Tchórzewska-Cieślak B.,Rak J. Analysis of risk connected with water supply system operating by means of the logical trees method.

ANALYSIS OF RISK CONNECTED WITH

WATER SUPPLY SYSTEM OPERATING

BY MEANS OF THE LOGICAL TREES

METHOD

Tchórzewska-Cieślak B., Rak J.

Zakład Zaopatrzenia w Wodę i Odprowadzania Ścieków, Politechnika Rzeszowska Al. Powstańców Warszawy 6, 35-950 Rzeszów, Poland

Abstract: In this work the logical trees methods have been used for the modelling of the

failure scenarios that can appear in water supply system SZW. The two methods for failure modelling have been presented: the fault tree method and the event tree method. The event tree method is based on a priori thinking concerning the development of the representative failure event. The fault tree method is a result of a posteriori thinking which allows to determine the undesirable events that cause that the representative undesirable event occurs. The examples of methods application have been presented. For the fault tree the model connected with the occurrence of contaminated water in the distribution subsystem has been shown. For the event tree the model connected with the water contamination in its source (river) – peak event – has been presented. The final result of this work is the model of failure in SZW showing the possibility of using the fault tree method combined with the event tree method.

1. Introduction

Water supply system (SZW) is characterised by its continuous work and requires high reliability level for its operating as well as for its safety [2]. System operating is inseparably connected with the possibility that different failures (undesirable events) occur [1]. The most often they have random character and then they can be described by the classical methods used in the reliability engineering including the probabilistic methods but sometimes they are the consequences of the events which can cause the catastrophic situation. Events of this type cause the so called domino effect that is a chain of the undesirable events [4] which very often develops according to some definite scenarios. In many cases the consequences of such events can be very serious for water consumers as well as for water pipe companies.

The basic measure describing SZW safety is risk and the elaboration of the model to analyse risk connected with SZW operating including the impact of the domino effect will allow to use the safety barriers properly [3,5]. The safety barriers are following:

 control and measuring barrier (BKP). When the boundary values of technological parameters are exceeded the control functions are activated. If the control system succeeds the conditions for normal operation are restored. If this barrier fails the potential of threat occurs and it activates the next safety barrier,

 alarm barrier (BA). The second barrier activates e.g. warning signs, certain alarms to which the SZW operator should respond.. As a rule its operating is connected with all kinds of blockades which leads to the stoppage of water production. If the operation of this blockade is not taken into consideration or is neglected the direct threat for SZW users ( drinking water consumers ) arises,

 rescue scenarios barrier (BSR). The third kind of barrier is already connected with the activation of the rescue scenarios and procedures that reduce the consequences of failure. If these procedures fail or are not effective enough it leads to the global losses which in a case of SZW can be accompanied by people gastric problems and, in the critical situations , lethal outcome. In this sense we can talk about the early, delayed and late warning safety barriers [6].

2. Description of the logical trees methods

Fault Tree Analysis (FTA) presents graphic relations between the events influencing the occurrence of a specific undesirable event called “the pick event”. Creating the tree we use the so called functors ( logical gates ) which determine, among others, events logical product and events logical sum. In fig. 1 the basic symbols used to create the fault tree according to PN –IEC1025:1994 [9] are shown and in table 1 the exemplary gates with their quantitative description are presented.

&

1 - Indivisible basic

event

- block of event description (resulting, initiating)

- AND gate -logical product

- OR gate logical sum

Fig.1. The basic symbols in the fault tree method Table 1. The basic logical gates

Gate Graphic symbol Logic operation Unreliability index

AND W = w1w2    n 1 i Ui U OR W = w1w2      M 1 j j ) U 1 ( 1 U

OR gate – in this gate the output event takes place when any of the input events takes place

AND gate – in this gate the output event takes place when all the input events take place. Fault tree quantitative analysis relies on the determination of frequency ( intensity ) or probability that the pick event occurs. In tab.2 the basic formulas to calculate probability or intensity of the output events for gates connected with logical product (AND) and logical sum (OR) are given.

