From the standpoint of maintenance, protective devices represent the ultimate paradox. If they fail while everything else is working normally, it doesn't usually matter at all. In fact, there may be no signs of failure at all: the failure is hidden.
Because failure of a protective device his hidden, it can remain in a failed state, unable to operate at all, until one of two things happens. If we are fortunate, someone tests the device and discovers the problem. If we are unlucky, the device is called on to operate and fails to provide any protection. And now the consequences can be catastrophic: a high level trip fails, gasoline escapes from a storage tank and explodes; a fire starts, but the deluge system doesn't operate; pressure in an oil well rises uncontrollably, but the blowout preventer does not operate. Hidden failures can have real--and disastrous--consequences.
We rely on protective systems to ensure that manufacturing and process industries are safe; but even with the most advanced design, it is impossible to know whether they will operate successfully when they are needed. So how do we ensure that they can actually deliver a level of risk that is acceptable to our business?
Real Consequences shows how modern risk management techniques can ensure that protective systems deliver the level of risk that their designers intended. It covers both practical issues and the mathematical background needed to analyse systems. Each chapter is a separate Adobe Acrobat PDF file, and before downloading you need to accept the terms and conditions of use.