Process Safety Studies 2019

Download as pdf or txt
Download as pdf or txt
You are on page 1of 15
At a glance
Powered by AI
The document discusses various safety studies that are performed to identify hazards and mitigate risks in process plants. It emphasizes the importance of safety culture.

The document discusses several in-house and external safety studies including HAZID, HAZOP, SIL, LOPA, FMEA, FTA, EERA, QRA, CHAZOP and SAFOP among others.

The three levels of protection discussed are the control system, which maintains stable operation, the trip/shutdown system, which provides primary protection when the control system fails, and the relief system, which provides secondary or ultimate protection as a last line of defense when other systems fail.

Nov 2019

Slides marked “Skip” provide additional


information
Hazid and Hazop Studies
 Hazard identification in design and operation
Layers of Protection (LOPA)
Mitigation by Design and SOP (Standard
Operating Procedures)

Process Safety Studies


Safety in Design
Technical Safety

1 2

Bhopal: 12,000+ Dead

Chemical Process Industries (CPI) are Safest Performers


 Fatal Accident Frequency Rate. No. of fatalities in a group of 1,000 Time to take stock. Reflect
people per 100 million hours of working  What Went Wrong?
 Construction: 67 Road travel: 57 CPI: 4 Stay at home: 3

Still spectacular accidents happen. Need to identify hazards


Hurricane hit
Hazard: Boat hit
 An inherent physical or chemical characteristic with a potential to cause Hydrocarbon into Boiler Air Erosion Corrosion Column overflow
harm to people, environment, or property
 Any activity, procedure, process, substance, situation or other
circumstance with a potential to cause injury or illness
H2S: Toxic.
H2/LPG: Flammable/ Explosion
Machinery: Can injure.

3 4

1
Nov 2019

PRV
PAHH
PIC/PAH
NOP
Causes Consequences Safeguards
Control system: Maintains stable operation
Trip / shutdown system: Provides primary protection, when Safety
Design and
control system fails (Hazard
Recommendations Operating
Identification)
Relief system: Provides secondary or ultimate protection - Studies
Practices A single study like HazId, Hazop etc.
at best can trap 60% of the causes.
or last line of defence, when control and trip systems fail We do multiple studies. Multi-sieves
PRV
Community Emergency Response
PIC
LOPA - Layers of Evacuation
Plant Emergency Response
PAHH
PALL
T0 Flare Protection Analysis Containment/ Evacuation Procedure
Mitigation

SDV
T0 Compressor
Design to provide Mechanical mitigation, Relief System
Operator Action

Fluids Separator many layers Prevention


SIS Trips
SDV Operator Response
Controls & Monitoring
SDV
Alarms
SDV Operator Supervision
Oil/ Light Liquid
RV lifting: A serious incident Water/ Heavy Liquid Process Design

5 6

If accidents were
due to human error
then falls are due to
gravity
Health and Safety:
In all aspects of life - social, mental and
physical
Safety studies achieve nothing .. Unless
there is an imbibed Safety Culture
 Overloaded power sockets. Files stacked on Detour to: Safety in Engineering
desk.. Fire hazards
 Short cuts .. risk your life and that of others
 Do we wear at home safety glasses or
harness?

Do you know ..
 Water can topple a ship?

Pedestrians cross at marked


crossing. No metal barricades.
Pedestrians jump over metal
barricades and get killed. Why?

7 8

2
Nov 2019

Proactively search for hazards, assess and provide mitigation


Earlier done, easier to implement recommendations or change design
Hazop/ HazId Design Info
Plant Design
A: Inhouse Studies B: External Studies Studies

 Hazid, Hazop  FMEA , FTA, EERA, ESSA


 SIL, LOPA  Fire & Explosion / Blast Risk
 QRA - Quantitative Risk Analysis Hazard Safety
 Hazard Prevention/ Detection/ Register Studies Recommendations
Control/ Mitigation
 Dropped Objects, Ship Collision
Companies that regularly perform Safety
Studies introduce Safety culture among  CHAZOP, SAFOP, SIMOPS Performance
staff. That is the real barrier to reduce Risk Assessment
 Human Factors, Alarm Standards
frequency and severity of accidents
Management etc etc
Safety Case/
Conceptual Construction & Commissioning Report
FEED Detailed Engg Fabrication Production
Design Erection & Start-up

9 10

Historically
 Safety Reviews (1960s)
 Check Lists (1960s) - Experience + Lessons learnt
 PHA: Preliminary Hazard Analysis (1970s) - Haz materials & Operation
 What-if Analysis (1970s) - Brainstorming techniques
 HAZID (1970-80s) - Hazard Identification - Hazards in Operations
 HAZOP (1970-80s) - Hazard & Operability Analysis
 FMEA – Failure Modes, Effects Analysis
 FTA - Fault Tree Analysis
 SIL - Safety Integrity Level
 LOPA - Layer of Protection Analysis
 Bow-Tie Diagram (1990s)

In addition there are sub-contracted studies


 Most of these studies - routine in North Sea and Australia
 Only selected studies for projects in rest of the world/ onshore plants

11 12

3
Nov 2019

Event Causes Initiator


On Design & Operation Issues
1) High 1) Low head across pump - High suction and low discharge press 2) Pump FCV fails open 3) Pump 1) Loss of pump
 Most common. Simple & easy. Built over time and many projects Flow min flow FCV fails open; 4) Pump racing 5) Discharge line rupture 6) Discharge drain or vent left control
open
 Based on “Lessons Learnt” 2) Low 1) Blocked or plugged outlet - solids build up 2) High head across pump - Low suction and high 1) Loss of pump
Flow discharge press 3) Pump FCV malfunction 4) Pump min flow FCV malfunction 5) Pump backs up on control and
 Based on industry standards/ codes/ practices curve 6) Suction line rupture 7) Suction drain or vent left open operational issues
Discipline-wise Checklists 3) No Flow 1) Blocked discharge 2) Pump failure 3) Pump FCV fails closed 4) Pump min flow FCV fails closed 5)
Discharge head high 6) No inflow - pump under min flow 7) Suction line rupture
1) Loss of pump and
operational issues
 Separator - controls & protection. Pump - controls & protection 4) Reverse 1) Pump failure and free wheeling 2) Pump min flow FCV fails open, routing high press discharge 1) Loss of pump and
Flow side liquids to suction operational issues
 Piping Practices - location of valves Pressure 1) Pump NPSH not met - suction cavitation 2) Blocked inlet 3) Suction strainer fouled 4) Blocked 1) Loss of pump and
outlet 5) Pumped fluid density different 6) Water hammer operational issues
 Instrument & Control Practices. Civil/ Structural design issues
Others 1) Changes in feed composition or flows 2) Ingress of air, water, steam, corrosion products
 Commissioning steps/ Start-up procedures
Start-up 1) Purging, flushing, steaming, removing mill scales 2) Pressure testing
▪ Flush the lines first. Remove control valves before flushing
Operation: 1) Improper operation Op error; failure to
Good for permit to work, Job Safety Analysis - where type of Tank follow instructions;
overflow poor training
hazards are fairly known or understood
Caution: Practices based on corporate/ industry/ statutory codes Good in shop floors. Not good to identify new hazards
are not adequate to cover changes in new plant/ operation/ design

13 14

Hazard Causes Consequence Safeguards Action or On


Recommendation
Brainstorming session Pool fire Vessel
overpressu
1) Pool fire of oil/ condensate
2) Potential vapor cloud
1) F & G detection / ESD/ Blowdown
2) PPE to prevent skin exposure to
Series of "What if…?” questions on potential upsets re and leak;
Flange
explosion (VCE)
3) Toxic exposure (CO2, H2S,
mercury
3) Hazardous area classification and
 that may result in an incident or poor system performance leak; Spill;
Local
Mercury)
4) Equipment/ Structural
selection of electrical equipment to suit
zone
draining damage 4) Automatic isolation of power to non-
 Each question addresses a potential failure or mis-operation 5) Personnel injury essential equipment on confirmed fire
6) Escalation to adjacent risers, detection
 Responses help identify potential hazards pipes and other equipment 5) Natural ventilation

