001.introduction To Safety Engineering - Intro.def - Exist.perc - Part.1.2024.Final - Ua

05/11/2023
General introduction to safety

engineering
2019-2020-2021-2022-2023
• Prof. M. Sc. Geert Boogaerts

Dept. of Chemical Engineering K.U.Leuven
Faculteit sociale wetenschappen UA
• essenscia
General introduction
to safety
engineering
Geert Boogaerts
2020 – 2021 – 2022 – 2023
• Prof. M. Sc. Geert Boogaerts

• Prof.
Dept. ofM. Sc. Geert
Chemical BoogaertsK.U.Leuven
Engineering
Prof. M. Sc. Geert Boogaerts Dept. of Chemical Engineering K.U.Leuven
essenscia
Dept. of Chemical Engineering K.U.Leuven essenscia
Dept. of Social Sciences UAntwerpen
essenscia
1
05/11/2023
Date KUL Hour Topic
5/10 Definitions and existing risks and risk perception
12/10 Definitions and existing risks and risk perception
18/10 Explosion demo – presence = mandatory, Technopolis
19/10: no
26/10 Vlarip, Werken met chemicaliën, Bluepoint Berchem
09/11 Hazard / Risk identification & Risk analysis techniques
16/11 Hazard / Risk identification & Risk analysis techniques
23/11 Geen les, vervangmoment zoeken,
30/11 Risk quantification
07/12 The Seveso directive and the legislator
14/12 Process safety Management systems
21/12 Human and organizational factors
Overall learning objectives
Introduction to safety engineering with a focus on general knowledge of the domain.
• General situation
• Definitions and examples
• Concepts
• Limitations
• Cases
“From a generic perspective towards a specific industrial approach”.
2
05/11/2023
Definition and basic concepts
LEARNING OBJECTIVES KNOWING THE BASIC DEFINITIONS UNDERSTAND SOME RECENT CASES IN THE
KNOWING RISK CLASSIFICATION BROADER PERSPECTIVE
KNOWING BASIC HISTORICAL TECHNICAL GENERAL UNDERSTANDING OF THE
RISKS NUMBERS OF MAGNITUDE OF THE DAMAGE
PART
General Introduction to safety engineering
Introduction
Definitions and basic concepts
Existing risks & Risk perception
DOW index & inherent safe design
Hazard / risk identification & Risk analysis techniques
Risk quantification & Criteria
Introduction to reliability analysis
The Seveso Directive & The legislator
Risk management system & Process safety management systems
Human and organizational factors
3
05/11/2023
Introduction
What is engineering about?
Is it about making money for the people involved in it or is it about making good quality artefacts for
the society it serves. It clearly is made up of business organizations trading goods and services for
money and they must make some profit to survive. On the other hand, society needs and expects
food, clothing, power supplies, transport systems shelter and accommodation and so on. All of
these require an infrastructure of engineered products and facilities that must work safely.
For an engineer safety is the quality of an artefact
4
05/11/2023
Issues of these kinds have occupied

engineers for a long time and in
ancient times the interaction
between safety, risk and quality and
how to regulate this was well
understood
We quote freely from Hammurabi’s

building code from ca. 2000 BC
If a master-builder builds a house for

a person and makes the structure so
weak that the house collapses and
causes the death of the house owner,
the master-builder shall be put to
death.
If the collapse is such that the

property of the house owner is
destroyed or damaged, the master-
builder shall provide compensation
for this property and rebuild the
house at his own expense.
(Grimvall, Holmgren et al. 2010)
10
5
05/11/2023
Introduction
What is engineering about?
In the case of bridges, the national road administration can have a system whereby the bridges are
inspected regularly on an annual or biennial basis, where the inspection intervals are dependent on
the results of previous inspections.
Thus, the work of the design engineer includes the task of achieving a suitable balance between risk
and safety. In this analysis, the factors to be considered will depend on whether the task involves:
economic risks, or risks to human beings
11
12
6
05/11/2023
13
14
7
05/11/2023
Herkert, J., et al. (2020).

15
16
8
05/11/2023
Introduction
Engineering ethics
Keeping up with Airbus competitor
Modification of the 737 instead of design a new
Larger engines had to be mounted higher and farther forward
Significantly changed the aerodynamics of the aircraft
Risk of stall
Manoeuvring Characteristics Augmentation System (MCAS)
Single sensor to detect (AOA sensor, angle of attack)
(Herkert, Borenstein et al. 2020)
18
Introduction
Engineering ethics
• Space Shuttle challenger

• Deepwater Horizon
• Ford Pinto
…
19
9
05/11/2023
Introduction
Too many hands
• Space Shuttle challenger

• Deepwater Horizon (2010)
(60B$ - 80B$ market capitalization)
• Ford Pinto
…
Philips
20
21
10
05/11/2023
Introduction
The recall was sparked by an issue Philips identified with the polyester-
based polyurethane foam used to muffle sound and vibrations in its
continuous and non-continuous ventilators. Over time, the company
found, that foam could break down, potentially sending specks of black
debris and other dangerous toxins into the air pathway.
By the time the FDA handed down its most serious rating to the recall in
July, it had received upwards of 1,200 complaints about the issue, linked
to more than 100 injuries.
In September, the agency gave Philips the OK to begin its repair-and-
replace program for the about 2.2 million recalled machines and other
respiratory devices. The proposed effort included replacing the
polyurethane foam with a silicone-based alternative.
The FDA’s green light for the program was based in part on the results of
tests of the new material that Philips completed in June. Testing for the
silicone-based foam in devices authorized for use in the U.S. demonstrated
acceptable results, the agency said.
However, while conducting a recent follow-up inspection of a Philips
manufacturing facility as part of its efforts to identify the root cause of the
initial issue, the FDA was given new information showing less than
favorable results for the replacement foam in one device marketed
outside of the U.S. In that case, the machine—equipped with the new
material—failed a safety test studying the release of volatile organic
compounds within the device.
Source: https://www.fiercebiotech.com/medtech/fda-flags-safety-issue-
replacement-material-for-recalled-philips-ventilators, 15 nov. 2021
22
Introduction
The recall was sparked by an issue Philips
identified with the polyester-based polyurethane
foam used to muffle sound and vibrations in its
continuous and non-continuous ventilators. Over
time, the company found, that foam could break
down, potentially sending specks of black debris
and other dangerous toxins into the air pathway.
By the time the FDA handed down its most serious
rating to the recall in July, it had received
upwards of 1,200 complaints about the issue, linked
to more than 100 injuries.
In September, the agency gave Philips the OK to
begin its repair-and-replace program for the about
2.2 million recalled machines and other respiratory
devices. The proposed effort included replacing the
polyurethane foam with a silicone-based
alternative.
The FDA’s green light for the program was based in
part on the results of tests of the new material
that Philips completed in June. Testing for the
silicone-based foam in devices authorized for use
in the U.S. demonstrated acceptable results, the
agency said.
However, while conducting a recent follow-up
inspection of a Philips manufacturing facility as
part of its efforts to identify the root cause of
the initial issue, the FDA was given new
information showing less than favorable results for
the replacement foam in one device marketed outside
of the U.S. In that case, the machine—equipped with
the new material—failed a safety test studying the
release of volatile organic compounds within the
device.
Source: https://www.fiercebiotech.com/medtech/fda-flags-
safety-issue-replacement-material-for-recalled-philips-
ventilators, 15 nov. 2021
23
11
05/11/2023
Introduction
What can society expect?
Should society expect no failures?
Is it reasonable to expect perfect reliability

