Professional Documents
Culture Documents
Definitions
HAZARD: A hazard introduces the potential for an unsafe condition, possibly leading to an accident. RISK is the probability or likelihood of a Hazard resulting in an ACCIDENT
Definitions
Risk assessment is sometimes called hazard analysis. Hazard identification and risk assessment are sometimes combined into a general category called hazard evaluation. A risk assessment procedure that determines probabilities is frequently called probabilistic risk assessment (PRA), whereas a procedure that determines probability and consequences is called quantitative risk analysis (QRA). Figure 10-1 illustrates the normal procedure for using hazards identification and risk assessment.
HAZID Approach
What can go wrong? What incidents or scenarios could arise as a result of things going wrong? What could cause or could contribute to these incidents?
6
HAZID Approach
Life Cycle Phases of a Project
Concept
Design Construction Commission Production
The HAZID approach can be used in the first stages of the life cycle phase of a project Prior to design phase, little information will be available and the HAZID approach will need to be undertaken on flow diagrams Assumptions will need to be transparent and documented
Decommission
Disposal
Historical conditions
Identified Hazards
Existing conditions
Conducting the HAZID It is tempting to disregard Non-Credible Scenarios BUT Non-credible scenarios have happened to others Worst cases are important to emergency planning
10
Checklists - questions to assist in hazard identification Brainstorming - whatever anyone can think of
13
Checklists Simple set of prompts or checklist questions to assist in hazard identification Can be used in combination with any other techniques, such as What If Can be developed progressively to capture corporate learning of organisation Particularly useful in early analysis of change within projects
14
Checklists
Initiating Events Overfills And Spills General Causes Improper Operation Initiating Causes Operating Error Inadequate / Incorrect Procedure Failure To Follow Procedure Outside Operating Envelope Inadequate Training Wet H2S Cracking General Process Cooling Water Steam / Condensate Service Water Missiles Crane Vehicles
15
Corrosion
Mechanical Impact
Checklists
Advantages Highly valuable as a cross check review tool following application of other techniques Useful as a shop floor tool to review continued compliance with SMS Disadvantages Tends to stifle creative thinking Used alone introduces the potential of limiting study to already known hazards - no new hazard types are identified Checklists on their own will rarely be able to satisfy regulatory requirements
16
Brainstorm Team based exercise Based on the principle that several experts with different backgrounds can interact and identify more problems when working together Can be applied with many other techniques to vary the balance between free flowing thought and structure Can be effective at identifying obscure hazards which other techniques may miss
17
Brainstorm
Advantages Useful starting point for many HAZID techniques to focus a groups ideas, especially at the projects concept phase Facilitates active participation and input Allows employees experience to surface readily Enables thinking outside the square Very useful at early stages of a project or study Disadvantages Less rigorous and systematic than other techniques High risk of missing hazards unless combined with other tools Caution required to avoid overlooking the detail Relies on experience and competency of facilitator
18
What If
What if analysis is an early method of identifying hazards Brainstorming approach that uses broad, loosely structured questioning to postulate potential upsets that may result in an incident or system performance problems It can be used for almost every type of analysis situation, especially those dominated by relatively simple failure scenarios
19
What If
Normally the study leader will develop a list of questions to consider at the study session This list needs to be developed before the study session Further questions may be considered during the session Checklists may be used to minimise the likelihood of omitting some areas
20
What If
Example of a What If report for a single assessed item
21
What If
Advantages Useful for hazard identification early in the process, such as when only PFDs are available What If studies may also be more beneficial than HAZOPs where the project being examined is not a typical steady state process, though HAZOP methodologies do exist for batch and sequence processes Disadvantages Inability to identify pre-release conditions Apparent lack of rigour Checklists are used extensively which can provide tunnel vision, thereby running the risk of overlooking possible initiating events
22
HAZOP A HAZOP study is a widely used method for the identification of hazards A HAZOP is a rigorous and highly structured hazard identification tool It is normally applied when PFDs and P&IDs are available The plant/process under investigation is split into study nodes and lines and equipment are reviewed on a node by node basis Guideword and deviation lists are applied to process parameters to develop possible deviations from the design intent
23
24
HAZOP
Advantages Will identify hazards, and events leading to an accident, release or other undesired event Systematic and rigorous process The systematic approach goes some way to ensuring all hazards are considered Disadvantages HAZOPs are most effective when conducted using P&IDs, though they can be done with PFDs Requires significant resource commitment HAZOPs are time consuming The HAZOP process is quite monotonous and maintaining participant interest can be a challenge
25
FMEA/FMECA Objective is to systematically address all possible failure modes and the associated effects on a technical system The underlying equipment and components of the system are analysed in order to eliminate, mitigate or reduce the failure or the failure effect Best suited for mechanical and electrical hardware systems evaluations
26
FMEA/FMECA
Example of an FMEA/FMCEA report for a single assessed item
Potential Failure Mode Open indicator switch failed Potential Effects of Failure Wrong indication of valve back to control system causing possible incorrect controller action to be taken Potential Causes of Failure Wear and tear Comments Recommendations
