Main Breaker Swgr "A" Tje

Switch Gear "A" Buss

Normally Open

Commercial Power "3" V

Main Breaker Swgr "3" )

Switch Gear "3" Buss

Non-Critical Loads "A" Non-Critical Loads "B"

Automatic Transfer Switch (ATS)

Emergency Generator Breaker

Non-Critical Loads "A" Non-Critical Loads "B"

Automatic Transfer Switch (ATS)

Emergency Generator Breaker

Critical Load Switch Gear Buss

Critical Loads

Figure 23.7 Simplified electric distribution system for example.

loads are in an unscheduled forced outage. The upper portion of the matrix is left blank in this example since it is a mirror image of the lower portion.

The highlighted diagonal is the intersection of a component with itself and represents the single point failures. The results of the FMECA are verified since the three components identified as single point failures are now shown to be level 4 failures along the diagonal. Since these components are single point failures their rows and columns are filled with 4's denoting a catastrophic loss of power when they and any other component are simultaneously failed. Six additional level 4 failures appear on the chart that represent true double component failures. All of these involve the inability to transfer commercial power to the critical load buss and a simultaneous failure of the emergency generator or its support equipment. This could lead the facility manager to investigate alternate systems configurations that have more than one way of transferring commercial power to the critical loads. Additionally, the threats that can reasonably be expected to damage the components involved in level 4 failures should be carefully explored and countermeasures implemented to reduce the likelihood of damage. The level 3 failures that occur along the diagonal also merit special attention.

23.2.2 Deductive Method

Fault Tree Analysis is the most useful of the deductive methods and is preferred by the author above all the inductive methods. Benefits include an understanding of all system failure modes, identification of the most critical components in a complex network, and the ability to objectively compare alternate system configurations. Fault trees use a logic that is essentially the reverse of that used in event trees. in this method a particular failure condition is considered and a logic tree is constructed that identifies the various combinations and sequence of other failures that lead to the failure being considered. This method is frequently used as a qualitative evaluation method in order to assist the designer, planner or operator in deciding how a system may fail and what remedies may be used to overcome the cause of failure3.

The fault tree is a graphical model of the various combinations of faults that will result in a predefined undesired condition. Examples of this undesired condi-

0 0

Post a comment