overview of process hazard analysis (pha)
Post on 12-Sep-2021
5 Views
Preview:
TRANSCRIPT
Overview of Process Hazard
Analysis(PHA)
1
DR. AA, Process Control and Safety Group
Factors Influencing Incidents
2
Causes of Accidents and Incidents
Incidents and Accidents are caused by
either unsafe behaviours (substandard
practice) and/or unsafe conditions
(substandard designs).
Unsafe behaviours are handled by Occupational Safety Program,
Unsafe conditions are managed through Process Safety Programs.
3
Accident Causation Models
4
DOMINO EFFECT
5
LOSS CAUSATION MODEL
LACK OF
CONTROL
INADEQUATE
PROGRAM
BASIC
CAUSES
PERSONAL
FACTORS
&
JOB
FACTORS
IMMEDIATE
CAUSES
SUB
STANDARD
ACTS
&
CONDITIONS
INCIDENT
CONTACT
WITH
ENERGY
OR
SUBSTANCE
LOSS
PEOPLE
PROPERTY
PROCESS
PLANET
LOSS CAUSATION
PROBLEM SOLVING
Workers
exposed
to hazards
THRESHOLD
OSH-MS
Safe Operating Procedures, Training,
Supervision, Maintenance, PPE
Activity: PREVENTION Activity: MITIGATION
6
ACCIDENT RATIO STUDY
SERIOUS OR DISABLING
Including disabling and serious injuries
MINOR INJURIES
Any reported injury less than serious
PROPERTY DAMAGE ACCIDENTS
All types
INCIDENTS WITH NO VISIBLE
INJURY OR DAMAGE
Near-miss accident
10
30
600
1
7
Process Hazards
HAZARDOUS MATERIALS + PROCESS CONDITIONS
Flammable materialsCombustible materialsUnstable materialsReactive materialsCorrosive materialsAsphyxiatesShock-sensitive materialsHighly reactive materialsToxic materialsInert gasesCombustible dusts
High temperaturesExtremely low temperaturesHigh pressuresVacuumPressure cyclingTemperature cyclingVibration/liquid hammeringRotating equipmentIonizing radiationHigh voltage/currentErosion/Corrosion
Human Factors or Errors
HUMAN FAILURE
ERRORS VIOLATIONS
• Deliberate actions
• Different from those prescribed
• Carries known associated risks
• Ignores operational procedures
• Violation errors occur because of a
perception of lack of relevance, time
pressure or laziness.
• Competency exists
• Intentions are correct
• Slips occur while
carrying out habitual,
routine, skill based
activity.
• Incorrect intention
• Inadequate knowledge
• Incorrect information processing
• Inadequate training
• Mistakes occur because of incorrect
assumptions or incorrect “tunnel
vision” application of rules.
SLIPSMISTAKES
Process Hazard Analysis(PHA)
Methodologies
10
DR. AA, Process Control and Safety Group
PHA Methodologies
11
Process Hazards Analysis
PROCESS HAZARDS ANALYSIS
What can go
wrong?
How likely is
it?
What are the
consequences?
PROCESS HAZARDS ANALYSIS STRUCTURE
FOUNDATION FOR PROCESS HAZARDS ANALYSIS
HistoricalExperience
PHA Methodology
Knowledge and Intuition
Qualitative Risk Analysis
Process Hazards Analysis is the predictive identification of hazards, their cause & consequence and the qualitative estimation of likelihood and severity.
Qualitative vs. Quantitative
PROCESS HAZARDS ANALYSIS RISK ANALYSIS
IDENTIFIES HAZARDS, estimates likelihood and severity, suggests improvements.
USE ON EVERY PROJECT
QUALITATIVE - based on experience, knowledge and creative thinking.
Most often done by MULTIDISCIPLINARY TEAM
Several methodologies available What-if or Hazid What-if/Checklist HAZOP FMEA Preliminary Hazards Analysis
ASSESSES HAZARDS
SELECTIVE - use when other methods prove inadequate or excessive in cost.
QUANTITATIVE - requires extensive data and special expertise.
Done by ONE OR TWO SPECIALLY TRAINED PEOPLE
Also called:• Hazan• Risk Assessment• Probabilistic Risk Assessment
(PRA)• Quantitative Risk Assessment
(QRA)
Process Hazard Analysis
Simply, PHA allows the employer to:
• Determine locations of potential safety
problems
• Identify corrective measures to improve safety
• Preplan emergency actions to be taken if
safety controls fail
15
PHA Must Address …
• The hazards of the process
• Identification of previous incidents with likely potential for catastrophic consequences
• Engineering and administrative controls applicable to the hazards and their interrelationships
• Consequences of failure of engineering and
administrative controls, especially those affecting
employees
• Facility siting; human factors
• The need to promptly resolve PHA findings and
recommendations
16
PROJECT PHASE
Conceptual Process
development
Project
sanctionDesign, engineering,
construction
Hand
over
operation
Stage 1
Concept
Stage 2
Process
design
Stage 3
Detailed
Engineering
Stage 6
Post-
commis
sioning
Stage 5
Pre-
Commis
sioning
Stage 4
Construction
Relationship of six-stage process study system to project life-cycle
Safety issues must be embedded within all project life-cycle
17
PHA and project phase
Method
used
Project life cycle stage
0 1 2 3 4 5 6 7
Checklist X X X X X X X X
RR X X (X) (X)
What-If X X X X
FMEA (X) X X (X)
LOPA X X X
HAZOP (X) X X
PHR X (X)
18
What If
19
What-If
• Experienced personnel brainstorming a series of
questions that begin, "What if…?”
• Each question represents a potential failure in the
facility or mis-operation of the facility
• The response of the process and/or operators is evaluated to determine if a potential hazard can occur
• If so, the adequacy of existing safeguards is weighed against the probability and severity of the scenario to determine whether modifications to the system should be recommended
20
What-If – Steps
1. Divide the system up into smaller, logical
subsystems
2. Identify a list of questions for a
subsystem
3. Select a question
4. Identify hazards, consequences, severity,
likelihood, and recommendations
5. Repeat Step 2 through 4 until complete
21
What-If Question Areas
• Equipment failures
– What if … a valve leaks?
• Human error
– What if … operator fails to restart pump?
• External events
– What if … a very hard freeze persists?
22
What If
What If…? Initiating Cause Consequence
1. There is higherpressure in the vessel
1.1 External fire in the process area
1.1 potential increase in temperature and pressure leading to possible leak or rupture. Potential release of flammable material to the atmosphere. Potential personnel injury due to exposure.
1.2 pressure regulator for inert gas fails open
1.2 potential for vessel pressure to increase up to the inert gas supply pressure. Potential vessel leak leading to release of flammable material to the atmosphere. Potential personnel injury due to exposure.
23
Checklist
24
Checklist
• Review an installation against known hazards
identified on previous studies of similar plant
• Examine the checklist for relevance to plant
being studied
– Ask questions based on a pre-defined list
• The checklist is a corporate memory of what
could go wrong
– Should be augmented by industrial-wide experience
when available
25
Strength of checklist
• Is quick and simple to perform and is easily
understood
• Makes use of existing experience and
knowledge of previous systems
• Helps check compliance with standard practice
and design intention
• Ensures that known hazards are fully explored
26
Weakness of checklist
• Does not provide a list of initiating events
(failure cases) for a QRA
• May not be comprehensive and does not
encourage analysts to consider new or unusual
hazards
• Highly dependent upon the quality of the
prepared checklists
27
Checklist Question Categories
• Causes of accidents
– Process equipment
– Human error
– External events
• Facility Functions
– Alarms, construction materials, control systems,
documentation and training, instrumentation, piping,
pumps, vessels, etc.
28
Checklist Questions
• Causes of accidents
– Is process equipment properly supported?
