ch10

Chapter
10
PIPELINE SYSTEM
OPERATIONAL
RELIABILITY/AVAILABILITY
ASSESSMENT
10.1 RELIABILITY ASSESSMENT

Risk is the hazard or uncertainty associated with a measure of unreliability/ undependability. It is like climbing a mountain without checking your ropes.
Mo Mohitpour, Canada
10.1.1 Reliability Introduction and Definition

Reliability can be defined as the measure of confidence in a given system to meet the
desired purpose/function over a given time. It is a measure of dependability of the system.
In the pipeline industry, establishment of reliability provides a level of service confidence
(in % terms) in the pipeline to transport the intended fluid over a given time from the
source of supply to the market area. Sometimes it is also defined as a measure of meeting
all intended economic and technical parameters.
Reliability is also important to assess the performance of equipment used on the
pipeline such as pump or compressor units, measurement equipment and even lower
device levels (Vitale et al., 1982).
Often the meaning of capability, reliability, maintainability, availability, serviceability,
risk and failure probability are interchanged and even more often misused. Many also
believe that establishing probability of a failure in a pipeline is tantamount to establishing
its reliability. Factors such as probability of failure are merely components that are con
sidered an input to the equation when establishing the level of reliability. Establishing
probability of a cause (say a failure) is merely a microscopic component of risk assess
ment,which provides input to bigger macroscopic model for establishing the reliability.
The pipeline industry, however, mostly measures pipeline reliability as the amount of
time a pipeline is operating and available to transport a given fluid over a defined period
of time. As an example Alyeska Pipeline Service Co (APSC, 2002) established that the
Alyeska pipeline reliability was 99.77% for the year 2001 (Table 10.1). Whether it has
achieved its optimum economic and technical performance in that year can be similarly
assessed.
623
Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms
624 Pipeline Operation & MaintenanceA Practical Approach

TABLE 10.1. Pipeline Reliability Report (January 2002)
December reliability
100%
2001 reliability
99.77%
December throughput
33,111,000 bbls
December daily average
1,068,000 bpd
2001 throughput
362,131,000 bbls
2001 daily average
992,000 bpd
10.1.2 Reasons for Assessment of Pipeline Reliability

There are many reasons why we establish the operational reliability of pipelines. Analyzing
the operational reliability will provide a measure of confidence that can be used for decision
making and performance evaluations, such as the following, BS 5760-2 (BS,1994):
Provide an early indication of the potential of a system to meet the reliability
requirement, e.g., transportation of a quantity of fluid for a given time over a given
distance without interruption.
Guides design decisions to ensure selection of options that promote cost-effective
levels of system dependability and longevity. Reveals aspects of design that will
require particular attention to reliability or present high risks in relations to the
requirements.
Establishes whether the system or an item in the system has or is performing with
reliability required and whether it is likely to continue performing adequately for the
remainder of its operational life.
Determines where an existing pipeline system improvement action would have the
greatest impact on increasing reliability and reducing financial liabilities.
Identifies, assesses and ranks possible actions to obtain cost-effective improve
ments.
Provides a quantitative basis for decision-making for allocation of an operating and
maintenance fund. This is usually a consequence of logistic support analysis, spare
ranging and other requirements, hazard analysis and related maintenance and opera
tional studies.
The assessment of reliability is an important element of many reliability programs and
can be implemented during the various phases of the life cycle of a product, component or
a system Depending on the availability of data, the assessments may be either qualitative
or quantitative.
Assessments may be required during early studies (feasibilities studies) to define the
system and its fundamental design in order to compare the characteristics of various design
options.
Assessment may also be required during the design phase to provide confidence that
the design will conform to customer or market requirements, or during introduction to
service and throughout the life of the system in order to identify design weaknesses and to
monitor reliability.
Reliability assessments may therefore be carried out at any time from the originaldef
inition of the project and throughout the useful life of equipment or a system. Indeed,
assessment of the success or otherwise of an earlier design may be used to advantage when
considering the development of the design of a new system or product.
Pipeline System Operational Reliability/availability Assessment 625
10.1.3 Applicable Reliability Standards

There is no single pipeline industry code that provides a guideline and technique for estab
lishing the overall reliability of a pipeline system. However, there are a number of pub
lished national and international standards that describe reliability-related methods. There
are also reports and technical papers that can provide method, data and input for risk and
reliability models, such as Wright Mansell (1991), Oreda (2009) and Chmilar (1996).
The only international standards in this area are those produced by the International
Electrotechnical Commission (IEC, 2003) Technical Committee (TC) on Dependability
(TC56). Various national standards also exist, such as the well-known BS5760 series pro
duced by the British Standards Institute, but many of them are in the process of being sup
plemented or replaced by the equivalent IEC TC56 standards.
IEC TC56 has adopted the term dependability in order to recognize that success is
only achieved if consideration is given to a broad view of reliability, availability and main
tainability (RAM), often referred to as RAM in some industries.
Dependability is defined as the collective term used to describe the availability per
formance and its influencing factors:
Reliability performance
Maintainability performance
Maintenance support performance
NOTE: Dependability is used only for general descriptions in non-quantitative terms
(IEC 60050, 191-02-03).
Dependability is the totality of availability, reliability, maintainability and mainte
nancesupport as shown in Figure 10.1 Availability is achieved when reliability, maintain
ability and maintenance support aspects are satisfied.
Dependability is one of the characteristics of quality and is defined as such in the
new ISO 9000:2000 standards. The dependability standards provide systematic methods
and tools for the dependability assessment and management of equipment, services and
systems throughout their life cycles. The standards cover generic aspects on reliability
and maintainability program management, testing and analytical techniques, software
and system dependability, life-cycle costing, technical risk analysis and project risk
management.
Figure 10.1. Dependability Relationships (Courtesy of IEC)

This may occur where design for safety introduces an additional complexity that reduces
reliability. For example, for a bomb to explode when required, a detonator is needed.
A simple detonator with few components may have failure modes that could cause
premature detonation and it is necessary to introduce additional safety devices to inhibit
such failure modes. These devices, by introducing greater complexity, add to the proba
bilitythat the bomb may fail to operate when required, even though it is made safer tohan
dle by incorporating them.
Principles of reliability modeling
When assessing reliability it is necessary to mathematically express the relationship
among the four elements discussed, i.e., between function, time interval, conditions of use
and probability. This process is known as reliability modeling. The precise way in which
the model is developed will depend on the circumstances surrounding a system or an item
and the stage it has reached in its life cycle.
In order to evaluate the model, it is necessary to insert data, which may be derived
from experience of the item itself or from a related item.
The most useful models are those that strike a good balance between an accurate rep
resentation of the real life situation and the need to provide results in a reasonable time,
with due regard to the quantity of the input data and the required accuracy of the results.
Redundancy
A redundant system contains more items than are strictly necessary for the function
of the system, the objective being to increase reliability.
Series systems
In a series system, such as a pipeline system that has pump station or compressorsta
tions,failure of any component constitutes system failure.
RS = Ri
i -1
Eq. (10.1)

i.e., the reliability of the system Rs is the product (P) of the reliabilities Ri of the com
ponent parts. Availability, particularly steady-state availabilities can also assessed in the
same way. Thus:
n
AS = Ai
i -1
Eq. (10.2)

Computer tools for reliability assessment

Reliability assessment can be facilitated and rationalized by the use of computer tools.
One such tool is the commercially available software Pipeline Risk Controller Version 2.0
for Windows *Muhlbauer, 1998). This software can be utilized to assess availability and
thus reliability. There are also other tools such as AvSim+, Version 8 (Isograph, 2002).
10.1.4.2 Assessment Techniques
Many techniques are available for the assessment of reliability. There are perhaps over
twenty (20) different techniques by which systems and component reliabilities can be

and value of life cycle costing and outlines the general approaches involved. It
also identifies typical life cycle cost elements to facilitate project and programme
planning.
IEC 60300-3-4 Ed. 2.0 (2007-09): Dependability ManagementPart 3: Application
GuideSection 4: Guide to the Specification of Dependability Requirements (BS
5760-4):
Gives guidance on specifying required dependability characteristics in product
and equipment specifications, together with specifications of procedures and cri
teria for verification. Includes advice on specifying quantitative and qualitative
reliability, maintainability and availability requirements. The main changes from
the previous edition are: the concept of systems has been included and the need
to specify the dependability of the system and not just the physical equipment has
been stressed; the need for verification and validation of the requirement has been
included; differentiation has been made between requirements, that can be mea
sured and verified and validated, and goals, which cannot; and the content on avail
ability, maintainability and maintenance support has been updated and expanded
to similar level of detail to reliability.
IEC 60300-3-9 Ed. 1.0 (1995-12): Dependability ManagementPart 3: Application
GuideSection 9: Risk Analysis of Technological Systems:
Provides guidelines for selecting and implementing risk analysis techniques. The
objective of this standard is to ensure quality and consistency in the planning and
execution of risk analyses and the presentation of results and conclusions.
IEC 60300-3-10 Ed. 1.0 (2001-01): Dependability ManagementPart 3-10: Application GuideMaintainability:
The application guide can be used to implement a maintainability program cov
eringthe initiation, development and in-service phases of a product that forms
part of the tasks in IEC 60300-2. It provides guidance on how the maintenance
aspects of the tasks should be considered in order to achieve optimum maintain
ability. It uses other IEC standards, notably IEC 60706, as reference documents
or tools as to how a task should be undertaken. This standard replaces Sections 1
and 3 of IEC 60706-1 (1982).
IEC 60300-3-11 Ed. 2.0 (2009-06): Dependability ManagementPart 3-11: Application GuideReliability Centered Maintenance:
Provides guidelines for the development of failure management policies for
equipment and structures using reliability centred maintenance (RCM) analysis
techniques. This part serves as an application guide and is an extension of IEC
60300-3-10, IEC 60300-3-12 and IEC 60300-3-14. Maintenance activities recom
mended in all three standards, which relate to preventive maintenance, may be im
plemented using this standard. The previous edition was based on ATA MSG-3;
whereas this edition applies to all industries and defines a revised RCM algorithm
and approach to the analysis process.
IEC 60300-3-14 Ed. 1.0 (2004-03): Dependability ManagementPart 3-14: Application GuideMaintenance and Maintenance Support
Describes a framework for maintenance and maintenance support and the various
minimal common practices that should be undertaken. It outlines in a generic man
ner management, processes and techniques related to maintenance and maintenance

