(3.1)PHA
of 61
Transcript of (3.1)PHA
-
8/3/2019 (3.1)PHA
1/61
Overview ofProcess Hazard
Analysis(PHA)
1
DR. AA, Process Control and Safety Group
-
8/3/2019 (3.1)PHA
2/61
Factors
InfluencingIncidents
2
-
8/3/2019 (3.1)PHA
3/61
Causes of Accidents and IncidentsIncidents and Accidents are caused by
either unsafe behaviours (substandard
practice) and/or unsafe conditions
(substandard designs).
Unsafe behaviours are handled by Occupational Safety Program,
Unsafe conditions are managed through Process Safety Programs.
3
-
8/3/2019 (3.1)PHA
4/61
Accident Causation Models
4
-
8/3/2019 (3.1)PHA
5/61
DOMINO EFFECT
5
-
8/3/2019 (3.1)PHA
6/61
LOSS CAUSATION MODEL
LACK OF
CONTROL
INADEQUATE
PROGRAM
BASIC
CAUSES
PERSONALFACTORS
&JOB
FACTORS
IMMEDIATE
CAUSES
SUBSTANDARD
ACTS&
CONDITIONS
INCIDENT
CONTACTWITH
ENERGYOR
SUBSTANCE
LOSS
PEOPLEPROPERTYPROCESS
PLANET
LOSS CAUSATION
PROBLEM SOLVING
Workersexposedto hazards
THRESHOLD
OSH-MSSafe Operating Procedures, Training,Supervision, Maintenance, PPE
Activity: PREVENTION Activity: MITIGATION
6
-
8/3/2019 (3.1)PHA
7/61
ACCIDENT RATIO STUDY
SERIOUS OR DISABLING
Including disabling and serious injuries
MINOR INJURIES
Any reported injury less than serious
PROPERTY DAMAGE ACCIDENTS
All types
INCIDENTS WITH NO VISIBLE
INJURY OR DAMAGE
Near-miss accident
10
30
600
1
7
-
8/3/2019 (3.1)PHA
8/61
Process Hazards
HAZARDOUS MATERIALS + PROCESS CONDITIONS
Flammable materialsCombustible materialsUnstable materials
Reactive materialsCorrosive materialsAsphyxiatesShock-sensitive materialsHighly reactive materials
Toxic materialsInert gasesCombustible dusts
High temperaturesExtremely lowtemperatures
High pressuresVacuumPressure cyclingTemperature cyclingVibration/liquid
hammeringRotating equipmentIonizing radiationHigh voltage/currentErosion/Corrosion
-
8/3/2019 (3.1)PHA
9/61
Human Factors or Errors
HUMAN FAILURE
ERRORS VIOLATIONS
Deliberate actions Different from those prescribed Carries known associated risks Ignores operational procedures Violation errors occur because of a
perception of lack of relevance, timepressure or laziness.
Competency exists Intentions are correct Slips occur while
carrying out habitual,routine, skill basedactivity.
Incorrect intention Inadequate knowledge Incorrect information processing Inadequate training Mistakes occur because of incorrect
assumptions or incorrect tunnel
vision application of rules.
SLIPSMISTAKES
-
8/3/2019 (3.1)PHA
10/61
Process HazardAnalysis
(PHA)Methodologies
10
DR. AA, Process Control and Safety Group
-
8/3/2019 (3.1)PHA
11/61
PHA Methodologies
11
-
8/3/2019 (3.1)PHA
12/61
Process Hazards Analysis
PROCESS HAZARDS ANALYSIS
What can go
wrong?
How likely is
it?
What are the
consequences?
PROCESS HAZARDS ANALYSIS STRUCTURE
FOUNDATION FOR PROCESS HAZARDS ANALYSIS
HistoricalExperience
PHAMethodology
Knowledgeand Intuition
-
8/3/2019 (3.1)PHA
13/61
Qualitative Risk Analysis
Process Hazards Analysis isthe predictive identification
of hazards, their cause &consequence and thequalitative estimation oflikelihood and severity.
-
8/3/2019 (3.1)PHA
14/61
Qualitative vs. Quantitative
PROCESS HAZARDS ANALYSIS RISK ANALYSIS
IDENTIFIES HAZARDS, estimateslikelihood and severity, suggestsimprovements.
USE ON EVERY PROJECT
QUALITATIVE - based onexperience, knowledge and creativethinking.
Most often done byMULTIDISCIPLINARY TEAM
Several methodologies available What-if or Hazid What-if/Checklist HAZOP FMEA Preliminary Hazards Analysis
ASSESSES HAZARDS
SELECTIVE - use when othermethods prove inadequate orexcessive in cost.
