Sensitive / Proprietary
RAMS and Operation Requirements for a Resilient Tunnel Ventilation System
Ibrahima Khalil Mbaye, EUR INGParsons Corporation, Senior Tunnel
Ventilation EngineerDoha, Qatar
Toronto, 26 June 2019
Sensitive / Proprietary
Key Presentation Take-Aways
• Purpose of the Presentation
• What about TVS ?
• What about RAMS?
• What about Operation Requirements?
• How does RAMS Consideration allow to design a resilient TVS?
• Conclusion
Sensitive / Proprietary
Purpose
Aiming to Define a comprehensive strategy for the Delivery of a Resilient Tunnel Ventilation System for Railways Project relying on the RAMS process.
Sensitive / Proprietary
What is Tunnel Ventilation System (TVS) about?
TVS is a System involved in a wide range of underground infrastructure projects:
• Road Tunnels
• Underground Railways, metro, light rail, high speed
• Electrical High Voltage Cables Tunnels
• Mining Tunnels
• Sewage Tunnels
Sensitive / Proprietary
What is TVS about? Railways Metro Major Functions
1. Comfort Management by ensuring:
• Air quality,
• Acceptable Air temperature for Passenger and Equipment in tunnel,
• Acceptable level of induced pressure due to train piston effect,
• Acceptable levels of air velocity,
• Acceptable level of noise,
• Operator’s comfort during Maintenance activities in tunnel.
Sensitive / Proprietary
2. Safety Management by ensuring:
• Tenable conditions for passenger’s evacuation whenever required,
• Achieving critical velocity (Kennedy formula)
• Tenable conditions for passenger inside the train under congestion
• Proper and safe access to each TVS equipment
What is TVS about? Railways Metro Major Functions
Sensitive / Proprietary
What is Tunnel Ventilation System (TVS) about? Typical Equipment
• Axial Fans• Jet Fans• Motorized Smoke and Fire Dampers• AHUs, depending on the region, cooling in the tunnel may be required• Temperature, airflow, humidity sensors in tunnel• Electrical Distribution Boards,• Variable Speed Drives• Soft-Starters• Control Panel with Human Machine Interface (HMI) screen and
Programmable Logic Controller (PLC)• Control Panel with Push-Button for Emergency
Sensitive / Proprietary
What is RAMS about?
• Reliability, quantified by the Mean Time Between Failure (MTBF) of single core equipment
MTBF is provided by the Manufacturer based on the lessons learnt from previous projects.
• Availability, quantified by the ratio A
𝐴 =𝑀𝑇𝐵𝐹
𝑀𝑇𝐵𝐹 +𝑀𝐷𝑇
MDT is the Mean Down Time, most of the time, it is considered as the Mean Time To Restore (MTTR).
Sensitive / Proprietary
What is RAMS about?
• Maintainability, quantified by the Mean Time To Restore (MTTR)
𝑀𝑇𝑇𝑅 = 𝐼𝐷𝑇 + 𝐼𝑅𝑇 + 𝐴𝑅𝑇
IDT is the Incident Detection Time, IRT is the Incident Response Time and ART is the Active Repair Time
• Safety, quantified by the Safety Integrity Level (SIL) for any System Safety Function, defined in IEC 61508.
THR (Tolerable Hazard Rate) per
hour
SIL level
10-9 THR 10-8 SIL 4
10-8 THR 10-7 SIL 3
10-7 THR 10-6 SIL 2
10-6 THR 10-5 SIL 1
Sensitive / Proprietary
What is RAMS about?EN 50126
Current Presentation Area of Focus
Sensitive / Proprietary
What is RAMS about?EN 50126 Design Deliverables
• Concept Design Functional Analysis, • to describe the System Functions along with their involved core equipment. • Core equipment is broken down into Line Replaceable Units (LRU).
• FMECA (Failure Modes Effects and Criticality Analysis), • to assess the Criticality of any Core Equipment failure. • Safety related and Non Safety related Failures are identified. • Safety Related Failures are Service Affecting Failures and are expected to be reflected in the
Hazard Log.
• RAM Prediction Report, • to assess the Reliability of the System by performing Reliability Block Diagram (RBD)
considering dependencies and redundancies.
Sensitive / Proprietary
What is RAMS about?EN 50126 Design Deliverables
• Hazard Analysis, identification of all credible Hazards involving the System.
