高速铁路信号系统的安全管理评价研究

高速铁路信号系统要通过安全管理来保障其开发与运行中的安全相关活动符合系统安全计划的要求。为了评估安全管理活动的可信性,提出基于系统安全分析技术的安全管理评价方法。通过建立安全管理流程与系统安全功能相关联的概念模型,使用安全文化危险与可操作性研究(SCHAZOP)辨识出安全管理流程中的行为偏差,基于失效传导转换符号(FPTN)建立管理角色的安全文化失效模型,最终将管理行为失效模式转换成组件故障树作为安全管理评价证据。研究结果表明,安全管理行为偏差体现了信号系统开发与运营过程中的安全文化特征;辨识与分析安全文化失效,为信号系统安全管理活动的可信性提供了评价依据。     

An integrated off-on line approach for increasing stability and effectiveness of automated controlled systems based on pump dependability—case study: Offshore industry

Automated controlled systems are vulnerable to faults. Faults can be amplified by the closed loop control systems and they can develop into malfunction of the loop. A control loop failure will easily cause production stop or malfunction at a petrochemical plant. A way to achieve a stable and effective automated system is to enhance equipment dependability. This paper presents a standard methodology for the analysis and improvement of pump performance to enhance total operational effectiveness and stability in offshore industry based on dependability. Furthermore, it is shown how a reliability–safety analysis can be conducted through equipment dependability indicators to facilitate the mitigation of hazard frequency in a plant. The main idea is to employ principle component analysis (PCA) and importance analysis (IA) to provide insight on the pumps performance. The pumps of offshore industries are considered according to OREDA classification. The approach identifies the critical pump and their fault through which the major hazards could initiate in the process. At first PCA is used for assessing the performance of the pumps and ranking them. IA is then performed for the worst pump which could have most impact on the overall system effectiveness to classify their components based on the component criticality measures (CCM). The analysis of the classified components can ferret out the leading causes and common-cause events to pave a way toward improving pump performance through design optimization and online fault detection which ultimately enhance overall operational effectiveness.     

面向复杂设备的分布式故障诊断研究

基于复杂系统的设备故障诊断的要求 ,按故障信息流动的方向将诊断过程分为实时监测层、故障诊断层及综合决策层 ,并建造一种分布式多级黑板诊断结构模型。根据不同诊断层次的特点 ,赋予其不同的诊断方法。在实时监测层中各实时监测单元采用神经网络和知识基模块的混合结构完成该层任务 ;故障诊断层则基于广义知识表达模型 ,建立三库结构 ,即静态实例库、动态实例库和规则库 ,整个推理过程基于三级推理机制 ;综合决策层为一智能型的辅助决策支持系统 ,提供对整个系统生产与设备运行状态的综合诊断与决策。     

浮头式换热器故障树的建立

通过现场调研，运用故障树对浮头式换热器常见故障进行分析，得出浮头式换热器系统的主要故障为腐蚀导致的泄漏。从而，从设计、焊接制造、安装、操作维护等几个环节提出改进措施，为浮头式换热器的可靠性分析提供指导。     

Reliability analysis of subsea blowout preventers with condition-based maintenance using stochastic Petri nets

Blowout Preventer (BOP) has maintained its function as a safety barrier and the last line of defence against oil and gas spills since its development in the early 1900s. However, as drilling and exploration activities move further offshore, challenges pertaining to reliable operation of the subsea BOP systems continue to be a source of concern for stakeholders in the industry. In spite of recent advancements in reliability analysis of safety instrumented systems (SISs), the research on reliability assessment of BOP is still lacking in some regards. There are gaps in the literature with respect to the incorporation of preventive maintenance (PM) strategies as well as dynamic operating conditions into BOP reliability analysis. To address these gaps, this paper develops an advanced analysis method using stochastic Petri nets (SPN) to estimate the reliability of subsea BOP systems subject to condition-based maintenance (CBM) with different failure modes. The BOP system is divided into five subsystems which are connected in series with each other and categorised into degrading and binary units. The performance of the BOP system in terms of availability, reliability and mean-time-between failures (MTBF) is obtained and analysed. A sensitivity analysis is also performed to evaluate the effect of fault coverage factor and redundancy design on system performance. The results show that both the fault coverage factor and redundancy have significant impact on the BOP's reliability, availability and MTBF.     

