robin/Robin_PHD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

3 mile island used as example for subjective and objective FMEA

Browse Source 
reasoning.
This commit is contained in:
Robin Clark 2013-05-28 06:55:42 +01:00
parent 52a9dba6b7
commit fc039d280b
1 changed files with 26 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
submission_thesis/CH8_Conclusion/copy.tex
View File

@ -483,9 +483,33 @@ The executive decisions about deploying systems are in the domain of management
%
The dangers, or potential negative effects of a safety critical system depend not only on the system its self,
but on the environment they are used in
and other human factors such as the training level of operatives~\cite{stranks2007human}.
and other human factors such as the training level of operatives, psychological and logical factors in
the Human Machine Interface~(HMI) and the environment the equipment is used in~\cite{stranks2007human}.
%
We could term this subjective reasoning. With the system level failure
\paragraph{Objective and Subjective Reasoning in FMEA: Three Mile Island nuclear accident example.}
An example of objective and subjective factors can be derived from the accident report on the 1979 3-mile island
nuclear accident~\cite{safeware}[App.D]. Here, a vent valve for the primary reactor coolant (pressurised water) became stuck open.
This condition causes an objectively derived failure mode, temporary loss of coolant due to a stuck valve.
%
This, if recognised correctly by the operators would have lead to
a short reactor shut-down and then
a maintenance procedure to replace the valve.
%
The failure was not recognised in time however, and coolant was lost
until a partial meltdown of the reactor fuel occurred, with a resulting
leak of radioactive material into the environment.
%
For the objective failure mode determined by
FMEA, that of temporary loss of coolant,
we would not reasonably expect this to go unchecked and cause such a critical failure.
%
The criticality level is therefore subjective. We cannot know how the operators
would have reacted, and deficiencies in the HMI were not a factor in the failure analysis.
\paragraph{Further Work: Objective and Subjective Reasoning in FMEA.}
%
We could term the criticality prediction to be in the domain of subjective reasoning. With the system level failure
we have to determine its level of criticality, or how serious the risk posed is.
%
Two methodologies have started to consider this aspect, FMECA with its criticality and probability factors, and