CDOIF

Chemical and Downstream Oil

Industries Forum

CDOIF is a collaborative venture formed to agree strategic areas for

joint industry / trade union / regulator action aimed at delivering

health, safety and environmental improvements with cross-sector

benefits.

Guideline – Demonstrating Prior Use v4

Page 19 of 30

Reference should be made to appendix B for a worked example.

A.3 Assessing the dominant failure mode

Using the data provided by the maintenance management system, or derived from other

sources, the dominant failure mode can be determined by performing a high level

analysis of the component (note that this does not imply analysis of individual entities

that make up the component, for example resistors, capacitors, semiconductors).

It may be sufficient for the dominant failure mode to be determined based on an analysis

of the suitability of the component - if it fails to a safe state on loss of input or motive

power (for example, air supply, electricity supply), and if there are no known duty

vulnerabilities. Where this cannot be established, a more formal review can be

undertaken.

An example of an analysis performed on an interface relay component which provides a

shutdown signal to a Motor Control Centre (MCC) is given in Table 2 below. Assuming

that the failure rate of failure ID #4 is less than that of ID #1 to #3, it can be seen that the

dominant

failure mode is to the Fail To Safe mode (FTS).