 Existing safeguards evaluated. Additional safeguards or


mitigation measures recommended  Better than HAZOPs for batch operation
 Example: Batch chemical, pigging or depressurizing a pipeline
Plant or system subdivided into nodes, to stay focused
 Common and least structured methods
Simple and effective with experienced team  Good & flexible tool in a wide range of circumstances
Good for early hazard identification with PFDs only  Good at any stage and for change review
What if the Feed Pump fails to start?  Team members should not get into a tunnel vision, limiting
the tail pipe freezes over? themselves to the check list
the reactor temperature shoots up?
the operator adds the chemicals in the wrong sequence?

15 16

4
Nov 2019

Helicopter View

High level review to identify hazards or risks - in design and operation 1. Hydrocarbons + flammable 15. Corrosive substances
When: ASAP. FEED stage, based on min info - layout and flow diagrams materials 16. Biological hazards
How? 2. Explosives 17. Ergonomic hazards
3. Pressure hazards 18. Psychological hazards
 Team selects areas to study- plot or deck/ area or system wise 4. Differences in height 19. Security-related hazards
 Each system or area reviewed against a pre-agreed checklist 5. Objects under induced stress 20. Use of natural resources
▪ Check list, based on historical data, experience, standards 6. Dynamic situation hazards 21. Medical
 When a hazard or risk is identified, find 7. Environmental hazards 22. Noise
▪ All potential causes or scenarios that could trigger the hazard
8. Hot surfaces; Hot fluids 23. Entrapment
9. Cold surfaces; Cold fluids 24. Communication
▪ Its potential consequences - direct as well as escalated 10. Open flame 25. Construction Issues
▪ Impact on personnel, assets and environment 11. Electricity 26. Start-up and Shutdown Issues
▪ Effectiveness of safeguards/ risk reduction/ or operating procedures 12. Electromagnetic radiation 27. Onshore
▪ Recommend: additional safeguards or operating procedures 13. Ionizing radiation - Open & 28. FPSO
Closed source
Basis of Safety Studies 14. Asphyxiates; Toxic gas; Toxic
fluids; Toxic solids
 Identifies process and non-process hazards (health, environment)

17 18

Discussions are recorded in a transparent way, without


To: Identify and evaluate hazards in design, operation and
ambiguity to avoid any misunderstanding maintenance
 Must be clear even after 10 years
 Failure of equipment, controls, trips and human error
Only items with potential hazards are recorded How?
Hazard Cause Consequence Safeguards Action or
Recommendation
On  Structured and systematic examination of design or an existing
Hydrocar Rupture 1) Pipeline / riser / piping leak/ 1) F & G detection / ESD/ Blowdown 3) Check operational
operation. Widely used
bons
release -
of risers,
flowlines
rupture leading to gas cloud.
Potential vapor cloud
2) Lifting procedures / look out man on the topsides
/ crane mechanic on standby
requirements for lay-
down areas, bumper
 One section of a plant or system or operation (node) is examined
with or
without
and/ or
plant
explosion (VCE)
2) Riser / pipeline/ flowline fire
3) Crane operating radius away from pipeline
corridor
bars and lifting device
/ mechanical handling
by a multi-disciplinary team
ignition piping
due to:
(jet fire for a long duration)
3) Toxic exposure (CO2, H2S,
4) Certified crane operators. Dead man’s handle to
operate crane.
capabilities.
4) Ensure that
 Select an Operating parameter + Guide word to find possible
Mercury) 5) Regular crane maintenance wellheads are deviation from design/ operational intent, its feasible causes and
Dropped 4) Pool fire of oil/ condensate 6) Dropped Object / crane location / laydown area automatically
object, on deck and on sea / land study to ensure that crane resting position is not shutdown upon their potential unwanted consequences
Swinging 5) Equipment/ Structural above equipment or escape routes confirmed fire
load, damage 7) Fusible plugs near riser ESDV to shutdown SDVs detection on topsides/  Node by node (line by line or equipment by equipment)
Fitting 6) Personnel injury upon confirmed fire detection in plant area
Failure or 7) Missile generation, 8) PPE to prevent skin exposure to mercury  Available safeguards evaluated; additional safeguards/ studies
Leak, or
Operator
equipment/ structural damage
8) Escalation to adjacent
9) Hazardous area classification and selection of
electrical equipment conforming classified zone
/solutions recommended
Error risers, piping and other 10) Automatic isolation of power to non-essential
equipment on board electrical equipment on confirmed fire detection Unlike HazId, Hazop requires P&IDs, Cause & Effect Matrix. More rigorous and detailed.
11) Decks / plant naturally ventilated
HazId – ½ -1 day; Hazop – 1 to 8 weeks

19 20

5
Nov 2019

Parameters Select a System


Flow, Press, Temp,
Level, Time etc. Select a Node

Select a Parameter

Select a system. Explain its general intent Develop a Deviation


Select a node (area of focus, small bite) vessel or line. Explain intent Identify Causes
Apply:
1.an operating parameter <Flow> and a guide word < No> Identify Consequences
2.to develop a meaningful deviation < No Flow>
3.possible causes <Outlet blocked> and consequences <pressure builds up> How will Operator know? Alarms? Trips? Protection - PSV?
4.potential hazards <flange leak, vessel burst, fire, explosion> Add Additional Safeguards, if Required
5.safeguards <PCV/ PAHH/PSV> and Changes to Design, Operations
6.recommendation/ action
Repeat for all guide words for the parameter Other Causes of this Deviation
Repeat for all parameters, flow, pressure, temp Guide Words
Node complete. Repeat for all nodes No, Less, More, As Other Guidewords for this Parameter
Examine auxiliary units - heating, cooling, utility Well As, Part of,
Reverse Other Parameters

Other Nodes
Operations team learns about design limits
and
Design team learns about operational constraints
Follow up!! Follow up!!
Recommendations & solutions are team dependent

21 22

Guide word & Cause Consequence Risk Safeguards Action On


Deviation Ranking
High Level 1) LCV failure 1) Tank overflow 1) 2 separate LAHH
When in V3010 2) LIC sensor failure 2) Environ Impact 2) 1 hour storage
2) Outlet SDV or block 3) Pool fire above LAHH
 (1) Concept stage - Hazards of materials and operation valve closed
3) More inflow
 (2) FEED stage - Major hazards 4) Sandjet valve open

Discussions are recorded/ Caution:


 (3) Detailed engg stage tabulated 1.No credit for controls as they
 (4) Construction/ Site check - checklist might be on manual mode
Creative & open-ended. Good
 (5) Pre-startup: Function testing, purging - checklist participation from different 2. Alarms get bypassed and
discipline teams bring out the “nuisance” ones ignored. Alarm
 (6) Operating plants - lessons learnt best fatigue during emergency
▪ Difficult to get up to date info/ flow sheet, follow-up and close- Systematic, structured, 3. Trips might have failed latently.
out comprehensive and flexible Car break failure gets noticed; not
headlights failure unless you
Identifies all potential hazards regularly drive in night time
and operability issues
Note: each stage verifies that the actions of previous stages have been completed

23 24

6
Nov 2019

Why Min Flow?


1. Temp rise during low flow
RO 2. Avoid cavitation/ pulsations Time-consuming, repetitive, hindering “full” participation.
3. Avoid surging with non-rising head curve Monotonous. Maintaining interest is a challenge. Team members
4. Gradual start-up + avoid motor overloads may “switch-off” - no contribution! Ram-Katha
Pump Feed to Distillation
Column Success limited by team composition and time given
Team may miss out scenarios they are not familiar with
150 # 300# Start-up Bypass Pump failure will
lead to reverse flow
from column and Domination by a single person. If he or she is a senior, hesitation to
bypass express a different opinion
Ignoring transient - start-up and shutdown issues.
Power Supply –
RO
RO or min Flow FCV
alternative sources
Poor participation from operations in new projects, who may just get
with larger pumps Spare Pump to see the PIDs for the first time. Need their contribution on transient,
PG
Feed to Distillation while they are busy to spot “shopping list”
Pump Auto start of Spare
Pump Expecting Hazop to be a catch all “Design Review”. Missing pre-
Column Hazop design review leads to trivial actions; wasted time
150 # 300# Start-up Bypass Suction PSLL Ethylene Plant: 100 P&IDs. Av 5-6 items/ nodes per P&ID
4 parameters * 5 guide words + 5 start-up = 25 queries/ node; 3-5 minutes/ query
8 hour/ day sessions. 5 day/ week. Duration = 550 * 25 * 4 /60/8/5 = 22- 25 weeks

