-—.— —, ———- ., -......

—..
-—. — . ...
1

IS 15656:2006

Example: NO LIGHT IN ROOM ON

I
NO NATURAL LIGHT
GI I
NO ARTIFICIAL LIGHT
G2 I
OR

oo
NIGHT TIME :
NO LIGHT
BI
HEAW
CLOUD
COVER

FIG.
B2

2
@@@

FAULT TREE FOR No LIGHT IN ROOM ON DEMAND

In Fig. 2 the causes B 1,132, B3, B4 and B5 are the basic

in room on demand” and the mathematical expression for event and develops the following-sequences of events that
that top event is describe potential accidents accounting for: (i) successes,
T ‘-G1x G2 and (ii) failures of the available “safety function” as the
= (B1 +B2) X(B3 +B4+B5) accident progresses. The “safety function” includes
operator response or safety system response to the initiating
=-B1B3+B2B3 +B1B4+B2B4 +B1”B5+B2B5
event. The general procedure for the event tree analysis
(6 minimal cut sets) has four major steps:

This indicates the occurrence of either of basic events a) Identi@ing an initiating event of interest,
B 1 or B2 along with occurrence of any of the basic events b) Identi@ing safety fi.mctions designed to deal with
B3, B4 & B5 would lead to top event T (see Chart on the identi@ing event,
page 15).
c) Construction of the event tree, and
In Fig. 3 the logic structure is mathematically transformed d) Results of accident event sequence.
using Boolean Algebra into a minimal cut Fault tree.
A-3.2. 1 Identl@ing an Initiating Event
T= G1XG2
This identification of the event depends on the process
= (Bl + G3) + (B2+G4) involved and describes the system or equipment failure,
= [Bl + (B3 XB4)] X(B2+B5+B6) human error or any other process upset that can result in
other events. I
which shows that any of the basic events B 1-B6 should be
in combinations as in the above expression to cause failure A-3.2.2 ldent@ing Safety Functions
of the top event. The safety fi.mctions/safety systems available to mitigate

14
 IS 15656:2006

DAMAGE TO REACTOR DUE TO HIGH

Q
NO FLOW FROM REACTOR INLET VALVE
QUENCH TANK REMAINS OPEN
G1 G2

A A
OR OR

o QUENCH
TANK EMPTY
B1
QUENCH TANK
VALVE DOES
NOT OPEN
G3
OPERATOR
FAILS TO
CLOSE INLET
VALVE
G4
oNLET VALVE
FAILS TO
CLOSE
B2

@e&@ FIG. 3 FAULTTREE FOR DAMAGE TO REACTOR DUE TO HIGH PROC+XS TEMPERATURE

the situation and deal with the identifying event include A-3.2.4 Results of Accident Event Sequence
automatic shut down system, alarm system that alert the The sequences of the constructed event tree represent a
operator, operator action, contaimnent method, etc. The variety of outcomes that can follow the initiating event.
analyst needs to identi~ all safety functions that can One or more of the sequences may represent the safe
influence the sequence of events following the initiating recovery and return to normal operation while the others
event. The successes and the failures of the safety functions may lead to shut down of the plant or an accident. Once
are accounted in the event tree. the sequences are described the analyst can rank the
accidents based on severity of the outcome. The structure
A-3.2.3 Construction of the Event Tree of the event tree also helps the analyst in specifying where
The event tree describes the chronological development additional procedures or safety systems are -needed in
of the accidents beginning with the ‘initiating event’. mitigating the accidents or reducing its frequency.
Considering each safety functions to deal with the initiating
event one nodal point is generated with the two alternatives Example:
(Al andA2) that is the ‘success’ ~d ‘failure’ of the safety
system. At the first nodal point two alternatives are found In the fo}lowing figure the initiating event is assigned the
to consider the second safety systemlcomponent to deal symbol A, and safety functions the symbols B, C, D. The
with the event. The success and failure of the second sequences are represented by symbols (A, B, C, D) of the
safety system also give branching to the two alternatives events that fail and cause that particular accident. For
A3 and A4. example an error is simply labelled ‘A’ to interpret the

15