QUANTITATIVE - requiresextensive data and specialexpertise.
Done by ONE OR TWO SPECIALLYTRAINED PEOPLE
Also called: Hazan Risk Assessment Probabilistic Risk Assessment
(PRA) Quantitative Risk Assessment
(QRA)
-
8/3/2019 (3.1)PHA
15/61
Process Hazard AnalysisSimply, PHA allows the employer to:
Determine locations of potential safetyproblems
Identify corrective measures to improve safety Preplan emergency actions to be taken if
safety controls fail
15
-
8/3/2019 (3.1)PHA
16/61
PHA Must Address
The hazards of the process Identification of previous incidents with likely potential
for catastrophic consequences
Engineering and administrative controls applicable to
the hazards and their interrelationships Consequences of failure of engineering and
administrative controls, especially those affectingemployees
Facility siting; human factors
The need to promptly resolve PHA findings andrecommendations
16
-
8/3/2019 (3.1)PHA
17/61
PROJECT PHASE
Conceptual Processdevelopment
Projectsanction
Design, engineering,construction
Handover
operation
Stage 1
Concept
Stage 2
Processdesign
Stage 3
DetailedEngineering
Stage 6
Post-commissioning
Stage 5
Pre-Commissioning
Stage 4
Construction
Relationship of six-stage process study system to project life-cy
Safety issues must be embedded within all project life-cycle
17
-
8/3/2019 (3.1)PHA
18/61
PHA and project phaseMethodused
Project life cycle stage
0 1 2 3 4 5 6 7
Checklist X X X X X X X X
RR X X (X) (X)
What-If X X X X
FMEA (X) X X (X)
LOPA X X X
HAZOP (X) X X
PHR X (X)
18
-
8/3/2019 (3.1)PHA
19/61
What If
19
-
8/3/2019 (3.1)PHA
20/61
What-If
Experienced personnel brainstorming a series ofquestions that begin, "What if?
Each question represents a potential failure in thefacility or mis-operation of the facility
The response of the process and/or operators isevaluated to determine if a potential hazard can occur
If so, the adequacy of existing safeguards is weighedagainst the probability and severity of the scenario todetermine whether modifications to the systemshould be recommended
20
-
8/3/2019 (3.1)PHA
21/61
What-If Steps
1. Divide the system up into smaller, logicalsubsystems
2. Identify a list of questions for asubsystem
3. Select a question
4. Identify hazards, consequences, severity,likelihood, and recommendations
5. Repeat Step 2 through 4 until complete
21
-
8/3/2019 (3.1)PHA
22/61
What-If Question Areas Equipment failures
What if a valve leaks?
Human error
What if operator fails to restart pump?
External events
What if a very hard freeze persists?
22
-
8/3/2019 (3.1)PHA
23/61
What IfWhat If? Initiating Cause Consequence
1. There is
higher
pressure in the
vessel
1.1 External fire in
the process area
1.1 potential increase in temperature and
pressure leading to possible leak or
rupture. Potential release of flammable
material to the atmosphere. Potential
personnel injury due to exposure.
1.2 pressure
regulator for inert
gas fails open
1.2 potential for vessel pressure to
increase up to the inert gas supply
pressure. Potential vessel leak leading to
release of flammable material to theatmosphere. Potential personnel injury
due to exposure.
23
-
8/3/2019 (3.1)PHA
24/61
Checklist
24
-
8/3/2019 (3.1)PHA
25/61
Checklist Review an installation against known hazards
identified on previous studies of similar plant
Examine the checklist for relevance to plant
being studied Ask questions based on a pre-defined list
The checklist is a corporate memory of whatcould go wrong
Should be augmented by industrial-wide experiencewhen available
25
-
8/3/2019 (3.1)PHA
26/61
Strength of checklist Is quick and simple to perform and is easily
understood
Makes use of existing experience and
knowledge of previous systems Helps check compliance with standard practice
and design intention
Ensures that known hazards are fully explored
26
-
8/3/2019 (3.1)PHA
27/61
Weakness of checklist Does not provide a list of initiating events
(failure cases) for a QRA
May not be comprehensive and does not
encourage analysts to consider new or unusualhazards
Highly dependent upon the quality of theprepared checklists
27
-
8/3/2019 (3.1)PHA
28/61
Checklist Question Categories Causes of accidents
Process equipment
Human error
External events
Facility Functions
Alarms, construction materials, control systems,
documentation and training, instrumentation, piping,pumps, vessels, etc.
28
-
8/3/2019 (3.1)PHA
29/61
Checklist Questions
Causes of accidents Is process equipment properly supported?
Is equipment identified properly?
Are the procedures complete?
Is the system designed to withstand hurricane winds?
