Maximum Permitted Repair Time
maximum time allowed to repair a fault before undertaking an action to make the risk disappearing
EXAMPLE When a dangerous fault is revealed for a safety system operating in demand mode, it may be
decided to reach a safe state when a maximum duration has elapsed: a MPRT of 8 h means, for example, that if
the repair is not completed after 8 h, the process is shut down. Then a safe state is reached, the fault is no longer
dangerous, and it is not necessary to take into account the remaining time spent to complete the repair. This is
illustrated in Figure 6, Figure 7 and Figure B.1. When the fault may result of several failure modes, the MPRT
allows to repair those within short MRT without shutdown of the process.
Note 1 to entry: When a MPRT is defined as a maintenance procedure it is necessary to take it into consideration
for the probabilistic calculations of hazardous events. Reciprocally it is necessary that this MPRT be respected
during the actual repair actions in order to keep the probabilistic calculations valid.
Note 2 to entry: The role of the MPRT is close to the role of the MTTS (see 0). The difference is that the MPRT is a
maximum duration allowed to reach a safe state and the MTTS is the average duration needed to reach the safe
state when a dangerous fault is revealed (see Figure 6 and Figure 7). The methods developed in this Technical
Report have been focused on random repair values (MTTRes, MRT, MTTS) rather than on deterministic values
(MPRT), but the MPRT can be easily handled by using Petri nets and Monte Carlo simulations.
Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards