Howdy, folks. As Jeremy has mentioned, this past Friday, April 4th, we hosted a webinar to demonstrate Isograph's FaultTree+ tool. One of the topics we discussed was how you can use the Fault Tree and Event Tree features of the tool to perform a quantitative Layer Of Protection Analysis (LOPA). This post will serve as a little summary of that meeting, for anyone who was unable to attend.
The first stage of a LOPA might be done externally to a quantitative tool like Fault Tree. The first thing you'd want to do is identify hazards, determine an acceptable risk level for those hazards, and ask what you're doing to mitigate them. This might have more in common with a Hazop study. Once you've identified your hazards and protection layers against those hazards, the next thing you might want to do is quantify it. How often will the hazard occur? How effectively will our layers of protection mitigate the risk of the hazards? Can we objectively rank these risks? This sounds like a job for Fault Tree and Event Tree analysis.
A Fault Tree can very easily be used to quantify a hazard. In fact, that's the primary usage of the method. By coupling it with an Event Tree, we can find out how well that hazard is mitigated by protection systems. If you're not familiar with it, Event Tree analysis is related to Fault Tree analysis. It uses a similar quantitative calculation. The difference is that, while Fault Trees examine the failure leading to a hazard, Event Trees examine the consequences following the hazard. Sometimes, when coupled together, they're called "bowtie events".
On Friday April 4th at 9am PST to learn more about applications of our FaultTree+ software. During this demonstration we will introduce our fault tree analysis software FaultTree+ and as an added bonus we will be discussing how to tie a fault tree to an event tree and perform a LOPA study. Layer of Protection Analysis, or LOPA, is a study developed to identify risk. By performing a LOPA on a system you can create a method for identify the actions available to mitigate the potential consequences of a particular risk. To do this we will start with likelihood of a particular hazard occurring, analyze the system using quantitative methods, and identify the mitigation measures against the hazards that have been identified.
Once the mitigating actions have been identified the probability of those hazards occurring can be reduced by implementing safeguards that bring the hazard into an acceptable level. An event tree is an excellent way to determine the consequences of successful, or the failure of, safeguards.
Basically, a LOPA is performed to identify the weakest points of a system and evaluate the safeguards in place to mitigate the consequences of that hazard.
Today I would like to address one of the most commonly asked questions by new users of our FaultTree+ software, which is: Copy and Paste vs. Copy and Paste Special. When used correctly Copy and Paste and Copy and Paste Special can be a huge time saver. If used incorrectly this feature can unintentionally be introducing Common Cause Failures (CCF) which can kill the reliability of a system or create copies of existing events or gates, which were intended to be CCF, making your tree more reliable than it should be.
Copying and Pasting a gate or event will cause the same gate or event to appear in different parts of the tree. Pump1 will be our example, if we Copy and Paste Pump1 from gate GT1 and paste that pump under gate GT3. Pump1 would now be listed under 2 separate OR Gates.
As you can see in the example below the event named Pump1 has been Copied and Pasted under gate GT3. The event Pump1 has the exact same name in both events making Pump1 a CCF. Using Copy and Paste is representing the same event in two different branches of this fault tree.
Copy and Paste Special on the other hand creates a copy of Pump1. This is not the same event but an identical event. As you will see below I have used Copy and Paste Special to add a copy of Pump1 under gate GT1 to gate GT2, the new identical pump is named Pump2 not to be confused with the event Pump1 under gate GT1 and GT3 . Pump2 is an identical in every way to Pump1 but is not the same pump. In this case Pump2 would not create a CCF. Please note that when using Paste Special the software has automatically renamed event Pump1 to Pump2. The new gate or event can use any naming convention you would like as long as it is not the same name as an existing event. When 2 gates or events have the exact same name the software recognizes those gates or events as the same gate or event.