SAFETY DOCUMENTATION: FOLDERS AND FILES IEFC Workshop CERN, March 7, 2012 S. Evrard – EN/MEF How...

SAFETY DOCUMENTATION:FOLDERS AND FILES

IEFC WorkshopCERN, March 7, 2012S. Evrard – EN/MEF

How useful is Safety Documentation for the general CERN population and you in particular ?

Acknowledgements: A-P Bernardes, C-H Sala, M. Picard, E. Harrouch, C. Alanzeau, C. Gaignant, E. Macario

Definition and content

S. Evrard - IEFC Workshop - March 7, 2012

2

A Safety File is a set of documents or data related to the assessment of the Safety of equipment, installation, activity, process or project at all stages of its life cycle and the corresponding implementation measures and procedures as well as lessons learned. The CERN Safety Rules define the compulsory content of each Safety file. (memo DG/2011-258)

When combined, the Safety Files of a given facility or system form a Safety Folder. Hence, the Safety Folder shall be understood as the repository where all Safety Files and associated documents are archived.

Content Descriptive part Demonstrative part Operational part Feedback part (now called REM)

Safety File vs Safety Folder

Purpose:Demonstration, by the Project team

to the Licensing authoritythat the Regulations are fulfilled,

from the 2 perspectives: integrity and safety

Scope


3

New facility (ex. HiRadMat) Existing facility (ex. TDC2-TCC2) Equipment (ex. Power Converter) Process (ex. Target Exchange) Activity (ex. Open Days 2013, XTAX table repair in TCC2)

Clear definition of the scope & boundaries of the safety file

Agreement of all stakeholders before starting up (DSO’s, HSE unit, Project Management..)


4

Description of the facility/processWhat is itWhere is it locatedWhat is it made ofHow does it workWhen will it be constructed, operated, dismantledWho is responsible for its construction, operationWith which means will it be constructedWhich steps for its dismantling

Descriptive part

Demonstrative part


5

The demonstrative part is hazard and risk oriented, and addresses the following: Hazard and safety risk identification; Risk evaluation, risk analyses; Risk responses:

Technical risk control measures; Organizational risk control measures.

6

This part is an inventory of all operational documents needed in order to optimize the exploitation of the facility, equipment, activity especially in terms of safety.

These operational documents are of two kinds: Operational instructions and procedures

for operating the facility for maintaining and ensuring its integrity

Organizational structures Project – Operation – Dismantling phases


Operational part

Feedback part


7

The Safety File also includes a part dedicated to Records, Experience and Monitoring (called Retour d’expérience in the French safety terminology)

This part shall receive all the feedbacks linked to the development of the facility, accidents, or incidents and any other new development.

Beyond prejudices


8

The safety file methodology is sometimes criticized: Waste of time Bureaucratic work Job for HSE experts only No time, no resources in our group, project Uninteresting work No added value exercise Only to get my boss happy Will trap dust on a shelf once written I’m asked to write it but no one tells me how

So let’s analyse some down-to-earth examples

9 Overview


TT61 (to former West Area)

TNC (former West Area Neutrino factory WANF)

TCC6

The HiRadMat facility

Study the impact of intense pulsed beams on materials Thermal management (heating) Radiation damage to materials –

change of properties Thermal shock - beam induced

pressure waves


10

We used a structured, systematic and comprehensive examination of all the processes sub-processes and activities to be carried out in the HiRadMat facility in order to identify potential hazards and operability problems (HAZOP).

The analysis was carried out by a suitably qualified team of

experts familiar with all aspects of the operations undergoing study. This team was led by a team leader qualified in the application of the technique, usually a safety professional.

The HSE Unit’s Safety Guidelines for Risk Assessment (EDMS no. 1114042) is a good tool.

Hazard inventory



11 Hazard inventory: process identification

Courtesy of M. Picard



12 Hazard inventory: process breakdown & basic activities


…

Basic Activity 7:Preparation crane

for remote use

…

Basic Activity 8:Remote use of

crane

…

…

…

Subprocess: Test table transport to cool down zone2.2.3

Basic Activity 1:Access in controlled

area2.2.3.1

2.2.3.2

2.2.3.4

2.2.3.5

2.2.3.3

…2.2.3.6

…

Courtesy of M. Picard


13 Hazard inventory: process summary

Processes linked to the operation

Processes linked to the maintenance Basic activities

Tested equipment installation in lab TNC relighting B1 entrance_in_controlled_area Experimental table installation in TNC AUG tests B2 entrance & activity in TNC Activated table handling to cooling area PR532 maintenance in TJ7 B3 exit from TNC