support that are necessary to achieve adequate dependability to meet the opera
tional needs of the customer. It is applicable to items that include all types of
products, equipment and systems (hardware and associated software). Most of
these require a certain level of maintenance to ensure that their required func
tionality, dependability, capability, economic, safety and regulatory requirements
are achieved.
IEC 60812 Ed. 2.0 (2006-01): Analysis Techniques for System ReliabilityProcedure
for Failure Mode and Effects Analysis (FMEA) (BS 5760-5):
This International Standard describes Failure Mode and Effects Analysis (FMEA)
and Failure Mode, Effects and Criticality Analysis (FMECA), and gives guid
ance as to how they may be applied to achieve various objectives by: providing
the procedural steps necessary to perform analysis; identifying appropriate terms;
defining basic principles; providing examples of the necessary worksheets or other
tabular forms.
IEC 61025 Ed. 2.0 (2006-12): Fault Tree analysis (FTA) (BS 5760-7):
Describes fault tree analysis and provides guidance on its application to perform
an analysis, identifies appropriate assumptions, events and failure modes, and pro
vides identification rules and symbols.
IEC 61078 Ed. 2.0 (2006-01): Analysis Techniques for DependabilityReliability
Block Diagram Method (BS 5760-9):
This International Standard describes procedures for modelling the dependability
of a system and for using the model in order to calculate reliability and availability
measures. The RBD modelling technique is intended to be applied primarily to
systems without repair and where the order in which failures occur does not mat
ter. For systems where the order of failures is to be taken into account or where
repairs are to be carried out, other modelling techniques, such as Markov analysis,
are more suitable.
IEC 61160 Ed. 2.0 (2005-09): Formal Design Review (BS 5760-14):
This International Standard makes recommendations for the implementation of
design review as a means of verifying that the design input requirements have
been met and stimulating the improvement of the products design. The intention
is for it to be applied during the design and development phase of a products life
cycle.
IEC 61164 Ed. 2.0 (2004-03): Reliability GrowthStatistical Test and Estimation
Methods (BS 5760-17):
Gives models and numerical methods for reliability growth assessments based on
failure data, which were generated in a reliability improvement program. These
procedures deal with growth, estimation, confidence intervals for product reli
ability and goodness-of-fit tests.
IEC 61165 Ed. 2.0 (2006-05): Application of Markov Techniques (BS 5760-15):
This International Standard provides guidance on the application of Markov
techniques to model and analyze a system and estimate reliability, availability,
maintainability and safety measures. This standard is applicable to all industries
where systems, which exhibit state-dependent behaviour, have to be analyzed.

The Markov techniques covered by this standard assume constant time-independent
state transition rates. Such techniques are often called homogeneous Markov
techniques.
IEC 61649 Ed. 2.0 (2008-08): Weibull Analysis:
Provides methods for analysing data from a Weibull distribution using continu
ous parameters such as time to failure, cycles to failure, mechanical stress, etc.
This standard is applicable whenever data on strength parameters, e.g. times
to failure, cycles, stress, etc. are available for a random sample of items oper
ating under test conditions or in-service, for the purpose of estimating mea
sures of reliability performance of the population from which these items were
drawn. The main changes with respect to the previous edition are as follows: the
title has been shortened and simplified to read Weibull analysis; and provision
of methods for both analytical and graphical solutions have been added.
IEC 61703 Ed. 1.0 (2001-09): Mathematical Expressions for Reliability, Availability,
Maintainability and Maintenance Support Terms:
Provides mathematical expressions for reliability, availability, maintainability and
maintenance support measures. Non-repaired items and repaired items with zero
and non-zero time to restoration are considered separately in this standard.
IEC 61882 Ed. 1.0 (2001-05): Hazard and Operability Studies (HAZOP Studies)
Application Guide:
Provides a guide for HAZOP studies of systems utilizing the specific set of guide
words defined in this standard. Also gives guidance on application of the tech
nique and on the HAZOP study procedure, including definition, preparation,
examination sessions, and resulting documentation and follow-up.
IEC 62198 Ed. 1.0 (2001-04): Project Risk ManagementApplication Guidelines:
Applicable to any project with a technological content. Provides a general
introduction to project risk management, its sub-processes and influencing fac
tors. Guidelines are provided on the organizational requirements for imple
menting the process of risk management appropriate to the various phases of a
project.
10.1.4 Fundamentals and Techniques

10.1.4.1 Fundamentals
General
Reliability is normally expressed as the probability that an item can perform a required
function under given conditions, for a given time interval.When assessing the reliability of
a system or a component of a system, there are four important elements to be considered,
as follows:
Function
Conditions of use
Time interval
Probability

These are briefly described below:
Function
It is always necessary to define the function or functions of the system or component
in terms of the performance required. In a pipeline system, the facilities function would be
to transport a volume of fluid/fluids from the source of supply to the market areas. For
complex systems this can be difficult, particularly where the performance gradually
degrades. Nevertheless, for an assessment to be provided it is essential to define specific
pass and fail criteria in terms that can be measured.
In the project definition stage, it may be helpful to generate reliability block diagrams
(RBDs) as these can provide an effective method of visually representing a complex math
ematical relationship.
Conditions of use
The conditions of use (or environment) to which a system or a product is subjected
throughout all phases of its life can have a significant impact on the reliability of the prod
uct. This includes not only the obvious physical conditions (temperature, pressure, vibra
tion, humidity, etc.), but also elements such as geotechnical, environmental, and all other
conditions as well as the effects of use and the user, together with the available mainte
nanceresources. Some assumptions may be made as to the applicability and/or uniformity
of the conditions throughout the life system or component.
Time interval
It is important to define the time period over which a system or a component of asys
temmay operate. The nature of the time interval selected to measure reliability is deter
mined by the way the product is used. In practice it may be appropriate to employ some
measure other than time. Some examples of suitable measures include the following:
Number of operations, e.g., repetitions of use of a mechanical device
Time (calendar or duration of operation)
Distance traveled
Number of successful operations within a sample set (this example applies particu
larly to one-shot devices)
Probability
Although normally stated as a mathematical probability, reliability can also be ex
pressed as a hazard rate or as the expected time to failure or probability that it meets the
intended functions. For repairable systems, reliability may be expressed as a failure rate or
as the mean time between failure (MTBF) or some other appropriate unit. An example is
the use of pump or a compressor in the pipeline system.
When analyzing reliability data, it is necessary to determine the statistical technique
to be employed. The following two stages are normally involved:
The type of period has to be establishedit may be a series of discrete events(num
ber of operations) or a continuum (time).
The statistical distribution has to be determined.
Reliability and safety
Many of the techniques used for the assessment of reliability are also used for the
assessment of safety. Sometimes, however, safety and reliability can appear to conflict.

This may occur where design for safety introduces an additional complexity that reduces
reliability. For example, for a bomb to explode when required, a detonator is needed.
A simple detonator with few components may have failure modes that could cause
premature detonation and it is necessary to introduce additional safety devices to inhibit
such failure modes. These devices, by introducing greater complexity, add to the proba
bilitythat the bomb may fail to operate when required, even though it is made safer tohan
dle by incorporating them.
Principles of reliability modeling
When assessing reliability it is necessary to mathematically express the relationship
among the four elements discussed, i.e., between function, time interval, conditions of use
and probability. This process is known as reliability modeling. The precise way in which
the model is developed will depend on the circumstances surrounding a system or an item
and the stage it has reached in its life cycle.
In order to evaluate the model, it is necessary to insert data, which may be derived
from experience of the item itself or from a related item.
The most useful models are those that strike a good balance between an accurate rep
resentation of the real life situation and the need to provide results in a reasonable time,
with due regard to the quantity of the input data and the required accuracy of the results.
Redundancy
A redundant system contains more items than are strictly necessary for the function
of the system, the objective being to increase reliability.
Series systems
In a series system, such as a pipeline system that has pump station or compressorsta
tions,failure of any component constitutes system failure.
RS = Ri
i -1
Eq. (10.1)

i.e., the reliability of the system Rs is the product (P) of the reliabilities Ri of the com
ponent parts. Availability, particularly steady-state availabilities can also assessed in the
same way. Thus:
n
AS = Ai
i -1
Eq. (10.2)

Computer tools for reliability assessment

Reliability assessment can be facilitated and rationalized by the use of computer tools.
One such tool is the commercially available software Pipeline Risk Controller Version 2.0
for Windows *Muhlbauer, 1998). This software can be utilized to assess availability and
thus reliability. There are also other tools such as AvSim+, Version 8 (Isograph, 2002).
10.1.4.2 Assessment Techniques
Many techniques are available for the assessment of reliability. There are perhaps over
twenty (20) different techniques by which systems and component reliabilities can be

established, IEC 60300-3-1 (2003) and BS 5760-2 (1994). There are, however, the follow
ing techniques that are most frequently used in the reliability assessment of pipeline sys
tems and their components (such as valves, metering, etc.):
Reliability block diagram technique
Probability prediction modeling
Fault tree analysis
Monte-Carlo simulation technique
Markov analysis
Each technique will require at least the following to be fully documented:
Assumptions
These assumptions are an integral part of assessing the reliability. However, it is
important to note that the reliability assessment techniques are only valid if basic
assumptions are true.
Failure definition
Many techniques assume that the system is functioning or not functioning. It is
therefore necessary to define precisely what constitutes failure in the particular
system and circumstances under consideration.
Operating and environmental conditions
It is important to establish whether realistic operating and environmental condi
tions have been assumed; failure data will be similarly suspect.
Maintenance
The assessment techniques assume that correct preventative maintenance is
always carried and on a timely basis. Poor maintenance obviously will lead to
reduced reliability.
10.1.4.3 Fundamentals of Reliability Analysis
10.1.4.3.1 Basic Terms Reliability as defined previously is the probability that an
item will perform a required function, without fail, under stated conditions for a stated
period of time. This definition illustrates three important points about reliability:
It is a probability (i.e., a number between 0 and 1)
It is a function of time
It is a function of the definition of failure
Reliability can also be expressed as a longer-term average with applicability to major
equipment such as compressor or pump units. A number of different methods are available
(Ekstrom, 1992), but a simple one used by the Gas Turbine Users Association and many
pipeline users utilizes elapsed time and subtracts time associated with failure that causes
downtime.

Reliability(%) =
Elapsed time-Downtime due to failure

100
Elapsed time

A common approach is to determine the reliability every month with the elapsed time
equal to the number of hours in the month. This can then be trended to track compression
or pumping unit reliability and make comparisons between different types of units.

