Failure Mode and Effect Analysis for a Programmable Logic Controller-Based Control Unit for a Miniature Neutron Source Reactor Pneumatic Transfer System

Obeng, H. K.; Amponsah-Abu, E. O.; Nayrko, B. J. B.; Edziah, R.; Gasu, P. D.; Ampong, A.G.

doi:https://doi.org/10.1155/2021/7653857

Journal of Electrical and Computer Engineering

On this page

Abstract Introduction Results and Discussion Conclusions Appendix Data Availability Conflicts of Interest References Copyright Related Articles

Research Article | Open Access

Volume 2021 | Article ID 7653857 | https://doi.org/10.1155/2021/7653857

Failure Mode and Effect Analysis for a Programmable Logic Controller-Based Control Unit for a Miniature Neutron Source Reactor Pneumatic Transfer System

H. K. Obeng,¹E. O. Amponsah-Abu,¹B. J. B. Nayrko,¹R. Edziah,²P. D. Gasu,¹and A.G. Ampong¹

Academic Editor: Jit S. Mandeep

Received31 May 2021

Accepted12 Aug 2021

Published26 Aug 2021

Abstract

The Pneumatic Transfer System (PTS) is an auxiliary system of Ghana Research Reactor-1 (GHARR-1) used to transfer the sample capsule in and out of the reactor irradiation sites. The PTS′ controller unit design and construction was carried out because the original transfer system was not designed to operate in Cyclic Neutron Activation Analysis (CNAA). To address these situations, a Programmable Logic Controller (PLC) has been used to design and construct a control unit to facilitate a CNAA application for GHARR-1. The design has been simulated successfully using LOGO! Soft Comfort software, version 8. A Failure Mode and Effect Analysis (FMEA) was conducted on the PTS Control Unit (PTSCU) to evaluate and document, by item failure mode analysis, the potential impact of each functional or hardware failure of the control unit, personnel and system safety, system performance, maintainability, and maintenance requirements. Each potential failure is ranked by the severity of its effect so that appropriate corrective actions can be taken to eliminate or control the high-risk items. The result obtained upon the analysis shows that the likelihood of occurrence of failures, detection, and severity on the control unit is low per the risk priority number. The paper outlines the severity classification and description used in FMEA, the likelihood of detecting various failures of components, and failure causes and effect.

1. Introduction

Ghana Research Reactor-1 (GHARR-1) is a Miniature Neutron Source Reactor (MNSR) used mainly for Neutron Activation Analysis (NAA), education, and training [1, 2]. The Pneumatic Transfer System (PTS) is an experimental facility of the reactor. It is meant for the transfer of sample capsules into the reactor for irradiation [3]. The new control unit is designed to replace the existing one to facilitate cyclic mode neutron activation analysis which the existing design did not consider. Another reason is that the components for the previous design could not be found on the local market, making it difficult to maintain the facility. The newly designed control unit uses a computer-based Programmable Logic Controller (PLC) with a LOGO! Soft Comfort version 8 software to program the PLC using the Function Block Diagram (FBD) programmable language or method [4]. A Failure Mode and Effect Analysis (FMEA) study is conducted on the PTS control unit to primarily identify known and potential failure modes, causes, and effects of each failure mode and prioritize the identified failure modes according to the Risk Priority Number (RPN). FMEA is a reliability and risk analysis procedure by which each potential failure mode in a system is analyzed to determine the results or effects, thereof, on the system and to classify each potential failure mode according to its level of severity. Each potential failure is categorized by the severity of its effect, in order that applicable corrective actions may be taken to eliminate or control the high-risk items. A qualitative overview of accident sequences could be derived from the FMEA tables looking at consequences’ descriptions and preventive and corrective actions. Furthermore, the analysis generates a rich store of record data that satisfy the requirement to prove compliance to standard criteria and as a store of information for future reference by designers, engineers, and quality assurance analysts. The design program could be simulated for its functionality before integration and implementation. FMEA provides valuable descriptive information about the system design and operation, by identifying in a concise manner the failure modes and compensation actions, as well as recommended actions, to mitigate against these failures. Severity considers the worst potential consequence of a failure, determined by the degree of injury, property damage, or system damage that could ultimately occur. The frequency of occurrence, severity, and detection of failure of a component is determined to ensure that any failure of a component will not damage the controller or affect the personnel or the PTS. Compensated actions are provided for any problem and corrective action to reliability and maintainability [4].

