Selection of Hazard Evaluation Techniques in Oil

& Gas and Petrochemical Industries for Risk

Assessment
Qayyum Khan, Sajjad Idris, Mohd Nadim, Rizwana

Abstract-The objective of this work is to provide brief review on the selection of hazard evalution techniques in oil & gas and petrochemical
industries. Risk management in oil & gas and petrochemical industry play a vital role in preventing accidents/incidents. In oil and gas industry risk
assessment is carried out in project initiation and assesses stage to end of life cycle of the plant. Accidents in oil and gas industry give catastrophic
failure to the industry and affect the country’s economy. Major accidents such as Flexibrough, Pipher Alpha, Seveso, BP Blow out, Indian Oil Terminal
fire, Texas City, Deep water horizon,Macondo and Bhopal, were results in many people died; damaged assets; impacted the environment.Legislation by
both the Health and Safety Executive and the Environment Agency are focusing the attention of industry on ensuring that their processes are safe in
terms of their employees, the public and the environment. It is evident from past incident/accident that all acidents were avoidable. Process safety shall
be considered from the begning of the project: for example, employing appropriate technology in design and construction, anticipating the effects of
external circumstances, understanding and dealing with human behavior, getting high reporting of near misses to learn from incidents, and having
effective management systems. However, all of these efforts depend on a successful hazard evaluation program; without these evaluations, the
company will not know what layers of protection are needed. A successful hazard evaluation program requires tangible management support; sufficient,
technically competent people (some of whom must be trained to use hazard evaluation techniques); adequate, up-todate information and drawings; and
selection of the techniques (matched to the complexity and hazard of the process). Fortunately, a variety of flexible hazard evaluation techniques exist
but In this research an attempt is made to study the various techniques used by oil & gas and petrochemical industries to identify the hazards and their
advantages and limitations.

Index Terms— Hazard, ALARP, HAZID, HAZOP, RAM, FMEA, FTA, ETA, LOPA, Hazad Triangle, Bow-Tie

——————————  ——————————

1 INTRODUCTION
The oil & gas and petrochemical industries are increasing
gradually day by day to meet the world production demand,
which in turn lead to the increased use of noval technologies,
hence introduction of new unknown hazrads. To ensure safety
oil, and gas and petrochemical industries the facilities shall be
designed inline with applicable codes and standards, which
are based upon the wide experience, experts knowledge and
specialists in the industry. Risk assessment is carried out by oil
& gas and petrochemical industries in different stages of the
plant. Various risk assessment tequniques are followed by
industries either quantitative or Qualitative in nature. Few risk
assessment tecqniques are involved numerical assessment up
to some extent and they are called semi quantitative
assessment. Many techniques adopted by industries to
identify the hazard. If the hazard is not identified then risk
assessment is not cover all the hazards. The unidentified
hazard may strike any time which results in accidents and
loss. Therefore, hazard identification to be carried out in
comprehensive and structured manner. The safety awareness
to the companies is increased due to its banifits which is
evident from past incidents/accidents. To ensure the safety at
the work pace it is important to find the hazads .Hazrd
identification is a contnous process and it shall start from
beginning of the project .People had wrong myth that if the
hazards are manged through design then accident will not
happen but it is not true. It depends upon what are the
methods used to mitigate the hazads. Some time it is not
possible to eliminate the hazard then we we have to control
the hazard by design control or with administrative
control/PPE. Hazrds can be eliminated /controlled if we know
them. Due to different process and different technologies
different tecniquies were developed over a period of time to
identify the hazard. Every technique has its strengths and
weaknesses. Team of experts shall decide which technique is
fit for purpose.
2 TERMINOLOGIES
Safety: Degree of freedom from haram or danger.
Risk: An expression of impact and possibility of mishap in
terms of potential mishap severity and probability of
occurance.
Accident: An undesirable and unexpecteted event.
Incident: An event that could have resulted in accident
Hazard: Any real or potential condition that can cause injury,
illness or death to the personnel, damage to or loss to system,
equipment of property; or damage to the environment.
MAH (Major Accident Hazard): A Major Accident Hazard,
(MAH) is considered to be “all RAM Red and Yellow 5A and
5B Process Safety Hazards” associated with the project.
Diffrent compney may have difffrent ranking but it is with
respect to the typical risk matrix (Figure-2)
Qualitative Risk – Identify and evaluate hazards and judge
risk by voting of multi-disciplinary team.
Quantitative Risk – Numerically estimate the risk to aid in
judgment of a scenario that is already identified; typically not
a team
Sami- Qualitative Risk- it is a combination of both qualitative
and quantative risk.
ALARP- As low as reasoniable possible
PPE- Personel protective equipment
eliminating hazards and threats and reducing the scale of
consequences is greatest at the beginning of the project and
progressively reduces as the project develops. In part this is
because the cost and difficulty of delivering a given risk
reduction solution increases as the project develops.
Nevertheless, all hazard management controls should be
considered at each stage of the development.