Cooled table removal from TNC PR532 annual load test B4 exit from controlled area Containment + experiment separation from table PR532 repair in TNC B5 Preparation PR-532 for manual use

Gas and or vacuum connection Drain network maintenance B6 Manual use of PR-532

Gas and or vacuum disconnection Elevator & lifts maintenance B7 Preparation PR-532 for remote use

Survey check of the 3 base tables Air Handling Unit maintenance B8 Remote use PR-532

New cable pulling Radiation monitoring maintenance

B9 end of work with PR532

Plug-in system exchange Fire detection tests

Patrol TNC Dump and upstream collimator exchange


14 Demonstrative part: risk response example

Id Hazards RisksTechnical measures

Organisational measures

Personal measures

1. TNC is a high radiation area.

Contaminated dust in TNC (from destructive work in TNC radioactive area)

External exposureInternal exposureEnvironment exposure

- Access system and RP veto for PPG6907 door.- Hand foot monitor control in BA7.-Ventilation system.- Alara oriented design of the facility.- Ramses system

- SPS access procedure in controlled area (EDMS 1138833)-Safety code F - Radiation Safety Manual- RP supervision-A6 - The two-person rule of working-ALARA principles

- Individual protective equipment IPE (safety shoes, auto-saving mask, helmet) - Individual and operational dosimeters- Overshoes- Depending on the nature of the work :-gloves if object handling in TNC-overall clothes + individual breathing mask if "destructive" work

2. Moving crane and moving PPG6907 door

Collision with people or equipment

Switch : if door closed, crane will stay offManual door opening

Door opening procedure on crane control panel

IPE

3. Moving crane and lifting loads

Collision with people or equipment

Slow motion handling and safety perimeter

-Overhead crane handling procedure (EDMS 1145906)- Handling by qualified overhead crane drivers- Safety Regulation on mechanical equipment (SR-M)

IPE



15 Demonstrative part: risk management example-stray radiation (external exposure)

Design stage: Fluka simulations CV and Ramses design Dedicated handling means (lifting jig and eyes) Prefabricated structure (easily removable) Activated material management plan Maintenance plan (reduced time in TNC)

Technical measures Access , ventilation and RP sectorization Ventilation system Ramses monitoring system Remote controlled PR532 crane

Organizational measures Frequent radiation survey of TNC tunnel Dedicated RP training ALARA, JOLI & DIMR preparation On-site close RP monitoring

Personal measures Training, IPE, dosimeters, … S. Evrard - IEFC Workshop - March 7, 2012

Airborne contamination decrease

Equipment remote handlingAbsolute Filter exchange


16

Question Procedure EDMS

How to get access authorized to the HiRadMat facility ?

Preparatory steps to take before accessing to HiRadMat

1154948

How to get access to HiRadMat Access procedure 1155061

How to escape from the facility ? Escape procedure 1153056

How to patrol the facility ? Patrol procedure 1152694

How to deal with activated material ?

Activated material management procedure

1146265

How to handle alarms from HRM ? Alarm management procedure 1152693

How to maintain the facility ? Maintenance plan 1154793

How to deal with incidents ? Faulty situation and incident analysis

1154637

How to manage fire risk ? Fire prevention and fire risk management

1146217

Operation part



User-oriented procedures



17

Safety review recommendation: prepare B.846 escape shaft for emergency situations Fire Brigade evacuation exercise new arrangements like permanent lifting points.

Incident debriefing Cold smoke accidentally produced in BA7 lift room reached

underground areas. After investigation, cause = geodesy duct bypassing ventilation containment. Check in all BA’s ongoing.

Feedback part

XTAX table repair in TCC2


18 A Challenging Repair

TAX motor failures: 3/8 are out of order The TAXs, installed downstream of the primary targets of the North Area, are made

of massive blocks put on motorized tables that can move up/down. High radiation environment

The TAX blocks intercept about 1019 protons/year about 6 mSv/h outside the shielding and probably 30 to 40 mSv/h at the blocks and even higher near the beam impact point.