The analysis is used to assess high-risk components and provide corrective actions. The FMEA also defines special test considerations, quality inspection points, preventive maintenance actions, operational constraints, useful life, and other pertinent information and activities necessary to minimize failure risk [5]. Nuclear facility system designers must design SSCs to standards. To determine if a SSC’s design complies with government and regulatory criteria, a manufacturer can analytically test a designed system [6]. One of such analytical tools is the FMEA. Compliance with these criteria provides reasonable assurance that nuclear facilities can be operated without undue risk to the health and safety of the public [7]. Nuclear-related thermal-hydraulic passive systems, protective systems, and computer-based safety digital instrumentation and control systems have been extensively analyzed with FMEA [8]. The International Atomic Energy Agency (IAEA) recommends that FMEA be performed for common cause failure (CCF) in SSCs [9]. It requires that a single failure not render the reactor system incapable of performing its required function which can increase the nuclear facility unavailability period. The purpose of this paper is to use the FMEA methodology to provide the reliability of the PTS Control Unit (PTSCU) designed to ensure system quality assurance and feedback to the designed activities.

2. Methodology

In this study, an FMEA based on the conceptual design of the PTS Control Unit (PTSCU) is presented. The methodology used consists firstly the definition of a functional block diagram for the Control Unit (CU) device as well as a conceptual full-scale diagram for implementation. These diagrams show the main systems and subsystems associated with the implementation of the PTSCU. An FMEA has been developed for the major components of the CU in order to identify the most critical components of the system as well as to identify the various failure modes that might affect the effective operation of the CU based on procedures outlined in [4, 5]. FMEA provides valuable descriptive information about the system design and operation, by identifying in a concise manner the failure modes and compensation actions, as well as recommend actions, to mitigate against these failures.

The failure effect of a component on the CU operation and other systems were the main consideration for the analysis performed. In classifying the severity of system failure modes, a numerical code is used which ranks from 1 to 10. A higher number indicates the criticality of the component that must be evaluated for each component failure mode. This index is classified into the following main severity levels: none (1), low (2 and 3), medium (4 and 5), high (6 and 7), critical (8 and 9), and catastrophic (10). A description of these indices and their effects is presented in Table 1 [5].

The likelihood of occurrence of various failure modes is presented and described in Table 2. The information presented on the likelihood of occurrence in the FMEA is mainly based on experience gained from the various components associated with the CU and manufacturer’s recommendations.

In Table 3, the likelihood of detecting various failures is presented. This information presented in this section of the FMEA was also based on the experience in using such components in the CU device and manufacturer’s information.

2.1. Conceptual Full-Scale Device Summary

Figure 1 shows the block diagram of the conceptual full-scale integration of the CU in the existing PTS. The orange color is the controller unit which consists of electrical and electronic components. The green color is the fluid flow side (the pressurized air). The gray color is where neutrons collide with nuclei causing one of the following reactions: inelastic scattering, elastic scattering, radiative capture, or fission. The blue color represents the gamma spectrometry system for analysis.

The controller unit in Figure 2 consists of three main components: a high-current dual regulated voltage power supply, PLC device, and 8-way relay bank. The power supply designed and constructed have a dual voltage of +24 VDC and +12 VDC and could be regulated from their internal reference voltage minimum of 1.25 to a safe maximum voltage of 30 VDC at a safe operating current of 5 Amps.

Figure 3 shows the flow chart for cyclic mode analysis with the conventional mode option with the CU incorporated. The phototransistors (PT1 and PT2) on top of the reactor and the detector serve as sensors. They detect the presence of a sample and switch from logic low level to high level, giving out a positive pulse signal to the PLC to act. The block diagram number representation is as follows: 1- dual regulated power supply, 2- PLC, 3- 8-way relay bank, 4- solenoid valves, 5- air-compressor, 6- reactor, 7- HPGe detector, and 8- analytical unit. PT = phototransistor. CC = compressor control. Figure 2 shows the designed CU to replace the existing control unit.

Figures 1 and 2 show the block diagram of a conceptual full-scale integration of the CU with the existing PTS. Figure 4 describes the legend of Figures 1 to 3. The description of various blocks and their functions, as well as likely effects of the CU on other systems, can be found in related documents [10].

