Single-Point Failure Analysis RAM Program Recap

Follow-Up + Conclusion

University of Iowa: Single-Point Failure Analysis RAM Program Recap

University of Iowa – Single-Point Failure event – Reliability Engineering – ASME RAM-1 Standard

Approach

1. Program Statement 2. Existing P&ID 3. OM&R Analysis Phase 1 4. Single-Point Failure Analysis 5. Failure Modes, Effects, & Criticality Analysis 6. RAM Program Manual 7. Reliability-Centered Maintenance 8. Operations, Maintenance, & Repair Guidelines 9. Specification Guidelines Phase 2 10. Training 11. Audit

Product

Task 1 : PROGRAM STATEMENT

• Description: – A compilation of documents that establish the purpose of the power plant and the RAM Program.

• Results: – Scope of work – Basis of Design – Functional Requirements

Product

Task 1 : PROGRAM STATEMENT

Product

Task 2 : SCHEMATIC DRAWINGS

• Description: – Establish a current set of accurate existing condition drawings.

• Results: – 129 Drawings • Engineering Design • Operations • Maintenance • Training

Product

Task 2 : SCHEMATIC DRAWINGS

• Formatted for valve labeling. • Operating/Training Procedures. • Maintenance Planning/LOTO. • Engineering documents.

Product

Task 3 : OM&R ANALYSIS

• Description: – Evaluation of the effectiveness of the current OM&R practices along with recommendations.

• Results: – Phase 1 improved RAM-1 compliance from 55% to 74%. – Phase 2 has an anticipated compliance of > 90%.

INITIAL REVISED REFERENCE DESCRIPTION COMMENTS STATUS STATUS PARAGRAPH (Phase 1) 6 RAM DESCRIPTION 6.1 Predevelopment Phase There is no complete RAM Program in effect, however, there are many requirements being 2 4 6.1.a Requirements for the Implemenation of the Program developed with the Program Statement. There are good documents describing the plant, but there are areas/components that are not 4 5 6.1.b Basic Plant Description adequately described. 6.1.c Lifespan of Plant and Life-Extension Method Lifespan and life-extension methods are not clearly addressed. 2 3 6.1.d Functional Requirements Functional requirements are stated in many of the SOPs, but many systems are not addressed. 3 4 6.1.e Availability Requirements These are stated, but not clearly defined. 3 4 6.1.f Reliability Requirements These are not addressed. 1 4 6.1.g Maintainability Requirements These are implied, but not clearly stated. 2.5 4 6.1.h Performance Objectives and Goals These are implied, but not clearly stated. 1 5 6.2 Program Development 6.2.1 Program Statement There is some data for some systems and components. 2 5 6.2.2 Program Goals There are goals for some systems and components. 3 5 There is good documented safety measures in place. There have not been any reported major 4 4 6.2.2.a Safety safety violations or injuries. 6.2.2.b Reliability Reliability has been an issue resulting in a greater dependancy on redundancy. 2 4 6.2.2.c Availability Overall plant availability is very good, with very few major excursions. 4 4 Maintenance is working with the limited manpower trying to stay ahead of some reactive 3 4 6.2.2.d Maintainability maintenance. 6.2.3 Program Organization 3.5 4 6.2.3.a Owner The heirarchy is clearly defined in the Organization Chart, but responsibilties are not shown. 3.5 4 6.2.3.b Program Manager The heirarchy is clearly defined in the Organization Chart, but responsibilties are not shown. 3.5 4 6.2.3.c Engineer The heirarchy is clearly defined in the Organization Chart, but responsibilties are not shown. 3.5 4 6.2.3.d Operator The heirarchy is clearly defined in the Organization Chart, but responsibilties are not shown. 3.5 4 6.2.4 Program Design 2 4 6.2.4.a The Program shall consider the following: 6.2.4.a.1 Government and Agency Requirements There have not been any reported major legal violations. 4 4 6.2.4.a.2 Environmental, health, and safety laws and regulations There are good measures in place to protect the environment, health, and safety. 4 4 6.2.4.a.3 Safety standards There have not been any reported legal violations. 4 4 6.2.4.a.4 Agreements and Contractual Requirements There have not been any requirements stated that have been problematic. 4 4 Equipment and Operational Codes as Specified by Jurisdictional Agencies 4 4 6.2.4.a.5 or Insurance Providers There have been some minor recommendations/violations from (boiler) inspections. 6.2.4.a.6 Objectives as stated in the Design Basis No design basis has been provided, however, most MPP objectives appear to understood. 3 4 6.2.4.b The Program should consider and address the following: 3 4 6.2.4.b.1 Identify Physical Plant Systems, Boundaries, Equipment, and Structures Most of the equipment are identified in AIM, but the boundaries/extents are not clearly stated. 6.2.4.b.2 Determine Criticality Definitions (Classification Bins for Risk) Criticality has not been clearly defined. 1.5 5 6.2.4.b.3 Establish Criticality Methodology Criticality methodology has not been clearly defined. 1 5 6.2.4.b.4 Classify Equipment Criticality Certain pieces of equipment/systems have been labeled as critical. 3 5 6.2.4.b.5 Assess Risk to Plant Performance through Failure Analysis by: 6.2.4.b.5.a Failure modes, mechanisms, and causes FMEC have not been identified. 1 5 6.2.4.b.5.b Failure Probability Failure probability has not been identified. 1 5 6.2.4.b.5.c Failure Consequence Failure consequene has not been identified. 1 5 6.2.4.b.6 Idenfity Methods that Mitigate Failure Causes Some failure causes have been identified through experience. 2.5 3 Review Technology that , when Implemented, will Mitigate Risk of Failure 3 3 6.2.4.b.7 for Critical Equipment Implementing new technology is infrequently reviewed for risk mitigation. Review Monitoring and Alarms Required to Determine Plant Performance 3 3 6.2.4.b.8 Deterioration… implementing new locations for measurement and monitoring are occasionally reviewed. Review Testing that may be used to Determine the Critical Equipment 4 4 6.2.4.b.9 Status and Suitability for Continued Operation Implementing new testing procedures are infrequently reviewed for equipment status.

