Accident near misses and precursor analysis2

Accident Near Misses and Precursor AnalysisCase Study: Fire in a CSTR System

Presented by:

Mohammed AlShammasi Ashwin Ariyapadi Kevin AnglinNovember 19, 2012

November 19, 2012

2

Accident Near Misses and Precursor Analysis

Overview

•Introduction•Identification of Precursors •Modeling and Analysis•Risk Management •Recommendations

November 19, 2012

3


Definitions

•Near Miss- a severe precursor that is directly connected to a potential accident in the accident chain

•Accident Precursor- an event that could escalate to an accident

A precursor is a more general term while a near miss can consist of more than one

precursor

Introduction

November 19, 2012

4


Precursor Analysis v. Accident Analysis• Precursor events at the base of the

pyramid.• High consequence accidents at the top of

the pyramid •Precursor events

▫simpler to analyze▫easier to prevent▫smaller in scale▫less costly to resolve

Introduction

November 19, 2012

5


Case Study

•Applying QRA conceptsbased on precursor analysis to fire (top event) in a CSTR system

Introduction

November 19, 2012

6


Case Study, continued

•Hazard barriers:▫Coolant system▫Temperature controller▫Rupture disc▫Fire alarm ▫Manual shutdown▫Firefighting emergency

Introduction

November 19, 2012

7

Identification of Precursors

November 19, 2012

8



•Methods to identify precursor events:▫Regular surveys ▫Interviews with safety engineers▫Direct observation▫Voluntary reporting▫Alarm databases▫Automated detection systems


November 19, 2012

9


Initiating Events

• Four main initiating events were identified:


Initiating events Frequency, yr-1

Coolant failure 2.50

Inlet valve malfunction 1.74

External fire 0.82

Agitator failure 4.16

November 19, 2012

10


Basic Failure Events

• An initiating event can be followed by a number of basic failure events:

Basic Event Probability of failure Probability of success Temperature controller failure 0.040 0.960 Rupture disk failure 0.120 0.880 Alarm Fails 0.250 0.750 No manual shutdown (alarm works) 0.120 0.880 No manual shutdown (alarm fails) 0.240 0.760 Quick emergency response failure (Alarm works) 0.316 0.684 Quick emergency response failure (Alarm fails) 0.544 0.456


November 19, 2012

11


Basic Failure Events•Contributors to uncertainty in frequencies:

1. Incomplete list of initiation events 2. Incomplete knowledge of hazard scenarios 3. Assumptions about material properties and

technical behavior4. Common failure causes5. Unconsidered process upsets6. Operational errors due to inadequate

training or attitudes


November 19, 2012

12

Modeling and Analysis

November 19, 2012

13


Fault Tree AnalysisCSTR catches

on fire

Coolant failure

Inlet valve malfunction

External fire

Agitator failure

Tempcontroller

failure

Rupture disk

failure

Alarm failure

Manual shutdown

failure

Tempcontroller

failure

Rupture disk

failure

Alarm failure

Manual shutdown

failure

Tempcontroller

failure

Rupture disk

failure

Alarm failure

Manual shutdown

failure

Tempcontroller

failure

Rupture disk

failure

Alarm failure

Manual shutdown

failure


November 19, 2012

14


•Probability of coolant failure P(C=True)=

•Probability of fireP(=True) =

•The posterior probability of fire may be recalculated based on observing an initiating event.