25 26

Initiators Failure Initiators Failure


Similarly, Final Similarly, Final
Elements SDVs May Elements SDVs May
Finds effectiveness of safety systems Fail SIL Classification or target values based on PFD Fail
Failure Failure
Based on probability of failure to respond on of LAHH  SIL 1 - between 10-1 and 10-2 (0.1 to 0.01) Once in 10- of LAHH
demand - random and systematic SIF 100 years SIF
Establishes availability of Safety Instrumented  SIL 2 - between 10-2 and 10-3 (0.01 to 0.001)
System (SIS) when things go wrong looking at
and

and
 SIL 3 - between 10-3 and 10-4 (0.001 to 0.0001). That is
Layers of Protection (LOPA) once in 1,000 or 10,000 years. Maxm. This is as good as
IPL (Independent Protective Layer) Residual Risk a PSV
based on Frequency of Demand x Consequences  SIL 4 - between 10-4 and 10-5 Not practical
or

or
Reduction in SIL Logic SIL Achieved Logic
 By 1 level IPL 10 – Operator, Control/trip Solver  Based on sensors, final elements, logic solvers, Solver
 By 2 levels: IPL 100 - PSV Fails redundancy, their reliability and testing intervals Fails
Data LAHH LAHH
LAHH LAHH
‘B ‘B
 HAZOPs, QRAs etc studies, P&IDs, Cause and Effect ‘A’ Fails ‘A’ Fails
Fails SIL Terms: Fails
charts, Maintenance and shutdown details, Relevant
operational information TF= Tolerable frequency. TF of 10-4 means, company can tolerate an
incident once in 10,000 years. Company’s risk appetite!
 List of Safety Instrumented Functions (SIFs) PFD = probability of failure on demand (PFD), that is when SIS fails to
based on above Proof test interval is key to get high SIL protect, user or manufacturer data! Proof test interval is key to get high SIL
How often you test MF = Mitigated frequency. Should be less than reqd TF/ SIL How often you test

27 28

7
Nov 2019

PRV
PAHH
PIC/PAH
NOP

Control system: Maintains stable operation Credit given for Layers of SIL is an excellent
Trip / shutdown system: Provides primary protection, when Protection (LOPA) mathematical tool
control system fails  Basic Design, Control System,  Economic or Asset protection
Alarms, Trips, Operator alone will demand high SIL
Relief system: Provides secondary or ultimate protection - Response; Pressure Relief  Operating and Engg
or last line of defence, when control and trip systems fail Devices. LOPA and owner’s companies yet to go full hog
PRV
risk matrix are used
PIC
SIL studies help delete Community Emergency Response
redundant SIF / Evacuation

T0 Flare instrumentation Plant Emergency Response


Containment/ Evacuation Procedure
PAHH
PALL Mitigation
T0 Compressor Mechanical mitigation, Relief System
SDV Operator Action
Prevention
Fluids SIS Trips
Separator Operator Response
SDV
Controls & Monitoring
SDV
Alarms
SDV Operator Supervision
Oil/ Light Liquid
RV lifting: A serious incident Water/ Heavy Liquid Process Design