3 DECISION-MAKING PROCESS FOR SELECTING HAZARD Figure 1: Hazard Management Hierarchy

EVALUATION TECHNIQUES
Each hazard evaluation technique has unique strengths and
weaknesses. Some of factors can influence the selection of
hazard evaluation techniques are: (1) availability of skilled and
knowledgeable personnel, (2) target dates by which to
perform the study, (3) financial resources, (4) preference of the
hazard analysts, and (5) preference of the manager(s) that
charters the hazard evaluation. Moreover, each industry,
organization, facility, and process/activity will have unique
objectives and needs when it comes to performing hazard
evaluations.
4-PROJCET PHASES: In general there are following phases
in a project:
1) Indentify and Assses 2) Select 3) Define 4) Exicute 5)
Operate.
5- HAZARD TRIANGLE: There are three parts (hazardous
7-HAZARD EVALUATION TECHNIQUES
element, intiating mechanism and taget/treats) of hazrd
triangle.No accident will happen if any of the eliment is Qualitative Techniques: Some of the qualitative techniques
missing. are as follows:
6 ALARP (AS LOW AS REASONABLE PRACTICABLE) PRELIMINARY HAZRAD ANALYSIS –PrHA identifies the

ALARP allows a proportional level of effort to be put into risk
reduction once the initial level of risk has been assessed for a
particular operation or process. The ALARP principle is used
to determine whether risks are broadly acceptable, tolerable or
intolerable via comparison against company risk criteria. The
use of the ALARP principle requires judgment to determine
whether or not risk levels are as low as reasonably practicable.
ALARP can be demonstrated when the sacrifice required, to
further reduce the risk, would be disproportionate to the risk
reduction potentially achieved (the benefit). The term
‘sacrifice’ relates to the time, effort and/or cost of the complete
implementation and future maintenance and operation of the
particular risk reduction measure in question. The term
‘Benefit’ relates to the level of risk reduction offered by a risk
reduction measure. ‘Reasonably practicable’ is the balance
between the ‘sacrifice’ and ‘benefit’ of implementing the risk
reduction measure, or suite of measures.
The definition of ALARP is widely accepted as:
“Reducing Risks to ALARP means
reducing them to a level at which the
cost and effort (time and trouble) of
further risk reduction is grossly
disproportionate to the risk reduction
achieved”.
Figure 1 illustrates the different levels of hazard management
adopted by most of the compenies. Hazard elimination is the
most effective whereas speculation and the use of Personal
Protective Equipment (PPE) is the least effective. The scope for
hazard of a process and the hazardous situation they may
produce.Possible causes, consequences and recommendations
for protective measusres are addressed.Typically it is used in
the early life of the project as a precursor to more deatailed
hazard analysis studies.
HAZID- The objective of the HAZID (Hazard Identification)
study is to undertake a systematic multidisciplinary team
review to identify hazards associated with changes, additions
or deletions to the development of the Project.
The study is based on a review of the appropriate sections of
the HAZID Checklist as, which is a structured list of HSE
related hazards drawn up from experience of such studies in
order to:
 Identify all HSE hazards and threats that can be
ascertained at the current level of design maturity.
 Assess the potential hazards as per risk assessment
matrix (RAM) of the identified hazards.
 Identify any actions required to eliminate or further
reduce the risk associated with these hazards to
ALARP.
 Provide input to the project action register.
Hazid contain global hazards and project implementation
issues which may be covered once for the whole
development, namely:
  Natural & environmental hazards
 Health Hazards
 Project Implementation Issues Simulationous Operation Hazard (SI-MOPs): The study
 Facility Hazards
objectives are as follows:

 Identify all planned construction and commissioning

Design Review -It is also commonly used tool before Hazop.
activities associated with the planned construction
Hazards are identified by the experience of the team and
activities;
lesion larned.  To identify and assess the hazards and consequences that
Checklist (traditional): A detailed list of desired system may arise from simultaneous construction activities whilst
attributes or steps for a system or operator to perform. Usually the plant is under operation;
written from experience and used to assess the acceptability or  Identify the existing controls in place and the constraints
status of the system or operation compared to established on SIMOPS for each activity;
 Provide a basis for development of a SIMOPS Matrix of
norms. The procedure for performing a check list study is:
Permitted Operations (MOPO) for the construction phase.
(1)Preapre and organize the study (2) Select or genarte the
check list (3) Perfrom the study (4) Document the results (5)
Quantitative Technique: Some of the quantitative tequniques
Identify the recommendations (6) Resolve the
are as follows:
recommendations (7) Followup on recommendations
Layer of Protection Analysis (LOPA): A method that uses pre-
What-If Analysis: A brainstorming approach in which a
defined values for initiating events, independent protection
group of experienced people familiar with the subject process
layers, and consequences to provide an order-of-magnitude
ask questions or voice concerns about possible undesired
estimate of risk. LOPA applies to a single cause-consequence
events. The method does not use guide words to help in the
pair. Scenarios are identified elsewhere (typically in a
brainstorming. The procedure for performing a check list
qualitative hazard evaluation).
study is:
(1)Preapre and organize the study (2) Subdivide the process
Fault Tree Analysis (FTA): A logic model that graphically
(3) Devlop questions (4) Identify the hazards and hazard
portrays the combinations of failures that can lead to a specific
scenario (5) Specify consequences (6) Identify the safegurds (7)
main failure or incident of interest (Top event). This method
Operatinally find enableers (8) Perform risk ranking (9)
using Boolean Logic (And & OR logic gates). Assigning
Identify the recommendations (10) Document the results (11)
statistical values to each end point on a branch allows the
Resolve the recommendations (12) Followup on
calculation of risk.
recommendations
Event Tree Analysis (ETA): A logic model that graphically
What-If/Checklist Analysis The method is similar to What-if
portrays the combinations of events and circumstances in an
alone, with the difference being that broad categories of types
incident sequence. Assigning statistical values to each branch
of concerns are used to structure the analysis.
point (failure or condition) allows the calculation of composite
Hazard and Operability (HAZOP) Analysis: A systematic
risk starting from a defined initiating event.
method in which potential operating problems are identified
Human Reliability Analysis (HRA) event tree: A graphical
using a series of guide words to investigate process deviations.
model of sequential events in which the tree limbs designate
Can be applied to any mode of operation of a flow process and
human actions and other events as well as different conditions
can also be applied to any procedure or flowchart.
or influences upon these events. Assigning statistical values to
Failure Modes and Effects Analysis (FMEA): A systematic,
each branch point (correct or incorrect performance of a step)
tabular method for evaluating and documenting the effects of
allows the calculation of composite risk starting from a
known types of component failures. Applies to
defined first step
electrical/mechanical systems. Can also be applied to flow
systems where very high reliability factors are needed (such as
fire-fighting water supply systems).
8 Risk Assessment Matrix
A risk matrix is a matrix that is used during risk assessment to
define the level of risk by considering the category of
probability or likelihood against the category of consequence
severity. This is a simple mechanism to increase visibility
of risks and assist management decision.
Figure 2: Typical RAM
Staff: The HazOp team is ideally made up of 5 to 12
professionals, with support for recording and reporting.
5.3 HAZOP Study Team Compostion: Following shall
actively participate in Hazop review
A Team Leader, Scribe ,Technical Members, Design or
Project Engineer, Process Engineer, Commissioning
Manager, Instrument Design Engineer, Plant
Superintendent , Process Supervisor ,vendor/specialist if
required Technical safety engineer
5.4 STUDY NODES: The locations (on P&ID) at which
the process parameters are investigated for deviations.
These nodes are points where the process parameters (P,
T, F etc.) have identified design intent. The intention
defines how the plant is expected to operate in the
absence of deviations at the study nodes. Deviations are
departures from the intension which can be discovered by
systematically applying the guide words.
5.5 Parameter/Guidewords: Some of the important
guidewords are as follows:
Table 1: Parameters/Guideword