Availability is somewhat different than reliability and is defined as the fraction of time
that an item is able to perform a required function under stated conditions. For repairable
items, availability tends to be a more useful parameter, as it accounts for repair time re
quired to restore the item to operable condition following a failure. Like reliability, avail
ability is a probability and it is a function of the specified definition of failure and success.
However, availability is not a function of a specified mission time.
Availability can be expressed as follows:
Availability= [uptime/(uptime + downtime)]
Eq. (10.3)
Unavailability is simply the opposite concept and may be defined by the following
equation:

Unavailability = 1 [uptime/(uptime + downtime)] = 1 Availability
Eq. (10.4)
An alternate approach based on elapsed time similar to that for reliability takes the
elapsed time and subtracts both time due to failures and time for maintenance.
Availability(%) =
Elapsed time-Downtime due to failure and planned maintenance

100
Elapsed time

10.1.4.3.2 Failure Rate Data Historical failure rate data are used to help quantify
the availability of various equipment items. The data are often characterized using two
parameters. The first of these is the mean time between failures (MTBF).
MTBF is calculated as the total operating time of all items in the data sample
divided by the number of failures. Thus, it is equal to the inverse of failure frequency.
For example, a component with an MTBF of 20,000 hours has a failure frequency of 5
10-5 per hour.
The second parameter is the mean time to restore (MTTR). This is the amount of cal
endar time required to restore a failed piece of equipment back to operable condition. For
a given data sample, MTTR is calculated as the total calendar time required to repair all
failures divided by the number of failures.
Since MTBF represents the average amount of operational time between failures and
MTTR is the average amount of downtime after a failure, availability can be rewritten as
follows:

Availability = [MTBF/(MTBF + MTTR)]
Eq. (10.5)
10.1.4.4 Reliability and Risk

Reliability and risk are very closely related. Reliability assessment tools such as fault tree
analysis and failure modes and effects analysis are key methods for assessing risks because
they analyze both the probability of failure and its consequences that form the basis for risk
analysis.
The management of risk has been formalized by a recently published standard ISO
standard (ISO 31000, 2009) and risk assessment techniques by a supplementary joint ISO/
IEC standard (IEC/ISO 31010, 2009). The risk management process is defined as
communication and consultation
establishing the context

risk assessment which consists of risk identification, risk analysis and risk
evaluation
risk treatment
monitoring and review
The standard on risk assessment techniques provides more details on this part of the
process and has guidance on selection of techniques as well as summaries of many of the
applicable methods.
The use of risk-based techniques is now well established for static or structural equip
ment such as pressure vessels and pipelines to provide a justification for inspections and a
basis predicting future degradation. Although the frequency of failure is generally very low,
the consequences of production outage, repair costs, and safety have driven the application
of probabilistic assessment for this type of equipment.
Rotating equipment, on the other hand, fails much more frequently but usually with
consequences that are much reduced compared with major structures. It hardly seems
worthwhile to expend the effort required to utilize probabilistic risk-based assessment tech
niques to assist with design or maintenance decisions. A number of factors are now chang
ing this attitude to the use of more sophisticated analysis techniques for all types of major
equipment including assets such as rotating equipment.
The first driver is the increasing criticality of major rotating equipment. Unplanned
outages now have a greater effect on power plants, pipelines, oil and gas facilities, and
chemical plants. This is due to a combination of higher availability requirements and lim
ited redundancy in design largely because of cost constraints. The second factor is that the
age of equipment is increasing well beyond initial life expectations. This entails increasing
risk that needs to be understood, quantified, and mitigated. Risk evaluation is needed to
manage equipment in the later part of its life cycle and, finally, to justify retirement and
disposal.
On the positive side, assessment techniques and analysis support tools are now much
more widely and economically available. Although some education of management, de
sign, operating, and maintenance staff will be needed to implement them, this is much more
feasible today then it would have been in the past (Van Hardeveld, 2000).
10.1.4.5 Reliability and Maintenance
There are also close links between reliability and maintenance. The three most important
reliability-related techniques are reliability-centered maintenance (RCM), Weibull analy
sis, and, more recently, the Crow-AMSAA method.
Reliability-centered maintenance is a risk-based technique for determining the most
appropriate maintenance tasks. The front end of RCM is actually a modified FMECA that
evaluates the different potential failure modes, their likelihood, and resultant consequences.
This then becomes the basis for a logic tree that produces the most applicable and cost-ef
fective tasks to mitigate the consequences with preference given to condition monitoring as
usually being the best solution (see Chapter 2 for more information on RCM).
Weibull analysis performs analysis and forecasting of failure data, and its major
strength is that it can be applied to very small samples (Abernathy, 2006). An advantage
is that it provides a simple, graphical plot that is easy to interpret, plotting cumulative
probability of failure against the age to failure (expressed as time, cycles, distance or other
measures of age) on a log-log scale. The slope beta is especially valuable in that a slope
of >1 indicates wear-out failures, a slope of 1 is a constant failure rate and <1 shows de
creasing failures. One complication is that it applies to individual failure modes, and data
with mixed failure modes are more difficult to analyze. Many useful papers are available

courtesy of Paul Barringer on practical applications of Weibull analysis, as it relates to
improving reliability and maintenance and linking it to life cycle costing (Barringer, 2010).
Weibull analysis is most effective when analysis needs to be done with a small amount of
data for specific failure modes.
A more recently adapted reliability technique is the Crow-AMSAA method. It is based
on classical reliability growth plots and is based on graphing the number of failures against
operating time, again with both on a log scale (Barringer, 2004). Its strength is that it is very
easy to produce and can handle multiple failure modes. The long-term trend slope is inter
preted similarly to a Weibull curve, with a slope >1 indicating decreasing reliability, a slope
<1 showing that reliability is improving. The method can be applied not only to failures but
also to maintenance records such as work orders and maintenance cost as well as safety data
(Barringer, 2003). This technique is an excellent one to track the reliability of equipment
such as pumps, compressors, and drivers over the long term to ensure that reliability is not
decreasing and to verify the effect of improvements that have been carried out.
10.1.5 Fault Tree Analysis

10.1.5.1 Fault Tree Analysis/Technique
After first identifying an undesirable event, a technique often used to quantify the likeli
hood of the event is fault tree analysis (FTA) (Clement, 1990; Lees, 1983). To employ this
methodology, it is necessary to determine all precursor events or causes that can lead to the
undesirable event. The inter-relationship between all events and causes is diagrammatically
represented in the form of an inverse tree in which the single undesirable event is placed at
the top of all precursors and causes are placed on branches coming out of the top event via
logic gates, which define the causality. The tree is drawn sufficiently downward to reach
basic or undeveloped events for which failure rates or probabilities of occurrence can be
estimated.
Each tree is constructed from the top event down. Working backward from the top
event, the various potential causes are developed incrementally by levels. The event
branches are developed symbolically using a standard notation. This notation involves a
number of logical operators, the two most important of which are the AND gate and the
OR gate. An AND gate depicts the logical operation where the coexistence of all inputs
to the gate are required to product the indicated output, i.e., both event A and event B must
occur to precipitate the occurrence of the top event C (see Figure 10.2).
Figure 10.2. AND Gate
Figure 10.3. OR Gate
The OR gate is used when the output event will occur if at least one of the input
events occurs (i.e., either occurrence of event A OR event B will cause event C to occur
(see Figure 10.3 below).
Note that the input to each gate is shown at the bottom and output is noted at the top.
Usually, the resultant event is shown as a rectangular shape linked to the top of the gate
below. Gates are not generally connected directly together, but rather are separated by events.
For the analysis of systems with multiple redundancies, a useful gate is the qualified
OR gate, sometimes referred to as the N/M or X/Y gate. This gate is similar to the OR gate,
except that a specified number of inputs are needed to occur in order for the output event
to occur. Y represents the total number of possible failures and X is the number of failures
required for the output event to occur. For example, for a 2/5 OR gate, two (or more) of
the five components must fail in order for system failure to occur. Thus, the standard OR
gate may be thought of as an X/Y OR gate with X equal to 1. An AND gate may be thought
of as an X/Y OR gate with X equal to Y. See Figure 10.4 for a summary of the more impor
tant symbols used in fault tree analysis.
Figure 10.4. Summary of Important Symbols for Fault Tree Analysis

10.1.5.2 Basic Probability Relations
Consider an event A, which has a probability of occurrence PA. The event that A does not
occur, has the probability of PA, as given below:
P - A = 1 - PA
Eq. (10.6)
This relation is simply a consequence of the fact that events A and A are mutually
exclusive (i.e., both cannot occur simultaneously, and they are exhaustive, i.e., they repre
sent the entire range of possible outcomes and so their probabilities sum to 1, i.e., 100%).
Thus if event A represents system success, then A represents system failure and:
P failure = 1 - Psuccess
Eq. (10.7)
For any two independent events A and B, with probabilities PA and PB, respectively,
the probability that A and B both occur is the intersection of sets A and B as given below:
PA and B = P (A B) = PA PB , where is a symbol for multiplication
Eq. (10.8)
For any number of independent events A, B, , N with probabilities PA, PB, , PN,
respectively, the probability of all events occurring simultaneously is:
n
Pall = P Pi = PA PB ......PN
i =1

Eq. (10.9)
Thus, in a fault tree, for independent events that are connected by an AND gate, the
probability of the output event of the gate is calculated by multiplying the probabilities for
the inputs.
For the same two events A and B, the probability that at least one of them occurs is
the union of sets A and B and is given as follows:
PA or B = P (A B) = PA + PB (PA PB )
Eq. (10.10)
The product PA PB is subtracted to avoid double-counting the intersection. For

small values of PA and PB, this product is negligibly small and the union can be calculated
simply as the sum of PA and PB.
For independent events A through N, the probability of at least one occurring is given
below:
n
Pall = P = PA + PB + ...... + PN + (PA PB) (PA PC) ....

i =1
(P(N 1) PN) + (PA PB PC) + (PA PBx PC ) + .......(PN 2 PN 1 PN)

Eq. (10.11)
+ ....(1)N 1(PA PB ...... PN)

Very often, the probabilities considered are small enough that the higher order terms
can be neglected and the above equation reduces to:
n
Pall = P = PA + PB + ...... PN
i =1
Eq. (10.12)

Thus, in a fault tree, for independent events that are connected by an OR gate, theprob
ability of the output event of the gate is calculated by adding the probabilities of the inputs.

