ISA CNTRL SYS SAF EVAL RELI-2010 Control Systems Safety Evaluation and Reliability (3rd Edition).pdf

1、Control SystemsSafety Evaluationand ReliabilityThird EditionControl SystemsSafety Evaluationand ReliabilityWilliam M. GobleThird EditionNoticeThe information presented in this publication is for the general education of the reader. Because neither the author nor the publisher has any control over th

2、e use of the information by the reader, both the author and the publisher disclaim any and all liability of any kind arising out of such use. The reader is expected to exercise sound professional judgment in using any of the information pre-sented in a particular application.Additionally, neither th

3、e author nor the publisher has investigated or considered the effect of any patents on the ability of the reader to use any of the information in a particular application. The reader is responsible for reviewing any possible patents that may affect any particular use of the information presented.Any

4、 references to commercial products in the work are cited as examples only. Neither the author nor the publisher endorses any referenced commercial product. Any trademarks or trade-names referenced belong to the respective owner of the mark or name. Neither the author nor the publisher makes any repr

5、esentation regarding the availability of any referenced commercial prod-uct at any time. The manufacturers instructions on use of any commercial product must be fol-lowed at all times, even if in conflict with the information in this publication.Copyright 2010 International Society of Automation67 A

6、lexander DriveP.O. Box 12277Research Triangle Park, NC 27709All rights reserved. Printed in the United States of America.1098765432ISBN 978-1-934394-80-9No part of this work may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopy

7、ing, recording or otherwise, without the prior written permission of the publisher.Library of Congress Cataloging-in-Publication DataGoble, William M.Control systems safety evaluation and reliability / William M. Goble.- 3rd ed.p. cm. - (ISA resources for measurement and control series)Includes bibl

8、iographical references and index.ISBN 978-1-934394-80-9 (pbk.)1. Automatic control-Reliability. I. Title. TJ213.95.G62 2010629.8-dc222010015760ISA Resources for Measurement and Control Series (RMC) Control System Documentation: Applying Symbols and Identification, 2nd Edition Control System Safety E

9、valuation and Reliability, 3rd Edition Industrial Data Communications, 4th Edition Industrial Flow Measurement, 3rd Edition Industrial Level, Pressure, and Density Measurement, 2nd Edition Measurement and Control Basics, 4th Edition Programmable Controllers, 4th EditionviiAcknowledgmentsThis book ha

10、s been made possible only with the help of many other persons. Early in the process, J. V. Bukowski of Villanova taught a graduate course in reliability engineering where I was introduced to the science. This course and several subsequent tutorial sessions over the years provided the help necessary

11、to get started.Many others have helped develop the issues important to control system safety and reliability. I want to thank co-workers; John Grebe, John Cusimano, Ted Bell, Ted Tucker, Griff Francis, Dave Johnson, Glenn Bilane, Jim Kinney, and Steve Duff. They have asked penetrating questions, arg

12、ued key points, made suggestions, and provided solutions to complicated problems. A former boss Bob Adams deserves a special thank you for asking tough questions and demanding that reliability be made a prime consideration in the design of new products.Fellow members of the ISA84 standards committee

13、 have also helped develop the issues. I wish to thank Vic Maggioli, Dimitrios Karydos, Tony Frederickson, Paris Stavrianidis, Paul Gruhn, Aarnout Brombacher, Ad Hamer, Rolf Spiker, Dan Sniezek and Steve Smith. I have learned from our debates.Several persons made significant improvements to the docum

14、ent as part of the review process. I wish to thank Tom Fisher, John Grebe, Griff Francis, Paul Gruhn, Dan Sniezek, Rainer Faller and Rachel Amkreutz. The comments and questions from these reviewers improved the book considerably. Julia Bukowski from Villanova University and Jan Rouvroye of Eindhoven

15、 University deserve a special thank you for their comprehensive and detail review. Iwan van Beurden of Eindhoven University also deserves a special thank you for a detail review and check of the examples and exercise answers. I also wish to thank Rick Allen, a good friend, who reviewed the draft and

16、 tried to teach the rules of grammar and punctuation. Finally, I wish thank my wife Sandy and my daughters Tyree and Emily for their patience and help. Everyone helped proofread, type, and check math. While the specific help was greatly appreciated, it is the encouragement and support for which I am

17、 truly thankful.ixContentsPREFACE xvABOUT THE AUTHOR xviiChapter 1 INTRODUCTION 1Control System Safety and Reliability, 1Standards, 4Exercises, 6Answers to Exercises, 7References, 7Chapter 2 UNDERSTANDING RANDOM EVENTS 9Random Variables, 9Mean, 18Variance, 21Common Distributions, 23Exercises, 27Answ

18、ers to Exercises, 29References, 31Chapter 3 FAILURES: STRESS VERSUS STRENGTH 33Failures, 33Failure Categorization, 33Categorization of Failure Stress Sources, 39Stress and Strength, 46Electrical Surge and Fast Transients, 55Exercises, 56Answers to Exercises, 56References, 57x Control Systems Safety

19、Evaluation and ReliabilityChapter 4 RELIABILITY AND SAFETY 59Reliability Definitions, 59Time to Failure, 59The Constant Failure Rate, 72Steady-State Availability Constant Failure Rate Components, 76Safety Terminology, 78Exercises, 85Answers to Exercises, 86References, 86Chapter 5 FMEA / FMEDA 87Fail

20、ure Modes and Effects Analysis, 87FMEA Procedure, 87FMEA Limitations, 88FMEA Format, 88Failure Modes, Effects and Diagnostic Analysis (FMEDA), 94Conventional PLC Input Circuit, 95Critical Input (High Diagnostic) PLC Input Circuit, 97FMEDA Limitations, 99Exercises, 99Answers to Exercises, 100Referenc

21、es, 100Chapter 6 FAULT TREE ANALYSIS 103Fault Tree Analysis, 103Fault Tree Process, 104Fault Tree Symbols, 105Qualitative Fault Tree Analysis, 106Quantitative Fault Tree Analysis, 108Use of Fault Tree Analysis for PFDavg Calculations, 114Using a Fault Tree for Documentation, 116Exercises, 118Answers

22、 to Exercises, 119References, 119Chapter 7 RELIABILITY BLOCK DIAGRAMS 121Reliability Block Diagrams, 121Series Systems, 123Quantitative Block Diagram Evaluation, 137Exercises, 146Answers to Exercises, 147References and Bibliography, 148Contents xiChapter 8 MARKOV MODELING 149Repairable Systems, 149M

23、arkov Models, 149Solving Markov Models, 151Discrete Time Markov Modeling, 154Exercises, 176Answers to Exercises, 177References, 177Chapter 9 DIAGNOSTICS 179Improving Safety and MTTF, 179Measuring Diagnostic Coverage, 186Diagnostic Techniques, 190Fault Injection Testing, 197Exercises, 197Answers to E

24、xercises, 198References, 199Chapter 10 COMMON CAUSE 201Common-Cause Failures, 201Common-Cause Modeling, 205Common-Cause Avoidance, 211Estimating the Beta Factor, 213Estimating Multiple Parameter Common-Cause Models, 215Including Common Cause in Unit or System Models, 216Exercises, 220Answers to Exer

25、cises, 220References, 221Chapter 11 SOFTWARE RELIABILITY 223Software Failures, 223Stress-Strength View of Software Failures, 226Software Complexity, 229Software Reliability Modeling, 238Software Reliability Model Assumptions, 248Exercises, 251Answers to Exercises, 252References, 253Chapter 12 MODELI

26、NG DETAIL 255Key Issues, 255Probability Approximations, 256Diagnostics and Common Cause, 268Probability of Initial Failure, 278Comparing the Techniques, 280xii Control Systems Safety Evaluation and ReliabilityIn Closing, 281Exercises, 281Answers to Exercises, 281References, 282Chapter 13 RELIABILITY

27、 AND SAFETY MODEL CONSTRUCTION 283System Model Development, 283Exercises, 302Answers to Exercises, 302References, 303Chapter 14 SYSTEM ARCHITECTURES 305Introduction, 305Single Board PEC, 306System Configurations, 310Comparing Architectures, 353Exercises, 355Answers to Exercises, 356References, 357Ch

28、apter 15 SAFETY INSTRUMENTED SYSTEMS 359Risk Cost, 359Risk Reduction, 360How Much RRF is Needed?, 361SIS Architectures, 366Exercises, 375Answers to Exercises, 376References, 376Chapter 16 LIFECYCLE COSTING 379The Language of Money, 379Procurement Costs, 381Cost of System Failure, 384Lifecycle Cost A

29、nalysis, 386Time Value of Money, 389Safety Instrumented System Lifecycle Cost, 395Exercises, 397Answers to Exercises, 398References, 399APPENDIX A STANDARD NORMAL DISTRIBUTION TABLE 401Contents xiiiAPPENDIX B MATRIX MATH 405The Matrix, 405Matrix Addition, 406Matrix Subtraction, 406Matrix Multiplicat

30、ion, 406Matrix Inversion, 407APPENDIX C PROBABILITY THEORY 413Introduction, 413Venn Diagrams, 414Combining Probabilities, 417Permutations and Combinations, 426Exercises, 430Answers to Exercises, 432Bibliography, 433APPENDIX D TEST DATA 435Censored and Uncensored Data, 439APPENDIX E CONTINUOUS TIME M

