric power system alarm information processing method based on fuzzy evidence reasoning
CN111061245A (en) Error action evaluation method of safety instrument system
Hecht et al. Failure propagation modeling in FMEAs for reliability, safety, and cybersecurity using SysML
JP4582047B2 (en) Digital protection controller
CN1893339B (en) Continuous median failure control system and method
CN115756394A (en) Embedded software requirement safety verification method by means of failure data
Li et al. Condition monitoring of sensors in a NPP using optimized PCA
CN115659653A (en) Correlation matrix test point optimization method considering test point reliability
Pimentel et al. Numerical Evaluation of the Safety of Self-Driving Vehicles: Functionality Involving Vehicle Detection
CN107992451B (en) Method for calculating refusing probability of reactor protection system
Belland et al. Using fault trees to analyze safety-instrumented systems
CN107957269B (en) Inertial navigation system fault characteristic judgment and testability prediction method
Hecht et al. Use of SysML for the creation of FMEAs for Reliability, Safety, and Cybersecurity for Critical Infrastructure
CN113051581A (en) Highly-integrated complex software security analysis method
CN114783162B (en) Alarm voting method for three-redundancy system of airplane

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200424