A new fault detection method for non-Gaussian process based on robust independent component analysis

Conventional fault detection method based on fast independent component analysis (FastICA) is sensitive to outliers in the modeling data and thus may perform poorly under the adverse effects of outliers. To solve such problem, a new fault detection method for non-Gaussian process based on robust independent component analysis (RobustICA) is proposed in this paper. A RobustICA algorithm which can effectively reduce the effects of outliers is firstly developed to estimate the mixing matrix and extract non-Gaussian feature called independent components (ICs) by robust whitening and robust determination of the maximum non-Gaussian directions. Furthermore, a monitoring statistic for each extracted IC is constructed to detect process faults. Simulations on a simple example of the mixing matrix estimation and a fault detection example in the continuous stirred tank reactor system demonstrate that the RobustICA achieves much higher estimation accuracy for the mixing matrix and the ICs than the commonly used FastICA algorithm, and the RobustICA-based fault detection method outperforms the conventional FastICA-based fault detection method in terms of the fault detection time and fault detection rate.     

Probability and frequency calculations related to protection layers revisited

This article casts a new glance over some methods dedicated to the calculation of the likelihood (probability or frequency) of failure of systems and, in particular, safety-related systems working alone or in association with other protection layers. It consists first in examining with a critical eye the relevancy of the aforementioned methods, which are still often used in spite of their restrictive limitations, and second in proposing an alternative approach for each of them. The correctness of the examinated methods is tested by applying them to very simple systems modeled by fault tree models, with intent to show why these methods are debatable and how they can be replaced by other ones, more appropriate. The particular case of several protection layers having to react on the demand resulting from the global failure of their associated control system is considered. That case leads to revisit the common assumption of the independence between the above protection layers and control system, by taking into account the order of their respective failures from a qualitative and quantitative point of view.     

电梯门区故障案例软件研发及其风险研究

电梯门区故障是电梯整体主要故障之一。基于目前电梯门区常见故障或者已经发生的事故,本文系统性地建立电梯门区故障案例库并进行其软件研发;根据故障案例库中已知的案例信息得到故障类型风险的相关信息,进行风险分析;将故障案例中实际出现的故障类型组合种类归纳后,计算出每种组合的危害程度,按照危害程度值进行降序排列;软件系统根据用户输入的设备信息给出风险较高的故障组合和相应的预防措施。     

Risk assessment and risk reduction of an acrylonitrile production plant

Reducing accident occurrence in petrochemical plants is crucial, thus appropriately allocating management resources to safety investment is a vital issue for corporate management as international competition intensifies. Understanding the priority of safety investment in a rational way helps achieve this objective.In this study, we targeted an acrylonitrile plant. First, Dow Chemical's Fire and Explosion Index (F&EI) identified the reaction process as having the greatest physical risk. We evaluated the severity of accidents in the reaction process using the Process Safety Metrics advocated by the Center for Chemical Process Safety (CCPS); however, this index does not express damages a company actually experience. To solve this problem, we proposed a new metric that adds indirect cost to CCPS metrics. We adopted fault tree analysis (FTA) as a risk assessment method. In identifying top events and basic events, we attempted to improve the completeness of risk identification by considering accidents from the past, actual plant operation and equipment characteristics, natural disasters, and cyber-attacks and terrorist attacks. Consequently, we identified the top events with high priority in handling because of serious accidents as fire/explosion outside the reactor, fire/explosion inside the reactor, and reactor destruction. The new CCPS evaluation index proposed in this study found that fire and explosion outside the reactor has the highest severity. We considered the creation of the fault tree (FT) diagram of the top event, estimating the occurrence probability, and identifying the risk reduction part and capital investment aimed at risk reduction. As an economically feasible selection method for risk reduction investment, using the difference in loss amounts before and after safety investments indicated investment priority.     