The calculations regarding the solution of a qualified X/Y OR gate are given in full
detail in Section 10.3.2.5.3.
Equations (10.9) and (10.12) are fundamental equations of Boolean algebra, a branch
of mathematics used in probability theory that finds application in fault tree analysis.
10.1.6 Reliability Block Diagram

10.1.6.1 Application
Before any form of reliability analysis is attempted, it is generally advisable to represent the
system under consideration as a block diagram.
Various form of block diagram can be drawn for a system. Often, a functional block
diagram is drawn to show how a system is set up and describe how the system is expected
to operate.
For reliability assessment it is often more useful to draw a reliability block diagram
(RBD). The purpose of the RBD technique is to represent failure and success criteria
pictorially and to use the resulting diagram to evaluate system reliability parameters. It
should be noted that in many cases the RBD will bear no resemblance to the functional
block diagram. Under certain conditions the method can also be used to calculate sys
temavailability.
In the RBD method, blocks that are considered to exist in one of only two possible
states represent individual units: operational or failed.
In order to proceed, the analyst will need to understand the way in which the system
operates and the corresponding environmental conditions, including an understanding of
the modes of equipment operation.
For any system there may be a number of system failures or success definitions and
each of these may be modeled by a separate RBD. Each relevant system failure or success
definition should be clearly stated and the corresponding RBD should be referenced (e.g.,
by labeling) to the associated system failure or success definition. In turn, the reliability
parameters to be calculated should also be clearly stated.
10.1.6.2 Advantages and Limitations
The principal benefits of the RBD technique are as follows:
The pictorial representation means that models are easily understood and therefore
readily checked.
Block diagrams are used to identify the relationship between elements in the system.
The overall system reliability can then be calculated from the reliabilities of the
blocks using the laws of probability.
The block diagrams can readily be interpreted in the case of elements that are, in
reliability terms, in series.
Block diagrams can be used for the evaluation of system availability provided that
both the repair of blocks and failures are independent events, i.e., provided the time
taken to repair a block is dependent only on the block concerned and is independent
of repair to any other block. This is usually the case for pipeline pumping/compres
sion with standby units.
Limitations include the following:
The method cannot model systems in which the sequence of failures affects the out
come (i.e., order-dependent failures).

In general the method cannot be used to model maintenance strategies for systems
that can be repaired.
For a given system, each failure or success definition needs a separate block
diagram.
10.1.6.3 RBD Modeling
In order to commence the model construction, consideration needs to be given as to the best
way of dividing the system into blocks. It is particularly important that each block should be
statistically independent of all other blocks (i.e., no unit or component should be common
to a number of blocks). The most elementary models are the following:
Series
Active parallel such as the case of a pipeline system
Standby models
10.1.6.4 Extension to System Availability
Under certain conditions it is possible to use the block diagram technique to carry out
steady-state system availability calculations. This can be done simply by replacing the
quantity Rx{t) for a block X, with the corresponding value for the steady-state availability A
x of block X. Under this condition, it must be noted that the failure and repair of any block
have to be totally independent events. In other words, the failure of one block should in no
way bring about the failure of any other. Similarly, the mean downtime of a block needs to
be characteristic of that block alone and should not depend on how many other blocks are
also failed and in need of repair.
It may also be noted that the block diagram technique can be readily extended to sys
tem safety analysis.
10.1.6.5 Typical RBD Configurations for Pipeline Systems Application
The following figures 10.5 to 10.8 depict a number of typical RBD configurations for pipe
line application. The formulae from which the reliability of this configuration can be de
rived is given below. The RBD is a simple series and parallel systems.
10.1.6.5.1 Simple Series and Parallel Systems (Figure 10.5) For systems where
system success requires that every unit comprising the system has to be working in order
for the system to be fully operational, the system success or failure definition is modelled
by Figure 10.5 (series model) where A, B, C, . . . Z are the units constituting the system.
The interpretation of Series Model can also be stated as any unit failing causes the sys
temas a whole to fail. Under these conditions, the reliability Rs of the system (usually a
function of time t) is given by:
Figure 10.5. Block Diagram of a Simple System

prqnr calculates the percentage of time that any specific combination of
r-units will be down.
Table 10.8 summarizes all the operating conditions that would require throughput cal
culations in order to arrive at the representative average flow rates for a gas pipeline sys
temhaving three compressor units.
Table 10.9 illustrates the use of the PROBABILITY EQUATION to calculate a
PERCENT OF TIME distribution for the OPERATING CONDITIONS outlined in Table
10.8. Note that the number of combinations arrived at by deduction in Table 1 equals the
mathematical determination of NUMBER OF INDEPENDENT COMBINATIONS in
Table 10.9.
Example: 3-unit pipeline system with the average downtime of the three units equal
ing3%
Percent of Time = [n!/ r!(nr)!]prqnr n = 3 r = 0,1,2,3
q = 97% p = 3%
Once this percent of time distribution is determined, the percentages are multiplied by
representative average flow rates for the operating conditions and a total average flow rate
is obtained.
REFERENCES
Abernathy, R. B., 2006. The New Weibull Handbook, Fifth Edition, published and distributed by Robert B.
Abernathy.
APSC, 2002. Alyeska Pipeline Service Company, http://www.alyeska-ipe.com/Inthenews/Week
lynews/2002/ar011102.html.
Barringer, P., 2003. Predict Future Failures From Your Maintenance Records, International Maintenance
Conference, December 710, 2003, pp. 112.
Barringer, P., 2004. Predict Failures: Crow-AMSAA 101 and Weibull 101, International Mechanical
Engineering Conference, Kuwait, December 58, 2004, pp. 114.
Barringer, P., 2010. www.barringer1.com.
BSI (British Standards Institute), 1994. BS 5760-2: Reliability of Systems, Equipment and Components,
British Standard Institution, UK
Center for Chemical Process Safety (CCPS), 1989. Guidelines for Process Equipment Reliability Data,
American Institute of Chemical Engineers, New York , NY.
Center for Chemical Process Safety (CCPS), 1992. Guidelines for Hazard Evaluation Procedures, Ameri
can Institute of Chemical Engineers, New York, NY.
Chmilar, W.S., 1996. Pipeline Reliability Evaluation and Design using the Sustainable Capacity Methodol
ogy, Proc., ASME Int. Pipeline Conf., Calgary, Alberta, Canada, Jun., pp. 803810.
Clement, P.L., 1990. Event Tree Analysis, 2nd Ed., Sevedrup.
Ekstrom, T., 1992. Reliability Measurements for Gas Turbine Warranty Situations, Proc., Int. Gas Turbine
and Aeroengine Congress and Symp. and Exposition, 92-GT-208, Cologne, Germany, Jun.
Energy Solutions International, 2004. PipelineStudioTGNET, Houston, Texas.
Green, A.E., and Bourne, A. J., 1966. Safety Assessment With Reference to Automatic Protective Systems
for Nuclear Reactors, U.K. Atomic Energy Authority Health and Safety Branch, Rep. AHSB (S) Rl17, Part
3, Risley, Lancashire.
Heilmann, P.C., and Byran, N.N., 1978. How to Use Probability Theory in Pipeline design, Pipeline and
Gas Journal, Mar.
IEC (International Electrotechnical Commission), 2003. Standards 60300 Dependability Management
Systems.
Figure 10.9. A Standby Unit Arrangement

10.1.6.5.3 Other Series/Parallel Systems (Figure 10.7) RBDs that are in effect a
series of super blocks, where each super block is itself an arrangement like Figure 10.7,
may take the form illustrated in Figure 10.5. Once again the system reliability expression
Rs corresponding to this block diagram can be evaluated by repeated use of Eqs. (10.13)
and (10.14). Thus:

RA = 1 (1 RA1) (1 RA2)
Eq. (10.18)
RB = 1 (1 RB1) (1 RB2)
Eq. (10.19)
and so on. By making the necessary substitutions in Eq. (10.13), the equation for Rs is
obtained.
Rs = (1 (1 RA1)(1 RA2)I (( 1 RB1(1 RB2)) .....

( 1 (1 RZ1)(1 RZ 2))

Eq. (10.20)
Using this procedure, it is possible to write down system reliability expressions cor
responding to Figures 10.8.
10.1.6.6 Standby Units
Figure 10.9 represents a standby arrangement of units (such as in compressor or pump
stations) in which one unit (unit A) is working and the other ( unit B) is not used until the
working unit fails, when it takes over from unit A for the duration of the mission or until
failure. If it can be assumed that unit B does not fail or deteriorate while idle, then the reli
ability Rs of the system is given by:
t
Rs(t) = RA(t) + ( f (t) RB(t u)) du
Eq. (10.21)

Where t is the mission time, RA(t) is the probability of unit A surviving the entire mis
sion, and the integral is the probability that unit A fails before the end of the mission but
unit B then survives for the remainder of the mission. In this context f(t) is the probability
density function (PDF) of the time to failure (TTF) of the working unit.

10.1.7 Monte Carlo Simulation

Monte-Carlo simulation is a technique in which the failures and repairs of a system are
simulated by the use of random number generators. The object is to produce data for use
in statistical analysis that cannot be distinguished (by any statistical test) from data that
would be obtained from field trials.
It is possible, by the use of pseudo-random numbers (often produced by a com
puter),toreproduce any statistical distribution or stochastic process. Data produced in

TABLE 10.2. Monte-Carlo Simulation for Two Components
1
Simulation
serial number
Component time to failure (h)
1
2
3
4
5
6
7
8
9
10
13.1
1.1
10.1
0.1
11.9
16.7
5.9
2.7
13.3
14.9
Total
89.8
Mean
Component 1
8.98
Min.
Max.
Sum
1.6
30.1
1.0
39.8
9.1
16.1
9.3
20.0
10.1
18.2
1.6
1.1
1.0
0.1
9.1
16.1
5.9
2.7
10.1
14.9
13.1
30.1
10.1
39.8
11.9
16.7
9.3
20.0
13.3
18.2
14.7
31.2
11.1
39.9
21.0
32.8
15.2
22.7
23.4
31.1
155.3
62.6
182.5
243.1
Component 2
15.52
6.26
18.25
24.31
this way are statistically indistinguishable from the real data. For example, histograms
of failure times appear similar and there are the same correlations, or lack of them, as in
the real data.
As an example, a system can be considered that consists of two components, each
with constant failure rate and mean times to failure (MTFs) of 10 h and 15 h,
respectively. Table 10.2 shows results obtained from 10 simulations of the system.
Columns 2 and 3 show simulated component data. According to the simulation, com
ponent1 (see column 2) has an MTF of 8.98 h, which is close to the true MTF of 10 h.
The difference can be explained by statistical variability. Statistical tests would show
no difference between this set of artificially generated data and genuine data that would be
recorded from 10 items that were from a population with constant failure rate and MTF of
10 h. Similar remarks apply to the data in column 2, which give a simulated MTF for com
ponent 2 of 15.53 h compared with the true value of 15 h.
The validity of the technique is illustrated by consideration of columns 4 and 5 in
Table 10.2, which represent the series and parallel configurations, respectively, of the
original two-component system. Column 4, the series system simulation using the tech
niques of RBD, is calculated to have an MTF of 6 h. The result of the simulation is 6.26 h.
This result is close to the expected figure even though only 10 simulations have been
done. There is no statistical difference between the simulated data and real data (note the
mean). Column 5 simulated active redundancy and column 6 standby redundancy. The
means are close to the values of 19 h and 25 h, respectively, calculated using the RBD
techniques and no statistical test could tell that the data are the result of a simulation
rather than real data.
10.1.7.1 Advantages and Limitations
The principal benefits of Monte-Carlo simulation are as follows:
No simplifying assumptions is required
It is possible to obtain a wide variety of data
It is easy to adjust the simulation and hence to analyze
It has very broad application and can be used to model a wide variety of situations,
including those that have complex failure and repair distributions
The main limitations of Monte-Carlo simulation are as follows:

A computer is required for all by the simplest situations
The output is in the form of statistical data
Many computer runs may be needed in order to give confidence in the result
10.1.7.2 Outline of Procedure
Before performing a Monte-Carlo simulation, the reliability structure and the logic of the
system being analyzed has to be modeled first, for example, by an RBD. The choice of
modeling technique may depend on the software being used. Some models only allow the
analysis of one system fault mode.
The failure data of the components and sub-systems have to be put into a form that
is acceptable to the model. This will normally require the distribution of lifetimes of all
the components involved to be known or estimated. The distribution is often depicted in
the form of a histogram. It may be desirable to take account of dormant failures and added
stress on surviving elements in standby systems. It may be possible to achieve this very
simply, for example, by multiplying the remaining life by an appropriate factor; or possi
blyin a more realistic way, for example, by considering a different fault mode with a dif
ferent distribution of lifetimes. It may also be possible or desirable to simulate switching
the system or parts of the system off when they have failed.
With Monte-Carlo simulation, complexities of repair and maintenance policies can be
taken into account. In principle, simulation can take account of a great many factors,
including the following:
Limited number of repair teams
Repair priorities
Limited spares holdings
Inspection policies for idle items
The distributions of the times taken to complete various repair tasks also have to be
input into the simulation.
10.1.7.3 Results from Monte-Carlo Simulation
The simulation can provide a wide variety of output data, including:
The system and subsystem reliability:
The system and sub-system availability
The repair facility utilization
The need to queue for repair
The effectiveness of different repair policies
The effect of different spares holdings.
At the start of the analysis, it is essential that the required output be considered, and
the appropriate software used.
It is also essential that a sensitivity analysis is done with respect to the input data. The
data, concerning MTTFs, mean times to repair or restore (MTTR), etc., are normally
obtained from trial data and as such are subject to statistical variability. The effects of this
variability on the results should be studied and taken into account as appropriate to gain
confidence in the results.

By its very nature, the output of a simulation is itself subject to statistical variability.
This can normally be minimized by collecting a large amount of data (i.e., by performing
a large number of simulations over the life of a project).
10.1.8 Markov Analysis

Markov is yet another reliability modeling technique that is applicable to systems. It is a
probabilistic method that allows for the statistical dependence of the failure or repairchar
acteristics of individual components to be adapted to the state of the system. Hence,
Markov modeling can capture the effects of both order-dependent component failures and
changing transition rates resulting from stress or other factors. For this reason, Markov
analysis is a method suitable for the dependability evaluation of functionally complex sys
tem structures as well as complex repair and maintenance strategies.
Within the system, components are assigned various states with a simple example
being a compressor unit that has an up state and a down state, which are characterized by
applicable reliability data for the unit, MTBF and MTTR. A pipeline system is a network
of components such as pipe segments and pump or compressor units.
A statistical analysis using Monte-Carlo simulation is then used to model what occurs
over time to the availability and capacity of the entire system. This type of analysis has
been extensively used in the electric power industry but has also been applied to pipeline
capacity analysis, in this case, being referred to as sustainable capacity (Chmilar, 1996).
10.2 FAILURE DATA FOR PIPELINE SYSTEMS COMPONENTS

There are a number of ways failure data can be obtained to establish the failure proba
bilityand hence the reliability for a given pipeline. The best of these data are those that
an operating company gathers over the years as a result of operating and maintaining its
own pipeline facilities. Such data are not generally published; however, there are sufficient
publications such as Offshore Reliability Data Handbook, published by OREDA (2009),
which can be reliably used for the reliability assessment.
10.2.1 Applicability of Data

There are a number of sources for equipment reliability and failure rate data. It is essen
tial to determine the applicability of a particular source for a given use. Failure rates will
differ for equipment operating in dissimilar services and environments. Furthermore, the
rates quoted by the various sources may be inconsistent for reasons pertaining solely to
the method of data collection. Accordingly, in most cases, it is necessary to conduct a
thorough search through the various sources to find the most useful data for a given
application. To be useful the data applied must meet two important criteria:
The data must be relevant to the industrial application under consideration.
The database must be extensive, so the data obtained have statistical significance.
10.2.2 Applicable Failure Data

Table 10.3 is an example of the data that is representative of equipment reliability, which
can be expected in a gas pipeline system consisting of the pipe, valves and metering facil

TABLE 10.3. Failure Rate Data for Basic Events
Event Description
Failure Rate (per year)
Reference
Rupture at City-Gate Metering Station
2.40 103
Pneumatic Controller Fails
3.77 101
Lees (1976, 1980)
Filter/Separator Blockage
8.76 103
Green and Bourne (1966)
Rupture in Pipeline Lateral
2.36 103
Spurious Operation of MOV
1.19 102
Rupture of Main Pipeline
2.57 103
Pressure Transmitter Fails
2.63 102
Small Leak in Main Pipeline
1.05 102
Turbine Meter Fails
2.63 102
Lees (1976)
Pneumatic Control Valve Fails
5.96 101
Lees (1976)
CCPS (1989, 1992)

Lees (1976)
ities These data can be used to quantify the basic event frequencies. Some of the source of
the failure rate data is also cited. Table 10.4 presents the mean time to restore data that
represent the best experience available in the industry. The MTTR is the total downtime
associated with a given failure and includes detection time, reaction time, travel time and
repair time.
10.3 RELIABILITY ASSESSMENT APPLICATIONS

10.3.1 EXAMPLE 1: Gas pipeline Reliability (with compression facilities)
Using Reliability Block Diagram and Monte-Carlo Simulation
10.3.1.1 Gas Pipeline Reliability
Reliability is a function of availability and capability of the system. Generally, gas pipeline
(particularly those serving the power industry) reliability is defined as unscheduled shut
down to be restricted to the following cumulative duration, Mohitpour et al. (2000):
1 day in any continuous 1-year operational period
2 days in any continuous 5-year operational period
TABLE 10.4. Mean Time To Restore (MTTR) Data
Event Description
Rupture at City-Gate Metering Station
Pneumatic Controller Fails
Filter/Separator Blockage
Rupture in Pipeline Lateral
Spurious Operation of MOV at City-Gate
Spurious Operation of MOV at Lateral
Spurious Operation of MOV on Main Pipeline
Rupture of Main Pipeline
Pressure Transmitter on ESD Valve Fails
Pressure Transmitter on PRV Fails
Small Leak in Main Pipeline
Turbine Meter Fails
Pneumatic Control Valve fails
Mean Time To Restore (hrs)

48
8
6
20
12
12
24
72
6
10
60
10
13

Reliability/availability in a gas pipeline system is established through transient
hydraulics assessment of the system, considering the hourly flow in any given 24-hour
operation (noting that hourly flows are not constant) and a study of the system response
(say line-pack) due to unscheduled shutdown.
This unscheduled shutdown in gas pipeline will require understanding on performance
(availability, reliability and capability) of units such as compressors (Mohitpour et al.,
1999):
Compressor unit mean time between failure (MTBF)
Mean time to repair (MTTR)
Compressor restart reliability (RER)
Compressor unit inspection/maintenance intervals
For a new pipeline, usually a probabilistic model of the pipeline compression [based
on historical performance information of similar units (Lees, 1980)] combined with a
hydraulics transient analysis is performed to meet the reliability requirement without over
building.
An availability model of a gas pipeline system can use an Excel spreadsheet using
Crystal Ball (a commercially available Excel add-in) for Monte-Carlo simulation. Alter
natively, commercially available software such as Pipeline Risk Controller Version 2.0 for
Windows (Muhlbauer, 1998) can be utilized to assess availability and thus reliability.
Monte-Carlo simulation, as previously explained, predicts events based on randomly
sampling statistical distribution of those events. Time between failure (TBF), time to repair
(TTR) and compressor starting reliability (CSR) are modeled based on realistic historical
failure and repair data taken from logs of the actual operating pipeline. The Monte-Carlo
model is then run for a sufficient number of trails to generate failure and repair events for
each compressor unit for the duration of the pipeline life.
The failure and repair event data are then overlaid with the planned maintenance
schedule to create a sequence of unit failure and maintenance events versus pipeline oper
ating hours, and then to determine systems availability to meet the relativity requirements
and determine adequacy level of equipment redundancy.
In this way it is then possible to establish the Gas Delivery/Supply Reliability for
processing, pipeline/compression, refineries, etc.
10.3.1.2 Pipeline System Transient Modeling and Application to Complement
Reliability
The relevance/implication of using transient hydraulics analysis to establish the opera
tionalreliability of a 692 km (26, 22 and16 inch) gas pipeline is depicted herein (Mohit
pour, et al.,1999).
The pipeline is designed to ultimately carry 8.81 106 m3/day (in final Phase III,
2012) of sweet natural gas from the source of supply to market areas. This includes indus
trial users as well as major power generation facilities. Phase development for this project
is indicated in Figure 10.10 and the corresponding volume buildups and daily requirements
are shown in Figure 10.11.
The phase expansion of the pipeline is based on forecasted gas requirement as new
customers, such as power generation plants tie-in to the system. The phased expansion is
summarized below and is schematically shown in Figure 10.10.
Figure 10.10. Pipeline System Phase Buildup
Phase I (6.21 106 m3/Day): 264 km, 24, 275 km 22 and 153 km 16, plus 1 sta
tioncompressor at KMP 0 (1+1 unit)
Phase II (7.63 106 m3/Day). Facilities of Phase 1, plus 1 added unit at Station 1
and a new Station 2 at KMP 264 (1+1 unit)
Phase III (8.81 106 m3/day): Facilities of Phase 2 plus one added unit each at sta
tions 1 & 2, plus a new station 3 at KMP 630(1+1 unit)
The main cause for unavailability of gas at delivery points on a single-line pipeline is
unavailability of one or more of the gas-turbine-driven compressor units. Since availabil
ityof these units is crucial, installation of a spare at each compressor station was justified.
However, the cases of either two-compressor unit outages simultaneously, i.e., due to
repairs, or failure of an operating unit with the spare on outage for maintenance are still
possible.
While the likelihood of these cases may seem extremely remote, the strict require
mentsof the sponsor necessitated their consideration.
Transient analysis was used to determine the time response for supply pressure at each
delivery point during the cases described above. This response varied considerably
depending on where the unit outage occurred, i.e., which compressor station and for which
Phase of operation.
Sample graphical presentation for Phase III is provided in Figure 10.12. At each deliv
ery point, curves defining delivery pressure decline and recovery during unit outage and
restart were generated for each station and for each phase.
10.3.1.3 Reliability Analysis Based on Reliability Block Diagram
The probabilistic model of the pipeline operation described above combined with tran
sientanalysis of pipeline was undertaken to determine the pipeline availability and
hence reliability.
Availability model was built in Visual Basic on an Excel spreadsheet using Crystal
Ball providing Monte-Carlo simulation technique. The procedure consisted of construct
ingRBDs (Figure 10.13) building and running a Monte-Carlo model and post-processing
the output for each phases 1, 2 and 3.
Figure 10.11. Pipeline Volume Buildups and Daily Requirements
The simulation-predicted events based on randomly selected sampling statisticaldis

