CHPE 5612 Chapter10 White

8/13/2019 CHPE 5612 Chapter10 White

1/55

CHPE 5612: Chemical

Process SafetyChapter 10

by

Dr. Omar Houache


2/55

Hazards are everywhere

Unfortunately, a hazard is not always identified until anaccident occurs. It is essential to identify the hazards and

reduce the risk well in advance of an accident.

For each process in a chemical plant the following questions

must be asked:

1. What are the hazards? (Hazard Identification)

2. What can go wrong and how?

3. What are the chances?

4. What are the consequences?

Risk Assessment


3/55

Definitions

HAZARD: A hazard introduces the potential for anunsafe condition, possibly leading to an accident.

RISKis the probability or likelihood of a Hazard

resulting in an ACCIDENT

INCIDENTis an undesired circumstance that produces

the potential for an ACCIDENT

ACCIDENTis an undesired circumstance that results in

ill health, damage to the environment, or damage to

property

HAZARD INCIDENT ACCIDENT

(includes near misses)


4/55

Definitions

Risk assessment is sometimes called hazard analysis. Hazard identification and risk assessment are sometimes

combined into a general category called hazard evaluation.

A risk assessment procedure that determines probabilities is

frequently called probabilistic risk assessment (PRA),whereas a procedure that determines probability and

consequences is called quantitative risk analysis (QRA).

Figure 10-1 illustrates the normal procedure for using

hazards identification and risk assessment.


5/55


6/55

6

HAZID Approach

What can go wrong?

What incidents or scenarios could

arise as a result of things going

wrong?

What could cause or could

contribute to these incidents?


7/55

7

HAZID Approach

The HAZID approach can be used

in the first stages of the life cycle

phase of a project

Prior to design phase, little

information will be available andthe HAZID approach will need to

be undertaken on flow diagrams

Assumptionswill need to be

transparentand documented

Concept

Design

Commission

Production

Decommission

Disposal

Construction

Life Cycle Phases of a Project


8/55

8

Conducting the HAZID Consider the Past, Present and Future

Existing

conditions

Future

conditions

Historical

conditions

What has gone wrong in the past?

What could go wrong currently?

What could go wrong due to change?

Root CauseHistorical RecordsProcess ExperienceNear Misses

Identified

HazardsHAZID WorkshopHAZOP StudyScenario DefinitionsChecklists

Change ManagementWhat-If JudgementPrediction

unforeseeable


9/55

9

Conducting the HAZID

It is tempting to disregard Non-Credible Scenarios BUT

Non-credible scenarios have happened to others

Worst cases are important to emergency planning


10/55

10

Issues for consideration

Equipment can be off-line

Safety devices can be disabled or fail to operate

Several tasks may be concurrent

Procedures are not always followed People are not always available

How we act is not always how we plan to act

Things can take twice as long as planned

Abnormal conditions can cross section limits

Power failure



11/55

11

Conducting the HAZIDHAZID Process

Existing studies

Define boundary System description

Divide system into sections

Systematically record all hazards

Independent check

Revisit after risk assessmentHazard Register

Selected methods

asset or equipment failure

external events

process operational deviations

hazards associated with all materials

human activities which could contribute to incidents

interactions with other sections of the facility

Analyse each section


12/55

12

Recording Detail The level of detail is important for:

- Clarity

- Transparency and

- Traceability

A system (hazard register) is required for keeping track of the process

for each analysed section of the facility

The items to be recorded are:

- Study team

- System being evaluated- Identified hazard scenario

- Consequences of the hazard being realised

- Controls in place to prevent hazard being realised and their

adequacy

- Opportunity for additional controls



13/55

13

HAZID Techniques - Overview

Checklists - questions to assist in hazard identification

Brainstorming - whatever anyone can think of

What If Analysis - possible outcomes of change

HAZOP (Hazard and operability study )- identifiesprocess plant type incidents

FMEA/FMECA (Failure modes and effects analysis/

Failure modes and effects criticality analysis )-

equipment failure causes

Task Analysismaintenance activities, procedures

Fault Tree Analysis - combinations of failures

Increasing

eff

ortrequired


14/55

14

Checklists

Simple set of prompts or checklist questions to assist inhazard identification

Can be used in combination with any other techniques, such

as What If

Can be developed progressively to capture corporatelearning of organisation

Particularly useful in early analysis of change within

projects


15/55

15

Initiating Events General Causes Initiating Causes

Overfills And

Spills

Improper Operation Operating Error

Inadequate / Incorrect Procedure

Failure To Follow Procedure

Outside Operating Envelope

Inadequate Training

Vessel/Tanker

Shell Failure

Corrosion Wet H2S Cracking

General Process

Cooling Water

Steam / CondensateService Water

Mechanical Impact Missiles

Crane

Vehicles

Checklists


16/55

16

Advantages Highly valuable as a cross check review tool following application of other