Table 2. Computational formulas for probability and intensity of the output events for gates AND and OR.

Gate„OR”

P(X + Y) = P(X) + P(Y) – P(X) . _P(Y)

(X + Y) = (X) + (Y)

P(X+Y+Z)= P(X) + P(Y)+ P(Z) – P(X) . _{P(Y)- P(X)} .

P(Z) -P(Z) . _{P(Y)+ P(X)} . _P(Y) . _P(Z)

Gate“AND” P(X . _{Y) = P(X)} . _P(Y)

(X . _{Y) = (X)} . _{P(Y) = P(X)} . _(Y)

Example of the method application

In fig. 2 the exemplary fault tree model created for the scenario : lack of water delivery which can result in sudden deterioration in hygienic and sanitary conditions, is presented.

& L a c k o f w a t e r d e l i v e r y t o t h e e s t a t e 1 P D S R S M Z A 1 2 3 P4

Fig.2 Illustration of the fault tree

PD – event connected with the damage of house connection with intensity, 1 = 1,0

damage/km . _year,

SR – event connected with the damage of distribution network with intensity, 2 = 0,5

damage/km . _year,

SM – event connected with the damage of main network with intensity, 3 = 0,3

damage/km . _year,

ZA - event connected with unreliability (probability that alternative sources of water inlet will not be available , e.g. frozen public wells), P4 = 0,1.

4 – intensity of damages for the event: lack of water delivery,

 - resultant intensity of damages for the event : sudden deterioration in hygienic and sanitary conditions .

Calculations for probability of the event: sudden deterioration in hygienic and sanitary conditions as a result of the lack of proper quality water were made according to the formulas:

s=1+2+3 (1)

=s P4 (2)

For the exemplary data the corresponding values are the following: s=1.0+0,5+0,3=1.8 damages /km . _year

= 1.08 0.1= 0,18 damages /km . _year.

2.2 The event tree method

To analyze risk connected with SZW operating we often use Event Tree Analysis [7,8]. The event tree method allows to anticipate the possible scenarios of the events sequence development after the so called undesirable initiating event or pick event occurs. In the event tree technique scenarios are built in relation to the safety barriers operation.. On every tree level two logical states, success (yes) and failure (no), which are identified with the situation that the given barrier operates or does not operate, are considered. The qualitative as well as the quantitative event tree analysis is possible. In the quantitative analysis to a branch which describes success the probability Pi is assigned, and to a

branch identified with failure 1 – Pi.

Examples of the method application

In fig. 3 the event tree analysis after the pick event occurrence – incidental water contamination in water distribution subsystem (PsDyW) - is presented.

Particular probability values are:

disaster PI= U(K) . (1 – P1), (3)

serious failure PII= U(K)  P1 . (1 – P2), (4)

failure PIII= U(K) . P1 . P2. (1 – P3), (5)

situation is controlled PIV = U(K) . P1. P2 . P3. (1 – P4), (6)

situation gets under control PV = U(K) . P1. P2 . P3. P4. (7)

Yes Contaminated water PsDyW-U(K) Disaster Serious failure Failure Critical situation is controlled Critical situation gets under control Safety barriers

Pick event

Identification

of contamination Alarm-information _{to public} Counteraction _methods Threat _removal

Resulting event situation 1-P1 1-P2 1-P3 1-P4 P1 P2 P3 P4 PI PII --PIII PIV PV No Yes Yes Yes No No No

3. The combined model for risk analysis using the logical trees method

In fig.4 the possibility to combine the fault tree method and the event tree method for the scenario of events which began when the contaminated water occurred in the outlet of Water Treatment Plant (ZUzW) is presented:

a – lack of possibility to reveal contamination resulting from limited analyses range, probability Pa,

b – inefficient measuring apparatus, probability Pb,

c – error of laboratory assistant, probability Pc,

d – lack of control procedures, probability Pd,

e – SZW operator neglected the seriousness of the situation, Pe,

f – lack or ineffective procedures to notify citizens about critical situation, probability Pf,

g – lack of denial of rumours that caused panic, probability Pg,

h – places of sampling for analysis are not representative, probability Ph,

Safety barriers Contamination in treated water detected by ZuZW laboratory Contamination detected by monitoring in water pipe networkj

