This paper introduces an optimal logic structure of a safety monitoring system to minimize the expected total loss incurred upon fail-dangerous (FD) failures or fail-safe (FS) failures. This paper is divided into three parts.
The first part considers the safety monitoring system composed of several channels. Each channel has identical sensors to monitor a plant state variable, e. g., temperature or pressure. When a state variable becomes abnormal, the corresponding channel issues a channel alarm for protective action. The problem is to design an optimal, coherent structure for each channel when the channels are logically connected according to an accident occurence mechanism. For the one-channel system, the optimal channel structure is proven to be
k*-out-of-
n:
G, and
k* can be calculated analytically. For the multi-channel system, the optimal channel structure is a
k-out-of-
n:
G, and the problem is formulated as a non-linear integer programming (NLIP) which can be solved by the extended Lawler and Bell's method.
The second part generalizes the first part to cover more general optimization of the logic structure without assuming ad-hoc channel connections. The optimal, Boolean structure can be determined by a switching function. The monotone property enables one to employ a systematic search method for a simple expression of the optimal structure. A probabilistic logic structure is discussed and proven to be reduced to a deterministic one.
The last part disccusses an optimal shut-down logic for the overall protective system, which is composed of the driving, judging, and sensing sections. Each section may fail in two ways: FD or FS. The optimal shut-down logic, as before, is determined by a switching function. For the system with reliable judging and driving sections, the optimal shut-down logic can be determined based on the reliability information of the sensing section.
抄録全体を表示