• International Journal of Internet, Broadcasting and Communication
• /
• 제13권3호
• /
• pp.169-177
• /
• 2021

Recently, the use of electric and electronic control systems is increasing in the automobile industry. This increase in the electric and electronic control system greatly increases the complexity of designing a vehicle, which leads to an increase in the malfunction of the system, and a safety problem due to the malfunction is becoming an issue. Based on IEC 61508 relating to the functional safety of electrical/electronic/programmable electronics, the ISO 26262 standard specific to the automotive sector was first established in 2011, and a revision was published in 2018. Malfunctions due to system failure are covered by ISO 26262, but ISO/PAS 21448 is proposed to deal with unintended malfunctions caused by changes in the surrounding environment. ISO 26262 sets out safety-related requirements for the entire life cycle. Functional safety analysis includes FTA (Fault Tree Analysis), FMEA (Failure Mode and Effect Analysis), and HAZOP (Hazard and Operability). These analysis have limitations in dealing with failures or errors caused by complex interrelationships because it is assumed that a failure or error affecting the risk occurs by a specific component. In order to overcome this limitation, it is necessary to apply the STPA (System Theoretic Process Analysis) technique.

• 대한안전경영과학회지
• /
• 제15권3호
• /
• pp.61-69
• /
• 2013

According to ISO 26262 (the international standard on functional safety for automotive industry), the functional safety should be considered during the whole automotive systems life cycle from the design phase throughout the production phase. In order to satisfy the standard, the automotive and related industry needs to take appropriate actions while carrying out a variety of development activities. This paper presents an approach to coping with the standard. Analyzing the standard indicates that the safety issues of the automotive systems should be handled with a system's view whereas the conventional approach to solving the issues has been practiced with focus on the component's level. The aforementioned system's view implies that the functional safety shall be incorporated in the system design from both the system's life-cycle view and the hierarchical view for the structure. In light of this, the systems engineering framework can be quite appropriate in the functional safety development and thus has been taken in this paper as a problem solving approach. Of various design issues, the analysis and verification of the safety requirements for functional safety is a key study subject of the paper. Note, in particular, that the conventional FMEA (failure mode effects analysis) and FTA (fault tree analysis) methods seem to be partly relying on the insufficient experience and knowledge of the engineers. To improve this, a systematic method is studied here and the result is applied in the design of an ABS braking system as a case study.

• 대한기계학회:학술대회논문집
• /
• 대한기계학회 2007년도 춘계학술대회B
• /
• pp.3221-3223
• /
• 2007

Recently, nuclear power plant companies have been extending the turbine valve test interval to reduce the potential of the reactor trip accompanied with a turbine valve test and to improve the NPP's economy through the reduction of unexpected plant trip or decreased operation. In these regards, the extension of the test interval for turbine valves was reviewed in detail. The effect on the destructive overspeed probability due to the test interval change of turbine valves is evaluated by Fault Tree Analysis(FTA) method. Even though the test interval of turbine valves is changed from 1 month to 3 months, the analysis result shows that the reliability of turbine over speed protection system meets acceptance criteria of 1.0E-4/yr. This result will be used as the technical basis on the extension of the test interval for turbine valves. In this paper, the propriety of the turbine valve test interval extension is explained through the review on the turbine valve test interval status of turbine overspeed protection system, the analysis on the annual turbine missile frequency and the probability evaluation of the destructive overspeed due to the test interval extension.

• 한국가스학회지
• /
• 제6권1호
• /
• pp.66-73
• /
• 2002

본 연구에서는 결함수목 분석법을 이용하여 Safety Integrity Level(SIL)을 평가하고 시스템의 목표한 SIL에 도달하지 못할 경우에 신뢰도 분석과 시스템 retrofit을 통해서 목표한 SIL을 만족시키게 하는 방법을 개발하였다. 신뢰도 분석에 근거한 SIL 평가 방법을 검증하기 위해서 415V Diesel BUS에 대해서 위험성 분석을 수행하였다. 기존의 415V Diesel BUS에 대한 이용가능 상태는 $99.40\%$로 SIL 2등급에 해당된다. 개발된 평가방법을 이용하여 diesel generator와 isolator switch의 교체후 시스템의 이용가능 상태는 $99.94\%$ SIL 3등급으로 상승되었다. 본 연구에서 제시한 신뢰도에 근거한 SIL 평가 방법을 적용하면 사고 예방과 손실감소로 일어나는 유지보수 비용의 절감 등을 가져오면 물론 시스템의 신뢰도를 극대화 할 수 있다.

• 대한조선학회논문집
• /
• 제49권3호
• /
• pp.254-263
• /
• 2012

The survivability of warship is assessed by susceptibility, vulnerability and recoverability. Essentially, a vulnerability assessment is a measure of the effectiveness of a warship to resist hostile weapon effects. Considering the shot line and its penetration effect on the warship, present study introduces the procedural aspects of vulnerability assessments of warship. Present study also considers the prediction of penetration damage to a target caused by the impact of projectiles. It reflects the interaction between the weapon and the target from a perspective of vulnerable area method and COVART model. The shotline and tracing calculation have been directly integrated into the vulnerability assessment method based on the penetration equation empirically obtained. A simplified geometric description of the desired target and specification of a threat type is incorporated with the penetration effect. This study describes how to expand the vulnerable area assessment method to the penetration effect. Finally, an example shows that the proposed method can provide the vulnerability parameters of the warship or its component under threat being hit through tracing the shotline path thereby enabling the vulnerability calculation. In addition, the proposed procedure enabling the calculation of the component's multi-hit vulnerability introduces a propulsion system in dealing with redundant Non-overlapping components.