techniques

Useful as a shop floor tool to review continued compliance with SMS

Disadvantages

Tends to stifle creative thinking

Used alone introduces the potential of limiting study to already known

hazards - no new hazard types are identified

Checklists on their own will rarely be able to satisfy regulatory requirements

Checklists


17/55

17

Brainstorm

Team based exercise Based on the principle that several experts with different

backgrounds can interact and identify more problems

when working together

Can be applied with many other techniques to vary thebalance between free flowing thought and structure

Can be effective at identifying obscure hazards which

other techniques may miss


18/55

18

Advantages Useful starting point for many HAZID techniques to focus a groups

ideas, especially at the projects concept phase

Facilitates active participation and input

Allows employees experience to surface readily

Enables thinking outside the square

Very useful at early stages of a project or study

Disadvantages

Less rigorous and systematic than other techniques High risk of missing hazards unless combined with other tools

Caution required to avoid overlooking the detail

Relies on experience and competency of facilitator

Brainstorm


19/55

19

What If

What if analysis is an early method of identifying hazards Brainstorming approach that uses broad, loosely structured

questioning to postulate potential upsets that may result in

an incident or system performance problems

It can be used for almost every type of analysis situation,especially those dominated by relatively simple failure

scenarios


20/55

20

Normally the study leader will develop a list of questions to consider at thestudy session

This list needs to be developed before the study session

Further questions may be considered during the session

Checklists may be used to minimise the likelihood of omitting some areas

What If


21/55

21

Example of a What If report for a single assessed item

What If


22/55

22

Advantages Useful for hazard identification early in the process, such as when only PFDs

are available

What If studies may also be more beneficial than HAZOPs where the project

being examined is not a typical steady state process, though HAZOP

methodologies do exist for batch and sequence processes

Disadvantages

Inability to identify pre-release conditions

Apparent lack of rigour

Checklists are used extensively which can provide tunnel vision, thereby

running the risk of overlooking possible initiating events

What If


23/55

23

HAZOP

A HAZOP study is a widely used method for theidentification of hazards

A HAZOP is a rigorous and highly structured hazard

identification tool

It is normally applied when PFDs and P&IDs are available The plant/process under investigation is split into study

nodes and lines and equipment are reviewed on a node by

node basis

Guideword and deviation lists are applied to processparameters to develop possible deviations from the design

intent

HAZOP results in a very systematic assessment of hazards


24/55

24

Example of a HAZOP report for a single assessed item

HAZOP


25/55

25

Advantages Will identify hazards, and events leading to an accident, release or

other undesired event

Systematic and rigorous process

The systematic approach goes some way to ensuring all hazards are

considered

Disadvantages

HAZOPs are most effective when conducted using P&IDs, though they

can be done with PFDs Requires significant resource commitment

HAZOPs are time consuming

The HAZOP process is quite monotonous and maintaining participant

interest can be a challenge

HAZOP


26/55

26

FMEA/FMECA

Objective is to systematically address all possible failuremodes and the associated effects on a technical system

The underlying equipment and components of the system

are analysed in order to eliminate, mitigate or reduce the

failure or the failure effect Best suited for mechanical and electrical hardware systems

evaluations


27/55

27

Example of an FMEA/FMCEA report for a single assessed item

PotentialFailureMode

PotentialEffects ofFailure

PotentialCausesofFailure

Comments Recommendations

Openindicatorswitch failed

Wrongindication ofvalve back tocontrol systemcausingpossibleincorrectcontrolleraction to betaken

Wear andtear

Commissioningand testproceduresmust ensurethat all diverterequipmentindicators arecorrectly wiredto the divertercontrol system

The integrity of theposition indicators forthe Diverter systemequipment is critical tothe logic of the controlsystem.