Facility Functions
Is is possible to distinguish between different alarms?
Is pressure relief provided?
Is the vessel free from external corrosion?
Are sources of ignition controlled?
29
-
8/3/2019 (3.1)PHA
30/61
Hazard Indices
30
-
8/3/2019 (3.1)PHA
31/61
Hazard Indices Hazard indices give a quantitative indication of
the relative potential for hazardous incidentsassociated with a given plant or process. Theyare used to most effect at the early design
stage of a new plant.
The best known hazard indices are the DowIndex (1981) and the Mond Index (1979).
31
-
8/3/2019 (3.1)PHA
32/61
Operates like an income tax form.
Penalties for unsafe situations
Credits for control and mitigation
Produces a number - the bigger the numberthe greater the hazard.
Only considers flammable materials
Not effective for procedures.
Dow Fire and Explosion Index
32
-
8/3/2019 (3.1)PHA
33/61
33
Dow Fire & Explosion Index
-
8/3/2019 (3.1)PHA
34/61
Considers toxic materials only.
Includes simple source and dispersion models.
Not effective for procedures.
Dow Criteria: If sum of F&EI and CEI > 128,then more detailed hazard review procedurerequired.
Dow Chemical Exposure Index (CEI)
34
-
8/3/2019 (3.1)PHA
35/61
Mond Index
Objectives of Mond Index
To Identify, Assess and Minimize potential hazards onchemical plants units for new and existing processes
About Mond Index
Index primarily concerned with fire and explosion problem.
Toxicity is considered only as possible complicating factor.
Method gives credits for plant safety features (both hardwareand software).
Mond Index
35
-
8/3/2019 (3.1)PHA
36/61
Mond Index Procedure1. Divide plant into units and each unit is assessed individually2. Select ion of key material present in the unit.
Key material is the most dangerous chemicals (inherent properties),which higher possibility for combustion, explosion or exothermicreaction.
3. Calculation of Factors Material Factor, B
Special Material hazards, M
Special Process hazards, S
Quantity Hazards, Q
Layout Hazards, L Acute Health Hazards, T
4. Calculation of Indices - Dow Index (D), Fire Index (F), ExplosionIndex (E), Overall Hazard Rating (R).
36
-
8/3/2019 (3.1)PHA
37/61
The most important criteria - overall hazard rating, R
Overall Hazard Rating Category
0-20 Mild
20-100 Low100-500 Moderate
500-1100 High (group 1)
1100-2500 High (group 2)
2500-12,500 Very high
12,500-65,0000 Extreme
> 65,000 Very extreme
Mond Index Criteria
37
-
8/3/2019 (3.1)PHA
38/61
HAZID
38
-
8/3/2019 (3.1)PHA
39/61
HAZID Performed by a team of multidisciplinary
experts
The analyses are carried out based on area by
area basis It is focusing on location of the process
The discussion proceeds through theinstallations modules or operations using
guide words to identify potential hazards, itscauses, and possible consequences
The outcomes are summarised in HAZID Log
Sheet 39
-
8/3/2019 (3.1)PHA
40/61
HAZID Guidewords
40
-
8/3/2019 (3.1)PHA
41/61
HAZID Guidewords Port Facility
41
-
8/3/2019 (3.1)PHA
42/61
HAZID Log SheetRefNo
Guideword
HazardDescription
Conse-quences
Risk Potential Safeguards/mitigating
features
Action /commentcons Freq
42
-
8/3/2019 (3.1)PHA
43/61
HAZOP
43
-
8/3/2019 (3.1)PHA
44/61
HAZOP
Performed by a team of multidisciplinary experts The process is divided into distinct subsections or
nodes
It is focusing on plant component/equipment
On each node, detailed brainstorming is conductedfacilitated by a HAZOP Leader
Based on the design intent of each equipment specified by thenode, possible deviations are examined, aided by guidewords
and process parameters
Causes, consequences are identified and existing protectionprescribed by the design are assessed. Based on these,recommendations are put forward
The outcome is summarized in a HAZOP Log Sheet 44
-
8/3/2019 (3.1)PHA
45/61
HAZOP Guidewords No: negation of design intention; no part of design intention is
achieved but nothing else happens More: Quantitative increase
Less: Quantitative decrease
As well as: Qualitative increase where all design intention is
achieved plus additional activity
Part of: Qualitative decrease where only part of the designintention is achieved
Reverse: logical opposite of the intention
Other than: complete substitution, where no part of the originalintention is achieved but somethingquite different happen
Contamination, corrosion, sand deposits etc
45
-
8/3/2019 (3.1)PHA
46/61
HAZOP Log Sheet
Deviation Causes Consequences Protection Action
Guideword +
Parameter
Guideword: No,
Less, More,
reverse etc
Parameter: Flow,
temperature,
level etc
Possible causes of
the deviation
Effect of deviation
of plant safety and
operability
Safety
provision
already
considered.
