Instrumentation Tools

Learn Instrumentation and Control Engineering. Inst Tools covers topics of Industrial
Instrumentation, PLC, DCS, SCADA, Field Instruments, Analyzers and so on.
https://instrumentationtools.com

Author: Instrumentation Tools

Categories: Safety Systems

Layers of Protection Analysis (LOPA) Interview Questions

om
s .c
ol
To
i on
at

Acronyms and Abbreviations Used

nt
me
ru
st
In

What is LOPA?

It is a simplified risk assessment method. It provides a method for evaluating the risk of hazard
scenarios and comparing it with risk tolerance criteria to decide if existing safeguards are
adequate, and whether additional safeguards are needed. Various LOPA methods are
available.

LOPA does not suggest which safeguards to add or which design to choose but it does assist in
deciding between alternatives.

LOPA can be viewed as an extension of Process Hazard Analysis (PHA). Typically, it is applied
after a PHA has been performed. LOPA builds on the information developed in the PHA.

Why was LOPA developed?

InstrumentationTools.com
 Instrumentation Tools
Learn Instrumentation and Control Engineering. Inst Tools covers topics of Industrial
Instrumentation, PLC, DCS, SCADA, Field Instruments, Analyzers and so on.
https://instrumentationtools.com

Subjective engineering judgement is used to identify the need for additional safeguards in
process hazard analysis. This can lead to disagreements and possibly the implementation of
inappropriate measures to reduce risk. It was recognized that a more rational and objective
approach was needed.

Can you tell me more about layers of protection?

Process designers use a variety of protection layers, or safeguards, to provide a defense in

depth against catastrophic accidents. They are devices, systems or actions that are capable of

om
preventing a scenario from proceeding to an undesired consequence. For example, they may

.c
be:

s
Inherently safe design features

ol
Physical protection such as relief devices
To
on
Post-release physical protection such as fire suppression systems
i

Plant and community emergency response

at

Safety Instrumented Systems (SIS)

nt
me

Ideally such protection layers should be independent from one another so that any one will
perform its function regardless of the action or failure of any other protection layer or the
ru

initiating event. When they meet this criterion they are called Independent Protection Layers
(IPL). Not all safeguards meet the independence requirements to be classified as an IPL,
st

although all IPLs are safeguards. For example, two standby pumps that are both electrically
In

powered do not fail independently in the event of loss of power.

LOPA addresses safeguards that are IPLs. Such safeguards include SIS, also called interlocks
and emergency shutdown systems. SIS are addressed by the standard

ANSI/ISA S84.00.01-2004, Functional Safety: Safety Instrumented Systems for the Process
Industry Sector, called S84 herein, which can include the use of LOPA.

Also Read: Safety Instrumented Systems Interview Questions

What is involved in LOPA?

Individual hazard scenarios defined by cause-consequence pairs are analyzed.

Scenario risk is determined by combining scenario frequency and consequence severity.

Individual protection layers are analyzed for their effectiveness and the combined effects of the
protection layers are compared against risk tolerance criteria to determine if additional risk
reduction is required to reach a tolerable level.

Scenario frequency is determined by combining initiating event frequency, IPL failure

probabilities and the probabilities of enabling events/conditions and conditional modifiers.
Enabling events or conditions do not directly cause the scenario but must be present or active
InstrumentationTools.com
 Instrumentation Tools
Learn Instrumentation and Control Engineering. Inst Tools covers topics of Industrial
Instrumentation, PLC, DCS, SCADA, Field Instruments, Analyzers and so on.
https://instrumentationtools.com

for the scenario to proceed, for example, the process being in a particular mode or phase.
Commonly considered conditional modifiers are the probability that released
flammable/explosive material will ignite, the probability that an individual will be present to be
exposed to a hazard, and the probability than an exposed individual will actually be impacted.
Order of magnitude estimates are used for frequencies, probabilities and consequence severity.

How do risk tolerance criteria help?

Without risk tolerance criteria, there is a tendency to keep adding safeguards in the belief that

om
the more added, the safer the process. This can be a false assumption. Eventually safeguards

.c
will be added that are unnecessary. This reduces the focus on safeguards that are critical to
achieving tolerable risk. Unnecessary safeguards also add complexity that may result in new,

s
unidentified hazard scenarios.

ol
LOPA helps focus limited resources on the most critical safeguards.
To
on
How does LOPA relate to Quantitative Risk Analysis (QRA)?
i

LOPA adds simplifying assumptions for the numerical information used. The simplifications are
at

intended to be conservative so that QRA would show less risk for a scenario than LOPA.
nt

How should I conduct PHA’s to facilitate LOPA?

me

LOPA studies will be easier to conduct if the following issues are addressed during the
ru

PHA:
st
In

Clarify initiating events, i.e. causes of hazard scenarios

Provide sufficient scenario detail

Express consequences in a form compatible with LOPA

Record and identify candidate IPLs, i.e. safeguards

List all safeguards before deciding if they are IPLs

Consider identifying enabling events/conditions and conditional events

Rank hazard scenarios so they can be screened for LOPA

Flag recommendations for additional IPLs

Are there other applications of LOPA?

Yes. It can be extended to many situations involving risk-informed decision making including:

Design

InstrumentationTools.com
 Instrumentation Tools
Learn Instrumentation and Control Engineering. Inst Tools covers topics of Industrial
Instrumentation, PLC, DCS, SCADA, Field Instruments, Analyzers and so on.
https://instrumentationtools.com

Capital improvement planning

Management of change

Evaluating facility siting risk

Mechanical integrity programs

Identifying operator roles

om
.c
Incident investigation

s
Emergency response planning

ol
Bypassing a safety system To
on
Determining the design basis for over-pressure protection
i

Determining the need for emergency isolation valves

at

Screening tool for QRA

nt
me

Can you summarize what LOPA does and doesn’t do?

ru
st
In

There are three issues for protection layers:

How safe is safe enough?

How many protection layers are needed?

How much risk reduction should each layer provide?

Risk tolerance criteria must be established for LOPA and they address the first issue.

LOPA helps decide how much risk reduction is needed and how many protection layers should
be used. It does not help decide what specific IPLs should be used.

Why should we perform LOPA?

Provides an objective, rational and defensible basis for recommendations to install or

not install safeguards after a PHA has been performed.

Meets the requirements of the S84 standard for SIS. Note that OSHA expects
compliance with S84.

Provides the basis for a clear, functional specification for safety instrumented systems.
InstrumentationTools.com
 Instrumentation Tools
Learn Instrumentation and Control Engineering. Inst Tools covers topics of Industrial
Instrumentation, PLC, DCS, SCADA, Field Instruments, Analyzers and so on.
https://instrumentationtools.com

Also Read: Safety Systems Interview Questions

om
s .c
ol
To
i on
at
nt
me
ru
st
In

InstrumentationTools.com
Powered by TCPDF (www.tcpdf.org)