Fault and Event Tree

Introduction Fault Tree Analysis and Event Tree Analysis are hazard assessment tools that have been widely used estimate the likelihood of occurrence of accidents and other undesired losses in life’s events. They help identify and detect hazards in a system or facility and give a provisional evaluation of any scenario that may lead to events that can be considered potentially hazardous (Acharya et al. 1990).Advertising We will write a custom assessment sample on Fault and Event Tree specifically for you for only $16.05 $11/page Learn More With increased sharing of information and the use of internet and computerization created a challenge that had to be handled: the challenge of security of these security models and intelligence that was to be shared. This then made the importance of the safety aspect in any industry become one of the main sources of its success. In search of security models and systems such tools like fault tree, event tree, fail ure mode effect analysis, and reliability block diagram emerged as a way to assess system’s safety. This paper is a detailed study of the concept of Fault Tree analysis and Event Tree Analysis with a focus on the safety injection system (SIS). Fault tree analysis refers to a graphical representation of an interaction of failures which lead to a defined top event. A Fault Tree Analysis (FTA) is developed using a â€Å"top-down† approach, and is a powerful tool for modeling combinations of independent and common mode failures. They are used to capture both hardware and human errors. Event tree analysis, on the other hand, is a graphical representation of logic, showing how the time sequences of events develop. They can be multiple outcomes, and are mostly used with binary branches (Rechard 1999). In the fault tree analysis, minimum cut sets are crucial in pointing out leads to undesired events that may result to top-event. In the event tree analysis, the steps to be foll owed are: identifying the initiating event; identifying safeguards and then determining the outcomes; constructing event tree on the basis of all customers; classifying the outcomes in groups with consequences that are similar; quantifying branch probabilities; quantifying outcomes; and testing outcomes. Thus, an event tree is simply a graphical illustration of scenarios of events that are likely to result from an initiating-event.Advertising Looking for assessment on business economics? Let's see if we can help you! Get your first paper with 15% OFF Learn More Definition of the Problem The problem for which this system is designed is the problem of losing of coolant from a nuclear reactant plant. It is crucial to have a well operational system for a nuclear plant given the danger that the plant poses to the environment and the lives of those working on it and residing in its vicinity. It therefore crucial for every part of it to operate fully well and satisfactory wh ich means that failures of such a crucial place as the coolant is of great importance to the proper running of the system and its safety to those working on it (Gianni 2006). Description of the System together with its Schematic and Principle of Operations The illustration in figure 1 shows the safety injection pump flow paths. The major components of the system include the accumulators, the storage tanks, the pressure pumps, and the containment sump. The safety injection pump functions in two phases, the first being the injection or the suction from the tank into the reactor, and the recirculation phase wherein the pumps suck from the containment sump. They key objectives of a nuclear safety system includes shutting down the reactor, ensuring it remains shut down and preventing any discharge of radioactive materials in case of accidents or unfortunate events. A safety injection system makes use of the variations of the density of water in inducing natural circulatory flow (Hixenbau gh 1968). For nuclear power plants, a kind of emergency water system is important in cases where normal functioning may be lost or in cases where there may be an occurrence of a major breakdown. The safety injection pump system is a very important component in any given system especially in a nuclear power plant where a lot of heat is generated. The failure of a safety injection system thus has fatal implications to the system and an elaborate risk assessment is essential to contain the situation. The heat exchanger is also a vital part of the nuclear power reactor which is responsible for the cooling and therefore its failure is tremendous to the operation of the system. Schematic Description of the Coolant System: Reactor cooling systemAdvertising We will write a custom assessment sample on Fault and Event Tree specifically for you for only $16.05 $11/page Learn More Figure 1 Data Sources and Assumptions for Reliability and Human Error Data Calculati on of Failure Probability In the calculation of the failure probability of the system, the test intervals that have been taken were done so at the interval of three months each. This information is shown in the table 1 below. This failure rate data was taken from books which contained quantitative risk assessment methods and the past research which have been conducted to determine probabilities of failures of the various components or the events in a given system identical to the one under study. Computation The computational formula was FP= FRD x time in hours/2 Given a test interval of three months, the time interval was taken to be 2190 hours, obtained as (365 days x 24 hours) x (3 /12 months) = 2190 hours For example, the failure probability (FP) for the RWST = 63E-6*2190/2 = 3.942E-3Advertising Looking for assessment on business economics? Let's see if we can help you! Get your first paper with 15% OFF Learn More Where 22.456E-6 is the failure rate data for the core obtained from the available literature (Gertman and Blackman 1994). The rest of the computations are summarised below Basic Event Failure Mode Failure Rate: ï  ¬ Source Failure(ï  ¬ t /2) Probability RWST Ruptured 36 E-6 IAEA, TECDOC-930 3.942 E-3 High Pressure Safety Injection (HPSI) Pump(HPSIP) Failure to run 0.1467E-6 NPRD-95 2-224 1.606 E-4 Low Pressure Safety Injection (LPSI) Pumps(LPSIP) Failure to run 0.16E-6 Assumed 1.752E-4 HPSI Pump Orifice Bypass Valves(OBV) and Flow Orifices(FO) Failure to open 4.2 e-7/h WASH-1400 4.599 E-4 HPSI Header Injection Valves (HPSIHIV) Failure to open 3.9 e-7/ h Assumed 4.2705 E-4 Hot Leg Injection Valves(HLIV) Failure to open 3.9 e-7/ h Assumed 4.2705 E-4 Minimum Flow Line Isolation Valves(MFLIV) Failure to balance the flow 6.8e-6/h IAEA, TECDOC-930 7.446 e-3 LPSI Header Isolation Valves(LPSIHIV) Failure to function 2 e-6/h Assumed 2.2 e-3 Heat Exchange(HE) Rupture 2.1 e-6/ h IAEA, TECDOC-930 2.2995 e-3 LPSI Pump Suction Isolation Valves(LPSISIV) Failure to open 0.3e-6/h IAEA, TECDOC-930 3.285 e-3 Human Error (HERR) Error of commission WASH-1400 3 e-3 Power(P) Failure to supply required output Assumed 1.5 e.-4 Analysis Results and Conclusions The second column of the Table shows a brief description of the failure; column three shows the failure rate data obtained from available literature (Gertman Blackman 1994); the fourth column shows the assumed reference of the failure rate, while the last column displays the failure probability. Fault tree analysis logically explains how and why a failure might come about (Aven 2008). An appropriate design of a Fault Tree Analysis has to have specific elements that have to be done key of which are: The gate symbols and types should be set so as to represent fault tree logic A top-down approach ought to be employed Failure modes ought to be identified. The minimum cut set table makes use of AN D gates in computation of the probabilities. This means that all the components in Table 2 are AND gates and are therefore multiplied. Cut set values are obtained by multiplying probabilities of two related components in the system. These cut set values are very vital in fault tree analysis since they show trends for different fault points in a given system. Minimum cut sets for a simple fault tree such as this for an injection system could be directly determined â€Å"from the fault tree or from the associated reliability diagram† (Aven 2008, p. 75). However for more complex fault tree diagrams, computer programs can be written to compute it automatically. The probabilities of individual components in the system were obtained from Table 1. In this system, the following formula was applied (for the first cut set): (Probability of RWST) X( High Pressure Safety Injection Pump(HPSIP)) = the probability of time RWST with High Pressure Safety Injection Pump. For example, RWSTX Hig h Pressure Safety Injection (HPSI) Pump (HPSIP) = 3.942 E-3*1.606 E-4= 1.683e-7. Cut set values for the whole system are found in this manner. Cut set Probability Cut set Probability RWST.HPSIP 6.331e-7 HPSIP.HPSIHIV 1.683e-7 RWST.LPSIP 6.906e-7 HPSIP.HE 9.065e-7 RWST.OBV 1.813e-6 HPSIP.HLIV 1.683e-7 RWST.FO 1.813e-6 LPSIP.MFLIV 1.305e-6 RWST.HE 9.065e-6 LPSIP.LPSISIV 3.854e-7 HERR.P 4.5e-7 LPSIP.HE 4.029e-7 HERR.HPSIP 4.818e-7 HLIV.HERR 1.281e-6 HERR.LPSIP 5.256e-7 P.LPSIP 2.628e-8 HERR.HE 6.899e-6 RWST.P 5.913e-7 HERR.LPSISIV 6.6e-7 P.FO 6.899e-8 HPSIP.OBV 7.386e-8 LPSISIV.HE 9.820e-7 HPSIP.FO 7.38e-8 HPSIHIV.HE 9.064e-7 Total Probability 2.858 E-5 The total probability of failure to cool the RSWT