Evaluation of risk and cost using an age-dependent unavailability modelling of test and maintenance for standby components

The improvement of safety in the process industries is related to assessment and reduction of risk in a cost-effective manner. This paper addresses the trade-off between risk and cost related to standby safety systems. An age-dependent unavailability model that integrates the effects of the test and maintenance (T&M) activities as well as component ageing is developed and represents the basis for calculating risk. The repair “same-as-new” process is considered regarding the T&M activities. Costs are expressed as a function of the selected risk measure. The time-averaged function of the selected risk measure is obtained from probabilistic safety assessment, i.e. the fault tree analysis. This function is further extended with inclusion of additional parameters related to T&M activities as well as ageing parameters related to component ageing. In that sense, a new model of system unavailability, incorporating component ageing and T&M costs, is presented. The testing strategy is also addressed. Sequential and staggered testings are compared. The developed approach is applied on a standard safety system in nuclear power plant although the method is applicable to standby safety systems that are tested and maintained in other industries as well. The results show that the risk-informed surveillance requirements differ from existing ones in technical specifications, which are deterministically based. Moreover, the presented approach achieves a significant reduction in system unavailability over a relatively small increase of total T&M costs.     

Model-based information fusion investigation on fault isolation of subsea systems considering the interaction among subsystems and sensors

The offshore oil industry has expanded to deep water and Arctic. The harsh operating conditions (e.g., ice and strong wind) and increasing complicated system raise the occurrence likelihood of system faults. This requires timely fault isolation and management in the subsea system. However, the offshore oil industry mainly relies on humans to isolate faults based on alarms. With harsh operating conditions and increasing complicated system, this industry urgently needs research on more efficient fault isolation and cause diagnosis methods. Unfortunately, limited research is conducted on fault isolation method in the offshore oil industry. Furthermore, in industry 4.0 era, large amounts of information are obtained. This provides precondition for the application of information fusion technique which aims to improve diagnosis results. However, to the authors’ knowledge, information fusion has not been much studied in the fault isolation of the offshore oil industry. Moreover, the interaction of different subsystems contains valuable information. How the interaction of different subsystems can influence the fault diagnosis has not been explored. This paper proposes a Bayesian network (BN) based method for timely fault isolation and cause diagnosis for the offshore oil industry. The work fuses different information, and it also includes the dependency among different subsystems in the fault diagnosis. As an important alarm source, false alarms are also taken into account in the model. A case study on the subject of the subsea wellhead and chemical injection systems is conducted to demonstrate the functions and merits of the proposed method.     

Safety assessment of natural gas storage tank using similarity aggregation method based fuzzy fault tree analysis (SAM-FFTA) approach

Fault tree analysis (FTA) is an important method to analyze the failure causes of engineering systems and evaluate their safety and reliability. In practical application, the probabilities of bottom events in FTA are usually estimated according to the opinions of experts or engineers because it is difficult to obtain sufficient probability data of bottom events in fault tree. However, in many cases, there are many experts with different opinions or different forms of opinions. How to reasonably aggregate expert opinions is a challenge for the engineering application of fault tree method. In this study, a fuzzy fault tree analysis approach based on similarity aggregation method (SAM-FFTA) has been proposed. This method combines SAM with fuzzy set theory and can handled comprehensively diverse forms of opinions of different experts to obtain the probabilities of bottom events in fault tree. Finally, for verifying the applicability and flexibility of the proposed method, a natural gas spherical storage tank with a volume of 10,000 m³ was analyzed, and the importance of each bottom event was determined. The results show that flame, lightning spark, electrostatic spark, impact spark, mechanical breakdown and deformation/breakage have the most significant influence on the explosion of the natural gas spherical storage tank.     

Method to assess and optimise dependability of complex macro-systems: Application to a railway signalling system

Achieving a high degree of dependability in complex macro-systems is challenging. Because of the large number of components and numerous independent teams involved, an overview of the global system performance is usually lacking to support both design and operation adequately.A functional failure mode, effects and criticality analysis (FMECA) approach is proposed to address the dependability optimisation of large and complex systems. The basic inductive model FMECA has been enriched to include considerations such as operational procedures, alarm systems, environmental and human factors, as well as operation in degraded mode. Its implementation on a commercial software tool allows an active linking between the functional layers of the system and facilitates data processing and retrieval, which enables to contribute actively to the system optimisation.The proposed methodology has been applied to optimise dependability in a railway signalling system. Signalling systems are typical example of large complex systems made of multiple hierarchical layers. The proposed approach appears appropriate to assess the global risk- and availability-level of the system as well as to identify its vulnerabilities. This enriched-FMECA approach enables to overcome some of the limitations and pitfalls previously reported with classical FMECA approaches.     