The inputs used in completing the analysis include mainly data of various components from the designed CU document [10]. Definitions important for understanding various items in Table 4 are presented in Appendix A.

3. Results and Discussion

The results from the FMEA conducted on the PTS control unit designed and constructed for cyclic neutron activation analysis were found to be reliable and fit for the intended task as shown in Table 5. The compensation actions analysis have brought up the idea of incorporating additional components to enhance the compensation actions, such as electrical circuit breaker and suppressing diodes to augment the functions of the fuse. Failure mode analysis is a systematic approach to quantify the failure modes, failure rate, and root causes of known failures. Usually, the FMA is based on historical information.

The LOGO! version PLCs have their outputs to be short-circuit, proof and overload, proof [11]. The LM 317 voltage regulator used in the power supply also has overcurrent and overtemperature protection that shut down the device against overload or damage from operating in excessive heat [12]. These are some of the safety measures to enhance the compensation actions of the system.

Details of the FMEA performed for the CU are presented in Table 5. The inputs used in completing the analysis include mainly manufacturing data for various components [12] and experience acquired in using the components.

4. Conclusions

This study has presented an FMEA conducted for the conceptual CU design to be possibly integrated with the existing PTS. The risk analysis produced in this report has provided recommended actions to be incorporated into the design. It is expected that when the recommended actions are implemented, the RPN will reduce to a significant level to facilitate successful implementation of the modification. The analysis of failure and effects of the control unit does not have any effect on the reactor safety. The PTS is an auxiliary system of GHARR-1 and not important to reactor safety, as per safety classification of the IAEA [13]. Instrumentation and control functions, systems, and components are classified into two categories: items important to reactor safety and items not important to reactor safety [13]. Functions, systems, and components important to reactor safety are those which contribute to safely shutting down the reactor and maintaining it in a safe shutdown condition in and after operational states and accident conditions.

In general, the implementation of the CU in an existing PTS is not expected to pose any significant risks in view of the outlined compensation actions and recommended actions. The study would serve as a valuable tool for subsequent analysis to be conducted in the future. The maintenance program developed for the PTSCU [14] is divided into two: routine maintenance, during which preventive and predictive maintenance would be carried out, and corrective maintenance [14] to ensure continuous operation when it is implemented.

Appendix

A.

1. Item no.:

Unique line item for each identified component under review.

2. Component:

Name or description of the item or system function being analyzed.

3. Function:

A concise statement of the function performed by the hardware item shall be listed.

4. Failure mode:

All predictable failure modes for each indenture level analyzed shall be identified and described. Additional information concerning the context of the failure mode may be included such as

i. The mode of operation

ii. The time constraints

iii. The environmental stresses

iv. The operational stresses

5. Failure cause:

The most likely causes for each potential failure mode should be identified and described. Since a failure mode may have more than one cause, so all probable independent causes should be identified and entered.

6. Failure effects (local):

Local failure effects identify the impact of the failure mode on the operation and functionality of the system item/equipment under consideration. The purpose of defining the local effects is to provide a basis for evaluating compensating provisions and for recommending corrective actions. It is possible for the “local” effect to be the failure mode itself.

7. Failure effects (system):

System-level failure effect describes the total impact of the failure mode on the operation, function, and status on the system level which the item/equipment is operating.

For example, the local failure effect of a control solenoid valve failing open will have a system effect of transferring a sample capsule.

8. System failure mode detection:

Description of how the failure mode is detected by the system or operator shall be determined. Means of detection may be carried out by methods such as annunciations, operator procedures such as visual inspection, or other preventive, predictive, and corrective maintenance activities.

9. Compensating action:

A listing of the compensating actions which mitigate the effect of the failure mode on the system shall be documented. The actions can be either design related (e.g., design redundancy) or operator procedural actions. Any operator procedural actions used as a compensating action shall reference the governing operating manual or procedure utilized by the operator.

10. Risk analysis- severity (SEV):

A qualitative measure of severity is assigned to each failure mode to represent the worst potential consequences from that failure on the system level.

11. Risk analysis- occurrence (OCC):

A qualitative measure of occurrence is assigned to each failure mode to represent the probability of the failure mode and its particular effect over a defined time period.

