CDOIF

Chemical and Downstream Oil

Industries Forum

CDOIF is a collaborative venture formed to agree strategic areas for

joint industry / trade union / regulator action aimed at delivering

health, safety and environmental improvements with cross-sector

benefits.

Guideline – Demonstrating Prior Use v4

Page 18 of 30

o

Safe detected (SD)

o

Safe undetected (SU)

•

Dangerous Failure - a failure that when it occurs does not cause the system to

perform the function which puts the system into the safe state, a failure that

occurs when the system fails to operate when the process puts a demand onto it.

Dangerous failures can further be categorised as either:

o

Dangerous detected (DD)

o

Dangerous undetected (DU)

Dangerous undetected (DU) failures can only be identified on an actual process demand

or by proof testing (providing the proof test is designed to detect the failure).

The four different failure modes are described in reliability modelling as follows:

λ

SU

, Safe undetected failure

λ

SD

, Safe detected failure

λ

DU

, Dangerous undetected failure

λ

DD

, Dangerous detected failure

Using the failure mode data as defined above allows calculation of the PFD and SFF.

For a 1oo1 component, the average failure of probability on demand (PFD) can be

calculated as follows:

Where t

ce

is the channel equivalent mean down time in hours (this is the combined down

time for all of the components in the channel of the sub-system), and can be calculated

as follows:

T1

= Proof test interval (hours)

MTTR

= Mean Time to Restore (hours)

Safe Failure Fraction (SFF) can be calculated as follows: