Suppose that you have designed a portable compressed-air supply system, as shown in Figure 18.3, for filling scuba tanks and for driving pneumatic tools in garages and factories. The system consists of an electric motor, an air compressor, an air tank, a regulator, and a pressure-relief safety valve. The regulator contains a pressure sensor connected to a power switch. The motor is switched on when the tank pressure drops below a fixed value and off at a slightly higher pressure. The pressure-relief valve is set to open at a higher pressure than the regulator motor off-pressure. Explosion of the air tank is clearly a dangerous hazard. Three events are assumed to possibly lead to a tank explosion:

(a) an internal tank defect such as poor welding,

(b) an external cause such as a plant vehicle colliding with the tank,

(c) excess pressure in the tank. The excess pressure can occur only if both the control unit and the pressure-relief valve fail:

• The pressure sensor might fail to shut off the motor because of switch failure or human error, such as setting the switch incorrectly or propping it open.

• The pressure-relief valve might fail to open because of mechanical valve failure or human error, such as incorrectly setting the valve or locking it shut.

Construct the fault tree for the system described above. Explosion of the air tank is the top event.

