computer-aided hazard identification paul chung ([email protected]) department of computer...

Computer-aided Hazard Identification

Paul Chung ([email protected])

Department of Computer Science

Hazards and Operability (HAZOP) Studies

• Established and widely used technique in the process industry for hazard identification

• Time consuming, labour intensive process:– Tedious– Expensive

Computer-aided HAZOP

• Different levels of support:– Electronic report form– Electronic data (on plant, on fluids,

etc.)– Automated Hazard Identification

• Continuous operation• Batch operation

Automated Hazard Identification

• Continuous operation– From basic research to commercial product –

HAZID– Basic technology

• Signed directed graph (SDG) representation• Fault propagation

– Go through a list of deviations systematically and identify the faults that cause the deviations and the consequences that result from the faults and deviations

HAZID Overview

• Automated extraction of plant design from a CAD system, e.g. Intergraph SmartPlant P&ID

• Convenient forms for adding any missing process specific information

• Tick boxes for selecting analysis options:– Deviations, e.g. more flow, less flow, etc.– Items to HAZOP, etc.

HAZID Overview• HAZOP style output in different output formats

– XML, with HTML web page view.– Excel spreadsheet.

• Query facility for viewing analysis results– e.g. viewing faults and consequences relating to a

particular plant item– e.g. viewing the propagation path between a

particular fault and consequence

• Compare facility for viewing the difference between two HAZID runs– Useful for after making a change to the design

Select SP P+IDFrom SmartPlant

Run Hazid data wizard,Extract plant data from SP database:*Plant Items*Piping, valves, fittings*Controls*Fluids information:

TemperaturePressureFluid name

Hazid maps SP iconsto Hazop “Process”models

Converts P+I diagramto Analysis model

Hazid analyses plant andgenerates Hazop Report

Hazid Operation

7

Mapping SmartPlant to Hazid models

SmartPlantDatabase

References

Hazid ModelTypesMapping created by user

for all company,then mapping is >95%

automatic

Automatic mapping by Hazid:

=

=

Centrifugal Pump

Valve

= ?????MixerStripperAbsorberReactor

User makes choice

8

**This User mapping is required only once for the whole Project**

Checking Automatic Nozzle Mapping

Hazid model is process function: But P+ID is piping:

User confirms nozzle functions:N1 is vapour/liquid in port,N2 and N3 are liquid out ports,N4 is a vapour out portN5 is Cleanout liquid in port.

Liquid

VapourVapour/LiquidIn Port

Liquid OutPort

Vapour OutPort

9

N1

N2

N3

N4

N5







Hazid Operation

7

Interaction between Faults, Deviations and Consequences

Consequence

DeviationFault

Fault - can cause ConsequenceFault - can cause Deviation to process variableDeviation – can cause another DeviationDeviation – can cause Consequence

Equipment Knowledge Base

Knowledge about behaviour of equipment

These links are called“arcs” in Hazid

Equipment Knowledge BaseKnowledge about Faults and Consequences

This is mainly engineering knowledge and experience

In

Out

Fault – Bearing failure Consequences•Casing damage•Seal damage and leakage•Loss of discharge pressure•Flow disturbance•Pump stops







Hazid Operation

7

HAZOP Style Output from HAZID

HAZID Viewer Queries

• Standard format questions:– What causes could there be for a

selected hazard?– What consequences are there for a

given failure mode?– How is a given hazard realised?

• Show a path of deviations for propagation

– Display all hazards with a given severity rank or higher

Filtered Output showing Fault Paths for a given

Hazard

Automated Batch Plant Hazard Identification

• Batch operation– Early research prototype (CHECKOP)– Basic technology

• Action representation• State-based simulation

– Go through a set of operation instructions systematically and identify potential ambiguities, operating problems and hazards

– Applying guidewords such as before, after, no action, etc.

CHECKOP System Overview

Simple Batch Reactor Example

CHECKOP Plant Description

instance(tank101 isa tank, [content info [reactantA], outports info [out is [pump101,in]]]).

instance(pump101 isa pump, [status is offline, outports info [out is [valve101,in]]]).

instance(valve101 isa valve, [status is closed, outports info [out is [reactor101, in2]]]).

instance(reactor101 isa stirred_tank_reactor, [ outports info [out1 is [valve103,in], out2 is [valve106,in]], heatSink info [hout is [jacket101,hin]], reaction info [reaction_ab_p]

]).

Operating instruction format

• Natural language– Easy for user– Requires natural language processing– Could be ambiguous

• Structured template– Easy for computer to process– Limited expressive power

Operating instruction format

• Object Action– valve101 open

• Object Action until Condition– mixer on until elapsed-time 20 minute

• Object1 Action Object2 Filler-word Fluid until Condition– reactor101 fill-from tank101 with

reactantA until volume 30 percent

CHECKOP Operating Procedure Input

charge reactor101 with reactantA: { (1) valve101 open (2) pump101 start (3) reactor101 fill_from tank101 with

reactantA until volume 30 percent (4) pump101 stop (5) valve101 close}etc…

Deviation Generation

• Combine each single action in the procedure with guide words, from:– No action – Simple omission.– Early/Late action – Sequence of procedure

changed (how many steps feasible?).– Early/Late action termination – “until”

condition of action varied.

• Then, simulate the effect of executing the new procedure on the plant, detect hazards.

Batch HAZOP OutputOperation Keyword Consequences

(3) reactor101 fill from tank101 with reactantA until volume 30 percent

No action (6) agitator running while vessel empty(17) cannot empty [reactantA, productP] from reactor101 to tank103 because content of reactor is [reactantB].

Early action (-2)

reactor101 cannot be filled from tank101 because there is no flow path.

Late action (+3)

reactor101 cannot be filled from tank101 because there is no flow path.

Batch HAZOP OutputOperation Keyword Consequences

(3) reactor101 fill from tank101 with reactantA until volume 30 percent

Early termination (to only 10 percent)

no consequence.

Late termination (to 50 percent)

(17) cannot empty [reactantA, productP] from reactor101 to tank103 because content of reactor is [reactantA, productP].(17) contamination in tank103.

Future Work on CHECKOP

• A formal structured language for operating instructions

• More guide words– “Other” Action – change other variables of the

Action model• Rules for reasonable deviations

– What are the most likely mistakes in operation?• Integrate with HAZID

– HAZID is strong on process hazards, CHECKOP better for operating errors, etc.

– HAZOP of start-up, shutdown, maintenance, etc.

Conclusions

• Automated hazard identification– continuous operation

• commercial tool that can reduce the time of HAZOP

– batch operation• promising area of research and development for

identifying problems associated with human errors and operating procedures

• Benefits:– Doing HAZOP earlier, and on modifications.– Consistent, repeatable, complete hazard

identification method.

Acknowledgements

• The work described in this presentation is being funded by– HAZID Technologies Ltd– Engineering and Physical Sciences

Research Council, UK• Thanks are also due to my

colleagues– Dr Steve McCoy– Mr Dingfeng Zhou

computer-aided hazard identification paul chung ([email protected]) department of computer...

Documents