Parameter Guideword Parameter Guideword

Pressure More Operability Relief & blowdown
  Less Operability Emergency shutdown
9 HAZOP Flow More Process shutdown
Operability
5.1 When to Use: Optimal from a cost viewpoint   Less Operability Draining
1. When applied to new plants at the point where the   No Operability Venting
design is nearly firm and documented or   Reverse Operability Isolation
Level More Operability Purging
2. To existing plants where a major redesign is planned.
  Less Operability Commissioning
It can also be used for existing facilities.   No Start-up
Operability
5.1 Results: The results are the team findings. Which Temperature More Operability Materials of construc.
include: (1) identification of hazards and operating   Less Operability Sample points
problems, (2) recommended changes in design, Phase More Operability Instruments
procedure, etc., to improve safety; and (3)   Less Degree of automation
Operability
recommendations for follow-on studies where no   No Normal operation or
Operability
conclusion was possible due to lack of information? maintenance
5.2 Requirements: Composition More Operability Failed operation or
Data: The HazOp requires detailed plant descriptions, component maintenance
such as drawings, procedures, and flow charts. A HazOp   Less Operability Different operating
component modes
also requires considerable knowledge of the process,
  Impurities Operability Maintenance access
instrumentation, and operation, and this information is
Operability Operator Other
usually provided by team members who are experts in access
these areas.   Maintenance
access
 HAZID study involves present operation and if any future
Meaning of guide words are as follows: expansion of the plant.
Table 2: Meaning of guide words

10.1 Hazid Purpose

Guide Words Meaning The purpose of the Hazid is to
No, None Negation of intention
More Of Quantitative increase • To identify the potential hazards resulting from the
Less Of Quantitative Decrease
project that is being carried out
As Well As (More Than) Qualitative Increase
Part Of Qualitative Decrease • To identify the main engineered and
Reverse Logical Opposite of Intention managerial/procedural controls in place for these
Other Than Complete Substitution hazards
• To identify key areas for improvement in risk control
• Check that all hazards and Major Accident Hazards
(MAH) have been identified.
• Identify all the credible sources, threats and
5.5 Hazop Worksheet: A typical HazOp worksheet is
consequences of the hazards.
as follows • Identify existing barriers in place (prevention &
mitigation).
• Identify any further actions required to reduce to
ALARP.

10.2 Hazid Approach

• Work through the Hazard Checklist
• Is the hazard relevant to your plant/operations
Yes/No?
• If yes, what are the hazard sources/location?
• What are the credible threats/consequences?
• What safeguards/risk controls are currently in place?
• What additional actions/risk controls should be in
place?