Review Inspection Practices or Overhauls that are Required to Periodically 3.5 3.5 6.2.4.b.10 Assure that the Plant will Achieve the Objectives and Goals Set Forth Implementing new inspection practices are occasionally reviewed. Review Maintenance Practices that are Required to Mitigate Plant 3.5 3.5 6.2.4.b.11 Performance Risk as Identified Above Implementing new maintenance practices are occasionally reviewed. 6.2.4.b.12 Evaluate the Cost Effectiveness of the Proposed Options Cost effectiveness of new options are regularly evaluated. 4 4 6.2.4.b.13 Evaluate Methods for Implementation New implementation methods are occasionally evaluated. 3 3 6.2.4.b.14 Evaluate Methods for Program Modification New program modification methods are infrequently evaluated. 3 3 6.2.4.b.15 Fulfill Goals as Stated in the Basis of Design No basis of design has been provided, however, many MPP goals appear to be understood. 2 3 6.2.5 Program Manual 1 4 Program Statement, Consisting of Scope, Definitions, Objectives, and 2 5 6.2.5.a Goals MPP goals are not explicitly stated. 6.2.5.b ProductProgram Organization and Responsibilities Program organization heirarchy is clear, responsibilties are not as clear. 3 4 Plant BOD, Consisting of Functional and Performance Requirements, There are many good SOPs developed (which include requirements and descriptions), but there 2.5 5 6.2.5.c system descriptions, and exclusions and limitations are many more systems that do not have any. Criticality Methodology to Determine Criticality Definitions (Categories) 1 5 6.2.5.d and establish Criticality (risk-assessment) Methodology Criticality is not defined. There is no complete criticality list, but the core critical components are understood (boilers, 2 5 6.2.5.e Develop an Equipment Criticality List turbines, etc.) Criticality is not defined, but the boiler, turbine, and distribution systems are understood to be 2 5 6.2.5.f Identify System Criticality critical. 6.2.5.gTaskIdentify Risk3 Assets : and Performance OM&R Requirements ANALYSISPMs and procedures written for CO2, fire alarm, fire extinguishers, boilers, etc. 3 3 6.2.5.h Establish a Monitoring Plan There is no formal monitoring plan. 3 3 INITIAL REVISED 6.2.5.iREFERENCE Establish a Testing Plan Many testing plans are in place (CO2, fire alarms, extingushers, etc.) 4 4 DESCRIPTION COMMENTS STATUS STATUS 6.2.5.jPARAGRAPH Establish an Inspection Plan There is a well developed inspection plan currently in place (utilizing AIM and FM Global). 4.5 4.5 Determine Condition-Directed Response to Out-of-Specification The responses to out-of-specification situations are identified as some emergency operating (Phase 1) 3 3 6.2.5.k6 SituationsRAM DESCRIPTION procedures (EOPs) included in the SOPs. 6.1 EstablishPredevelopment a Maintenance Phase Plan to Address Tasks, Plans, Periodicity, and There is no complete RAM Program in effect, however, there are many requirements being 2 2 6.2.5.l Required Resources A preventive/predictive maintenance plan is currently being developed and implemented. 2 4 6.2.5.m6.1.a EstablishRequirements a Measurement for the Implemenation Plan to Validate of the Effectiveness Program developedThere is no with formal the measurementProgram Statement. plan. 1 1 There are good documents describing the plant, but there are areas/components that are not 6.2.6 Program Budget The budget for OM&R is currently not calculated based upon RAM requirements. 42 52 6.36.1.b RAMBasic ProgramPlant Description Implementation adequately described. 6.1.c Lifespan of Plant and Life-Extension Method ThereLifespan is veryand life-extension limited documentation methods arefor thenot currentclearly addressed. condition of most of the equipment in the 2 3 2.5 2.5 6.3.a6.1.d InitialFunctional Equipment Requirements Condition (Baseline) plant.Functional requirements are stated in many of the SOPs, but many systems are not addressed. 3 4 6.3.b6.1.e ProcurementAvailability Requirements and Installation fo the Software and Tools TheThese MPP are has stated, recently but notpurchase clearly and defined. is implementing the new AIM software system. 43 4 6.1.f Reliability Requirements These are not addressed. 1 4 3 3 6.3.c6.1.g PopulatingMaintainability Software Requirements Programs(s) TheThese AIM are database implied, is but currently not clearly being stated. populated and is planned to be further utilized in the future. 2.5 4 6.3.d6.1.h ProcurementPerformance Objectivesof Services andEquipment, Goals and/or Tools ThereThese are someimplied, service but not agreements clearly stated. for some of the larger pieces of equipment. 41 45 6.3.e6.2 TranslatingProgram Development Operations Monitoring Procedures into Rounds Rounds consist of gathering the basic monitoring information of the major equipment. 3.5 3.5 6.2.1 DevelopmentProgram Statement of Procedures for Response to Out-of-Specification There areis some some data emergency for some operating systems and procedures components. (EOPs) included in the SOPs, but these are not 2 5 2 2 6.3.f6.2.2 SituationsProgram Goals extensive.There are goals for some systems and components. 3 5 ThereThere are is goodvery few documented plant performance safety measures metrics in to place. determine There performance have not been relative any reported to objectives major and 4 4 6.2.2.a MetricsSafety to Monitor and Gauge the Plant Performance Against the goals.safety Header violations pressures or injuries. and power generation is monitored, but major equipment reliability and 2 2 6.3.g6.2.2.b EstablishedReliability Objectives and Goals maintainabilityReliability has arebeen not an monitored. issue resulting in a greater dependancy on redundancy. 