29 30

Finds consequences of all possible failure modes of a - Compressor PLC


component, module or subsystem and their consequences. Failure Effect Causes Safeguards Action On
Mode
Usually in equipment. Key issue: Reliability & availability
SDV open Wrong indication of Wear and tear Commissioning and Correct position
HazId provides helicopter view. Hazop  ground view. FMEA position valve position to test procedures to indication is required
indicator control system. ensure that all in compressor start-up
 micro view of individual system switch fail Incorrect controller compressor SDV logic. All position
Good for analyzing mechanical and electrical hardware sequence initiated indicators are wired indicators should be
correctly to PLC function tested in
systems e.g. Wellhead/ Local Panels, PLCs etc vendor shop

Failure modes of each component, their possible causes,


probability of occurrence, potential consequences, and Very structured and reliable method for hardware and
proposed safeguards are noted automatic control systems. Improves reliability
Easy to learn and apply. Easy to evaluate even complex
FMEA key words: systems. Gives an insight into failure modes
• Rupture, Crack, Leak, Plugged, Stop, Start, Bypass
• Failure to open/ close/ stop/ start/ continue Eg: A valve
Takes lot of time and may miss areas of multiple faults.
• High /low pressure; High /low temperature May not identify areas of human error in operations

31 32

8
Nov 2019

Graphical method: Combinations of possible events Good for analyzing multiple (combination of)
that results in an undesirable outcome (top event) failures that result in an accident or when
Intermediate events are combined using AND and OR,
logical operators multiple outcomes are possible
Considers both hardware and human failures Traceable, logical, quantitative + visual
Press Rise
representation of causes, consequences and
PAHH Fails

Kaboom and
PSV1 Fails
and or SIS Fails
event combinations
to relieve

PSV2 Fails
SIS Output
Fails
Press Rise
With probabilities of individual events known,
to relieve
PCV Input
PIC Fails
easy to calculate, probability of top event. QRA
or and or DCS Fails
Fails
PCV Fails DCS
Not intuitive. Training required. Difficult to
or PSV set
high
to open Output
Fails document. Can get complex. Time taking
PSV
undersized

33 34

Figure out the ways in which hazards can occur Demonstrates role of barriers in risk reduction
 Then apply frequency and probability to find likely events
Meetings
Press Rise
with Lunch
1 /year
20 /year Hi Hi Press
Free Meal
and 0.005 and
2 /year
Invitation /year
RV Dead
0.1
(HOD = 1)
0.005 Threat Consequence
Visitors
15 /year
Lunch with Mistakes are not made in f Hazardous
visitors and and p, but figuring out Threat Consequence
1.5 /year Invitation hazards Event
0.1
Free Meal Common Mistake: Not counting all
or
1.5 /year hazards (known/ unknown), Suppose, Threat Consequence
Training
a clever manager figures out that it is Controls Recovery
5/year
Lunch with cheaper to buy lunch and herd all for
Training and monthly Tool Box/ Brown Bag/ Safety
1.0 /year
Invitation meetings, 12 /year at 1, additional
0.2 (unwanted) lunches = 12
Prevention Mitigation

35 36

9
Nov 2019

UKOOA simple 3 x 3 Matrix

Consequence 
High Medium High High
Risk of a hazard: its probability x Medium Low Medium High
severity of its consequence. How likely
Low Low Low Medium
and how bad it would be if it happened Risk = Probability x Severity
Low Medium High
UKOOA 5 x 5 Matrix
Severe
 Reduce probability or Severity or both 2 LPG Plants were blown
5 Medium Medium High High High while swinging blinds
Many lives  Hazard: LPG tank farm. LPG leakage
Critical
Several lives 4 Low Medium Medium High High  Risk: Vapor Cloud Explosion
Substantial  Mitigate probability: Proper isolation before swinging blind
3 Low Low Medium Medium High
Consequence 

Single life/ serious injury


 Mitigate severity: (1) Install remote operable valves (ROV) to
Marginal
Single serious injury or 2 Low Low Low Medium Medium isolate spill or transfer contents to another tank and (2) install F&
many minor injuries G detectors to close ROV
Negligible
Single minor injury 1 Low Low Low Low Medium
Usher in a safety culture. Empower operators to believe
1 2 3 4 5
that they can deduct a hazard and act on it
Rare Unlikely Infrequent Occasional Frequent
< 1 in 10,000 1 in 100-1,000 Probable 1 in 10 year
years
1 in 1,000-
10,000 years years 1 in 10-100 y
Good Personal Safety ≠ Process Plant Safety. Plants with
Frequency  good personal safety may have serious safety incidents
High: Risk - Not tolerable – additional protection/ design changes required
Medium: Risk – Tolerable with controls – evaluate additional control/ design changes
Low: Risk – Tolerable. Do nothing!

