Professional Documents
Culture Documents
Trainer:
Prof. Dr. Heri Hermansyah, ST., M.Eng
Hazard Identification:
(1)Identification of spesific undesirable consequences,
(2)Identification of material, system, process, and plant
characteristic that could produce those consequences.
Environmental
Human Impacts Economic Impacts
Impacts
Some of the best resources are the chemical manufacturers and /or
suppliers; they can provide product literature, access to their chemical
experts, and material safety data sheet (MSDSs).
Free Powerpoint Templates
Page 5
Common Material Property Data for Hazard
Identification
Acids Ethers
Aldehydes Halogens
Alkaline metals Hydrocarbons
Alkyl metals Hydroxides
Amines Isocyanates
Ammonia and ammonium Mercaptans
compounds Nitro compounds – organic
Azo and diazo compounds and Organophosphate
hydrazines
Peroxides and hydroperoxides
Carbonyls
Phenols and cresols
Chlorates and perchlorates
Silanes and chlorosilanes
Cyanides
Epoxides
After specific process hazards are identified and before hazard evaluation techniques
are employed, it beneficial to estimate the worst-case consequences for the identified
hazards, or at least for what are judged to be the most significant identified hazards.
The purpose is :
It highlight what consequences are possible if the hazards are not contained and controlled.
It can be used to help decide an appropriate analysis methodology (e.g., a more rigorous
analysis method may be used if the potential consequences are more severe).
It can aid in the later hazard evaluation by helping the review team determine the severity of
consequences of scenarios involving the hazardous material or energy.
It can focus the review team’s efforts on the part of the process that involve the greater
hazards.
Passive – Reduce risk by process and equipment design features that reduce
frequency or severity without the active functioning of any device (e.g., robust
vessel pressure design; drainage and contaminants; blast – resist construction).
Active – Use controls, instrumented protective systems, and other devices such as
excess flow valves, remotely actuated block valves, and safety relieve valves for
responding to abnormal situations (e.g., a pump that is shut off by a high level
switch when the tank is 90% full) or mitigating loss event impacts. These systems
are sometimes called engineering controls.
Procedural – use policies, operating procedures, administrative checks,
emergency response, and other management approaches to prevent or minimize
the effects of an incidents (e.g., hot work permitting, emergency plans). These
approaches are often called administrative controls.
4. Applying 4.
Hazard Evaluation Techniques
Checklist Analysis
Purpose
•To evaluate hazards early in the life of process.
•Generally applied during the conceptual design or R&D phase of plant
and can be vary useful when making site selection decision.
•Used as design review tool before a process P&ID is developed.
Description
•Focuses in general way on the hazardous materials and major process
areas of a plant.
•Conducted early in the development of a process when there is little
information on design details or operating procedures, and is often a
precursor to further hazard analysis.
•Illustrate a cost-effective way to identify hazards early in a plant’s life.
•Formulates a list of hazards and generic hazardous situations by
considering various process characteristics.
Type of Results
•Qualitative description of the hazards related to a process design.
•Qualitative ranking of hazardous situations that can be used to prioritize
recommendations for reducing or eliminating hazards in subsequent
phases of the life cycle of the process.
Resource Requirements
• Analyst have access to available design criteria, equipment
specifications, material specifications, and other sources of information.
• Performed by one or two people who have a process safety background.
Analysis Procedure
Analysis Procedure
Analysis Procedure
Purpose
•Ensure that the plant and its operating and maintenance practices match the design
intent and construction standards.
Description
•Involve a walk-through inspection that can vary from an informal, routine visual
examination to a formal team examination that takes several weeks.
•Identify plant conditions or operating procedures that could lead to an incident and
result in injuries, significant property damage, or environmental impacts.
•Interviewing many people in the plant: operator, maintenance staff, engineers,
management, safety staff, and others.
•Viewed as cooperative efforts to improve the overall safety and performance of the
plant.
•Focuses on major risk situations.
•Complement other process safety activities, such as routine visual inspections,
checklist analysis, and what if analysis.
•At the end of safety review, the analyst or team makes recommendations for
specific actions that are needed, justifies the recommendations, assigns
responsibilities, and lists goal completion dates.
Free Powerpoint Templates
Page 20
2. Safety Review
Types of Resluts
•Qualitative descriptions of potential safety problems and suggested corrective
actions.
Resources Requirements
•Access to applicable codes and standards; previous safety studies; detailed plant
description, such as P&IDs and flowcharts; plant procedures for start-up, shutdown,
normal operation, maintenance, and emergencies; personnel injury reports;
pertinent incident reports; maintenance records such as shutdown system functional
checks, pressure relief valve tests, and pressure vessel inspections; and process
material characteristics (i.e., toxicity and reactivity information)
Analysis Procedure
Analysis Procedure
Analysis Procedure
Purpose
•Determine the process areas or operations that are the most significant with respect
to the hazard of concern, the potential severity of consequences, or the overall risk in
a given study.
Description
• Can address fire, explosion, and/or toxicity hazards and associated safety, health,
environmental, and economic effects for a process or activity.
• May be used during any phase of a plant or process lifetime to:
• Identify the individual process areas that contribute most to the anticipated
overall hazard and incident attributes of a facility.
• Identify the key material properties, process conditions, and / or process
characteristics that contribute most to the anticipated hazard and incident
attributes of a single process area or an entire facility.
• Use the anticipated hazard and incident attributes to discriminate among
competing design, sitting, or operating options.
• Compare the anticipated hazard and incident attributes of process areas or
facilities to others whose attributes are better understood and/or more
commonly accepted.
Types of Resluts
•The result in an ordered list of processes, equipment, operations, or activities. The
list may have several stratified layers representing levels of significance.
•The result as indexes, scores, factor scales, graphs, etc., depend upon the particular
technique used to perform the ranking.
Resources Requirements
•Depend upon each ranking methods unique needs.
•Require basic physical and chemical data on the substances used in the process or
activity.
Analysis Procedure
Analysis Procedure
Non Scenario-Based
Why Checklist Analysis ??
• Preliminary Hazard Analysis
Hazard evaluation is needed, but • Safety Review
what technique should be used. • Relative Ranking
• Checklist Analysis
Check!
1. The project is not yet a well-defined Scenario-Based
process.
2. The project is not existing yet (not • What-If Analysis
• What-If/Checklist Analysis
constructed yet).
• Hazard and Operability (HAZOP) Studies
3. Team has little idea of the plant
• Failure Modes and Effects Analysis
layout, equipment types and sizes, (FMEA)
and chemical inventories at this stage • Fault Tree Analysis (FTA)
in the design. • Event Tree Analysis {ETA)
4. Good checklist to follow for this • Cause-Consequence Analysis (CCA)
project is available.
Purpose
•Used primarily to ensure that organizations are complying with standard practices.
•Used to familiarize inexperienced personnel with a process by having them
compare a process’s attributes to various checklist requirements.
•Provide a common basis for management review of the analyst’s assessments of a
process or operation.
Description
• The hazard analysis uses a list of specific items to identify known types of
hazards, design deficiencies, and potential incident situations associated with
common process equipment and operations.
• A Checklist Analysis of an existing process usually includes touring the subjects
process area and comparing the equipment to the checklist.
• Checklist are limited by their authors’ experience; therefore, they should be
developed by authors with varied backgrounds who have extensive experience
with the system they are analyzing.
Types of Results
•A completed checklist contains “yes”, “no”, “not applicable”, or “ needs more
information” answers to the questions.
•Qualitative results vary the specific situation, but generally they lead to a “yes” or
“no” decision about compliance with standard procedures.
Resources Requirements
•Required resources include an appropriate checklist, an engineering design
procedures and operating practices manual, and someone to complete the checlist
who has basic knowledge of the process being reviewed.
•It is important that the checklist are reviewed periodically to include the latest
codes, standard, regulations or practices.
Analysis Procedure
1.Selecting a Checklist
• Select an appropriate checklist from available resource (e.g., internal
standards, consensus codes, industry guidelines).
• If no specific relevant checklist is available, then the analyst must use his or
her own experience and the information available from authoritative
reference to generate an appropriate checklist.
Analysis Procedure
1. What-If Analysis
2. What-If/Checklist Analysis
3. Hazard and Operability (HAZOP) Studies
8. Bow-Tie Analysis
Purpose :
Identify hazards, hazardous situations or a series of
special events that result in unintended consequences.
