Fault-tolerance is crucial to maintain safety in offshore operations. The objective of this paper is to show how systematic analysis and design of fault-tolerance is conducted for a complex automation system, exemplified by thruster assisted Position-mooring. Using redundancy as required by classification societies' class notations for offshore position controlled vessels, the paper shows how violations of normal behaviour of main components can be detected and isolated. Using a functional service philosophy, diagnosis procedures are auto-generated based on provable correct graph analysis methods. Functional faults that are only detectable, are rendered isolable through an active isolation approach. Once functional faults are isolated, they are handled by fault accommodation techniques to meet overall control objectives specified by class requirements. The paper illustrates the generic methodology by a system to handle faults in mooring lines, sensors or thrusters. Simulations and model basin experiments are carried out to validate the concept for scenarios with single or multiple faults. The results demonstrate that enhanced availability and safety are obtainable with this design approach. While methods are introduced at a tutorial level, the paper is original by providing a total Position-mooring system design that ensures resilience to any single fault and to selected multiple faults.
As ocean space increasingly is used for production purposes, such as for the production of food and feed, renewable energy and resource mining, competition for space becomes a concern. A spatial solution to this is to co-locate activities in a multi-use setting. Next to the direct (financial) costs and benefits of multi-use and the societal cost and benefits, there are other factors, in the realm of legal aspects, insurance, health and safety issues and the overall governance of multi-use, that determine whether multi-use can be implemented successfully. This includes transaction costs that arise when for example non-adequate regulation, governance and insurance schemes are in place. Based on the analysis of five case studies across Europe these combined/collective transaction costs of multi-use are analysed and suggestions how to reduce and/or overcome these transaction costs are presented.
The safety of people and cargo onboard is a key functionality of a commercial ship.
The health and well-being of seafarers and passengers is protected through an extensive set of technical specifications, standards and norms that govern the design and commissioning of all vessels.
They differ by ship type and size, while the specific services to be provided and the specific geographic regions to be served also play an important role in this respect.
The requirements are of national and international character and vary also with the classification society that will commission the ship. Thus in a broader sense, all competences related to ship design are related one way or another to maritime health.
Much of the design of ships is overseen by a naval architect or marine engineer. It is rare to have the involvement of a medical professional except in the cruise industry.
Purpose and tasks
To ensure that the design of a ship includes the requirements to protect the health and well being of seafarers. More specifically, to identify areas of intervention that go beyond the usual engineering curricula where, nonetheless, the safety dimension is embedded through international standardization.
The power system of an all-electric ship (AES) establishes an independent microgrid using the distributed energy resources, energy storage devices, and power electronic converters. As a hybrid energy system (HES), the power system of an AES works as a unified system where each part can affect the reliability of the other parts. The systemic reliability centered maintenance (SRCM), which efficiently enhances the reliability and safety of the AES by identifying optimal maintenance tasks of the AES, is considered in this article to apply to the entire system. In order to calculate the reliability and optimal maintenance schedule, the Markov process and Enhanced JAYA (EJAYA) are utilized. A layer of protection analysis (LOPA), which is a risk management technique, is adopted to assess the safety of the system. A hybrid molten carbonate fuel cell, photovoltaic (PV), and lithium-ion battery are considered as energy sources of the AES. Based on two common standards, DNVGL-ST-0033 and DNVGL-ST-0373, the suggested maintenance planning method can be used in industrial applications. Eventually, in order to validate the proposed method, a model-in-the-loop real-time simulation using dSPACE is carried out. The obtained results show the applicability and efficiency of the proposed method for improving reliability and safety.
This chapter is about emergent safety hazards in engineering systems. These
hazards are those that emerge from a system without arising from any part of the
system alone, but because of interactions between parts. We distinguish two
approaches to analysing engineering systems: one is to view them as sociotechnical, and the other is to consider them as cyber-physical systems. We
illustrate a great deal of emergent hazardous behaviours and phenomena due to
unknown accident physics, malign actions, chemistry, and biology and due to
deficiencies in managements and organisations. The method that follows the
socio-technical view consists in the representation of a system by sequential
functionally unrelated processes that can in reality influence the performance of each other via sneak paths. The method that follows the cyber-physical systems
view focuses on the analysis of control loops (feedback, feedforward, positive,
and negative) and, especially, interrelated loops. The chapter explores also the
realm of security threats due to malign actions that can trigger safety-threatening events. And finally it gives general guidance for avoiding and eliminating safety hazards when designing engineering systems.
Autonomous marine surface vehicles rely on computer systems with computer intelligence making decisions to assist or replace the navigating officer. A fundamental requirement for the design and implementation of such a cyber-physical system is seamless, predictable, and secure interoperability between vendor-specific hardware and software subsystems. The article describes a system design that includes mechanisms to mitigate the risks and consequences of software defects, individual component malfunction, and harmful cyber interference. It addresses international regulations in the field and demonstrates a system design that can meet the requirements for safe behaviour in foreseeable events while also having the ability to call for human assistance if the autonomous system is unable to handle a situation. The paper presents a design for highly automated vessels with several inherent risk-reducing features, including the ability to isolate and encapsulate abnormal behaviours, built-in features to support resilience to unexpected events, and mechanisms for internal defence against cyber-attacks. The article shows how this is provided by a novel middleware that supports risk mitigation, dependability, and resilience.
Solid-state lithium battery (SSLB) is considered as the most potential energy storage device in the next generation energy system due to its excellent safety performance. However, there are still intimidating safety issues for the SSLB, due to it being still in the development stage. This paper gives an overview of the safety of SSLBs. First, advanced solid-state battery techniques are introduced. Second, the safety issues of SSLBs are discussed. Then, the safety enhancement techniques are provided. Finally, future research opportunities are presented. This paper aims to provide a reference for researchers in the fields of electronic and electrical engineering who want to make some efforts in SSLB safety.