37 38

Identify hazards Internal Auditing


Analyze Risks External Auditing
Prioritize Risks Good testing &
Safety Risk Safety
Treat Risks maintenance
Management Assurance

Report all incidents Training & Education


Safety Management System (non-punitive) Safety Policy Safety Toolbox Meeting
(SMS) Building Blocks Identify Responsibilities & Objectives Promotion Communicate Safety
Document & Record Alerts
Empowered employees make a difference!
BEFORE AFTER
 Safety is a priority for me but I can’t  I can ensure safety is a priority at my A single study like HazId, Hazop etc.
translate that to my plant plant at best can trap 60% of the causes.
 I take care of hazards before they We do multiple studies. Multi-sieves
 Accidents may happen once in a turn into accidents
while in my plant  I can classify every risk in my plant
 I don’t know what is the greatest risk and know how to mitigate it
in my plant  I have a risk-based prioritized list of
 What should I do to improve safety? things that I should do to improve
safety
 I don’t know how safely my workers  My workers are trained and they
are doing their job help keep the plant a safe place
 How safe is my plant? How will I  I measure safety performance and
know? know the trends
 My managers keep my plant safe  Every worker helps to maintain and
improve safety
Based on a presentation on airport safety

39 40

10
Nov 2019

Egress, escape, Flammable/ toxic gas release .. LFL &


evacuation & rescue of mass
personnel Pool/ Jet/ Flash fire
Temporary Refuge BLEVE (Boiling Liquid Expanding Vapor
Explosion) / VCE (Vapor Cloud Explosion)
Integrity Blast Relief Wall Thermal radiation. Impact on personnel
Escape Routes, Blast Escape Routes and asset
Relief, Heat Shields, Boats Isolation of inventory and
Safety Signs Layout depressurization
Passive fire proofing to prevent
Heat shields escalation
Firewater spray to control fire
Blast overpressure based on fluid, mass,
reactivity and congestion/ confinement
Checks out location of buildings. Provide
fire / blast protection to personnel & asset

41 42

ESSA - Emergency Systems Survivability (after a Likely scenarios and their quantified risks to personnel
and public
major event) Analysis  Based on: Flammable, toxic fluids, isolatable sections,
Emergency Systems Reliability / Availability potential ignition sources
 Consequence: Fire, explosion, toxic etc;
Analysis To demonstrate:
 Risk levels meet the specified criteria

Provides design options


 Example: HP Source  Gas Leak  Gas cloud. Jet fire.
Flash fire. Explosion  Impact radius  Effect on staff/
facility

Qualitative Vs Quantitative
Knowledge, Experience and Judgment.. Vs Numerical Analysis

43 44

11
Nov 2019

Unignited dispersion/ Jet Fire


Explosion
Pool Fire
Example.. Gas leak Hazard Prevention
 Small leaks: Flange, valve, pump stuffing  Overpressure protection
box, instrument tapping. Medium: open ▪ By Pressure Relief and De-pressuring
vents, mechanical failure Large: Rupture
 Hazardous Area Classification
 Example: 6 kg/h frequency 0.111 events/year
▪ To control Sources of Ignition
0.07 (7% chance of immediate ignition) = 0.111*.07 = 7.77E-03 Fire
0.111
 SIL verification
0.95 (95%) F&G, ESD/BDV = 9.81E-02 Dispersion