It is recommended thatthe position indicatorsare discretely functiontested prior to

commencement of eachprogram

FMEA/FMECA


28/55

28

Advantages Generally applied to solve a specific problem or set of problems

FMEA/FMECA was primarily considered to be a tool or process toassist in designing a technical system to a higher level of reliability

Designed correction or mitigation techniques can be implemented so

that failure possibilities can be eliminated or minimized

Disadvantages

It is very time consuming and needs specialist skills from differentbackgrounds to obtain maximum effect

Very hard to assess operational risks within an FMEA/FMECA (likethey can be within a HAZOP or What if study)

FMEA/FMECA


29/55

29

Task Analysis

Technique which analyses human interactions with thetasks they perform, the tools they use and the plant, process

or work environment

Approach breaks down a task into individual steps and

analyses each step for the presence of potential hazards Used widely to manage known injury related tasks in

workplace

Excellent tool for hazard identification related to human

tasks


30/55

30

Disadvantages

Does not address plant process deviations which are not

related to human interaction

Caution

Relies on multi-disciplined input with specific input of

person who normally carries out the task

Often assumed to be the only tool of hazard identification orrisk assessment, as it is used generally at the shop floor

Task Analysis


31/55

31

Fault Tree Analysis

Graphical technique approach Provides a systematic description of the combinations of

possible occurrences in a system which can result in an

identified undesirable outcome (top event)

This method combines hardware failures and humanfailures

Uses logic gates to define modes of interaction (ANDs/

ORs)


32/55

32

AND OR

PSV does not

relieve

Process

pressurerises

Control fails

high

PSV too

small

Set point too

high

PSV stuck

closed

Fouling inletor outlet

Pressure rises

Process

vessel overpressured

AND

Fault Tree Analysis


33/55

33

Advantages Quantitative - defines probabilities to each event which can be used to

calculate the probability of the top event

Easy to read and understand hazard profile

Easily expanded to bow tie diagram by addition of event tree

Disadvantages

Need to have identified the top event first

More difficult than other techniques to document

Fault trees can become rather complex Time consuming approach

Quantitative data needed to perform properly

Fault Tree Analysis


34/55


35/55

35

Safety considerations of the facility layout will include the

provision of:

Separation between flammable hydrocarbons and ignition

sources.

Separation between hydrocarbon handling areas and

emergency services, main safety equipment,accommodation, temporary safe refuge areas, means of

evacuation and escape, muster points and control centers.


36/55


37/55

HAZOPHazard and Operability Study


38/55

HAZOPis a formal and systematic procedure forevaluating a process

- It is time consuming and expensive

HAZOP is basically for safety

- Hazards are the main concern

- Operability problems degrade plant performance

(product quality, production rate, profit), so they are

considered as well

Considerable engineering insightis required - engineers

working independently could (would) develop different

results

HAZOP - Hazard and operability


39/55

HAZOP keeps all team members

focused on the same topic andenables them to work as a team

1 + 1 + 1 = 5

NODE: Concentrate on one location in the process

PARAMETER: Consider each process variable individually(F, T, L, P, composition, operator action, corrosion, etc.)

GUIDE WORD: Pose a series of standard questions about deviations from

normal conditions. We assume that we know a safe normal operation.



40/55

NODE: Pipe after pump and splitter

PARAMETER*: Flow rate

GUIDE WORD: Less (less than normal value)

DEVIATION: less flow than normal

CAUSE: of deviation, can be more than one

CONSEQUENCE: of the deviation/cause

ACTION: initial idea for correction/

prevention/mitigation

All group

members focus

on the sameissue

simultaneously

* For an expanded list of parameters and associated guide words, see Wells (1996)



41/55

Guide Word Explanation

NO or NOT or NONE Negation of the design intent

MORE

LESS

Quantitative increase

Quantitative decrease

AS WELL AS

PART OF

Qualitative increase e.g.,

extra activity occursQualitative decrease

REVERSE Opposite of the intention

OTHER THAN Substitution

SOONER/LATER THAN Activity occurring a time other than

intended

TYPICAL GUIDEWORDS USED FOR PROCESSES

Selected Parameters with Applicable Guide Words (See Wells, 1996, p. 95-6)

Flow (no, more, less, reverse)

Temperature (higher, lower)

Pressure (higher, lower)

Level (none, higher, lower)

Composition (none, more, less, as well as, other than)

Action (sooner, later, insufficient, longer, shorter)



42/55

fuel

air

feed

product

When do we use

a fired heater in

a process plant?