2 4 6.3.h6.2.2.c MetricsAvailability to Assess Effectiveness of the RAM Plan ThereOverall are plant no current availability metrics is veryfor reliability good, with and very maintainabiliy. few major excursions. 14 14 6.3.i Training of Operators/Maintenance ThereMaintenance is an extensive is working Operator with theTraining limited Program, manpower but no trying program to stay definied ahead offor some maintenance. reactive 3 3 3 4 6.3.j6.2.2.d ExecutionMaintainability of Tasks to Fulfill the RAM Plan Theremaintenance. is a limited quality control program for operations and maintenance tasks. 2 2 6.2.3 NewProgram Equipment Organization that can Self-Identify Critical Equipment Failures and 3.5 4 4 4 6.3.k6.2.3.a AlertOwner Operators Remotely to Failure Modes via DCS ThereThe heirarchy are some iscomponents clearly defined utilized in the that Organization provide self-identification Chart, but responsibilties of failure modes.are not shown. 3.5 4 6.2.3.b ProgramEvaluation Manager of Component System Monitoring for Reliability, Longevity, ThereThe heirarchy are no components is clearly defined identified in the for Organizationmonitoring reliability Chart, but and responsibilties very few to monitor are not shown.indirect 3.5 4 2 2 6.2.3.c6.3.l Engineerand Indirect Failure Risk where Integrated with a DCS failureThe heirarchy risk. is clearly defined in the Organization Chart, but responsibilties are not shown. 3.5 4 Execution of Monitoring, Testing, Inspection, Maintenance, and 6.2.3.d Operator The heirarchy is clearly defined in the Organization Chart, but responsibilties are not shown. 3.53 34 6.2.46.3.m ProgramMeasurement Design Plans In general, the tasks are getting performed, but room for improvement. 2 4 6.2.4.a6.4 TheProgram Program Revision shall consider the following: Develop Comparative Performance Reports Based on Program Objectives There are multiple reports that are generated utilizing the monitored data that address some of 6.2.4.a.1 Government and Agency Requirements There have not been any reported major legal violations. 34 34 6.2.4.a.26.4.a. Environmental,and Goals health, and safety laws and regulations theThere objectives are good and measuresgoals. in place to protect the environment, health, and safety. 4 4 6.2.4.a.36.4.b SafetyDevelop standards Exception Reports for Action ThereThere is a have written not (in been progress) any reported program legal for evaluatingviolations. rework and failures. 42 42 Identify and Evaluation High-Impact Exceptions…Root Cause Analysis 6.2.4.a.4 Agreements and Contractual Requirements There have not been any requirements stated that have been problematic. 4 4 6.4.c Equipmentshould also andbe considered. Operational Codes as Specified by Jurisdictional Agencies High-impact exceptions are given the proper attention, which can include RCA. 4 4 6.2.4.a.56.4.d orReview Insurance Critical Providers Equipment Failure Trends CriticalThere equipment have been failures some minor are investigated recommendations/violations thoroughly and trended. from (boiler) inspections. 4 4 6.2.4.a.66.4.e ObjectivesCompare Actual as stated to Projected in the Design Budget Basis TheNo projected design basis budget has does been not provided, include however,the level ofmost detail MPP suggested objectives in appearthis standard. to understood. 32 42 Review, Assess, and Adjust the Plan According to Performance and Make 6.2.4.b The Program should consider and address the following: 3 3 6.4.f Changes in the Program. The current program is still in development with only portions of it effectively utilized. 3 4 6.2.4.b.1 Identify Physical Plant Systems, Boundaries, Equipment, and Structures Most of the equipment are identified in AIM, but the boundaries/extents are not clearly stated. 6.2.4.b.2 Determine Criticality Definitions (Classification Bins for Risk) Average: Criticality has not been clearly defined. 2.751.5 3.685 6.2.4.b.3 Establish Criticality Methodology Criticality methodology has not been clearly defined. 1 5 6.2.4.b.4 Classify Equipment Criticality Percent Compliance: Certain pieces of equipment/systems have been labeled as critical. 55.1%3 73.6%5 6.2.4.b.5 Assess Risk to Plant Performance through Failure Analysis by: 6.2.4.b.5.a Failure modes, mechanisms, and causes FMEC have not been identified. 1 5 6.2.4.b.5.b Failure Probability Failure probability has not been identified. 1 5 6.2.4.b.5.c Failure Consequence Failure consequene has not been identified. 1 5 6.2.4.b.6 Idenfity Methods that Mitigate Failure Causes Some failure causes have been identified through experience. 2.5 3 Review Technology that , when Implemented, will Mitigate Risk of Failure 3 3 6.2.4.b.7 for Critical Equipment Implementing new technology is infrequently reviewed for risk mitigation. Review Monitoring and Alarms Required to Determine Plant Performance 3 3 6.2.4.b.8 Deterioration… implementing new locations for measurement and monitoring are occasionally reviewed. Review Testing that may be used to Determine the Critical Equipment 4 4 6.2.4.b.9 Status and Suitability for Continued Operation Implementing new testing procedures are infrequently reviewed for equipment status.