– Is equipment identified properly?
– Are the procedures complete?
– Is the system designed to withstand hurricane winds?
• Facility Functions
– Is is possible to distinguish between different alarms?
– Is pressure relief provided?
– Is the vessel free from external corrosion?
– Are sources of ignition controlled?
29
Hazard Indices
30
Hazard Indices
• Hazard indices give a quantitative indication of
the relative potential for hazardous incidents
associated with a given plant or process. They
are used to most effect at the early design
stage of a new plant.
• The best known hazard indices are the Dow
Index (1981) and the Mond Index (1979).
31
• Operates like an income tax form.
• Penalties for unsafe situations
•Credits for control and mitigation
• Produces a number - the bigger the number
the greater the hazard.
• Only considers flammable materials
• Not effective for procedures.
Dow Fire and Explosion Index
32
33
Dow Fire & Explosion Index
• Considers toxic materials only.
• Includes simple source and dispersion models.
• Not effective for procedures.
Dow Criteria: If sum of F&EI and CEI > 128,
then more detailed hazard review procedure
required.
Dow Chemical Exposure Index (CEI)
34
Mond Index
Objectives of Mond Index
To Identify, Assess and Minimize potential hazards on
chemical plants units for new and existing processes
About Mond Index
Index primarily concerned with fire and explosion problem.
Toxicity is considered only as possible complicating factor.
Method gives credits for plant safety features (both hardware
and software).
Mond Index
35
Mond Index Procedure
1. Divide plant into units and each unit is assessed individually
2. Select ion of key material present in the unit.
– Key material is the most dangerous chemicals (inherent properties),
which higher possibility for combustion, explosion or exothermic
reaction.
3. Calculation of Factors
– Material Factor, B
– Special Material hazards, M
– Special Process hazards, S
– Quantity Hazards, Q
– Layout Hazards, L
– Acute Health Hazards, T
4. Calculation of Indices - Dow Index (D), Fire Index (F), Explosion
Index (E), Overall Hazard Rating (R).
36
The most important criteria - overall hazard rating, R
Overall Hazard Rating Category
0-20 Mild
20-100 Low
100-500 Moderate
500-1100 High (group 1)
1100-2500 High (group 2)
2500-12,500 Very high
12,500-65,0000 Extreme
> 65,000 Very extreme
Mond Index Criteria
37
HAZID
38
HAZID
• Performed by a team of multidisciplinary
experts
• The analyses are carried out based on area by
area basis
– It is focusing on location of the process
• The discussion proceeds through the
installation’s modules or operations using
guide words to identify potential hazards, its
causes, and possible consequences
• The outcomes are summarised in HAZID Log
Sheet 39
HAZID Guidewords
40
HAZID Guidewords – Port Facility
41
HAZID Log Sheet
Ref No
Guide word
Hazard Description
Conse-quences
Risk Potential Safeguards /mitigating features
Action / commentcons Freq
42
HAZOP
43
HAZOP
• Performed by a team of multidisciplinary experts
• The process is divided into distinct subsections or
nodes
– It is focusing on plant component/equipment
• On each node, detailed brainstorming is conducted
facilitated by a HAZOP Leader
– Based on the design intent of each equipment specified by the
node, possible deviations are examined, aided by guidewords
and process parameters
– Causes, consequences are identified and existing protection
prescribed by the design are assessed. Based on these,
recommendations are put forward
• The outcome is summarized in a HAZOP Log Sheet 44
HAZOP Guidewords
• No: negation of design intention; no part of design intention is
achieved but nothing else happens
• More: Quantitative increase
• Less: Quantitative decrease
• As well as: Qualitative increase where all design intention is
achieved plus additional activity
• Part of: Qualitative decrease where only part of the design
intention is achieved
• Reverse: logical opposite of the intention
• Other than: complete substitution, where no part of the original
intention is achieved but something quite different happen
– Contamination, corrosion, sand deposits etc
45
HAZOP Log Sheet
Deviation Causes Consequences Protection Action
Guideword + Parameter
Guideword: No, Less, More, reverse etc
Parameter: Flow, temperature, level etc
Possible causes of the deviation
Effect of deviation of plant safety and operability
Safety provision already considered.- Prevent causes- prevent/ reduce consequence- monitor/ detect
Is the protection sufficient?If not, propose suitable action or recommendation
• Based on the selected NODE and the design intent of
the node, HAZOP study is conducted. The output is
summarised in HAZOP Log Sheet
Example: Simplified HAZOP Log Sheet
46
LOPA
47
LOPA
• LOPA is a semi-quantitative risk analysis technique that is applied
following a qualitative hazard identification tool such as HAZOP.
• Similar to HAZOP LOPA uses a multi-discipline team
• LOPA can be easily applied after the HAZOP, but before fault tree
analysis
• LOPA focuses the risk reduction efforts toward the impact events
with the highest risks.
• It provides a rational basis to allocate risk reduction resources
efficiently.
• LOPA suggests the required Independent Layer of Protection (IPL)
required for the system to meet the required Safety Integrity Level
(SIL)
48
LOPA Methodology
• There are five basic steps in LOPA:
1. Identify the scenarios
2. Select an accident scenario
3. Identify the initiating event of the scenario and
determine the initiating event frequency (events per
year)
4. Identify the Independent Protection Layers (IPL)
and estimate the probability of failure on demand of
each IPL
5. Estimate the risk of scenario
49
LOPA
50
LOPA
Consequence & Severity
Initiating event(cause)
Initiating event challenge frequency /year
Preventive independent protection layers Probability of failure on demand (PFD)
Mitigation independent protection layer (PFD)
Mitigated consequence frequency/year
Process design
BPCS Operator response to alarm
SIF (PLC relay)
iJii
I
i
ij
J
j
I
i
C
i
PFDPFDPFDf
PFDff
...21
1
i event initiating for C econsequenc against protects
that IPL jth the of demand on failure ofy probabilit
i event initiating forrequency frequency
i event initiating for C econsequenc forfrequency
ij
I
i
C
i
PFD
f
f
51
Failure Modes, Effects Analysis
(FMEA)
52
FMEA – Failure Modes, Effects Analysis
• Performed by a team or a single analyst
• Systematic review
– Considers each component in turn
– Subjectively evaluates effects of failure
• Based on tabular format
• FMECA includes critical analysis
53
FMEA – Failure Mode Keywords
• Rupture
• Crack
• Leak
• Plugged
• Failure to open
• Failure to close
• Failure to stop
• Failure to start
• Failure to continue
• Spurious stop
• Spurious start
• Loss of function
• High pressure
• Low pressure
• High temperature
• Low temperature
• Overfilling
• Hose bypass
• Instrument bypassed
54
Example: FMEA on a Heat Exchanger
Failure Mode
Causes of Failure
Symptoms Predicted Frequency
Impact
Tube rupture
Corrosion from fluids (shell side)
H/C at higher
pressure than
cooling water
Frequent –has
happened 2x in 10 yrs
Critical –could
cause a major fire
Rank items by risk (frequency x impact)
Identify safeguards for high risk items
55
Fault-Tree Analysis
(FTA)
56
Fault Tree Analysis
• Provides a traceable, logical, quantitative
representation of causes, consequences and event
combinations
• Not intuitive, requires training
• Top-down analysis
• Graphical method that starts with a hazardous event and works backwards to identify the causes of the top event
• Intermediate events related to the top event are combined by using logical operations such as AND and OR.
• Not particularly useful when temporal aspects are important
57
Example of FTA
58
FTA Procedure
make
decision:
acceptable
?
identify top event
construct the fault tree
analyze qualitatively
analyze quanitatively
accept system
YES
NO
develop improvements
FTA Nomenclature
PHR
Method
Selection
Decision
Tree
top related