19


A detailed repair procedure and a risk analysis are prepared Major remaining risk: PR537 reliability

Technical measures taken: extensive maintenance and spare parts

Optimization steps WDP and DIMR preparation DIMR link Design Review: reduce the dose in future interventions Handle TAX assembly (blocks + table) as a set: no access to

most activated part PR537 remote control: reduced presence in TCC2 Increase PR537 lifting height: lateral shielding stays in place Bunker for mechanical work: operators well shielded Tailor made shielding (100 mm thick steel plate + lead

50mm): dose reduction /80 Optimize table repair sequence: # movements, start with

least activated first Extensive dry run tests in EHN1: train technicians Extensive dry run tests in TCC2 : train crane operators

https://espace.cern.ch/rpps/wdp/docs/Forms/AllItems.aspx?RootFolder=/rpps/wdp/docs/SPS%20Complex/SPS%20Winter%20stop%202011-2012/TCC2-TDC2%20activities


20 Safety documentation

Work breakdown & planning Dose estimate Risk analysis


Surveys

Roofs handling

Roof block modification

TCC2 dry run

Downstream table repair

Worksite clean-up

Upstream table repair

Preparatory works

RP supervision

Reconnect services

Service disjunction

0 200 400 600 800 1000 1200 1400 1600

39.3333333333333

155

217.333333333334

258.333333333333

292.733333333333

475

556.733333333335

583.333333333334

763.823333333334

953.516666666667

1403.51666666667

Dose breakdown by activity

Dose (uSv)


21

End product (EDMS 1180560) Repair procedure

Work breakdown Organization breakdown (many groups involved) Planning

WDP & DIMR Risk analysis (overhead crane,…) Personnel training sessions REX to come

Licensing authority: Committee ALARA Level 3


Roles and responsabilities


22 Team work

TEAM LEADERS Coordinate the editorial work related to the safety documentation; initiate safety reviews

TEAM MEMBERS Contribute to the discussions on safety aspects within their range of expertise

throughout the lifecycle of the facility or system; SAFETY OFFICERS AND GLIMOS

Provide support to the project team members in the editorial work of the safety documentation, especially in terms of methodology;

Participate in the safety reviews. HSE UNIT EXPERTS

Represent the HSE Unit in the discussions on safety aspects throughout the lifecycle of the facility or system;

Participate in the safety reviews. DEPARTMENT /PROJECT MANAGEMENT

Ensures that the safety documentation is written and released in due time Approves the Safety Files.

Timeline: when to start, when to review23

HiRadMat site

Start as soon as possible (study phase)

Deliverables depend on the phase of the project/activity

HiRadMat: late start (in the middle of the project) induced changes in the design

For existing facilities, a safety file can be launched at several occasions: equipment renewal, consolidation, …

Review every 12 months at least

The project has a memory

Courtesy of P. Bonnal


https://espace.cern.ch/hiradmat-sps/Wiki%20Pages/Home.aspx

https://espace.cern.ch/hiradmat-sps/Wiki%20Pages/Home.aspx

Added-value exercise


24

Better knowledge of the facility and associated risks safety awareness is improved

Concentrated effort towards safety and documentation of the project: reviews and discussions with DSO’s, RSO’s. Some external pairs of eyes shed a new light on “our” project

Procedures checked and validated on-site with actors: team agreement on the procedures to be followed

Communication channels and knowledge of the facility improved with all CERN services (FB, CCC, Transport team, users…)

Decision making process during design of the facility, equipment is facilitated

Update of safety documentation and safety management becomes easy

Safety aspects

Added-value exercise


25

EDMS documents organized in a structured way also available in the Web (SharePoint sites)

Tailor-made information for each public (users, experts,….) Detailed knowledge of your facility is shared by all stakeholders

– increase efficiency Documented procedures available for repetitive interventions:

resources & planning optimization Facilitate training of new recruit (knowledge transfer) Bridge to other tool: maintenance plan (CAMMS), emergency

plan

Beyond safety aspects

Keys to success


26

Deal with lack of up to date technical documentation Secure resources (HiRadMat: 1 FTE year or 4% of the

project resources) Get commitment of all stakeholders Get commitment and support of management Make your safety file a unique & crucial working-tool

for all participants in your project/activity.

Lessons learnt


27

Successful project = deliverables delivered & performance achieved with no bad impact on persons and on the environment

Balancing the investment in time & money between scientific and technical performance safety performance & environment protection

If safety/integrity is correctly embedded intothe conception work, it should not be too painful

If safety/integrity is not taken into account during the conceptual work, then it may really become a critical issue

Safety engineering support (internal/external) is an asset

Safety aspects exceeding the scope of the safety file: these aspects are recorded in the safety file and are to be discussed in the proper forum (CSAP).

SAFETY DOCUMENTATION: FOLDERS AND FILES IEFC Workshop CERN, March 7, 2012 S. Evrard – EN/MEF How...

Documents

Transcript of SAFETY DOCUMENTATION: FOLDERS AND FILES IEFC Workshop CERN, March 7, 2012 S. Evrard – EN/MEF How...