Pressure Vessel Catastrophic Rupture — Fault Tree
A worked process-safety fault tree for catastrophic rupture of a process pressure vessel — derived from a HAZOP study, addressing overpressure, structural-integrity and high-temperature pathways. Prepared against IEC 61508 / 61511 with a SIL 2 target for the SIS protection layer.
The scenario
Pressure vessels in chemical, refining and power-generation service handle inventories that, on catastrophic rupture, can produce blast, toxic or flammable consequences spanning the whole plant. The top event modelled here is catastrophic loss of containment from the vessel shell — not a leak, not a flange weep, but a structural failure that releases the entire inventory. This is the LOPA target around which most facility-siting and emergency-response plans are designed.
Top event and decomposition
The top OR gate combines the three failure modes that a HAZOP study typically lifts out for a pressure vessel:
- Overpressure rupture — modelled as the AND of (process upset producing overpressure) AND (Safety Instrumented System OR Pressure Relief Valve fails to function). The PRV branch carries its own λ and PFD; the SIS PFD comes from the SIL-2 verification calculation.
- Structural integrity failure — wall corrosion, stress-corrosion cracking, weld/HAZ fatigue, hydrogen damage. Each is its own basic event with a λ derived from RBI (risk-based inspection) data or generic OREDA / EIReDA.
- High-temperature damage — runaway exotherm exceeding design temperature with cooling failure (an AND structure, since a cooling-water trip alone is recoverable).
Common-cause is significant on the SIS branch: a single instrument-air loss can defeat both the BPCS pressure controller and the SIS pressure trip, so the FTA explicitly models that with a Beta-factor CCF block.
Standards alignment
This template represents the deliverable that LOPA + FTA produce together: LOPA establishes the risk-reduction factor (RRF) target and assigns SIL 2 to the SIS independent protection layer; the FTA decomposes the IPL further to verify the PFDavg meets that target across all dependent components. The resulting cut sets are inputs to the SIS Safety Requirements Specification (SRS) per IEC 61511 Clause 10.
Use this template
Open in FTA Studio, replace generic λ values with your plant's RBI inspection data, run MOCUS to find dominant cut sets, and run an importance ranking (Fussell-Vesely) to prioritise inspection effort on the components that contribute most to the top-event probability.