Average: 2.75 3.68

Percent Compliance: 55.1% 73.6% Product

Task 4 : SINGLE-POINT FAILURE (SPF) ANALYSIS

• Description: – Evaluate every component in the power plant to determine if its single failure could potentially cause an outage of the MPP.

• Results: KNOWN UNKNOWN – 101 Systems/Sub-Systems – 16,000+ components evaluated. U X – 898 single-points of failure identified (~6%) – 201 operational – 178 human error O HE

ULTIMATE OPERATIONAL

Product

Task 4 : SINGLE-POINT FAILURE (SPF) ANALYSIS

Mechanical Ultimate Single Point Failure Summary Chart (Plant System Failure & Plant Capacity Loss) Mechanical Ultimate Single Point Failure Summary Chart (Plant System Failure & Plant Capacity Loss)

Failed System HPS MPS LPS CWS RWS CON MUS FW AIR NPW DSH PWS SEW TOTAL QUANTITY Failed System HPS MPS LPS CWS RWS CON MUS FW AIR NPW DSH PWS SEW TOTAL QUANTITY 1 2 3 4 5 6 7 8 9 10 11 12 13 14 1 2 3 4 5 6 7 8 9 10 11 12 13 14 114 MVF 12 20 15 22 0 20 29 2 114 3 0 2 0 239 MVF - MAIN VALVE FAILURE MVF 12 20 15 114 22 0 20 29 2 114 3 0 2 0 239 MVF - MAIN VALVE FAILURE SVF 24 0 2 33 34 23 45 0 0 0 11 5 0 177 SVF - SECONDARY VALVE FAILURE SVF 24 0 2 33 34 23 45 0 0 0 11 5 0 177 SVF - SECONDARY VALVE FAILURE MP 8 17 4 12 1 7 24 0 38 2 7 0 1 121 MP- MAIN PIPE MP 8 17 4 12 1 7 24 0 38 2 7 0 1 121 MP- MAIN PIPE DIV 0 18 4 18 3 12 17 0 35 0 7 4 2 120 DIV - DRAIN ISOLATION VALVE DIV 0 18 4 18 3 12 17 0 35 0 7 4 2 120 DIV - DRAIN ISOLATION VALVE TRANSIV 0 21 10 1 0 5 3 0 8 0 2 0 0 50 TRANIV- TRANSMITTER ISOLATION VALVE TRANSIV 0 21 10 1 0 5 3 0 8 0 2 0 0 50 TRANIV- TRANSMITTER ISOLATION VALVE CV 1 5 4 0 0 21 12 0 1 0 2 0 0 46 CV - CONTROL VALVE CV 1 5 4 0 0 21 12 0 1 0 2 0 0 46 CV - CONTROL VALVE 120 120 PGIV 3 6 2 2 0 1 6 0 3 0 3 0 0 26 PGIV - PG ISOLATION VALVE PGIV 3 6 2 2 0 1 6 0 3 0 3 0 0 26 PGIV - PG ISOLATION VALVE TT 0 9 2 0 8 0 0 0 0 0 0 0 0 19 TT - TEMPERATURE TRANSMITTER TT 0 9 2 0 8 0 0 0 0 0 0 0 0 19 TT - TEMPERATURE TRANSMITTER 45 45 WIV 0 16 3 0 0 0 0 0 0 0 0 0 0 WIV - WARM - UP ISOLATION VALVE WIV 0 16 3 0 0 0 0 0 0 0 0 0 1000 19 WIV - WARM - UP ISOLATION VALVE 100 19 34 33 34 33 24 24 BIV 4 2 0 2 0 3 3 0 1 0 3 0 0 18 BIV - BYPASS ISOLATION VALVE BIV 4 2 0 382 29 0 22 3 20 3 0 1 0 3 0 0 18 BIV - BYPASS ISOLATION VALVE 38 29 22 20 12 35 2023 15 12 35 2023 15 17 PT 0 5 4 0 1 0 2 0 3 0 0 0 0 15 PT - PRESSURE TRANSMITTER PT 0 5 4 0 241 0 1718212 0 3 0 0 0 80 0 15 PT - PRESSURE TRANSMITTER 24 1821 80 18 18 12 8 12 8 SP 0 0 2 0 017 217 4 0 0 0 0 0 0 13 SP-SECONDARY PIPE 17 21 SP 0 0 2 0 0 7 4 0 0 0 0 0 0 13 SP-SECONDARY PIPE 12 2 4 0 10 0 12 2 4 0 10 07 4 0 11 2 7 4 0 16 11 2 1 5 0 16 60 3 1 3 5 0 60 FM 0 0 1 0 4 1 2 0 1 0 1 0 0 10 FM - FLOW METER FM 0 0 13 00 4 12 3 1 4 2 6 19 30 1 0 1 0 0 10 FM - FLOW METER 0 125 1 4 6 19 3 2 5 0 7 0 8 5 1 2 5 0 7 0 0 08 0 0 07 2 0 3 0 08 2 0 7 2 0 3 08 2 2 0 DSH 0 4 1 0 0 0 0 0 0 0 0 0 0 5 DSH - DESUPERHEATER DSH 0 4 1 0 0 0 6 0 0 2 0 2 00 4 0 0 0 0 0 5 DSH - DESUPERHEATER 0 4 0 0 6 0 2 3 0 4 0 1 0 4 0 0 1 0 0 3 0 1 0 2 0 1 0 0 2 5 2 2 0 1 3 0 0 2 5 2 0 1 3 0 0 0 2 4 0 TANK 0 0 0 0 20 0 0 0 01 0 0 3 2 0 40 0 0 0 0 0 40 0 4 TANK-TANK 0 0 2 3 0 0 0 3 0 0 0 40 TANK 0 0 0 0 0 1 3 0 0 0 0 0 0 4 TANK-TANK Type Component Failure 0 3 0 3 0 0 0 0 Failure Component Type Component Failure 0 0 0 0 3 0 2 0 0 0 3 7 0 2 0 0 0 0 0 0 7 1 0 0 4 0 0 0 0 0 0 0 1 0 0 4 0 0 0 0 0 0 1 0 2 4 0 0 4 0 1 0 0 0 0 0 1 3 0 2 4 0 0 4 1 0 PLC 0 0 0 0 0 3 0 0 0 0 0 0 0 3 PLC-PROGRAMABLE LOOP CONTROLLER ProductPLC 0 0 0 0 0 0 30 0 3 30 0 00 1 0 0 0 0 0 0 3 PLC-PROGRAMABLE LOOP CONTROLLER 0 0 0 3 0 0 1 0 1 0 0 0 0 2 1 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 2 0 0 0 0 1 0 0 3 1 0 0 0 1 0 0 0 0 1 0 0 3 1 3 0 0 1 0 20 PG 0 2 1 0 0 0 0 0 0 0 0 0 0 3 PG - PRESSURE GAGE PG 0 2 1 0 0 00 1 0 0 0 0 0 30 0 0 00 0 0 0 20 0 3 PG - PRESSURE GAGE 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 2 0 2 0 0 0 0 0 0 0 2 1 0 2 0 2 0 0 CIV 0 0 0 0 0 1 2 0 0 0 0 0 0 3 CIV- CONTROL DEVICE ISOLATION VALVE CIV 0 0 0 0 00 0 01 0 0 2 0 02 00 0 0 0 0 0 0 3 CIV- CONTROL DEVICE ISOLATION VALVE 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 AEIV 0 0 0 2 0 0 00 0 0 0 00 0 2 00 0 0 0 0 0 0 AEIV - AIR ELIMINATOR ISOLATION VALVE 0 0 0 0 0 2 0 0 0 0 AEIV 0 0 0 2 0 0 0 0 0 0 0 0 0 2 AEIV - AIR ELIMINATOR ISOLATION VALVE 0 0 0 0 0 1 0 0 0 2 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 TRAP 0 0 2 0 0 0 0 0 0 0 0 0 0 2 TRAP-STEAM TRAP TRAP 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 TRAP-STEAM TRAP 0 0 0

0 0 0

HPS

LPS LPS INTERV 0 0 0 0 0 0 2 0 0 0 0 0 0 INTERV-INTERFACE VALVE MPS

INTERV 0 0 0 0 0 0 2 0 0 0 0 0 0 2 INTERV-INTERFACE VALVE MPS 2

CWS

RWS

CON

AIR AIR PUMP 0 0 0 0 0 0 1 0 0 0 0 0 0 PMP - PUMP MUS

PUMP 0 0 0 0 0 0 1 0 0 0 0 0 0 1 PMP - PUMP Task 4 : SINGLE-POINT FAILUREMUS (SPF)1 ANALYSIS

DSH

NPW

PWS PWS Totals 52 125 57 92 51 105 155 2 204 5 36 11 3 898 SEW Totals 52 125 57 92 51 105 155 2 204 5 36 11 3 898 SEW

TRANSIV, 50, 6% DSH, 36, 4% PWS,TRANSIV, 11, 50, 6% CV, 46, 5% DSH, 36, 4% PWS, 11, SEW, 3, 0% DIV, 120, 13% CV, 46, 5% DIV, 120, 13% SEW, 3, 0% HPS, 52, 6% HPS, 52, 6% NPW, 5, 1% 1%Mechanical Ultimate Single Point Failure Summary Chart (Plant System Failure NPW,& Plant 5, 1% Capacity Loss) 1% PGIV, 26, 3% PGIV, 26, 3% Failed System HPS MPS LPS CWS RWS CON MUS FW AIR NPW DSH PWS SEW TOTAL QUANTITY TT, 19, 2% MPS, 125, 14% TT, 19, 2% MPS, 125, 14% 1 2 3 4 5 6 7 8 9 10 11 12 13 14 WIV, 19, 2% MVF 12 20 15 22 0 20 29 2 114 3 0 2 0 239 MVFWIV, - 19,MAIN 2% VALVE FAILURE 114 AIR, 204, 23% AIR, 204, 23% BIV, 18, 2% SVF 24 0 2 33 34 23 45 0 0 0 11 5 0 177 SVFBIV, - 18, SECONDARY 2% VALVE FAILURE MP 8 17 4 12 1 7 24 0 38 2 7 0 1 121 MP- MAIN PIPE PT, 15, 2% DIV 0 18 4 18 3 12 17 0 35 0 7 4 2 120 DIVPT, -15, DRAIN 2% ISOLATION VALVE TRANSIV 0 21 10 1 0 5 3 0 8 0 2 0 0 50 TRANIV- TRANSMITTER ISOLATION VALVE MP, 121, 13% CV 1 5 4 0 0 21 12 0 1 0 2 0 0 46 CV - CONTROL VALVE MP, 121, 13% SP, 13, 1% SP, 13, 1% 120 PGIV 3 6 2 2 0 1 6 0 3 0 3 0 0 LPS, 57,26 6% PGIV - PG ISOLATION VALVE LPS, 57, 6% TT 0 9 2 0 8 0 0 0 0 0 0 0 0 19 TT - TEMPERATURE TRANSMITTER 45 FM, 10, 1% WIV 0 16 3 0 0 0 0 0 0 0 0 0 0 WIVFM, - 10,WARM 1% - UP ISOLATION VALVE 100 19 34 33 24 BIV 4 2 0 2 0 3 3 0 1 0 3 0 0 18 BIVDSH, - BYPASS 5, 1% ISOLATION VALVE 38 29 22 20 DSH, 5, 1% 35 2023 15 12 PT 0 5 4 0 1 0 2 0 3 0 0 0 0 15 PT - PRESSURE TRANSMITTER 24 171821 80 18 FW, 2, 0% 12 8 TANK, 4, 0% FW, 2, 0% TANK, 4, 0% 17 21 SP 0 0 2 0 0 7 4 0 0 0 0 0 0 13 SP-SECONDARY PIPE 12 2 4 0 10 07 4 0 CWS, 92, 10% 11 2 1 5 0 16 60 CWS, 92, 10% FM 0 0 1 0 4 1 2 0 1 0 1 0 0 10 FM - FLOW