tribution of those events related to a Canadian pipeline compression information on
MTBF, MTTR and RER (Ekstram, 1992).
This was followed by reliability modeling of the operation of the pipeline system over
time covering the likely scheduled and unscheduled outages. The unscheduled events were
randomly generated by Monte-Carlo simulation.
When simultaneous outages of operating and spare units occurred, the availability
model utilized hydraulics transient response modeling to determine the minimum delivery
pressure at critical point (power station) in the pipeline. Typical hydraulics transient can be
achieved using modeling software such as Energy Solution Internationals (2004) Pipeline
StudioTGNET.
System failure hours were then determined by tracking duration of pressure below the
critical delivery pressure [in this case that was to 35 Bar(g)]. The model then determined
Figure 10.12. Pressure TransientsPhase III, Station 3, Unit Loss
cumulative outages over 1, 5, 10 and 26 year periods, which predicted the following
unscheduled shutdown:
95% confident of not exceeding 1 day in any continuous 1-year period (> 99.7%
available)
99% confident of not exceeding 2 days in any continuous 5 year period (> 99.9%
available)
99% confident of not exceeding 3 days in any continuous 10-year period (> 99.91%
available)
Figure 10.13. Phase III Reliability Block Diagram

99% confident of not exceeding 5 days in any continuous 26-year period (> 99.95%
available)
To achieve the above availability the following assumptions were made:
Unscheduled shutdown is defined as a failure to meet demand at one critical deliv
erypoint
No unforeseeable incidents, such as interruption in gas delivery, occur for the gas
supplier
Pig launchers/receivers as well as supply and delivery metering are noncritical to the
availability of the system
MTBF, MTTR and restart reliability (RER) data follow a log-normal distribution
Compressor unit maintenance assumed:
Hot gas path inspection every 4,000 fired hours, 10-hour outage time
Overhaul every 30,000 fired hours, 48-hour outage time
Soak wash every 30 days, 8-hour outage time (can be ignored for maintenance out
age as it can be performed during low gas demand periods)
Planned maintenance activities distributed throughout the year and not concentrated
in off-peak gas demand
Unscheduled outages based on worst-case scenario (i.e., assumed to be coinciden
talwith maximum hourly gas demand on the day of maximum gas demand)
The results of the analysis indicated that spare compressor units were necessary at
each station and that about 6 to 10 hours of line-pack must be available to meet/sustain the
desired availability.
10.3.2 EXAMPLE 2: Gas Pipeline Reliability (No Compression but With

Metering and Valving Arrangements) Using Fault Tree Analysis and
Probability Theory
10.3.2.1 System Description
The second example covers a natural gas pipeline system that consists of the main pipeline,
the laterals and the city-gate metering stations. The main pipeline is 20 inches in diameter
and approximately 340 km in length. There is an ESD (Emergency Shutdown) valve
located approximately every 24 km on the main pipeline. Additionally, an ESD valve is
located on each lateral and at each city-gate metering station. There are 30 lateral
pipelines, including the sub-laterals and 47 city-gate metering stations. The diameter of the
lateral varies from 2 to 8 inches, with most of the laterals being 2.3 inches in diameter.
The Fault Tree Analysis considered initiating and contributing events from a number
of equipment items or systems. A brief description of each system is provided below.
10.3.2.2 ESD Valves on Pipeline
Each ESD valve is a motor-operated valve (MOV) that is activated upon receiving a
high/low pressure signal from a pressure transmitter. There are 18 ESD valves located
approximately every 24 km along the main pipeline. Each lateral has one ESD valve for a
total of 30 ESD valves located on the lateral pipeline. Although there are ESD valves in
place on the city-gate metering stations, these are not included in this section, but rather
are discussed in the section on city-gate metering stations.

A false trip of an ESD valve can result from inadvertent operation of the MOV itself
or an incorrect pressure signal sent from the pressure transmitter to the MOV, resulting in
a false MOV trip . If an ESD valve were to fail to the closed position, the section of
pipeline downstream of the ESD would suffer a temporary loss of gas service.
10.3.2.3 External Leakage
There are five general means by which an external leak can occur. These five causes aregen
erally representative of the full range of accident types that could occur and are as follows:
Rupture of mainline
Rupture of a lateral
Small leak in the main pipeline
Pipe rupture at a city-gate metering station
Very small leak from the main pipeline, such as a leak from a flange or other
appurtenance
An external leak will generally result in loss of service in the gas pipeline while the
pipeline is under repair.
The exception to this is for very small leaks. It is considered that a very small leak can
be mitigated without a loss of service. Thus, very small leaks can be neglected as a source
of pipeline unreliability.
10.3.2.4 City-Gate Metering Stations
Three basic types of city-gate metering stations can exist: heater skids, metering skids and
launching skids. Fundamental equipment in each of the stations is essentially identical, and
therefore it is not necessary to give separate consideration to the three different types. A
simplified flow diagram of a city-gate metering station is given in Figure10.14.
Natural gas entering the city-gate metering station initially passes through an ESD valve.
Each ESD valve is a MOV that is activated upon receiving a high/low pressure signal from
a pressure transmitter. As stated above, failure of an ESD valve can be a result of an unin
tended operation of the MOV itself or an incorrect pressure signal sent from the pressure
transmitter to the MOV, resulting in a false MOV trip. If the ESD valve were to fail, the
section of pipeline downstream of the ESD valve would temporarily lose gas service.
Downstream of the ESD valve, natural gas travels through a receiver and on to a fil
ter/separator where gas-borne contaminants or condensates are removed. It is possible that
the filter/separator could become blocked, possibly prohibiting the passage of natural gas)
resulting in a service outage.
Figure 10.14. Typical Flow Diagram for City-Gate Meter Stations

After leaving the filter, the gas stream passes through a heater and downstream to a
pneumatic pressure control valve (PRV). The instrumentation associated with the pressure
control valve is a pneumatic controller and a pressure transmitter. The pressure upstream
of the control valve varies but may reach approximately 9,928 kPa (1,440 psig), with the
downstream pressure varying in the range between 414 and 1,724 kPa (60 and 250 psig).
A redundant PRV is connected in parallel. A PRV can fail if either the control valve, pres
sure controller or pressure transmitter fails. A loss of gas service will only occur if both
PRVs are inoperable. The final piece of equipment encountered by the natural gas stream
is a turbine motor. The turbine meters can fail by the turbine propeller breaking off or by
overspeeding of the rotor. For a loss of service in the gas pipeline, the turbine must fail
while the standby turbine meter is also in a failed state.
10.3.2.5 Reliability Assessment Method
10.3.2.5.1 Definition of Failure
As explained previously the assessment of reliabilityandavailability of a system are di
rectly dependent upon the way in which the systemis defined. Specific are the definition of
system success and system failure, despite how the fault trees will be constructed and how
the calculations will be performed.
For this Reliability Analysis of the gas pipeline system example, a failure is defined
as a loss of natural gas service at any point along the pipeline or associated laterals and
city-sate metering stations. Thus, any event that results in one or more customers to expe
rience a service outage is considered to be a failure.
10.3.2.5.2 General Approach
Fault Tree Analysis (FT A) was considered to be the most appropriate analysis tool for use
in this Reliability Analysis. In line with the failure definition presented above, the top event
for the fault tree was defined as a loss of servicein the gas pipeline system. The analysis
then concentrated on identifying and developing the various contributing events and causes
that could lead to such a failure. The analysis considered all modes of failure that could lead
to a service outage, including:
False trip of ESD valve
External leakage
Equipment failure at city-gate metering station
Failure rates and repair time for all equipment are given in Tables 10.3 and 10.4 of
Section 10.2.
10.3.2.5.3 System Fault Tree
Figure 10.15 (a to d) represents the system fault tree for this example. The tree is presented
on four pages using transfer gates where appropriate. The top level on the tree illustrates
the division into three general types of failures: e.g., external leakage, equipment failure
at a city-gate metering station and a false trip of an ESD valve. The external leakage was
treated as component level failures.
The branch displaying the equipment failures within the city-gate metering stations is
somewhat more complex. The AND gate at the uppermost level accounts for the fact that
there are more city-gate metering stations and a failure within any one of them will result
in a system failure (i.e., the top event). The lower levels depict the various equipmentfail
ures that can cause an outage. In the case of the pressure reducing valves (PRV) andtur
binemeters, the equipment is connected in parallel so system failure requires that both
PRVs or both turbine meters fail in order to effect a system failure.
The third major branch illustrates the contributing events that can precipitate a false
trip of an ESD valve on the main pipeline. A false trip can occur due to either of two basic
Figure 10.15(a). Gas Pipeline System Fault Tree Page 1
Figure 10.15(b). Gas Pipeline System Fault Tree (Continued) Page 2
Figure 10.15(c). Gas Pipeline System Fault Tree (Continued) Page 3
Figure 10.15(d). Gas Pipeline System Fault Tree (Continued) Page 4

types of failures: a primary failure and a commands fault. A primary failure occurs when
the ESD valve fails to the closed position in and of itself, that is, the valve is accountable
for its own malfunction. A command fault occurs when the valve receives a signal to trip
when it is not supposed to. In this case the valve is functioning as it was designed but an
input signal is in error.
10.3.2.5.4 Calculations
The calculations for this study are essentially those required to solve the system fault
tree. Thus, the calculations involved use Boolean algebra in combination with the selected
failure rate data. Since the events on the various gates are taken to be mutually independent,
it is possible to use the simple gate-to-gate method for fault tree solution.
Two separate solutions to the fault tree can be undertaken: one that provides the result
in terms of system reliability and one that provides the system availability.
10.3.2.5.4.1 Mean Fractional Dead Time In cases where a piece of equipment is
connected in parallel to a standby item, a system failure can only occur if both items
are simultaneously failed. The solution of the branch of a fault tree for this case
requires that one of the failure likelihoods is expressed in terms of a probability rather
than a yearly frequency. This can be achieved by using the concept of mean fractional
dead time (MFDT), which may be thought of as the fraction of time that a component
will be in a failed state for dormant faults (i.e., those faults which cannot be immedi
atelydetected).
MFDT is dependent upon the test interval and is defined by the following equation:

MFDT =
1
lt
2
Eq. (22)
where lis the failure rate and tis the test interval. Note that this formula assumes that, on
average, a component can fail in the middle of the test interval.
The frequency of the simultaneous failure can then be calculated by multiplying the
failure frequency of the item by the MFDT of its spare.
10.3.2.5.4.2 Pressure Reducing Valves It was assumed that the spare valve is
tested once every two weeks. Thus, the probability of the valve being in a failed state is:

1
(9.99 10 1 ) /year 2 weeks 1 year/(52 weeks) =1.92 10 2
2
Eq. (23)
Note: 9.99X10-1+ failure rate for CV+ Pneumatic Controller + Pressure Transmitter)
10.3.2.5.4.3 Turbine Meters It can be assumed that the turbine meters are tested for
dormant faults once every three months. Thus, the probability of a redundant meter being
in a failed state is:

1
(2.63 10 1 ) /year 3 months 1 year/(12 weeks) = 3.29 10 3
2
Eq. (24)
10.3.2.6 Reliability Solution

Figure 10.16 displays the system fault tree solved in terms of reliability. The frequency of
each individual basic event is depicted in the fault tree along with the calculated gate prob
abilities. The resulting reliability results are summarized in Tables 10.5.
10.3.2.7 Availability Solution
In addition to the reliability solution, which produces results in terms of failure per year
and MTBF, an availability solution is offered. The availability results provide an indica
tionof the on-stream factor, i.e., the percentage of time that the pipeline is expected to
Figure 10.16(a) Reliability Solution Page 1
Figure 10.16(b) Reliability Solution (Continued) Page 2
Figure 10.16(c). Reliability Solution (Continued) Page 3
Figure 10.16 (d). Reliability Solution (Continued) Page 4

TABLE 10.5(a) Summary of Reliability Calculations
City-Gate Metering Station
Equipment
ESD Valve
MOV-spurious operation
Pressure transmitter
Total for ESD valve
PRV (not in parallel)
Pneumatic control valve
Pneumatic controller
Total for PRV
PRV (in parallel)
Turbine meter (not in parallel)
Turbine meter (in parallel)
Filter/separator
Total for single city-gate
Total for all city-gates
Failure Rate
(per year)
1.19 102
2.63 102
3.82 102
5.96 101
3.77 101
2.63 102
9.99 101
1.92 102
2.63 102
8.65 105
8.76 103
6.62 102
3.11
Comments
Sum of MOV and pressure transmitter
Sum of control valve, pressure

transmitter and pneumatic controller
Based on a two-week test interval
Based on a three-month test interval
Sum of the above bold values
This takes into account 47 city-gates
External Leakage
Leakage Modes
Rupture in main pipeline
Rupture in pipeline lateral
Small leak in main pipeline
Rupture city-gate metering station
Total external leakage
Failure Rate
(per year)
Comments
2.57 103
2.36 103
1.05 102
2.40 103
1.78 102
Based on 345 km
Based on 400 km
Based on 345 km
Based on 0.8 km
Sum of the above external leakage modes
ESD Valves on Pipeline

Equipment
ESD valves (main pipeline)
MOV-spurious OPs
Total for ESD valves on main pipeline
ESD valves (lateral pipeline)
MOV-spurious OPs
Total for ESD valves on laterals
Total for ESD valves on Lateral pipeline
Total of all ESD valves on pipeline
Failure Rate
(per year)
1.19 102
2.63 102
3.82 102
1.19 102
2.63 102
3.82 102
6.88 101
1.15
1.84
Comments
Sum of MOV and pressure transmitters

This takes into account 18 ESD valves on
main pipeline
This takes into account 30 ESD valves on
lateral pipeline
Sum of ESD valves on main and lateral
pipeline
(continues)

TABLE 10.5. Summary of Reliability Calculations (continued)
Total for Entire Pipeline and Metering System
Failure Rate
(per year)
City-gates
External leakage
3.11
ESD valves on pipeline

Total
1.78 102
1.84
4.97
MTBF
4 months
56 years
6.5 months
2.4 months
fulfill its intended function. This solution makes use of the downtime estimates associated
with the various failures.
For this solution, each basic event is assigned an unavailability, as indicated by thefol
lowing equation, based on the fundamentals introduced in Section 1:

Unavailability = 1 Availability = 1 MTBF/(MTBF + MTTR)

= MTTR/(MTBF + MTTR) = MTTR/MTBF
= MTTR Failure Rate
Eq. (25)
Thus, the unavailability for each basic event is the product of the MTTR and the
failure rate. It must be noted that this approximation assumes that the MTBF is much
greater than the MTTR. The fault tree is then solved in a fashion similar to the reliabil
itysolution, except that the unavailability values are used to describe the basic events
rather than failure rates.
It should be noted that the unavailability for the standby PRV and turbine meter can
be calculated using the approach described in Section 10.3.2.5.4.1, Mean Fractional Dead
Time, since the unavailability for these dormant faults is dependent upon test interval
rather than repair time.
The fault tree depicting this solution is given in Figure 10.17. Tables 10.6 provide an
alternative presentation of these results.
Figure 10.17(a). Availability Solution Page 1
Figure 10.17(b). Availability Solution (Continued) Page 2
Figure 10.17(c). Availability Solution (Continued) Page 3
Figure 10.17(d). Availability Solution (Continued) Page 4
10.3.2.8 Summary
Two fundamental types of results were produced. The first of these is a measure of sys
temreliability expressed in terms of both the expected number of failures per year and
the MTBF. The second type of result is system availability, presented as the percentage
of time the pipeline is expected to be operating as intended. Availability differs from
reliability in that it accounts for the length of downtime associated with the different fail
ures. The results of the study are summarized in Table 10.7.
TABLE 10.6. Summary of Availability Calculations
Equipment
ESD valve
Total for ESD valve
PRV (not in parallel)
Pneumatic control valve
Pneumatic controller
Total for PRV
transmitter and pneumatic controller
PRV (in parallel)
Turbine meter (not in parallel)
Turbine meter (in parallel)
Filter/separator
Total for single city-gate
Total for all city-gates
Unavailability
1.63 105
1.80 105
3.43 105
8.84 104
3.44 104
3.00 105
1.26 103
5
2.42 10
3.00 105
9.87 108
6.00 106
6.46 105
3.04 103
Comment
Sum of control valve, pressure

Based on a two-week test interval
Based on a 3-month test interval
Sum of the above bold values
This takes into account 47 city-gates

TABLE 10.6. Summary of Availability Calculations (Continued)
External Leakage
Leakage Modes
Unavailability
2.11 105
Rupture in main pipeline
5.38 106
Rupture in pipeline lateral
7.20 105
Small leak in main pipeline

Rupturecity-gate metering station
1.32 105
1.12 104
Total external leakage
Comments
Based on 345 km
Based on 400 km
Based on 345 km
Based on 2,400 ft
Sum of the above external leakage modes
ESD Valves on Pipeline

Equipment
Unavailability
ESD valves (main pipeline)

ESD valves (lateral pipelines)
Total for ESD valves on lateral
1.63 105
1.80 105
3.43 105
9.11 104
Total for ESD valves on lateral pipeline
1.03 103
Total of all ESD valves on pipeline
1.94 103
3.26 105
1.80 105
5.06 105
Comments

This takes into account 18 ESD valves on main
pipeline
This takes into account 30 ESD valves on lat
eral pipelines
Sum of ESD valves on main and lateral pipe
lines
Total for Entire Pipeline and Metering System
City-gates
External leakage
ESD valves on pipeline
Total
Unavailability
Availability
3.04 103
1.12 104
1.94 103
5.09 10-3
99.7%
99.9%
99.8%
99.5%
TABLE 10.7. Overall Gas Pipline Reliability Summary
Type of Failure
Equipment failure
in city-gate metering
station
External leakage from
pipeline, lateral, or
city-gate metering
station
False trip of ESD
valves on pipeline
or lateral
TOTAL
Total Failure
Rate
(per year)
MTBF
(Months)
Unavailability
Availability
Relative
Contribution
to System
Unavailability
3.11
3.04 103
99.7%
59.7%
1.78 10-2
672
1.12 104
99.9%
2.2%
1.84
6.5
1.94 103
99.8%
38.1%
4.97
2.4
5.09 103
99.5%
100%

Based on these results, the current level of system reliability/availability is considered
acceptable. Reliability enhancement measures should only be implemented if the mon
etaryadvantage associated with the incremental improvement in reliability exceeds the
investment cost.
10.3.3 EXAMPLE 3: Use of Probability Theory in Pipeline

Capability/Capability Determination
10.3.3.1 Pipeline Design
In the planning and design of a new transmission pipeline, or in the expansion of an exist
ing system, selection of facilities that will transport the necessary throughput and optimize
the project economics is required. Whether primary emphasis involves capital investment,
operating and maintenance costs or environmental impact, the fundamental consideration
is that the total annual cost to install, own and operate a facility must be offset by revenue
obtained from the annual sales of the gas transported. It is thus essential to predict accu
rately the capability of the system prior to finalizing the total economics.
Many methods have been used to determine pipeline throughput capability. Through
the use of existing formulae, such as the classical flow equation or the Panhandle equation,
steady-state flow rates have been computed. Throughput capabilities for all compressor
units running as well as for conditions of various compressor units offline have been accu
rately determined. The problem that the engineer has faced, however, has been the con
version of this conglomerate of calculated flows to an annual average flow rate that relates
to a contracted annual volume.
The Probability Theory (Heilmann and Byran, 1978 ) can be applied to arrive at this
capability determination (i.e., average annual or daily flow rates), which applies precise
mathematics and statistics to the calculation of the average flow rate.
The considerations involved in applying a statistical approach to determine this aver
age flow rate are:
Pipeline System (Number of Units)
The physical pipeline system, size, length, station location and number of compres
sor/pump stations and units must be assumed.
Flow Rates
Flow rates for various configurations of the pipeline system.
Typical Unit Availability
The typical unit availability is the weighted average of all individual unit availabilities
on the pipeline system. For example, If 2 units were available for operation 729 and 714
hours, respectively, out of a total possible 744 hours a month, their unit availabilities would
be (729 744) 100% = 98% and (714 744) 100% = 96%. The typical unit avail
ability would be (98 196) 42 = 97%.
Probability Theory
Application of probability theory to calculate a probable average flow rate for the
pipeline. This consists of multiplying and summing up the products of:
The representative average flow rate for each operating condition of units offline
The probability for each number of units offline
The possible independent combinations for each number of units offline