Commissioning and test procedures must ensure that all diverter equipment indicators are correctly wired to the diverter control system
The integrity of the position indicators for the Diverter system equipment is critical to the logic of the control system. It is recommended that the position indicators are discretely function tested prior to commencement of each program
27
FMEA/FMECA
Advantages Generally applied to solve a specific problem or set of problems FMEA/FMECA was primarily considered to be a tool or process to assist in designing a technical system to a higher level of reliability Designed correction or mitigation techniques can be implemented so that failure possibilities can be eliminated or minimized
Disadvantages It is very time consuming and needs specialist skills from different backgrounds to obtain maximum effect Very hard to assess operational risks within an FMEA/FMECA (like they can be within a HAZOP or What if study)
28
Task Analysis Technique which analyses human interactions with the tasks they perform, the tools they use and the plant, process or work environment Approach breaks down a task into individual steps and analyses each step for the presence of potential hazards Used widely to manage known injury related tasks in workplace Excellent tool for hazard identification related to human tasks
29
Task Analysis Disadvantages Does not address plant process deviations which are not related to human interaction
Caution Relies on multi-disciplined input with specific input of person who normally carries out the task Often assumed to be the only tool of hazard identification or risk assessment, as it is used generally at the shop floor
30
Fault Tree Analysis Graphical technique approach Provides a systematic description of the combinations of possible occurrences in a system which can result in an identified undesirable outcome (top event) This method combines hardware failures and human failures Uses logic gates to define modes of interaction (ANDs/ ORs)
31
Pressure rises
AND
32
33
Review and Revision The following are examples of when a HAZID revision should occur
Organizational changes New projects HAZID Revision Incident investigation results Abnormal conditions through design envelope changes
34
Safety considerations of the facility layout will include the provision of: Separation between flammable hydrocarbons and ignition sources. Separation between hydrocarbon handling areas and emergency services, main safety equipment, accommodation, temporary safe refuge areas, means of evacuation and escape, muster points and control centers.
35
Sufficient means of escape to enable efficient and protected evacuation from all areas designated as muster and evacuation stations under foreseeable hazard conditions. Availability of essential services and the main safety equipment under foreseeable hazard conditions, including protecting critical systems and equipment required to function in a fire and explosion emergency. Safe access to systems and equipment for operational and maintenance purposes.
36
NODE: Concentrate on one location in the process PARAMETER: Consider each process variable individually
PARAMETER*: Flow rate GUIDE WORD: Less (less than normal value) DEVIATION: less flow than normal CAUSE: of deviation, can be more than one CONSEQUENCE: of the deviation/cause ACTION: initial idea for correction/ prevention/mitigation
* For an expanded list of parameters and associated guide words, see Wells (1996)
Guide Word NO or NOT or NONE MORE LESS AS WELL AS PART OF REVERSE OTHER THAN SOONER/LATER THAN
Explanation Negation of the design intent Quantitative increase Quantitative decrease Qualitative increase e.g., extra activity occurs Qualitative decrease Opposite of the intention Substitution Activity occurring a time other than intended
Selected Parameters with Applicable Guide Words (See Wells, 1996, p. 95-6) Flow (no, more, less, reverse) Temperature (higher, lower) Pressure (higher, lower) Level (none, higher, lower) Composition (none, more, less, as well as, other than) Action (sooner, later, insufficient, longer, shorter)
feed
product
air
fuel
4.
feed
product
air
fuel
HAZOP FORM
Parameter: Flow
product
Process variables
air fuel
Guide Word Select from official list of words to ensure systematic consideration of possibilities no
no feed flow
2. feed valve closed 3. feed flow meter indicates false high flow (controller closes valve) 4. pipe blockage
4. a) test flow before startup 4. b) place filter in pipe Install remotely activated block valves at feed tanks to allow operators to stop flow
5.a) damage to pipes in radiant section b) pollution and hazard for oil release to plant environment
For 1-5, SIS to stop fuel flow on low feed flow, using separate feed flow sensor
The HAZOP group should contain people with different skills and knowledge - operations, design, equipment, maintenance, quality control, .. - do not forget operators!!!
The team should understand the plant well
Risk management
Risk management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events.
Risk
A Risk is the amount of harm that can be expected to occur during a given time period due to specific harm event (e.g., an accident). Risk is a product of the likelihood of a hazard occurring and the consequences that would follow: RISK = HAZARD X CONSEQUENCE In practice, the amount of risk is usually categorized into a small number of levels because neither the probability nor harm severity can typically be estimated with accuracy and precision.
Risk Matrix
A Risk Matrix is a matrix that is used during Risk Assessment to define the various levels of risk as the product of the harm probability categories and harm severity categories. This is a simple mechanism to increase visibility of risks and assist management decision making.
Risk Matrix
Although many standard risk matrices exist in different contexts individual projects and organizations may need to create their own or tailor an existing risk matrix. E.g., the harm severity can be categorized as:
Risk Matrix
The probability of harm occurring might be categorized as 'Certain', 'Likely', 'Possible', 'Unlikely' and 'Rare'. However it must be considered that very low probabilities may not be very reliable.
Risk Matrix
Certain Likely
High Moderate
High High
Extreme High
Extreme Extreme
Possible
Unlikely Rare
Low
Low Low
Moderate
Low Low
High
Moderate Moderate
Extreme
Extreme High
Risk Matrix
Stubbing Toe Minor Car Accident Major Car Accident Aircraft Crash Major Tsunami