12. Risk analysis- detection (DET):

A qualitative measure of detection is assigned to each failure mode to represent the ability of the design to detect the failure mode before the resultant effect reaches a system-level failure.

13. Risk analysis- RPN:

As per Section 3, the risk priority number is the product of the Severity (S), Occurrence (O), and Detection (D): RPN = S x O x D.

14. Recommended action:

Review of the risk attributes requires caution and good judgment. A thorough review of the values of severity, occurrence, and detection is required before forming any opinions and deciding if undertaking corrective actions is required.

The following decision options are available:

i. Implement corrective actions in order to reduce the associated failure mode risk.

ii. Try to eliminate the failure mode.

iii. Minimize severity of the failure.

iv. Reduce the occurrence of the failure mode.

v. Improve the detection.

vi. Accept the failure mode risk without change to the design. Documenting the justification for accepting the associated risk is required.

15. Action taken:

If implementation of corrective action (s) is required, then we document the corrective action changes made to the design which were required to reduce the associated failure mode risk. Any previous corrective actions to the design shall be retained if previous attempts to reduce failure mode risk were attempted.

16. Action result- severity (SEV):

The new severity ranking value based on the any corrective action taken for the failure mode.

17. Action result- occurrence (OCC):

The new likelihood of occurrence ranking value based on the any corrective action taken for the failure mode.

18. Action result- detection (DET):

The new likelihood of detection ranking value based on the any corrective action taken for the failure mode.

19. Action result- RPN:

The new RPN value resulting from any corrective action taken for the failure mode.

Data Availability

All data used are those obtained from our own research work and those obtained somewhere have approval from the source.

Conflicts of Interest

The authors declare no conflicts of interest.

References

E. H. Akaho, B. Maaku, D. N. Dodoo-Amoo, and S. Anim-Sampong, “Steady-state operational characteristics of Ghana research reactor-1,” Journal of Applied Science and Technology, vol. 4, pp. 15–23, 1999.
View at: Google Scholar
G. Jijin, General Description of Ghana Miniature Neutron Source Reactor, Training Manual, Beijing, China, 1993.
T. Huabai, J. Gao, C. Shuping, and L. Yulun, Pneumatic Capsule Transfer System, MNSR-DC-5, China Institute of Atomic Energy, Beijing, China, 1992.
IAEA. NP-T-3.10, Integration of Analog and Digital Instrumentation and Control Systems in Hybrid Control Rooms, IAEA. NP-T-3.10, Vienna, Austria, 2010.
MIL-STD-1629A, Procedures for Performing a Failure Mode, Effects and Criticality Analysis, MIL-STD-1629A, USA, 1980.
Code of Federal Regulations, Title 10 Part SO-Appendix A, Production and Utilization Facilities, Code of Federal Regulations, USA.
B. M. Tashjian, “The failure modes and effects analysis as a design tool for nuclear safety systems,” IEEE Transactions on Power Apparatus and Systems, 1975.
View at: Publisher Site | Google Scholar
L. Burgazzi, “Failure mode and effect analysis application for the safety and reliability analysis of a thermal-hydraulic passive system,” Journal Nuclear Technologyr, 2006.
View at: Publisher Site | Google Scholar
IAEA.NP-T-1.5, Reports Protecting against Common Cause Failures in Digital I&C Systems of Nuclear Power Plants, IAEA.NP-T-1.5, Vienna, Austria, 2009.
E. O. Amponsah-Abu, Design and Construction of a Pneumatic Transfer Control Unit for Cyclic Neutron Activation, Department of Physics, University of Cape Coast, Ghana, 2019, PhD Thesis.
Siemens, Industry Sector Postfach 48 48 90026, LOGO 8 Siemens PLC Manual Pdf, Siemens, Industry Sector Postfach 48 48 90026, Germany, 2012.
Texas Instrument.www.ti.com.. 2021.
IAEA.SSG-37, Instrumentation and Control Systems and Software Important to Safety for Research Reactors, IAEA, Vienna, Austria, 2015.
IAEA, Maintenance, Periodic Testing and Inspection of Research Reactors, IAEA, Vienna, Austria, 2006.

Copyright

Copyright © 2021 H. K. Obeng et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

1425

Downloads

735

Citations