𝑃 ( 𝐸|𝐶 )=𝑃 ( 𝐸 ) 𝑃 (𝐶∨𝐸)

𝑃 ( 𝐸 ) 𝑃 (𝐶∨𝐸)+𝑃 (𝐸)𝑃 (𝐶|𝐸 )


Bayesian Approach for Updating

November 19, 2012

15


Bayesian Approach for Updating


•Based on observing a coolant failure, probability of fire significantly increases

November 19, 2012

16


Consequences

•Consequences were identified based on Estimated Monetary Value (EMVs)

Consequence Low monetary value, $ MM

High monetary value, $ MM

Expected monetary value, $ MM

No damage 0.00 0.00 0.00

Minor plant damage 0.40 1.00 0.70

Major plant damage without injuries 2.00 3.00 2.50

Major plant damage with injuries 1.00 2.00 1.50

Major plant damage with fatalities 7.00 7.00


November 19, 2012

17


Consequences •Contributors to uncertainty in

consequences:1. Incomplete knowledge of number of

fatalities/injuries2. Flammability behavior assumptions3. Ignition source model4. Explosion model and efficiency assumptions5. Changes in market dynamics for acceptable

risk magnitude 6. Neglecting environmental costs of fire


November 19, 2012

18


Event Tree

Alarm

Fails

Fails

Fails Works

I S

Temp controller S

Rupture disk S

Works

Works

Works

Manual shutdown

Fails

F

S

No damage

No damage

No damage

No damage

Minor plant damage

Major plant damage

No damage

Major plant damage

Injuries/fatalities

Manual shutdown

F

SQuick

emergency response

Quick emergency response

Works

Works

SWorks

SWorks

Frequency of I

0.960

0.040

0.880

0.120

0.750

0.250

0.880

0.760

0.120

0.240

0.684

0.456

0.544

Fails

Fails

0.316

Outcome ScenarioConsequence

S1

S2

S3

S4

S5

S6

S7

S8

S9


November 19, 2012

19


Scenario Frequency

•The frequency of each scenario was calculated for each initiating event as:

= scenario frequency

= initiating event frequency

= basic event probability with


November 19, 2012

20


Scenario Frequency

•Take Scenario 5 for the coolant failure – coolant fails, temperature controller fails, rupture disc fails, alarm works, manual shutdown fails, and emergency response is quick:

F(S) = (2.5 1/yr)(0.04)(0.12)(0.75)(0.12)(0.684)

F(S) = 0.000739 1/yr


November 19, 2012

21

Risk Management

November 19, 2012

22


Risk Evaluation

•The risk for each scenario was evaluated by multiplying scenario frequency by associated consequence.

•This type of risk evaluation is based on expected monetary values.

= risk associated with a scenario = consequence of a scenario

Risk Management

November 19, 2012

23


Total Risk

•The total risk was estimated by summing the risks for each initiating event over all scenarios

= average risk associated with an initiating event

Risk Management

November 19, 2012

24


Scenario Importance

•The importance percentage of each scenario was evaluated as follows:

•The importance % is a measure of scenario contribution to the total risk

= risk associated with an initiating event

Risk Management

November 19, 2012

25


Total Fire Risk

•The total risk of fire was calculated by summing the risks of all initiating events:

Risk Management

November 19, 2012

26


Results Scenario Coolant failure Inlet valve malfunction External fire Agitator failure

# frequency, yr-1 Risk, $/yr IM, % frequency, yr-1 Risk, $/yr IM, % frequency, yr-1 Risk, $/yr IM, % frequency, yr-1 Risk, $/yr IM, %

