Post on 09-Jan-2017
SAJJAD KHUDHUR ABBASChemical Engineering , Al-Muthanna University, IraqOil & Gas Safety and Health Professional – OSHACADEMYTrainer of Trainers (TOT) - Canadian Center of Human Development
Episode 6 : HAZARD IDENTIFICATION (FMEA & HAZOP)
What is FMEA?
FMEA - Failure Modes and Effects Analysis Systematically identifies the potential failure of a
system and its effects Assesses the significance of each failure
mode to determineactions that would eliminate the chance of occurrence
Documents the potential failures
Oriented towards equipment rather than process
Purpose of FMEA
Identify single equipment of system failure modes and the potential effects or consequences of the failure modes on the system or plant.
Generate recommendation for increasing equipment or system reliability, thus improving process safety.
The History of FMEA
Applications and Benefits
May be applied at various stages Concept Design Process (Operation) Service and Maintenance
Improvements in: Safety Quality Reliability
Resource Requirement
Technical drawing of Equipment System
Knowledge of equipment function and failure modes
Personnel with knowledge of system/plant function and responses to failure equipment failure
Personnel with knowledge of FMEA methodology and analysis
FMEA Methodology
• Define system to be analyzed1
2
• Establish level of analysis• To what details
3
• Perform the analysis• Identify failure modes, causes, consequences, design and operating
provision against failures
• Reporting4
Step 1- FMEA System Definition
Define the extent of the system to be analyzed Usually performed in relatively small steps Requires analysts/personnel with a knowledge of the
system
- The functional relationships of the parts of the system and their performance requirements
Step 2- Level of Analysis
Based on the functional structure of a system
The failure mode are expressed asfailure
particular subsystem function Primary function is that for
which the
to performa
subsystemwasprovided for
Secondary function is one which is merely a consequence of the subsystem’s presence
Step 3- Failure Analysis
Possible failure scenarios Loss of containment Premature operation Failure to operate when required Intermittent operation Failure to cease operation when
required Loss of output or failure during
operation Degraded output etc
Based on failure modes Looks at the likely causes and the effects on both
the systemand the working environment
Consideration is given to the relative importance of the effects and sequence
Identifying existing safeguards againstsuch failure andmethods of detecting them are then examined
Recommended additional/new safeguards that are required against the failure
Step 4- Reporting
Identifying the most significant failures interms of their effects on the overall system
Decide whether or not the existing safeguards and detection devices are adequate.
More detailed analysis on the “weak link” No standard reporting format, typically covers:
The unit /system
Failure mode
Consequence of failure
Symptoms
Safeguards
Correction actions
FMEA Reporting Guide
No Component Description
Failure mode
Failure effect(s) Symptoms Safe Guards
Actions
1. Major component of the system
Specific failure of the component
Hazard realization due to component
failure
Indicator / representation of the failure
Existing mitigating measures
Is the existing measure
adequate, what else can be improved
Example: Fuel Storage System
Notation:
LALL – low level alarm LAHH – High level alarm LT - Level transmitter LC – Level controller
Fuel Storage System FMEA
No Component Description
Failure mode Failure effect(s) Symptoms Safe Guards
1 Drain pipe Valve failed opened
• Release of fuel• Occurrence of
fire
• Uncontrolled release of fuel
• Low level alarm triggered
• Low level alarm
2 Inlet pipe Valve failed closed
Valve failed
opened
• No fuel in tank
• Continuous flow of fuel into tank
• Tank overflow
• Occurrence of fire
• No fuel to nextunit
• Low level alarm triggered
• Uncontrolled release of fuel
• High level alarm triggered
-
● Level controller● High level alarm
Criticality Analysis Criticality is defined in the same way as risk -
that is, a combination of the severity of an effect and the probability or expected frequency
simplest approach requires a form of ranking or quantification in Effect / consequence Frequency
Failure Mode Effect Analysis Criticality Analysis (FMEACA)
Severity Effects are normally ranked into one of the following
categoriesDescription Score
Loss of mission due to inability of equipment to perform 1
Economic loss due to lack of output or function 2
Damage to plant or third party property 3
Injury to operating personnel or the public 4
Death to operating personnel or the public or significant damage to the environment
5
Severity: Alternative ranking for effect (reverse order or
severity)Item Score
Catastrophic - may cause death or total system loss 5
Critical- may cause severe injury or damage 4
Major - may cause some injury or damage 3
Minor - requires unscheduled maintenance. 2
Negligible – minor interruption to operation 1
Likelihood / Frequency Quantification of frequency depends on the data
available and may again be a simple ranking, such as one depending on failure probability during the operating time interval
Description Score