10 HAZID 10.3 Hazid Checklist

Table 3: HAZID Checklist
Sections Category
Hazard identification (HAZID) is to identify the hazards at External and Natural environment
Environmental Man-made
an early stage of the plant and the hazards are to be Hazard Effect of plant to surrounding
removed or to be managed. Usually a multispecialty team Infrastructure
to review the total project proposal of the oil and gas plant Environmental damage
Control methods
and its effects on environment. The study follows a Facility Fire and explosion
systematic methodology and used a checklist with set of Hazards Process hazards
guide words to identify the various hazards and assesses Utility hazards
Maintenance Hazards
the influence on project development. The scope of the Construction hazards
Existing Hazards
Health Hazards Health hazards
Project Hazard Management methods
Implementation Contingency Plan
Competency
Issues Contracting plan
11 BOW-TIE DIAGRAM
A Bow-Tie diagram is a qualitative assessment tool
graphically showing the management of a particular
hazard. The major components of a Bow-Tie diagram
are illustrated in figure 1 below
In the Bow-Tie diagram below, the release of the
hazard (the Top Event) is located at the centre of the
diagram. On the left hand side are the identified
potential causes or threats and on the right hand side,
potential consequences. In between the threats and
the top event are listed the preventative controls that
prevent the event from occurring. On the right hand
side of the diagram are listed the mitigation measures
that serve to minimise or prevent consequences, in the
event that the top event occurs.
Escalation factors (not shown in figure 1) are also
identified, where relevant on Bow-Tie diagrams,
illustrating that there are control measures (escalation
factor controls) in place to prevent the failure of
identified controls.
11.1 SOFTWARE FOR BOW- TIE DIAGRAM
A Bow-Tie diagram can be developed using the Bow-
11.2 SAFETY CRITICAL ELEMENTS AND HSE
CRITICAL TASKS
During development of the Bow-Tie diagrams, each control
barrier and recovery preparedness measure to be assigned
a barrier classification using colour coding to identify
inherent safety barriers, Safety Critical Elements, HSE
Critical Activities and Actions raised.
The different barrier types are defined below in Table
Table 4: Barrier Classification
CONTROL TYPE DESCRIPTION
Inherent facility/process design feature
which prevents a threat resulting in a Top
Inherent Safety
Event, without any operator or external
action.
Hardware barriers for which Performance
Safety Critical
Standards have/will be developed (not
Elements
part of the Bow-Tie process).
Barriers which require an HSE Critical
Activity to develop implement or maintain
HSE Critical Activities
the effectiveness and integrity of a Barrier
or Escalation Factor Control.
Action
Action items and items requiring further
clarification.

Tie XP software or manually it can be drawn.Prefred General Comments raised during the
workshop. This may be as a result of the
option is software. need to provide comments for information
Comments or justification; alternatively, this may
reflect barriers which are outside of the
project scope, for example, existing
equipment.
Figure 1: Example Bow-Tie Diagram