• Hazard Log, list of all Hazards recognized as “non tolerable” based on the EN 50126 Risk Matrix and as required by the Project:
• SIL Assessment Report, through Fault Tree Analysis (FTA)to check the final design is achieving the required THR (Tolerable Hazard Rate).
Risk Ratings R1, R2, R3 and R4 to be defined by the Client
Sensitive / Proprietary
• Availability Target, percentage of availability of the System
• MTTR Target• Non Service Affecting Failures MTTR, generally, comparable to the Engineering Hours. Only
for Preventive Maintenance and Corrective Maintenance when it is a non Service Affecting Failure
• Service Affecting Failures MTTR, generally a shortest time, allowable for a specific operation duration, can be one year duration (13 Operational Periods)
• System Failure Rates, an explicit target to minimize the System Service Affecting Failures depending on its MTTR.
For instance, for Tunnel Ventilation System, it will take time to fix a faulty equipment (fans of 10 tons weight, motor, dampers, Distribution Panel, etc.), therefore the TVS allocated Failure Rate is as low as practicable to achieve the MTTR.
Operation Requirements and RAMS (Key Performance Requirements KPR)
Sensitive / Proprietary
How Does RAMS Process allow to design a Resilient TVS?
Concept Design
Functional Analysis
Safety Functions
Non Safety
Functions
FMECA
Non Safety
Related Failures
Safety Related Failures
Hazard Analysis
Hazard Log
TVS Core Mitigation Measures
TVS Dependencies
/Interfaces Mitigation Measures
TVS Operation Mitigation Measures
Space Proofing, Power Supply, SCADA, Dynamic Signage,
Platform Screen Doors, Rolling Stock, Signaling, MEP, EMC,
etc.
Mitigation Measures
RAM Calculations
FTA
RAM and SIL
targets Achieved
TVS Implementation
of mitigation measures
ManufactureInstallation T&C Phase and O&M Manuals
Spare Parts List
RBD
TVS Design with
mitigation measures
SIL Calculations
Sensitive / Proprietary
TVS Intrinsic Mitigation Measures outcome of Hazard Log
• TVS shall be compliant with NFPA 130
• TVS shall ensure tenable conditions for the Passenger’s evacuation
• TVS shall prevent passenger from eardrum discomfort
• Each Safety Critical equipment shall have a Duty and Stand by
• Both Duty and Stand by Equipment shall have independent power supply
• The TVS Control System shall be SIL 2
Sensitive / Proprietary
TVS Interface Mitigation Measures outcome of Hazard Log
• Power Supply and SCADA availability shall be 99.999%.
• Power Supply and SCADA networks shall be redundant.
• SCADA commands to TVS shall be SIL 2.
• TVS equipment in tunnel shall not infringe the Rolling Stock gauge.
• TVS to achieve the critical velocity based on the Rolling Stock fire heat release rate.
• TVS to maintain the air temperature to ensure the Rolling Stock Air Conditioning Operating.
Sensitive / Proprietary
TVS Interface Mitigation Measures outcome of Hazard Log
• TVS response and Dynamic Signage to be consistent with the evacuation route.
• The TVS design to define the level of Pressure to be withstood by the Platform Screen Doors and the exposed Structural Walls.
• Appropriate TVS response to be triggered for congested trains.
• Signaling to ensure the max number of trains within a Tunnel Ventilation Zone.
• Each TVS Equipment to be provided with proper and safe access.
• Each TVS equipment to be provided with clear delivery/replacement route.
Sensitive / Proprietary
TVS Operator Mitigation Measures outcome of Hazard Log
• The Operator shall follow the TVS O&M Manuals.
• The Operator shall follow the TVS Asset Maintenance Strategy.
• Yearly Proof test shall be conducted for TVS control equipment.
• The Operator shall select the appropriate TVS mode in case of train fire.
• The Operator shall ensure the Minimum Operation Conditions.
• The Operator shall be aware of the TVS Service Affecting Failures.
Sensitive / Proprietary
CONCLUSION
A TVS Design through RAMS process allows to achieve the Operation Requirements by considering the implementation of the appropriate mitigations measures, outcome of the Hazard Log:
• TVS intrinsic mitigation measures, to be implemented in the TVS design,
• TVS mitigation measures transferred by Other Parties,
• Other Parties mitigation measures transferred by TVS,
• Operation and Maintenance TVS related mitigation measures.
Sensitive / Proprietary
RAMS and Operation Requirements for a Resilient Tunnel Ventilation System
THANK YOU
Questions ??????