Extremely unlikely 1
Remote 2
Occasional 3
Reasonably frequent 4
Frequent 5
Description Score
Extremely unlikely: < 0.001 per year 1
Remote: between 0.001 and 0.01 2
Occasional: between 0.01 and 0.1 per yr 3
Reasonably frequent: between 0.1 and 0.2 per yr 4
Frequent: 0.2 per yr 5
*x10-6 occurence per 106 hours of operation
FMEACA Summary
Component Failure mode
Failure effect(s) Symptoms Severity Frequency* Score
Inlet pipe Rupture • Loss of containmentof ethylene oxide
• Workers expose to exthylene oxide and occurrence of fire /explosion
Inlet control valve
Fails opened
• Uncontrolled flow into storage tank
• Overflowing of storage tank
• Workers expose to ethylebe oxide & occurrence of fire / exploson
5
4
3
2
11
A2
B3 4
C5
DACCEPTABLE UNACCEPTABLE
Example: Threshold value = 10
Criticality Matrix
A C C D DA B C C DA B B C CA A B B CA A A A A
Example: Fuel Storage System
Notation:
LALL – low level alarm LAHH – High level alarm LT - Level transmitter LC – Level controller
FMEAFuel Storage System FMEA
No ComponentDescription
Failure mode Failure effect(s) Symptoms Safe Guards
1 Drain pipe Valve failed opened
• Release of fuel• Occurrence of
fire
• Uncontrolled release of fuel
• Low level alarm triggered
• Low levelalarm
2 Inlet pipe Valve failed closed
Valve failed
opened
• No fuel in tank
• Continuous flow of fuel into tank
• Tank overflow
• Occurrence offire
• No fuel to next unit
• Low level alarm triggered
• Uncontrolled release of fuel
• High level alarm triggered
-
● Level controller● High level alarm
Frequency / LikelihoodFrequency Score Definition
High 5 Failure that occur on monthly basis
Probable 4 Probable is defined as a single FM probability > 0.10 but < 0.20 of Failure that occur on yearly basis
Occasional 3 Facility had previous experience of similar failure
Remote 2 Possible to occur and had occurred in similar facility else where
Unlikely 1 Have not known to occur the similar facility else where
ConsequencesFrequency Score Definition
Catastrophic 5 Failure results in occurrence of fire that cause fatality
Major 4 Failure results in occurrence of fire that cause injury
Moderate 3 Failure results in occurrence of fire that cause damage to nearby property
Minor 2 Failure results in occurrence of fire that cause minor damage to nearby property
Negligible 1 Failure results in occurrence of fire that does not cause damage to nearby property
FMEACAFuel Storage System FMEA
No ComponentDescription
Failure mode Failure effect(s) Symptoms Frequency Severity Score
1 Drain pipe Valve failed opened
• Release of fuel• Occurrence of
fire
• Uncontrolled release of fuel
• Low level alarm triggered
2 4
Frequency Score Definition
High 5 Failure that occur on monthly basis
Probable 4 Probable is defined as a single FM probability > 0.10 but <0.20 of Failure that occur on yearly basis
Occasional 3 Facility had previous experience of similar failure
Remote 2 Possible to occur and had occurred in similar facility elsewhere
Unlikely 1 Have not known to occur the similar facility else where
Frequency
Severity
1 2 3 4 5
5 5 10 15 20 25
4 4 8 12 16 20
3 3 6 9 12 15
2 2 4 6 8 10
1 1 2 3 4 5
HighModerateLow
FMEACAFuel Storage System FMEA
No ComponentDescription
Failure mode Failure effect(s) Symptoms Frequency Severity Score
1 Drain pipe Valve failed opened
• Release of fuel• Occurrence of
fire
• Uncontrolled release of fuel
• Low level alarm triggered
2 4 8(Moderate)
FMEACAFuel Storage System FMEA
No Component Description
Failure mode Failure effect(s) Symptoms Frequency Severity
1 Drain pipe Valve failed opened
• Release of fuel• Occurrence of
fire
• Uncontrolled release of fuel
• Low level alarm triggered
2 4
2 Inlet pipe Valve failed closed
Valve failed
opened
• No fuel in tank
• Continuous flow of fuel into tank
• Tank overflow
• Occurrence of fire
• No fuel to next unit
• Low level alarmtriggered
• Uncontrolledrelease of fuel
• High level alarm triggered
2
2
2
4
Corrective Action and Follow- up
Reduce the probability that the cause of failure will result in the failure mode
Reduce severity of failureby redundancy
Increase probability of detection
redesign or addprotection
Hazard and Operability Studies (HAZOP)
The term “HAZOP” originated in ICI and first appeared in the literature in the early 1970s.
A formal, systematic, critical, rigorous examination to the process and engineering intentions of new and existing facilities to assess the
hazard potential of mal-operation or mal-function of individual items of equipment and the consequence effects.
Skelton, B., 1997
A formal, systematic, examination of a processing plant in order to identify hazards, failures and operability problems, and assess the
consequences from such mal-function.
Wells, G.,1996
Why DoHAZOP?
Generates a list of identifiedproblems, suggestions for improvement of the system.
usually
with
some
Improve safety, reliability, and quality by making people moreaware of potential problems.
Help to sort out loopholes and inconsistencies in procedures and force plant personnel to get their instructions up to date.
HAZOP
If a process operates within its intended design philosophy thenundesired hazardous events should not occur.
To identify how process deviations can be prevented or mitigated to minimize process hazards.
Thanks for Watching Please follow me / SAJJAD KHUDHUR ABBAS