Type of Results :
What-If Analysis technique generates a list of questions, answers about
the process and produce a tabular list of dangerous situations
(generally there is no ranking or quantitative implications of the
identified potential incident scenarios), consequences, safeguards, and
options that allow for risk reduction.
Resource Requirements :
Time and cost of What-If Analysis is proportional to the complexity of
the plant and the amount of the analyzed area. The cost of What-If
Analysis method can be efficient in evaluating the danger if it has had
the experience.
Analysis Procedure :
1.Preparing for the review
•The information needed for What-If Analysis includes chemical data,
process descriptions, drawings, and operating procedures.
2.Performing the review
•The review meetings should begin with a basic explanation of the
process, given by plant staff having overall plant and process
knowledge plus expertise relevant to the team’s investigation area.
3. Mendokumentasikan results :
•Documentation is the key to transforming discoveries into the
measurement team for elimination or reduction of hazards. This table
below is an example What-If Analysis worksheet.
•In addition to completed tables, the hazard evaluation team usually
develops a list of suggestions for improving the safety of the analyzed
process based on the tabular What-If Analysis results.
Purpose
•Identify hazards, consider the general types of incidents that can
occur in a process or activity, evaluate in a qualitative fashion the
effects of these incidents, and determine weather the safeguards
against these potential incident situations appear adequate.
Description
• This hybrid method capitalized on the strengths and compensates for the
individual shortcomings of the separate approaches. For example, the
Checklist Analysis method is an experienced-based technique, and the quality of a
hazard evaluation performed using this approach is highly dependant on the
experience of the checklist’s authors. If the checklist is not complete, then the
analysis may not effectively address a hazardous situation. The What-If Analysis
portion of the technique encourages the hazard evaluation team to consider
potential abnormal situations and consequences that are beyond the experience of
the authors of a good checklist, and thus are not covered on the checklist.
Type of Results
• Usually generates a table of What-If question (initiating causes), effects, safeguards
and action items.
• Some organizations use a narrative style to document the results of such studies.
Resource Requirements
• Performed by a team of personnel experienced in the design, operation, and
maintenance of the subject process.
• The number of people needed for such a study depends upon the complexity of
the process, and to some extent, the stage of life at which the process is being
evaluated.
Analysis Procedure
Definition:
Hazard and Operability Study, otherwise known as HAZOP hazard
analysis is a standard technique used in the preparation of the
establishment of security in new systems or modifications to the presence
of potential hazards or problems operabilitasnya.
Purpose:
Reviewing a process or operation in a system systematically, to determine
whether the deviation could lead to an accident scene or unwanted.
Term - the term terminology (keywords) that are used to facilitate the
implementation of HAZOP are as follows:
a.Deviation (deviation) is a combination of keywords that are being applied
(a combination of local words and parameters).
b.Cause (cause) is the most likely cause will result in a deviation.
c.Consequence (result / consequence) is a consequence in determining
the boundaries should not be done because it can be detrimental to the
conduct of research.
d.Safeguards (Business Protection) is a preventive devices that prevent
the causes or consequences of safeguards against loss will be
documented in this column. Safeguards also provide information on the
operator of the irregularities that occurred and also to minimize the effect.
“ACCIDENT PREVENTION”
Fault Tree Analysis (FTA) is one of the several deductive logic model
event.
Basic Event: A lower most event that can not be further developed.
E.g. Relay failure, Switch failure etc.,
An Event / Fault: This can be a intermediate event (or) a top event. They
are a result logical combination of lower level events.
E.g. Both transmitters fail, Run away reaction
AND Gate: For the top event to occur all the bottom events should
occur.
E.g. Fuel, Oxygen and Ignition source has to be present
for fire.
Incomplete Event: An event which has scope for further development but
not done usually because of insufficient data.
E.g. Software malfunction, Human Error etc.,
External Event: An event external to the system which can cause failure.
E.g. Fire.
Inhibit Gate: The top event occurs only if the bottom event occurs and
the inhibit condition is true.
E.g. False trip of unit on “maintenance override” not ON.
Example 1: 0.28
Transmitter Failed
OR
0.000002(2E-06)
Example 2: Valve Failed
AND
Valve 1 Valve 2
0.001 0.002
Failed Failed
If its too broad, overly large FTA will result. E.g. Fire in process.