0.93 0.12 (12%) Explosion = 1.86E-05


Based on mass x confinement
Hazard Detection
0.03 (3%) Ignition Blast P 0.2 bar to 100m radius
Plant damage; fatal injuries
 Flammable / Toxic Gas / Flame Detection
Based on Ex Protection
0.05 0.88 Flash Fire = 1.36E-04  Building smoke and fire detection
0.97 Dispersion = 5.01E-3  Manual alarms and Emergency Shutdown Stations
Based on “The Oil & Gas Engineering Guide”, Herve Baron, Technip  Pool fire  BLEVE

45 46

Hazard Control Instrument CHAZOP


 Process isolation and depressurization Electrical SAFOP
 Flare and vent tip location  Electrical Systems Safe Operability Review
▪ To protect personnel from thermal radiation and toxic gas
 High risk areas downwind of low risk areas Dropped Object Risk Analysis
 Drainage and spill control. Ventilation and pressurization  Risks posed by dropped objects on equipment
 Remedial measures, protection
Hazard Mitigation  Material & Mechanical Handling Studies
 Active fire protection
 Firewater / foam systems / fixed and portable extinguishers Ship Collision Risk Analysis
 Passive fire protection for structural steel, enclosures,  Risks posed by passing vessels, supply boats etc
equipment supports, electrical and instrumented systems  Remedial measures, protection

47 48

12
Nov 2019

AIV/ FIV Studies Alarms Management


 Acoustic and flow induced vibration Human Factors Assessment
Noise Study  Plant ergonomics, specially Control Room; Access to valves
 Noise from compressor, high velocity flow pipes, Human Response Analysis
control valves  In FPSO decks in constant motion, as it can impair
judgment

Pipe Stress Studies Model Tank Testing


 Green water wave forces on hull and location of (safety)
 Thermal expansion and deflection forces equipment and stairways
SIMOPS Studies Gas Turbine Exhaust Plume Dispersion Analysis
 Simultaneous production while drilling  Exhaust does not hinder helicopter, crane and personnel
movement & air intake

49 50

Transportation Safety Waste Management EIA - Environmental Impact Assessment


Assessment Assessment
Modules Safe Lifting Helideck Assessment
Study Identify Safety Critical ENVID - Environmental Impact Identification
Floatover Installation Elements
 Emissions and Wastes Register
Assessment Hazard Register Close-
Installation & Barge out  Impact of gaseous, liquid and solid missions and
Mooring Assessment discharges to atmosphere, soil and sea
Riser Failure & SSIV
Study  Wastes disposal - toxic, mercury contamination
Pipeline Risk Assessment  HC, SOx, NOx, H2S, Particulates .. dispersion
Pre-Startup Safety
Review

51 52

13
Nov 2019

Team may be unaware of a scenario, may overlook it or decide Before we blame operational errors, consider
it as not credible or significant  Equipment can be off-line or under maintenance
You can add redundancy in alarms and shut down valves  Safety devices may fail to respond or take time to cut in
(parallel trips, valves in series) but how about the man – to take  Hazardous consequences may propagate in several
the right action, in the right time and right sequence ways/ thru multiple systems requiring concurrent
multiple tasks
Failure rates
 100% in an emergency respond to avoid a serious accident, with so Limited manpower in modern control rooms
many alarms and phones ringing Procedures may not have covered all situations or
 10% in a busy control room with phones ringing been followed or ignored.
 1% in a quite control room as in a pumping station Operator may respond based on instinct than plan
 0.1% if the button to press is right below the alarm
Hazop worksheets with well documented scenarios are never looked at after the safety studies are over. A tabulation
of equipment based deviations and causes given to plant operators may help them in real situations – to identify less
apparent contributory causes that may cut across plant boundaries and develop operators’ analytical skills

53 54

You’ve carefully thought


Do they happen or do we let out all the angles
them happen It comes naturally to you
You’ve done it a thousand
times
You know what you’re
doing, it’s what you’ve been
trained to do your whole
life
Nothing could possibly go
wrong, right?
Think again!

Copied from: “Cost Effective Outcomes from FPSO Safety Case Brendan Fitzgerald, et al, FPSO Congress, Singapore September 2010”

55 56

14
Nov 2019

Your every action in a day, considering its


impact on you, your family, your colleagues
and friends, will make it a way of life!

57

15

You might also like