Fired heaters are used in process plants and have manypotential hazards. Lets perform a HAZOP study!



43/55

Class Example: Fired Heater1. Discuss the first entry in the HAZOP form

2. Select another guide word for the parameter

3. Select a different parameter for the same node

4. Select a different node/parameter/guide word

fuel

air

feed

product



44/55

HAZOP FORM

Unit: Fired Heater

Node: Feed pipe Parameter: Flow(after feed valve, before split)

Location (line or vessel) Process variables

or procedure (start up)

Guide Word Deviation Cause Consequence Action

Select from

official list ofwords to ensure

systematicconsideration ofpossibilities

applying guide

word to thisparameter

process

engineering

process

engineering

preliminary result

which should bereconsidered when

time is available

no no feed flow 1. feed pump stops damage to pipes inradiant section,

possible pipefailure

1. automaticstartup of backup

pump on low feedpressure

fuel

air

feed

product


45/55

2. feed valve

closed 2. fail open valve

3. feed flow meter

indicates false high

flow (controllercloses valve)

3. redundant flow

meters

4. pipe blockage 4. a) test flow

before startup

4. b) place filter in

pipe

5. Catastrophicfailure of pipe

5.a) damage topipes in radiant

section

b) pollution and

hazard for oil

release to plant

environment

Install remotelyactivated block

valves at feed

tanks to allow

operators to stop

flow

For 1-5, SIS to

stop fuel flow on

low feed flow,

using separate feed

flow sensor


46/55

HAZOP - PROCESS APPLICATIONS

Thorough review at or near the completion of a new process design

- Equipment and operating details known

- Can uncover major process changes

Review of existing processes (periodic update)

- Safe operation for years does not indicate that no Hazards exist

Review of changes to an existing process that had been HAZOPed -

Important part of Change Management- No consistency on what type of changes require formal HAZOP



47/55

MANAGING THE HAZOP PROCESS The HAZOP group should contain people with different

skills and knowledge

- operations, design, equipment, maintenance, quality

control, ..- do not forget operators!!!

The team should understand the plant well

Documents should be prepared and distributed before the

meeting

The HAZOP leader should be expert in the HAZOP process

Results must be recorded and retained



48/55


49/55

Risk management

Risk managementis the identification, assessment, and

prioritization of risksfollowed by coordinated and

economical application of resources to minimize, monitor,

and controlthe probabilityand/or impactof unfortunate

events.


50/55

Risk

A Riskis the amount of harm that can be expected to occur

during a given time period due to specific harm event (e.g.,

an accident).

Risk is a product of the likelihood of a hazard occurring and

the consequences that would follow:

RISK = HAZARD X CONSEQUENCE

In practice, the amount of risk is usually categorized into a

small number of levels because neither the probability nor

harm severity can typically be estimated with accuracy and

precision.


51/55

Risk Matrix

A Risk Matrixis a matrix that is used during Risk

Assessmentto define the various levels of risk as the

productof the harm probability categories and harm

severity categories.

This is a simple mechanism to increase visibility of risks and

assist management decision making.


52/55

Risk Matrix

Although many standard risk matrices exist in different

contexts individual projects and organizations may need to

create their own or tailor an existing risk matrix.

E.g., the harm severity can be categorized as:

Catastrophic- Multiple Deaths Critical- One Death or Multiple Severe Injuries

Marginal- One Severe Injury or Multiple Minor Injuries

Negligible - One Minor Injury


53/55


54/55

The resulting Risk Matrix could be :

Negligible Marginal Critical Catastrophic

Certain High High Extreme Extreme

Likely Moderate High High Extreme

Possible Low Moderate High Extreme

Unlikely Low Low Moderate Extreme

Rare Low Low Moderate High

Risk Matrix


55/55

The resulting Risk Matrix could be :

Negligible Marginal Critical Catastrophic

Certain Stubbing Toe

LikelyMinor Car

Accident

PossibleMajor Car

Accident

Unlikely Aircraft Crash

Rare Major Tsunami

Risk Matrix

CHPE 5612 Chapter10 White

Documents

Transcript of CHPE 5612 Chapter10 White