31、ARKOV MODELING 441Single Nonrepairable Component, 441Single Repairable Component, 444Limiting State Probabilities, 448Multiple Failure Modes, 450INDEX 455xvPrefaceThe ability to numerically evaluate control system design parameters, like safety and reliability, have always been important in order to

32、 balance the tradeoffs between cost, performance and maintenance in control system design. However, there is more involved than just economics. Proper pro-tection of personnel and the environment have become the issue. Increas-ingly, quantitative analysis of safety and reliability is becoming essent

33、ial as international regulations require justified and measured safety protec-tion performance. The ISA-84.01 standard defines quantitative performance levels for safety instrumented systems (SIS). New IEC safety standards and the industry specific companion standards do the same. In general these s

34、tandards are not prescriptive, they do not say exactly how to design the system. Instead, they advise the quantitative safety measurements that must be met and the designer considers various design alternatives to see which design meets the targets.This general approach is very consistent with those

35、 who work to economi-cally optimize their designs. Design constraints must be balanced in order to provide the optimal design. The ultimate economic success of the pro-cess is affected by all of the design constraints. True design optimization requires that alternative designs be evaluated in the co

36、ntext of the con-straints. Numeric targets and methods to quantitatively evaluate safety and reliability are the tools needed to include this dimension in the opti-mization process.As with many areas of engineering, it must be realized that system safety and reliability cannot be quantified with tot

37、al certainty at the present time. Different assumptions are made in order to simplify the problem. Failure xvi Control Systems Safety Evaluation and Reliabilityrate data, the primary input required for most methods, is not precisely specified or readily available. Precise failure rate data requires

38、an exten-sive life test where operational conditions match expected usage. Several factors prevent this testing. First, current control system compo-nents from quality vendors have achieved a general level of reliability that allows them to operate for many, many years. Precise life testing requires

39、 that units be operated until failure. The time required for this testing is far beyond the usefulness of the data (components are obsolete before the test is complete). Second, operational conditions vary significantly between control systems installations. One site may have failure rates that are

40、much higher than another site. Last, variations in usage will affect reliabil-ity of a component. This is especially true when design faults exist in a product. Design faults are probable in the complex components used in todays systems. Design faults, “bugs,” are almost expected in complicated soft

41、ware. In spite of the limitations of variability, imprecision, simplified assump-tions, and different methods: rapid progress is being made in the area of safety and reliability evaluation. ISA standards committees are working in different areas of this field. ISA84 has a committee working on method

42、s of calculating system reliability. Several methods that utilize the tools cov-ered in this book are proposed. Software reliability has been the subject of intense research for over a decade. These efforts are beginning to show some results. This is impor-tant to the subject of control systems beca

43、use of the explosive growth of software within these systems. Although software engineering techniques have provided better design fault avoidance methods, the growth has out-stripped the improvements. Software reliability may well be the control system reliability crisis of the future.Safety and re

44、liability are important design constraints for control systems. When those involved in the system design share common vocabulary, understand evaluation methods, include all site variables and understand how to evaluate reliable software; then safety and reliability can become true design parameters.

45、 This is the goal.William M. GobleOttsville, PAApril 2010xviiAbout the AuthorDr. William M. Goble has more than 30 years of experience in analog and digital electronic circuit design, software development, engineering management and marketing. He is currently a founding member and Principal Partner

46、with exida, a knowledge company focused on automation safety and reliability.He holds a B.S. in electrical engineering from Penn State and an M.S. in electrical engineering from Villanova. He has a Ph.D. from the Department of Mechanical Reliability at Eindhoven University of Technology in Eindhoven

47、, Netherlands, and has done research in methods of modeling the safety and reliability of automation systems. He is a Professional Engineer in the state of Pennsylvania and holds a Certified Functional Safety Expert certificate.He is a well-known speaker and consultant and also develops and teaches

48、courses on various reliability and safety engineering topics. He has written several books and has authored or co-authored many technical papers and magazine articles, primarily on software and hardware safety and reliability, and on quality improvement and quantitative modeling.He is a Fellow Membe

49、r of the International Society of Automation (ISA) and is a member of IEEE, AIChE, and several international standards committees.11IntroductionControl System Safety and ReliabilitySafety and reliability have been essential parameters of automatic control systems design for decades. It is clearly recognized that a safe and reliable system provides many benefits. Economic benefits include less lost pro-duction, higher quality product, reduced maintenance costs, and lower risk costs. Other benefits include regulatory compliance, the abil