Integration of fault tree and importance measure for toxic prevention barrier

. This paper discusses the procedure of integrating importance measures into fault tree analysis. Importance measures (IM) are analytical tools developed to quantitatively appraise the contribution of a plant component towards the overall risk. As part of safety assessment, this method can be used to rank and identify the root cause of undesired events. The critical component is usually prioritised in order to improve the reliability of the system. Fussell-Vesely (FV) importance measure is one of the most commonly used IM. This method is applied to a case study involving typical toxic prevention barriers based on an LNG liquefaction plant. This paper also includes event ranking using other IM.


Introduction
The process industry is a highly complex system with diverse equipment and operating procedures. The increasing complexity makes such plants prone to potentially disastrous failure modes. Due to tougher legislations, production specifications, and associated costs, hence prioritisation of these activities is necessary. Several risk-based approaches have been used to classify systems, sub-systems, and equipment to prioritise inspection and maintenance in a processing plant [1]. Probabilistic safety assessment is one of the strategies for prioritising maintenance, and a class of technique within this category is the risk importance measures (IM).
IM rank the basic events of a failure case in terms of their vulnerabilities and provide the relative contributions of a component failure or failure in implementing a step in a task, which is conveniently called basic events, to the total system failure. This technique is useful in planning maintenance tasks and locating the weak points in a processing system. Commonly used IM include Birnbaum importance measure (BIM) [2], criticality importance factor (CIF) [3], risk achievement worth (RAW), risk reduction worth (RRW) [4], Fussell-Vesely (FV) [5], and differential importance measure (DIM) [6]. More explanations of these methods along with others are available in the overview by Do Van et al. [7]. ______________________________ The objective of this paper is to present an application of Fussell-Vesely measure to a case study and compare with other IM. The current work is based on a case study by Ali [8].
This paper is organised as follows. Section 2 presents the overview of fault tree analysis, minimal cut set (MCS), and followed by discussion on several IM. Section 3 covers the application of Fussell-Vesely IM on a case study of prevention barriers. At the end of Section 3, the comparison of risk ranking using different IM on the same case study is presented. A number of conclusions are offered in Section 4.

Fault tree analysis
The analysis starts by constructing the fault tree analysis (FTA) of the system. FTA can be described as an analytical technique whereby an undesirable event (referred to as the top event) is decomposed into possible causes in increasing detail to determine the causes or combination of causes of the top event. It is a deductive and graphical technique used as a standard technique to quantify failure probability of human and technical systems.
A fault tree can be considered as an expression of Boolean logic. When using them as a modelling tool, it must be assumed that the top event and all basic events are binary [9]. However, the fault tree itself does not give enough information to allow an estimation of system reliability to be made. It should be used together with reliability data for the basic events to estimate system reliability. Further information and examples of fault tree can be found in Fault Tree Handbook [10].

Minimal cut set
One of the main purposes of representing a fault tree in terms of Boolean logic is that these equations can be used to determine the fault tree's associated MCS and minimal path set [9,11]. The MCS defines the failure modes of the top event. It is the smallest combination of component failures in which, if they occur, will cause the top event to occur. These cut sets are used in qualitative and quantitative analysis of system reliability or availability.
The probability of the top event, P (TE), is determined by the sum of the probabilities of all the MCSs in the system and is given as Equation 1: Where P(MCSk) is the probability of minimal cut set k and N is the total number of MCS in the system. Once the MCSs are obtained, the quantification of the fault tree is relatively straightforward.

Importance measure
When making quantitative analysis of a particular system, different contributors to system failure need to be ranked. From this ranking, resources can be allocated according to the importance of the component to the system and only concentrate on the small subset of components that are the most important to the system. Various IM approaches have been developed and each approach offers specific purposes and advantages but also has limitations.  Table 1 summarises some of the common IM techniques. These methods are based on some forms of estimation of the influence of the individual component's failure probability on the overall probability of failure of the system under consideration. In Table 1, P(base) refers to the probability of the top event for the base case, which is computed using the actual failure probabilities of all components in the system, P(xi = 0) is the probability when component i is assumed to be working perfectly or in total failure for the case of P(xi = 1), and j = 1,2,3,…,n, where n is the number of components or basic events in the system.