Effective information

about danger is taken up Consequences

Pick event contaminated water in ZUzW outlet P0 Yes No Stoppage in water delivery to network Public do not use water from water pipe The possibility that people are not aware of using contaminated water

Threat modelling using the event tree method area

Threat modelling using the fault tree method area Direct threat

for people health and lives a b c d & 1 1 111 a h & 11 e f g PI PII PI II PI V Yes Yes No No

P0 – probability that the resulting event occurs (contaminated water in the ZUzW outlet ),

P1 – probability of the event that ZUzW laboratory did not detect water contamination,

P2 – probability of the event that monitoring in the water network did not detect water

contamination,

P3 - probability of the event – lack of effective information about danger ,

PI - probability of the event – stoppage in water delivery to the network,

PII - probability of the event – people do not use water from water pipe,

PIII - probability of the event - the possibility that people are not aware of using

contaminated water ,

PIV - probability of the event - direct threat for people health and lives.

Particular kinds of probability are following:

P1= Pd[ Pa+ Pb+ Pc - PaPb – PcPb - PaPc+PaPbPc] (8) P2= Pa+ Ph - Pa Ph (9) P3= Pg[ Pe+ Pf – PePf] (10) PI = P0 (1-P1) (11) PII = P0 P1 (1- P2)  (1- P3) (12) PIII = P0 P1 (1- P2)  P3 (13) PIV = P0 P1 P2 (14) 4. Conclusions

The two methods for failure modeling: fault tree and event tree were presented. The event tree method is based on “ thinking ahead” concerning the development of the representative failure event The fault tree method is a result of “backward thinking” which allows to determine the undesirable events that cause that the representative undesirable event occurs. Thanks to the advanced computational methods connected with the probability/frequency of the failure events the fault tree method and the event tree method are very useful for modelling SZW failure scenarios. The possibility to combine those two methods gives very good effects for failure modelling. Logic trees analyses are especially useful to analyse complex technological systems. When the logic trees are very expanded it makes sense to use the numerical computational techniques.

References

1. Hipel K.W, Kilgour D.M, Zhao N.Z.: Risk analysis of the walkerton drinking water crisis. Canadian water resources Journal, vol.28, no3, p.395-397, 2003.

2. Mays L.W.: Reliability analysis of water distribution systems. ASCE, New York, 1989.

3. Rak J.: Istota ryzyka w funkcjonowaniu systemu zaopatrzenia w wodę. Oficyna Wydawnicza Politechniki Rzeszowskiej, s.1-113, 2004.

4. Rak J.: Podstawy bezpieczeństwa systemów zaopatrzenia w wodę. Wydawnictwo PAN - Komitet Inżynierii Środowiska, t.28, s.1-215, 2005.

5. Rak J.: Metoda analizy barier zabezpieczeń do oceny ryzyka skażenia wody w podsystemie dystrybucji. Bel Studio Sp Z O.O., Warszawa, Konferencja: XIII Międzynarodowa Konferencja N-T "Eksploatacja infrastruktury w sytuacjach kryzysowych" Wojskowa Akademia Techniczna, Warszawa - Rynia, 18-20 października 2004 r., t.1, s.279-288, 2004.

6. Rybicki S.A.: System multibariera – sposób zmniejszania ryzyka dostarczania wody o niewłaściwej jakości. Ochrona Środowiska, nr 3(82). Wydaw. PZITS O/Dolnośląski, Wrocław, 2001.

7. PN-EN-1050. Zasady oceny ryzyka, 1999.

8. PN-IEC 60300-3-9. Analiza ryzyka w systemach technicznych, 1999. 9. PN-IEC 1025. Analiza drzewa niezdatności FTA. 1994.