系统安全性与可靠性分析的故障树方法

探讨了大型复杂系统安全性与可靠性分析的故障树技术。阐述了国外具有代表性的几种建树方法。针对实际应用情况,提出了将建树过程划分为5个阶段,应遵循的8条基本准則。导出了典型系统可靠度与故障率等可靠性参数计算的通用公式。论述了故障树分析方法的特点及发展动向。     

Analysis on rock burst danger when fully-mechanized caving coal face passed fault with deep mining

When fully-mechanized caving face passed fault, rock burst accidence easily occurred. The SOS microseism monitoring system was applied to monitor the microseismic activities all time occurred in the coal and rock mass near the fault area. Variation features of microseismic energy releasing and microseismic frequency were analyzed. Numerical simulation method was used to research the abutment stress distribution when coal face passed fault, which was compared with microseism occurrence rules. When the coal face approached to fault, the abutment stress increases gradually, so the high stress would accumulate near the fault region. When the coal face left fault, the abutment stress decreased. The SOS microseism monitoring results showed that microseismic activity in the fault area had a high instability. When the coal face neared to the fault, total energy value and frequency released by the microseism steadily increased. The maximum energy peak value also had the tendency to rapidly increase. Before the strong shock occurred, there was a period of weak seismic activity. The weak seismic activity showed energy accumulation for strong shock, which can be used to forecast the danger of rock burst.     

一种高安全、容错控制计算机的设计与实现

在许多工业领域中 ,其控制系统必须是高可靠、高可用和高安全的。根据IEC 6 15 0 8标准 ,1oo2D(oneoutoftwowithdiagnostics)结构满足这些要求。实现 1oo2D结构时 ,每个通道采用双CPU结构 ,通道间同步采用软硬件结合方式 ,硬件数据比较器具备强故障安全特性 ,通道间通信采用高速并行方式 ,自诊断包括内嵌诊断设备、自诊断程序和看门狗。研制了实验原型机 ,进行的功能测试和错误注入测试表明 :其控制功能正常 ,容错性能和安全性能满足工业控制要求     

Dependability modelling of instrumentation and control systems: A comparison of competing architectures

The purpose of this paper is to present a framework for comparing different candidate architectures for the same system. To this end, we propose a rigorous approach for homogeneously modelling different architectures. Starting with the functional specifications of the system, we derive a functional-level model that is used to construct a high-level dependability model for each architecture, using well-defined, formal construction rules. Our modelling approach is then applied to three possible architectures of an instrumentation and control system, and an example of a comparative analysis of these systems is provided.     

事故树分析方法在建筑物火灾人员伤亡中的应用

笔者在分析建筑物火灾发生并引起人员伤亡的基础之上,通过系统安全工程的事故树分析方法,综合考虑事故发生的全面过程,建立了建筑物火灾引起人员伤亡的事故树图,从最小割集、最小径集、结构重要度三方面,阐述了导致建筑物火灾引起人员伤亡的主要原因,从各因素的主次性方面着重对事故底部事件进行排序分级以及比较分析,找出了事故预防的关键途径。实例分析表明,事故树分析方法能对导致建筑物火灾引起人员伤害事故的各种因素及逻辑关系做出全面的阐述,并为建筑物火灾的预防以及最大限度地减少人员伤亡,提供了切实可信的参考依据。     

铁路安全预警系统的研究和实现

结合哈尔滨铁路局实际运营系统 ,基于事故树分析理论 ,探讨了铁路安全预警系统的实现。首先论述了事故树的建立方法和以事故树分析法为基础的铁路安全预警系统的核心算法 ,然后讨论了具体实现的数据结构和事故树编码方法 ,最后简要提出了铁路安全预警系统的系统设计思想     

用于生产过程的故障诊断专家系统

讨论了利用人工智能技术来实现生产过程故障检测与诊断的原理。以液位控制系统为例，说明了“基于规则”和“规则架＋ 规则体”两种方法建立专家系统的过程及知识表达的思路