- Prevent
causes
- prevent/
reduce
consequence
- monitor/
detect
Is the protection
sufficient?
If not, propose
suitable action or
recommendation
Based on the selected NODE and the design intent ofthe node, HAZOP study is conducted. The output issummarised in HAZOP Log Sheet
Example: Simplified HAZOP Log Sheet
46
-
8/3/2019 (3.1)PHA
47/61
LOPA
47
-
8/3/2019 (3.1)PHA
48/61
LOPA
LOPA is a semi-quantitative risk analysis technique that is appliedfollowing a qualitative hazard identification tool such as HAZOP.
Similar to HAZOP LOPA uses a multi-discipline team
LOPA can be easily applied after the HAZOP, but before fault treeanalysis
LOPA focuses the risk reduction efforts toward the impact eventswith the highest risks.
It provides a rational basis to allocate risk reduction resourcesefficiently.
LOPA suggests the required Independent Layer of Protection (IPL)required for the system to meet the required Safety Integrity Level(SIL)
48
-
8/3/2019 (3.1)PHA
49/61
LOPA Methodology There are five basic steps in LOPA:
1. Identify the scenarios
2. Select an accident scenario
3. Identify the initiating event of the scenario anddetermine the initiating event frequency (events peryear)
4. Identify the Independent Protection Layers (IPL)
and estimate the probability of failure on demand ofeach IPL
5. Estimate the risk of scenario
49
-
8/3/2019 (3.1)PHA
50/61
LOPA
50
-
8/3/2019 (3.1)PHA
51/61
LOPAConsequence
& Severity
Initiating
event(cause)
Initiating
eventchallenge
frequency
/year
Preventive independent protection
layersProbability of failure on demand
(PFD)
Mitigation
independentprotection
layer (PFD)
Mitigated
consequence
frequency
/year
Process
design
BPCS Operator
response
to alarm
SIF
(PLC
relay)
iJiiIi
ij
J
j
I
i
C
i
PFDPFDPFDf
PFDff
...21
1
ieventinitiatingforCeconsequencagainstprotects
thatIPLjththeofdemandonfailureofyprobabilit
ieventinitiatingforrequencyfrequency
ieventinitiatingforCeconsequencforfrequency
ij
I
i
C
i
PFD
f
f
51
-
8/3/2019 (3.1)PHA
52/61
Failure Modes,Effects Analysis
(FMEA)
52
-
8/3/2019 (3.1)PHA
53/61
FMEA Failure Modes, Effects Analysis Performed by a team or a single analyst Systematic review
Considers each component in turn
Subjectively evaluates effects of failure
Based on tabular format
FMECA includes critical analysis
53
-
8/3/2019 (3.1)PHA
54/61
FMEA Failure Mode Keywords Rupture
Crack
Leak
Plugged Failure to open
Failure to close
Failure to stop
Failure to start Failure to continue
Spurious stop
Spurious start
Loss of function
High pressure
Low pressure High temperature
Low temperature
Overfilling
Hose bypass Instrument bypassed
54
-
8/3/2019 (3.1)PHA
55/61
Example: FMEA on a Heat ExchangerFailure
Mode
Causes of
Failure
Symptoms Predicted
Frequency
Impact
Tuberupture
Corrosionfrom fluids
(shell side)
H/C athigher
pressurethancoolingwater
Frequent has
happened2x in 10 yrs
Critical could
cause amajorfire
Rank items by risk (frequency x impact) Identify safeguards for high risk items
55
-
8/3/2019 (3.1)PHA
56/61
Fault-TreeAnalysis
(FTA)
56
-
8/3/2019 (3.1)PHA
57/61
Fault Tree Analysis
Provides a traceable, logical, quantitativerepresentation of causes, consequences and eventcombinations
Not intuitive, requires training
Top-down analysis
Graphical method that starts with a hazardous eventand works backwards to identify the causes of the topevent
Intermediate events related to the top event arecombined by using logical operations such as ANDand OR.
Not particularly useful when temporal aspects are
important 57
-
8/3/2019 (3.1)PHA
58/61
Example of FTA
58
-
8/3/2019 (3.1)PHA
59/61
FTA Procedure
makedecision:
acceptable?
identify top event
construct the fault tree
analyze qualitatively
analyze quanitatively
accept system
YES
NO
develop improvements
FTA Nomenclature
-
8/3/2019 (3.1)PHA
60/61
-
8/3/2019 (3.1)PHA
61/61
PHRMethodSelectionDecisionTree