on demand was found to be 2.858 E-5. This number will be the Total Probability TP. Fussel Vessely and Birnbaum Fussel vessely and birnbaum values play a critical role in fault tree analysis. These values also indicate probability of a risk in the system. The Fussel Vessely is obtained by adding all the probabilities containing a specific component in table 2 then dividing by the total probability TP found in table 2 (Ericson 1999). An example can be given as (Core.SIS) + (Core. SP)/TP= (1.676+1.536)E-5/4.673E-5=0.676 Birnbaum values are obtained by taking the sum of probability in table 2 and dividing by the specific component probability (Gianni 2006). For example, Core/TP= 22.44E-5/4.673E-5=0.481 (Lindsay 1997). Basic Event Fussel Vessely Birnbaum Core 0.685 0.481 Pressurizer (PZR) 0.043 0.016 Steam Generator (SG) 0.092 0.06 Reactor coolant pump (RCP) 0.014 0.012 Safety valve (SV) 0.022 0.002 Main steam isolation valve (MSIV) 0.020 0.053 Throttle valve (TV) 0.012 0.090 Moisture separator reheater (MSR) 0.043 0.082 Main turbine (MTHP) 0.060 0.074 Turbine LP (TLP) 0.074 0.056 Main condenser (MC) 0.036 0.030 Condensate pump (CP) 0.062 0.006 Clean up system (CUS) 0.085 0.010 LP heat er (LPH) 0.024 0.012 HP heater (HPH) 0.040 0.024 condensate storage tank (CST) 0.063 0.043 safety injection system (SIS) 0.070 0.032 safeguards pumps (SP) 0.012 0.015 auxiliary feed water 0.540 0.032 It is obvious that more emphasis should be given to the core in the AC power supply parts to increase the reliability of the safety injection system. Both Fussel Vessely and Birnbaum analyses concurred on this matter. The major contributor to the failure probability is common mode failure in the AC power supply parts of the safety injection system. Also, it is much easier and cheaper to increase the reliability of the DC system than the AC part. For instance, the Fussel Vessely analysis indicates that increasing the reliability of switches can increase reliability significantly. So, it is easy to do so by using diversification, redundancy, segregation of switches to increase the reliability of the DC system. Meanwhile, Birnbaum analysis indicates that more diversified batte ries will achieve higher reliability. This also can be easily achieved. Figure 2 Fault Tree Diagram The fault tree diagram is ascertained by using both the table of failure rate and failure probabilities and the minimum cut sets. This is done based on the assessment of the results and in this case the top event is RWST. However, realistic failure of this event will emanate from sequential failure events that fall under the top event. The probability value is used in the development of a fault tree. The failure of a given part in the event tree is ascertained by using a AND logic function for all the components which make up that particular part. The various parts’ probabilities of failure are then combined using OR gate so that they can built up to the ultimate event which is a representation of the all system (Fayssal 2000). Moreover the cut set values are the most probable causes of the failure of the top event. The main reason for the use of cut set values is that they ar e critical in the analysis of the fault tree since they give the various combinations which lead to failure junctions in the all system. In this case the cooling system displays multiple fault points indicated by either AND or OR gate depending on the relationship of the preceding events or components. Event Tree Analysis Model for Plant Hazard To illustrate the event tree analysis, several hypothetical scenarios were analyzed. First is the scenario where a valve fails to open or close as required, taking for instance v2, then the heat exchange will not get the heated water from the reactor and therefore there will be no heat exchange taking place. The pump p1 will fail to function and as a result the valve v1 will also not function and thus the top event which is the RWST will be affected. A second scenario is where the heat exchange fails to function as expected and therefore the heat from the reactor is not removed. This means that the heat is returned back to the reaction chambe rs therefore this makes the reactor to malfunction or melt. RWST will be affected since the hot fluid in the reaction chamber which is meant to be cooled first before circulating back remains hot. The heat exchanger is also meant to transfer heat to be reused in the system but when this fails it means that heat is wasted. The cooling system with no doubt will fail whenever any of the activities which lead to the top most event, RWST malfunctions. It is evident therefore that the failure of one of the events in the event tree will lead to malfunctioning of the preceding