Determining the representative average flow rate consists of calculating the flow capa
bility for all possible unit-offline operating conditions.
10.3.3.2 Theory In Pipeline Transmission System
The probability that a given number of units will be offline is calculated from the total
number of units and the typical unit availability.
The number of combinations of units offline can be deduced for simple pipeline sys
tems but must be determined mathematically for a pipeline with many compressor units.
The following probability equation combines these latter two concepts.
Percent of Time = (Number of Independent Combinations) (Probability of Occurrence)
Percent of Time = S[n!/ r!(n-r)!] prq(nr)
Where: n = the total units on the pipeline

r = the number of units down

q = typical unit availability

p = 100% typical unit availability
[n!/ r!(n-r)!]is a counting technique that calculates the number of different
ways in which n-units can be offline.
TABLE 10.8. Number of Combinations of Operating Conditions Example: 3 units (A, B and C) on a
Pipeline System
Operating Condition
Units Running
Units Offline
ABC
BC
AC
AB
A
B
C
0
0
A
B
C
BC
AC
AB
ABC
All units running

One offline
Two offline
Three offline
Number of Independent
Combinations
1
3
TABLE 10.9. Use of Probability Equation

Operating
Condition
Number of
Independent
Combinations
Probability of Occurrence
Percent of
Time
All units running
3!
0!(3 - 0)!
(0.03)0 (0.97)30 = (1) (0.912673) =
91.2673%
One offline
3!
1!(3 - 1)!
1!(31)! (0.03)1 (0.97)31 = (3) (0.028227) =
8.4681%
Two offline
3!
2!(3 - 2)!
2!(32)! (0.03)2 (0.97)32 = (3) (0.000873) =
0.2619%
Three offline
3!
3!(3 - 3)!
3!(33)! (0.03)3 (0.97)33 = (1) (0.000027) =
0.0027%
TOTAL =
100.0000%

prqnr calculates the percentage of time that any specific combination of
r-units will be down.
Table 10.8 summarizes all the operating conditions that would require throughput cal
culations in order to arrive at the representative average flow rates for a gas pipeline sys
temhaving three compressor units.
Table 10.9 illustrates the use of the PROBABILITY EQUATION to calculate a
PERCENT OF TIME distribution for the OPERATING CONDITIONS outlined in Table
10.8. Note that the number of combinations arrived at by deduction in Table 1 equals the
mathematical determination of NUMBER OF INDEPENDENT COMBINATIONS in
Table 10.9.
Example: 3-unit pipeline system with the average downtime of the three units equal
ing3%
Percent of Time = [n!/ r!(nr)!]prqnr n = 3 r = 0,1,2,3
q = 97% p = 3%
Once this percent of time distribution is determined, the percentages are multiplied by
representative average flow rates for the operating conditions and a total average flow rate
is obtained.
REFERENCES
Abernathy, R. B., 2006. The New Weibull Handbook, Fifth Edition, published and distributed by Robert B.
Abernathy.
APSC, 2002. Alyeska Pipeline Service Company, http://www.alyeska-ipe.com/Inthenews/Week
lynews/2002/ar011102.html.
Barringer, P., 2003. Predict Future Failures From Your Maintenance Records, International Maintenance
Conference, December 710, 2003, pp. 112.
Barringer, P., 2004. Predict Failures: Crow-AMSAA 101 and Weibull 101, International Mechanical
Engineering Conference, Kuwait, December 58, 2004, pp. 114.
Barringer, P., 2010. www.barringer1.com.
BSI (British Standards Institute), 1994. BS 5760-2: Reliability of Systems, Equipment and Components,
British Standard Institution, UK
Center for Chemical Process Safety (CCPS), 1989. Guidelines for Process Equipment Reliability Data,
American Institute of Chemical Engineers, New York , NY.
Center for Chemical Process Safety (CCPS), 1992. Guidelines for Hazard Evaluation Procedures, Ameri
can Institute of Chemical Engineers, New York, NY.
Chmilar, W.S., 1996. Pipeline Reliability Evaluation and Design using the Sustainable Capacity Methodol
ogy, Proc., ASME Int. Pipeline Conf., Calgary, Alberta, Canada, Jun., pp. 803810.
Clement, P.L., 1990. Event Tree Analysis, 2nd Ed., Sevedrup.
Ekstrom, T., 1992. Reliability Measurements for Gas Turbine Warranty Situations, Proc., Int. Gas Turbine
and Aeroengine Congress and Symp. and Exposition, 92-GT-208, Cologne, Germany, Jun.
Energy Solutions International, 2004. PipelineStudioTGNET, Houston, Texas.
Green, A.E., and Bourne, A. J., 1966. Safety Assessment With Reference to Automatic Protective Systems
for Nuclear Reactors, U.K. Atomic Energy Authority Health and Safety Branch, Rep. AHSB (S) Rl17, Part
3, Risley, Lancashire.
Heilmann, P.C., and Byran, N.N., 1978. How to Use Probability Theory in Pipeline design, Pipeline and
Gas Journal, Mar.
IEC (International Electrotechnical Commission), 2003. Standards 60300 Dependability Management
Systems.

International Electrotechnical Commission/International Standards Organization (IEC/ISO) 31010,
2009. Risk Management Risk Assessment Techniques, IEC/ISO, Geneva, Switzerland, November.
International Standards Organization (ISO) 31000, 2009. Risk Management Principles and Guide
lines, ISO, Geneva, Switzerland, December.
Isograph, 2002. Reliability & Availability Simulation Software, http://www.isograpg.com.
Lees, F. P., 1976. Chemistry and Industry, The Society of Chemical Industry, USA.
Lees, F. P., 1980. Loss Prevention in the Process Industries, Vol. 1 & 2, Butterworths, London, UK.
Lees, F. P., 1983. Loss Prevention in the Process Industries: Hazard Identification, Assessment and Con
trol, Butterworths, London, UK.
Mohitpour, M., Kazakoff J., Braun, A. and Brittin, R., 1999. Gas Pipeline Design for Operational Reli
ability, Proc., 19th ASME-OMAE Conf., Vol II, pp. 1115.
Mohitpour, M., Golshan, H. and Murray, A., 2000. Pipeline Design & ConstructionA Practical Approach, ASME Press, New York, NY.
Muhlbauer,W. K., 1998. Pipeline Risk Controller Version 2.0 for Windows, Gulf Publishing Software.
OREDA (Offshore Reliability Data), 2009. Offshore Reliability Data Handbook 5th Edition,OREDA,
Phase VI and Phase VII, Dec 2009, SINTEF Technology and Society, DNV Technica.
Van Hardeveld, T., 2000. Risk-Based Management of Rotating Equipment, Proceedings of IPC2000:
International Pipeline Conference, October 15, 2000, Calgary, Alberta, Canada, pp. 18.
Vitale, D. J., Mandel, D. B. and Heizman J. R. 1982. Striking a Balance Between Reliability and Support
ability, Naval Engeers Jr. April, pp. 137144.
Wright Mansell Research, 1991. Methodology for Evaluating Natural Gas Transmission System Reliabil
ity Levels and Alternatives, Rep., for The Canadian Petroleum Association.

ch10

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

ch10

Uploaded by

Copyright:

Available Formats

Chapter

10.1 RELIABILITY ASSESSMENT

10.1.1 Reliability Introduction and Definition

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

624 Pipeline Operation & MaintenanceA Practical Approach

December daily average

2001 daily average

10.1.2 Reasons for Assessment of Pipeline Reliability

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

Pipeline System Operational Reliability/availability Assessment 625

10.1.3 Applicable Reliability Standards

Figure 10.1. Dependability Relationships (Courtesy of IEC)

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

Pipeline System Operational Reliability/availability Assessment 631

Computer tools for reliability assessment

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

Pipeline System Operational Reliability/availability Assessment 627

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

628 Pipeline Operation & MaintenanceA Practical Approach

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

Pipeline System Operational Reliability/availability Assessment 629

10.1.4 Fundamentals and Techniques

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

630 Pipeline Operation & MaintenanceA Practical Approach

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

Pipeline System Operational Reliability/availability Assessment 631

Computer tools for reliability assessment

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

632 Pipeline Operation & MaintenanceA Practical Approach

Elapsed time-Downtime due to failure

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

Pipeline System Operational Reliability/availability Assessment 633

Unavailability = 1 [uptime/(uptime + downtime)] = 1 Availability

Elapsed time-Downtime due to failure and planned maintenance

Availability = [MTBF/(MTBF + MTTR)]

10.1.4.4 Reliability and Risk

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

634 Pipeline Operation & MaintenanceA Practical Approach

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

Pipeline System Operational Reliability/availability Assessment 635

10.1.5 Fault Tree Analysis

Figure 10.2. AND Gate

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

636 Pipeline Operation & MaintenanceA Practical Approach

Figure 10.3. OR Gate

Figure 10.4. Summary of Important Symbols for Fault Tree Analysis

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

Pipeline System Operational Reliability/availability Assessment 637

The product PA PB is subtracted to avoid double-counting the intersection. For

Pall = P = PA + PB + ...... + PN + (PA PB) (PA PC) ....

(P(N 1) PN) + (PA PB PC) + (PA PBx PC ) + .......(PN 2 PN 1 PN)

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

638 Pipeline Operation & MaintenanceA Practical Approach

10.1.6 Reliability Block Diagram

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

Pipeline System Operational Reliability/availability Assessment 639

Figure 10.5. Block Diagram of a Simple System

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

Pipeline System Operational Reliability/availability Assessment 665

Downloaded From: http://ebooks.asmedigitalcollection.asme.org/ on 03/30/2015 Terms of Use: http://asme.org/terms

Pipeline System Operational Reliability/availability Assessment 641

Figure 10.9. A Standby Unit Arrangement

Rs = (1 (1 RA1)(1 RA2)I (( 1 RB1(1 RB2)) .....