S1 2.50 0 0.00% 1.74 0 0.00% 0.82 0 0.00% 4.16 0 0.00%

S2 2.40E+00 0 0.00% 1.67E+00 0 0.00% 7.87E-01 0 0.00% 3.99E+00 0 0.00%

S3 8.80E-02 0 0.00% 6.12E-02 0 0.00% 2.89E-02 0 0.00% 1.46E-01 0 0.00%

S4 7.92E-03 0 0.00% 5.51E-03 0 0.00% 2.60E-03 0 0.00% 1.32E-02 0 0.00%

S5 7.39E-04 517 10.15% 5.14E-04 360 10.15% 2.42E-04 170 10.15% 1.23E-03 860 10.15%

S6 3.41E-04 853 16.74% 2.38E-04 594 16.74% 1.12E-04 280 16.74% 5.68E-04 1,420 16.74%

S7 2.28E-03 0 0.00% 1.59E-03 0 0.00% 7.48E-04 0 0.00% 3.79E-03 0 0.00%

S8 3.28E-04 985 19.32% 2.29E-04 686 19.32% 1.08E-04 323 19.32% 5.46E-04 1,639 19.32%

S9 3.92E-04 2,742 53.79% 2.73E-04 1,908 53.79% 1.28E-04 899 53.79% 6.52E-04 4,562 53.79%

Total 5.000 5,097 3.480 3,548 1.640 1,672 8.320 8,481

Risk Management

November 19, 2012

27


Risk Profile

0 500 1000 1500 2000 2500 30000

0.2

0.4

0.6

0.8

1

1.2

Coolant failureInlet valve malfunctionExternal fireAgitator failure

Risk ($/yr)

Cum

ula

tive P

robabil

ity

Risk Management

November 19, 2012

28

Recommendations

November 19, 2012

29


Risk Control

•An example of risk control is installation of automatic sprinkler system as an emergency response system in case of fire

Cost of installation, $/yr Associated costs, $/yr

No sprinkler system 0

Sprinkler system 1 14,000 0.99 2,100



Recommendations

November 19, 2012

30


Risk Control Continued

•The expected value of control was calculated assuming a useful life period of 10 years for each system

𝐸𝑀𝑉 (𝐶𝑖 )=𝐸𝑥𝑝𝑒𝑐𝑡𝑒𝑑 𝑏𝑒𝑛𝑒𝑓𝑖𝑡𝑜𝑓 𝑐𝑜𝑛𝑡𝑟𝑜𝑙−𝐶𝑜𝑠𝑡 𝑜𝑓 𝑖𝑛𝑠𝑡𝑎𝑙𝑙𝑎𝑡𝑖𝑜𝑛=𝑅 (𝐶𝑖 )× ¿

For example, for sprinkler system 1:

Recommendations

November 19, 2012

31


EMVs for Control

•The EMVs for various control systems were as follows:

Expected monetary values of control, $/yr

No sprinkler system

Sprinkler system 1

Sprinkler system 2

Sprinkler system 3

Recommendations

November 19, 2012

32


Identification

•Other potential initiating events•Other weak points/critical basic events•Examining of mechanical integrity of

CSTR•Considering common failure modes•Performing HAZOP•Implementing reliability testing on hazard

barriers (TC, alarm, …)

Recommendations

November 19, 2012

33


Analysis & Modeling

•Using Bayesian Network software•Using probability distribution functions

instead of single-point probabilities•Analyzing effects of fire or other initiating

events on other equipment in the facility •Developing empirical probability

functions based on test data•Creating a risk-level matrix

Recommendations

November 19, 2012

34


Risk Management

•Adding redundancy in hazard barriers for▫temperature controller▫overpressure alarm system

•Using risk distribution functions •Using utility function to account for risk

attitudes •Accounting for societal risk•Developing frequent maintenance and

testing procedure•Adapting an inherently safer reactor design

Recommendations

November 19, 2012

35


Inherently Safer Design

•The current cooling jacket has a failure frequency of 2.5 times per year

•A jacket with a failure rate of only 2 times per year is safer:

𝑅𝑖𝑚𝑝𝑟𝑜𝑣𝑒𝑑=𝑅𝑜𝑙𝑑 𝐹 𝑖𝑚𝑝𝑟𝑜𝑣𝑒𝑑

𝐹 𝑜𝑙𝑑

=($5,097 / yr )(2.01/ yr )

2.51 / yr=$4,077.6 / yr

Recommendations

November 19, 2012

36


Conclusion

•A brief risk assessment of a CSTR system based on precursor analysis was presented using fire as top event.

•Four initiating events were identified followed by a number of possible basic failures.

•A number of recommendations were provided for precursor identification, analysis and modeling, and risk management.

Thank you for your attention

Questions?

Accident near misses and precursor analysis2

Technology

Transcript of Accident near misses and precursor analysis2