METER 3 0 12 3 4 6 19 3 PLC, 3, 0% PLC, 3, 0% 2 5 0 7 0 08 5 1 0 07 2 0 3 0 08 2 2 0 DSH 0 4 1 0 0 0 0 0 0 0 0 0 0 5 DSH - DESUPERHEATER 0 4 0 0 6 0 2 3 0 4 1 0 2 0 1 0 0 2 5 2 0 1 3 0 0 0 2 4 0 TANK 0 0 0 0 0 1 3 0 0 0 0 0 0 4 TANK-TANK 0 0 2 3 0 0 0 3 0 0 0 40 PG, 3, 0% Type Component Failure PG, 3, 0% 0 0 0 0 0 0 0 0 0 0 3 7 1 0 2 0 4 0 0 0 0 0 0 1 0 2 4 0 0 4 0 1 0 0 PLC 0 0 0 0 0 3 0 0 0 0 0 0 0 3 PLC-PROGRAMABLE LOOP CONTROLLER 0 0 0 3 0 3 0 0 1 0 0 0 0 0 2 1 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 2 0 CIV, 3, 0% PG 0 2 1 0 0 0 0 0 0 0 0 0 0 PGCIV, - PRESSURE 3, 0% GAGE 0 0 0 0 0 0 3 1 3 0 0 1 0 20 RWS, 51, 6% MUS, 155, 17% RWS, 51, 6%3 MUS, 155, 17% 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 SVF, 177, 20% 0 0 0 0 0 0 0 2 1 0 0 2 0 0 SVF, 177, 20% CIV 0 0 0 0 0 1 2 0 0 0 0 0 0 3 CIV- CONTROL DEVICE ISOLATION VALVE 0 0 0 0 0 0 0 0 0 0 AEIV, 2, 0% 0 0 0 0 0 0 0 0 0 0 0 0 AEIV, 2, 0% 0 0 0 0 0 0 0 2 0 0 0 0 AEIV 0 0 0 2 0 0 0 0 0 0 0 0 0 2 AEIV - AIR ELIMINATOR ISOLATION VALVE 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 TRAP 0 0 2 0 0 0 0 0 0 0 0 0 0 2 TRAP-STEAM TRAP 0 0 0 0

TRAP, 2, 0% TRAP, 2, 0% 0 0

HPS LPS

INTERV 0 0 0 0 0 0 2 0 0 0 0 0 0 2 INTERV-INTERFACE VALVE MPS

CWS

RWS

FW CON

AIR CON, 105, 12%

INTERV, 2, 0% PUMP 0 0 0 0 0 0 1 0 0 CON,0 0105, 012%0 1 PMPINTERV, - PUMP 2, 0% MUS

DSH

NPW PWS

Totals 52 125 57 92 51 105 155 2 204 5 36 11 3 898 SEW MVF, 239, 27% MVF, 239, 27% PUMP, 1, 0% PUMP, 1, 0% TRANSIV, 50, 6% DSH, 36, 4% PWS, 11, DIV, 120, 13% CV, 46, 5% SEW, 3, 0% HPS, 52, 6% NPW, 5, 1% 1% PGIV, 26, 3% TT, 19, 2% MPS, 125, 14% WIV, 19, 2% AIR, 204, 23% BIV, 18, 2%

PT, 15, 2%

MP, 121, 13% SP, 13, 1% LPS, 57, 6% FM, 10, 1%

DSH, 5, 1%

TANK, 4, 0% FW, 2, 0% CWS, 92, 10% PLC, 3, 0%

PG, 3, 0%

CIV, 3, 0% MUS, 155, 17% RWS, 51, 6% SVF, 177, 20% AEIV, 2, 0%

TRAP, 2, 0%

INTERV, 2, 0% CON, 105, 12% MVF, 239, 27% PUMP, 1, 0% Product

Task 5 : FAILURE MODES, EFFECTS, AND CRITICALITY (FMECA) ANALYSIS

• Description: – Identify the modes of failure of the critical (single-point of failure) components.

• Results: – Numerical values were established to rank and prioritize the risk. » Pareto Charts » Risk Plots » Risk Reduction Value

Product

Task 5 : FAILURE MODES, EFFECTS, AND CRITICALITY (FMECA) ANALYSIS

Product

Mitigation Recommendations • 276 Failure Mode Causes Identified

• Mitigation Techniques Include: – Operational, Maintenance, Engineering

• Recommendations – 65% Estimated Risk Reduction

Data Mining

» 78 causes were evaluated and may be considered low risk (RPN less than 100). » 140 causes were evaluated and may be considered moderate risk (RPN between 200 and 100). » 58 causes were evaluated and may be considered high risk (RPN above 200). Risk Plots Risk Plot - Initial Risk Plot - Revised Product

Task 6 : RAM PROGRAM MANUAL

• Description: – Summary manual of results and active information to be kept as a living document.

• Results: – Provides the structure to proactively control and sustain availability of the MPP.

Product

Task 6 : RAM PROGRAM MANUAL

Moving Forward…

Data Mining

Cost for Short Plant Outage Event $100,000 Cost for Medium Plant Outage Event $500,000 Cost for Long Plant Outage Event $1,000,000 EXPECTED Probability of Failure Based On Empirical Data Failure / 10 Years Failure Mode VALUE (empirical data) Probability Ultimate Failure 2 0.15 ANALYSIS Human Error Failure 7 0.54 Operational Failures 4 0.31

Expected Value Analysis On Failure Event Probability of High, Medium Expected Failure Mode Component Count Failure and Low Failure Mode Consequence Cost Per Consequence Cost FMECA Failure Mode RPN Ranking Probability Per Failure Mode Mode (based on quantity of FMECA Ranking After One Failure (empirical data) (SPF & FMECA) EV % component) (Branch EV) HL- Human Failure Low Risk 38 0.22 $100,000 $11,626 2% HM - Human Failure Medium Risk 0.54 119 0.68 $500,000 $182,037 32% HH- Human Failure High Risk 19 0.11 $1,000,000 $58,129 10%

OL- Operational Failure Low Risk 0 0.00 $100,000 $0 0% OM- Operational Failure Medium Risk 0.31 61 0.31 $500,000 $46,923 8% OH- Operational Failure High Risk 139 0.70 $1,000,000 $213,846 38%

UL- Ultimate Failure Low Risk 444 0.49 $100,000 $7,607 1% UM- Ultimate Failure Medium Risk 0.15 395 0.44 $500,000 $33,836 6% UH- Ultimate Failure High Risk 59 0.07 $1,000,000 $10,108 2% Data Mining

Reliability-Centered Maintenance (RCM) Task Evaluation

Task Cost Percent Task Per Failure Total Cost Task Reduction Failure Mode Total Task Cost Performance Mode Per Consequence Reduction of Failure Addressed Over 10 Years Ratio Component After 10 Years of Risk Mode Risk ($ / %) for 10 Yrs

Task 0 - No actions (Baseline) None $0 $7,333,451 0% 0

Human Error 90% $500 $88,000 $4,475,485 Task 1 - Lock and Tag Only 40% $111,409

Operational 50% $10,000 $2,000,000 $7,638,451 Task 2 - Preventive Maintenance Failure Only 23% $330,479

Operational Task 3 - PM Inspection 30% $1,000 and Ultimate $1,098,000 $7,213,405 17% $434,295 Failure

Task 4 - Engineering 60% $0 All Failures $20,000,000 $22,933,381 60% $382,223 Results

University of Iowa: Main Power Plant

– AIM Maintenance Software Results Results

University of Iowa: Main Power Plant

• Real Data – Tremendous Amount of Real MPP Risk Data – Ability to Data Mine – Justified Additional Personnel • Utilizing Maintenance Software – Upload into existing AIM Program – Sustainable approach • Control Risk – Prioritize Maintenance Tasks – Monitoring Risk Mitigation

Conclusion

PROs CONs – ASME Structured Approach – Initial Investment – Pinpoint Precision of – “Snapshot” Data Equipment Criticality • Must Be Maintained – Real Risk Numbers – Assumption Quality – Foundation to Sustain a Reliability Program – Applicable to New Design

Follow-Up + Conclusion University of Iowa: Single-Point Failure Analysis RAM Program Brian Wodka, PE Benjamin Anderson RMF Engineering University of Iowa [email protected] [email protected]