If its too narrow, the exercise will be costly. E.g. Leak in the valve.
The boundaries for top event definition can be a System, Sub-system, Unit,
Equipment (or) a Function.
Some good examples are: Overpressure in vessel V1, Motor fails to start,
Reactor high temperature safety function fails etc.,
Continue the top down process until the root cause for each branch is
identified and/or until further decomposition is considered unnecessary.
Assign probabilities of failure to the lowest level event in each branch of the
tree.
From this data the intermediate event frequency and the top level event
frequency can be determined using Boolean Algebra and Minimal Cut Set
methods.
equation.
TOP = A.B+C.D
The fault tree consists of many levels of basic and intermediate events linked
together by AND and OR gates. Some basic events may appear in different
places of the fault tree.
The minimal cut set analysis provides a new fault tree, logically equivalent to
the original, with an OR gate beneath the top event, whose inputs (bottom)are
minimal cut sets.
Each minimal cut set is an AND gate with a set of basic event inputs necessary
and sufficient to cause the top event.
C D IE4
So the minimal cut sets are:
CS1 = A
CS2 = B.C.D D B
meaning TOP event occurs if
either A occurs OR (B.C.D) occurs.
This will give clear insight on what needs to be attended and where
resources has to be put for problem solving.
Searches for possible causes of an end effect which may not have been
foreseen.
The cut sets derived in FTA can give enormous insight into various ways top
event occurs.
Very useful tool for focused analysis where analysis is required for one or two
major outcomes.
The same event may appear in different parts of the tree, leading to some
initial confusion.
Accident scenario
A series of events that ultimately lead to accidents. The sequence of events
beginning with the initial event (trigger) and is usually followed by one or
more other significant events that ultimately leads to undesirable end state
(an accident).
Initiating event (IE)
Errors or undesirable events that start from the beginning of a series of
accidents. IE can result in a crash depends on the success or failure of the
implementation of hazard mitigation methods are designed into the
system.
Event
Free Tree Concept
Powerpoint Templates
Page 71
ETA Methodology
Yes
(P=0,0005) Gas Cloud =0,001x0,01x0,999x0,00
Capture (P=0,999) disperses safety 05=4,995E-09
No
(P=0,9995) =0,001x0,01x0,999x0,99
Save 95=9,985E06
Loss of Containment of Yes
gas at location A (P=0,3)
Fire =0,001x0,99x0,3x0,3
(P=0,001) =0,0000891
Leak(P=0,3)
No (P=0,99) Yes
(P=0,8)
Capture(P=0,7) Fire =0,001x0,99x0,7x0,8 =
0,0005544
Purpose
•To identify the basic causes and consequences of potential incidents.
Description
•Combine the inductive reasoning features of Event Tree Analysis with the
deductive reasoning features of Fault Tree Analysis.
•The CCA diagram displays the relationships between the incident outcomes
(consequences) and their basic causes.
•This technique is most commonly used when the failure logic of the analyzed
incidents is rather simple, since the graphical form, which combines both fault trees
and event trees on the same diagram, can become quite detailed.
Type of Results
•A CCA generates diagrams portraying incident sequences and qualitative
descriptions of potential incident outcomes.
Free Powerpoint Templates
Page 75
7. Cause Consequence Analysis
Resource Requirements
• Requires knowledge of the following data and information sources:
• knowledge of component failures or process upsets that could cause
incident.,
• Knowledge of safety systems or emergency procedures that can influence
the outcome of an incident, and
• Knowledge of the potential impacts of all of these failures.
• A CCA is best performed by a small team (2 to 4 people) with a combined range
of experience. One team member should be experienced in CCA (or FTA and
ETA), while the remaining members should have experience with design and
operation of the system included in the analysis.
Selecting an event
to be evaluated
Define motivation
New review Recurrent review Revalidate previous review Redo previous review Special requirement
Templating similar unit process: Takes the hazard evaluation completed for
one operation and uses it as the starting point for studying a similar unit
operation.
Batch process and product families: Use the same basic equipment,
controls, and procedures to manufacture a whole range of similar products by
changing raw materials within a family of compounds (e.g., using the same
organic compound but with a different carbon chain length).