12 MERITS AND DEMERITS OF PROCESS HAZARD

ANALYSIS – Marits and demarits of PHAs ARE DEFINED
BELOW IN Table

Table 5: MARITS AND DEMARITS OF PHAS

Method Merits Demarits
PrHA 1-Easy to 1-Require careful juge
undersatand ment
2-Fast to perfoem 2-Not a detailed PHA
method
 Check list 1-Easy to use and 1-Does not help in
provide results identifying new or
quickly unrecognized hazards.
2-Effective way to 2- May overlook noval
take adavantage of hazards
 lesion learned 3- No cause and effect eliment
analysis
4-provide a minimum
level of hazard
evalustion
HAZOP 1-Viewed as the 1-Diffecut to exiclude 13 MANAGEMENT OF CHANGE. Change is an
most effective of the operability
inevitable and necessary feature for all organizations.
traditional PHA scenarios.
method. 2- difficult to consider When changes occur in an operation that contains hazards
2-Provide assurance all aspect of intention in of any sort, it is necessary that the change process be
that hazard resanioble time period. managed to understand and control those hazards. Most
scenarios have been 3-Effort involve can be
organizations have some “Management of Change”
idendtified. significant.
3- Address both 4- Focuses on (MOC) policies and procedures in place to address the
safety and individual nodes and wide range of issues related to changes. Every change
operability may miss hazrad
shall be documented by MOC and MOC shall be reviewed
scenarios that involve
intrections between by the compitent aurorities.
nodes. 14 Future work and Conclusion
5- External , In this project, the different techniques are discussed but
Environmental
due to change in technology and noval hazard the
Hazard and helth
hazards are not covered Hazards ananalysis tecqniques shall be updated and new
user friendly sowtare shall be developed which shall have
FMEA 1-Systemitic, 1-Not effective for its own data base.
element by eliment identifycombinations of
procedure that equipment failure.
helps to ensure 2- External ,
completeness. Environmental
2- Easily updation Hazard and helth REFERENCES
for facility hazards are not covered
[1] Hazard analysis techniques for systems safety by A Ericson II Clifton,wiley
modification or
2005
design change
[2] J. Stephenson, System Safety 2000 —A Practical Guide for Planning,
Hazid 1-Provide assurance 1-Conducted in
Managing, and Conducting System Safety Programs, (ISBN 0-0442-23840-1),
that hazard beginging of the project Van Nostrand Reinhold, New York, 1991.
scenarios have been abd doesnot analysis [3] Risk Analysis in the Process Industries, European Federation of Chemical
idendtified. hazard in detail . Engineering Publication No. 45, Institution of Chemical Engineers, Rugby,
2- Address both 2- Does not identify England, 1985.
safety SCEs [4] Process Safety Management, Chemical Manufacturers Association,
3- MAH Washington,DC, 1985.
identification [5] Ray J. Davies, Tony D.Alfano, Farrukh Waheed and Tinna Komulainen.
Fault Tree Thorough and 1-Can be time (2009). A Root Cause Analysis Approach To Risk Assessment Of a Pipeline
Analysis systamatic consuming. Network for Kuwait Oil Company, Rio Pipeline 2009 Conference & Exposition.
FTA 2- Biniary repersnation 1-8.
of faults (either susses [6] M. Perez-Martin and M.A. Rodriquez –Toral. (2013). HAZOP – Local
Approach In The Mexican Oil & Gas Industry. Journal of Loss Prevention in
or failure, no partial
the Process Industries. 936-940.
failure )
[7] P. E McGrath, "Using Qualitative Methods to Manage Risk," Reliability
Event Easy to under stand 1-Can be time
Engineering and System Safety, Vol. 29, 1990.
Tree consuming. [8] G.Viswanathan. (2013). Common Mistakes in HAZID, HAZOP, SIL
Analysis 2- Biniary repersnation Studies, Process Safety Symposium, IIT Gandhi Nagar.
ETA of faults (either susses Authors:
or failure, no partial
failure ) 1) Mr.Qayyum Khan
Bow-Tie 1-Easy to under 1-Does not provide a Lead Process/Safety Enginner
Analysis stand formal
Galfar Engineering and Contracting SAOG,
BTA 2- Can be used for 2- Can become complex
accident for larger processes Muscat, Oman.
investigation
Mail id: qayyum.process@gmail.com
3- used to idendify
the safety crtical 2) Mr.Mohd Nadim
 Control and Automation Engineer
Galfar Engineering and Contracting SAOG,
Muscat, Oman.
Mail id: nadim.instrument@gmail.com
3) Ms.Rizwana
Aligarh Muslim University,
Aligarh, Uttar Pradesh, India
Mail id: rizwananadim.electrical@gmail.com
4) Mr.Sajjad Idris

HOD Process/Safety Department

Galfar Engineering and Contracting SAOG,
Muscat, Oman.
Mail id: qayyum.process@gmail.com