event in t and eventually affect the top most event in the system. This calls for effective measure to be put in place to mitigate the failure of any of the events in the event tree. The event tree analysis in this case was conducted in a qualitative manner (Faysbe et al 2000). Figure 3 Event Tree Diagram This analysis is based on the event of core failure as discussed hereunder. The core can melt the moment a relent less, compounded failure of a system or components makes the reactor-core to stop being cooled properly, thus making its assemblies to be overheated and/or melt and hence may cause them to explode. Typically, the event tree analysis is created with the aim of illustrating the various impacts of the core event. Event Tree Analysis Assessment, results and Conclusion Given the results obtained and indicated above, there are several conclusions that can be drawn from the foregoing discussion for the Event Tree Analysis. It can be seen that the impact with the highest probability is valve failure and/ or heat exchange failure, which haves a probability of as high as 50 percent. The explanation for this is that the valve is likely to have failed and therefore remained open. In actual sense, heat exchange failure can lead to a core melt making the reactor unusable until the power plant is repaired. The corollary of this is that the operator will incur additional expenses, or effort to prev ent this from taking place or to repair it (Eckberg 1964). Conclusion The main objective behind all hazard assessment tools such fault tree analysis (FTA) and event tree analysis (ETA) is to identify hazards in a facility, and evaluate any possible scenario that leads to unwanted events. Identifying the hazards is a crucial step in risk management. If hazards were not identified, they will not be managed (Launer 2005). All in all, Fault Tree and Event Tree Analysis are among the most proficient methods of risk assessment and this takes special specialty when they are used to identify the most probable causes of failure in a system as well as giving particular details of cases of multiple failures. The tree analyses are important especially in the nuclear industry because of the involvement of huge costs and substantial effort. In the fault tree analysis, minimum cut sets are crucial in pointing out leads to undesired events that may result to top-event. The foregoing discussions, as sessments, designs and conclusions of the application of ETA and FTA to a nuclear power plant specifically referring to the problem of failure in the plant’s safety injection system greatly helps to pontificate this idea of the centrality of these methods in fault determination and failure identification in systems. They key objectives of a nuclear safety system includes shutting down the reactor, ensuring it remains shut down and preventing any discharge of radioactive materials in case of accidents or unfortunate events. The effectiveness of these methods therefore makes them centrally important in the formulation of possible remedies to foreseen failures in different systems and plants in any industrial design as well as corporations. References Acharya et al., 1990. Severe Accident Risks: An Assessment for Five U.S. Nuclear Power Plants. Washington, DC: U.S. Nuclear Regulatory Commission. Aven, T., 2008. Risk Analysis: Assessing Uncertainties Beyond Expected Values and  Probabilities. Wiley: Chichester. Eckberg, C.R., 1964. Fault Tree Analysis Program Plan. Seattle, WA: The Boeing Company. Ericson, C., 1999. Fault Tree Analysis – A History, Proceedings of the 17th International Systems Safety Conference. Washington: Seattle. Fayssal, S., 2000. Overview of Quantitative Risk Assessment Methods. MSFC, WA: The Boeing Company. Gertman, D. Blackman, H.S., 1994. Human reliability and safety analysis data  handbook Handbook. New York: John Wiley and Sons. Gianni, P., 2006. Nuclear Safety. Seattle, WA: The Boeing Company. Hixenbaugh, A.F., 1968. Fault Tree for Safety. Seattle, WA: The Boeing Company. Launer, L.J., 2005. Severe Accident Risks: An Assessment for Five U.S. Nuclear Power Plants, WA: The Boeing Company. Lindsay, J., 1997. Fault Tree Analysis Program Plan. Seattle, WA: The Boeing Company. Rechard, P., 1999. Historical Relationship between Performance Assessment for Radioactive Waste Disposal and Other Types of Risk Assessment in the Un ited States. Risk Analysis, (Springer Netherlands), 19(5), p.763807. This assessment on Fault and Event Tree was written and submitted by user Aiyana Hurst to help you with your own studies. You are free to use it for research and reference purposes in order to write your own paper; however, you must cite it accordingly. You can donate your paper here.