Importance Measure
Principle

Birnbaum Importance Measure
BIM measures the difference between the system reliability when the component (xi) is totally faulty and when the component (xi) is working perfectly, or the change in total risk in the system resulting from the probability change of an individual basic event from 1 to 0. Accordingly, BIM index increases with the increase in the probability rates of other components in a system. However, BIM method depends on the structure of a system's model and is independent of the nominal failure probability of the basic event. In other words, it does not take into account the reliability of the component, which may be considered as a weakness of BIM. states. Because of this critical relationship with the overall system performance, CIM is suitable for prioritising maintenance activities.

Risk Achievement Worth
RAW measures the increase in system failure by assuming the worst-case scenario, which is a total component failure or a system that is completely unavailable, thus giving a failure probability of basic event (xi) of 1. This assumption gives a clear disadvantage when dealing with components with low failure probabilities, which are likely to be over-penalised.

Risk Reduction Worth
RRW is the opposite of RAW, which measures the nominal failure probability of system risk when the failure probability of component (xi) is set to 0 (i.e., the component is assumed to be working "perfectly"). It measures the potential of a component (xi) to reduce the overall failure risk by considering the contributions of component (xi). Similar to RAW, this technique does not address the actual contributions of components based on their actual probabilities of failure.

Fussell-Vesely Importance Measure
FV measures the overall percentage contribution of MCSs containing a basic event (xi) to the total risk. The direct effect of component failures on the system failure or the relative contribution of a basic event failure to the top event probability is determined as a ratio of failure contributors to the system.

Differential Importance Measure
DIM is introduced in order to include additive properties that have not been covered in the traditional IM [6]. DIM introduces two measures: H1 and H2. H1 computes the ratio of the change in the basic event (xi) to the overall changes in all the events of the system, which can have similar magnitudes if the changes are small. This situation is compensated by the information from H2, which measures the effect of the change in all parameters on the total risk when the parameters are changed by the same percentage.

Case study
The methodology was applied to a liquefied natural gas (LNG) liquefaction facility as a case study [8]. LNG is a hazardous substance due to its cryogenic, flammability properties, and vapour dispersion characteristics. Defensive measures, herein called toxic prevention barriers (TPBs), are designed and installed to reduce the risk associated with this incident. TPBs include fixed or portable facilities to detect leakages and personal protective equipment to be worn by workers on site.  By referring to Figure 1, the cut sets involved are as follows: The probability of the top event, i.e., the failure probability of the TPB system can then be computed using Equation (6), which gives the final value of P(TPB) of 0.127271.

Fussell-Vesely importance measure
FV measures the overall percentage contribution of MCS containing a basic event (xi) to the total risk. The direct effect of component failures on the system failure or the relative contribution of a basic event failure to the top event probability is determined as a ratio of failure contributors to the system. The minimal cut-set importance measure (IMk) of the basic event i can be computed using Equation 7: Where IMk is the IM for the minimal cut set k, which is used to identify the set that makes the greater contribution to the system failure, and P(mk) is the failure probability of the minimal cut set k, which is defined by Equation (8): Where P(xi) is the failure probability of the basic event i. The MCS importance index is determined using Equation 8 and the results are shown in Table 2. Table 3 presents the FV importance measure based on basic event and the rankings accordingly. As can be seen in Table 3, the results highlighted X6 as the highest value of FV importance measure, indicating that it is the most vulnerable, followed by X4, X7, X1, X3, X5, and X2. However, the correlation between the value of failure probability and the number of cut sets that influence the ranking could not be observed. Next, other selected IMs are compared using the same case study. The results are shown in Table 4.
From Table 4, X6 has been evaluated with the highest vulnerability using all IMs, except for RAW. FV, CIM, RRW, and DIM (H2) have similar rankings. Certain IM does not capture the full impact of the system, i.e., RAW as it only estimates the risk significance of components that are removed from the system or have failed. BIM is independent of the nominal failure probability of the basic event. Therefore, it is not useable when there are common-cause failures. Typically, BI and RAW can be used to identify weak components during the design stage. RRW and CI are very practical to improve plant reliability during operational stage, where an improvement or maintenance has been made. FV uses actual nominal probability but it lacks of sensitivity when more than one basic events appear with the same amount in the cut sets.