Information Security The Physical Security Factor

Information Security The Physical Security Factor Today, more than ever before, healthcare organizations are increasingly becoming dependent on computer-based systems to access critical patient data and provide treatment solutions remotely via virtual private networks (VPNs).Advertising We will write a custom essay sample on Information Security: The Physical Security Factor specifically for you for only $16.05 $11/page Learn More Consequently, any kind of disruption targeting these information systems may occasion consequences ranging from inconvenience to catastrophe (Loch, Carr Warkentin, 2002). But while research in both academia and industry has developed effective technological and software-based solutions to protect information systems against possible threats and attacks (Stajano Wilson, 2011), only a handful of the articles found in various databases pay close attention to the physical aspect of information security (Huigang Yajiong, 2010). This paper is devoted to outlining some of the fundamen tal steps that need to be considered for the physical security of computers used in an urgent care center to access patient data and their email system via a VPN. Stajano Wilson (2011) note that effective countermeasures against security threats to information systems depend on first strengthening the human element to make users understand how they can naturally fall victim to fraudsters. This therefore implies that users, in this case physicians and other health practitioners, need to be exposed to some form of training on how they can use the system without compromising the security aspect of the network. For instance, system users could be exposed to formal training on how to discard used electronic media containing sensitive patient information through available techniques instead of leaving the information on the computer drives.Advertising Looking for essay on it? Let's see if we can help you! Get your first paper with 15% OFF Learn More Purging is one such technique that could be used by the practitioners to completely erase sensitive files which may have been deleted from the computer drives but not overwritten with other data (Walters, 2007). From a holistic security engineering standpoint, computers are often vulnerable to instances of theft and other possible attacks if the immediate physical environment is not secured (Stajano Wilson, 2011). This therefore implies that doors leading to the computer rooms must not only be secure, but must be kept under lock and key and windows adequately grilled to curtail any occurrence of unauthorized access to the computer rooms (Walters, 2007). Indeed, many organizations have a policy that restricts entry to the computer and server rooms to authorized personnel, in most occasions a systems analyst or administrator. It should be noted that this aspect of physical security is fundamentally important since all the other factors are dependent on how safe the computer or server room is from possible attacks and illegal access. Engaging trained security personnel and dogs to physically protect the information systems is yet another physical aspect of information security that is intrinsically important yet seldom considered by many organizations (Loch et al, 2002). Patient data is sensitive in nature, thus the need to engage all efforts that may be deemed necessary to protect the computers from theft or illegal access. Consequently, trained security personnel forms a critical aspect of the physical security of information security needed to secure the computer rooms and the immediate environment from possible attacks, which may result in the theft of computers and by extension the loss of critical data (Perrig, Stankovic Wagner, 2004). Dogs are always useful in repelling thieves from accessing the urgent care center.Advertising We will write a custom essay sample on Information Security: The Physical Security Factor specifically for you for only $16.05 $11/pa ge Learn More Access to computer areas and server rooms should be restricted through the use of identification badges or authorization cards to ensure that only the authorized health practitioners gain access to these critical areas (Perrig et al, 2004). For instance, the organization may invest in electronic identification badges that must first be accepted by the system or the door lock for them to gain access to the information stored in the computers. Research has demonstrated that identification cards and access control points inarguably decrease the possibility of attackers to physically tamper with information stored in computer systems or to even have access to areas where such computers may be located (Loch et al, 2002). Physical security of information systems cannot be complete without engaging the authentication processes via personal identification numbers (PIN), passwords, computer locks, and other devices that may be used to limit access to authorized users only. According to Renaud De Angeli (2009), â€Å"†¦authentication is required to verify that the user’s proffered identity is valid† (p. 135). It is only plausible for physicians and other health practitioners using the VPN to access sensitive patient data to memorize their PINs and/or passwords rather than writing them down on a piece of paper because such information could be accessed by other employees or external individuals harboring ulterior motives. Computer locks could always be employed to prevent other employees or strangers from gaining access to the data stored in the computer or from manipulating computer hardware configurations with the aim to steal data or remotely control the computer system (Stajano Wilson, 2007). Lastly, the environmental factors need to be effectively controlled to make the physical security of information systems a reality.Advertising Looking for essay on it? Let's see if we can help you! Get your first paper with 15% OFF Learn More Instances of fire outbreak, flooding of computer areas and server rooms, extremely high temperatures, electricity variations and other environmental concerns need to be effectively managed to prevent loss of use and loss of productivity of the information systems (Perrig et al, 2004). For instance, flooding of the server room may occasion protracted dysfunctions of the server system, leading to loss of connectivity and subsequent loss of access to critical patient data even among the authorized users. Going by this example, therefore, the urgent care center should invest in an effective drainage system to prevent instances of flooding. Reference List Huigang, L., Yajiong, X. (2010). Understanding security behaviors in personal computer usage: A threat avoidance perspective. Journal of the Association for Information Systems, 11(7), 394-413. Retrieved from Business Source Premier Database. Loch, K.D., Carr, H.H., Warkentin, M.E. (2002). Threats to information systems: Today’ s reality, yesterday’s understanding. MIS Quarterly, 16(2), 173-186. Retrieved from Business Source Premier Database. Perrig, A., Stankovic, J., Wagner, D. (2004). Security in wireless sensor networks. Communication of the ACM, 47(6), 53-57. Retrieved from Business Source Premier Database. Renaud, K., De Angeli, A. (2009). Visual passwords: Cure-all or snake-oil? Communications of the ACM, 52(12), 135-140. Retrieved from Business Source Premier Database. Stajano, F., Wilson, P. (2011). Understanding scam victims: Seven principles for systems security. Communications of the ACM, 54(3), 70-75. Retrieved from Business Source Premier Database. Walters, L.M. (2007). A draft of an information systems security and control course. Journal of Information Systems, 21(1), 123-148. Retrieved from MasterFILE Premier Database.