of an engineered artefact?
24
Introduction
What can society expect?
Should society expect no failures?
Is it reasonable to expect perfect reliability of an engineered artefact?
25
12
05/11/2023
Introduction to safety engineering
Safety engineering:
Safety engineering, study of the causes and the prevention of accidental deaths and injuries. The
field of safety engineering has not developed as a unified, specific discipline, and its practitioners
have operated under a wide variety of position titles, job descriptions, responsibilities, and
reporting levels in industry and in the loss-prevention activities of insurance companies.
Safety engineer:
A person trained in accident prevention, especially in industrial situations.
Source: Encyclopedia Britannica
26
Introduction
Existing risks & Risk perception
DOW index & inherent safe design
Hazard / risk identification & Risk analysis techniques
Risk quantification & Criteria
Introduction to reliability analysis
The Seveso Directive & The legislator
Risk management system & Process safety management systems
Human and organizational factors
27
13
05/11/2023
Risk, Hazard
Safety, Process safety, Occupational health and safety, Ethical aspects
Risk classification , Risk quantification
Risk management , Security
Emergency management , Business continuity
Risk perception and risk acceptability
When is something safe?
28
Safety:
= the freedom of those conditions that can cause death, injury, occupational illness, damage to or
loss of equipment or property, or damage to the environment. This concept of safety is inclusive of
human safety, which includes workers directly involved in system interaction, workers not directly
involved in system interactions, as well as members of the public.
Source: NPR 8715.3C
29
14
05/11/2023
Definitions and basic concepts: Safety
Source: Nasa
30
Process Safety:
The term ‘process industry’ comprises firms from the chemical, petrochemical, pharmaceutical and
food industries as well as the production of steel, cement and the like.
Process Safety is a blend of engineering and management skills focused on preventing catastrophic
accidents, particularly explosions, fires, and toxic releases, associated with the use of chemicals and
petroleum products.
Source: CCPS
Process safety: it focuses on preventing fires, explosions and accidental chemical releases in
chemical process facilities or other facilities dealing with hazardous materials such as refineries, oil
and gas production installations (onshore and offshore)
Occupational safety and health primarily covers the management of Personal Safety, however well-
developed management systems also address Process Safety issues
31
15
05/11/2023
Safety:
Protection against human and technical failure

(Holtrop and Kretz 2008).
Harm to people caused by arbitrary or non-intentional events
(Hessami 2004).
Natural disasters, human error or system, or process errors
(Elias et al. 2008).
Security:
Protection against deliberate acts of people

(Holtrop and Kretz 2008).
Loss caused by intentional acts of people (Hessami 2004).
Intentional human action errors (Elias et al. 2008)
32
Safety versus security

Environment
Environment
System
33
16
05/11/2023
Definitions and basic

concepts
Insider threat
“An insider threat is the
possibility that an actor who
is or used to be trusted by the
organization with the free
privilege of access to and/or
knowledge about the organizational
assets, causes harm to the
organization because he
intentionally misuses his
access to or knowledge about the
organizational assets (Reveraert &
Sauer, 2020).”
34
Definition:
The safety of a state or organization against criminal activity such as

terrorism, theft or espionage
Oxford Dictionaries
Cyber security – Building security – Data security
Insider Threat
35
17
05/11/2023
(Schatz, Bashroush et al. 2017)
36

concepts
Cyber security: “The
approach and actions
associated with security risk
management processes followed by
organizations and states to protect
confidentiality, integrity and availability
of data and assets used in cyber
space. The concept includes guidelines,
policies and collections
of safeguards, technologies, tools
and training to provide the best
protection for the state of the
cyber environment and its users.”
37
18
05/11/2023

concepts
Cyber security
“The approach and actions

management processes followed
by organizations and states to
protect confidentiality,
integrity and availability of
data and assets used in cyber
space. The concept includes
guidelines, policies and
collections of safeguards,
technologies, tools
cyber environment and its
users.”
38
Cyber security
“The approach and actions

management processes followed
by organizations and states to
protect confidentiality,
integrity and availability of
data and assets used in cyber
space. The concept includes
guidelines, policies and
collections of safeguards,
technologies, tools
cyber environment and its
users.”
39
19
05/11/2023
Definitions and
basic concepts
Cybercrime is estimated to have cost

the global economy just under USD 1
trillion in 2020, indicating an increase of
more than 50% since 2018. With the
average cyber insurance claim rising
from USD 145,000 in 2019 to USD
359,000 in 2020.
(Cremer et al., 2022)
40

concepts
U.S.: The Zotob Worm
Iran: Stuxnet (2010)
(Prinsloo et al., 2019)
Triconex: Triton
41
20
05/11/2023

concepts
Last year, a mysterious cyber attacker group launched a malware campaign, which has since come
to be known as Triton or Trisis, to sabotage the safety shutdown system at a facility in the Middle
East. The Triton malware, discovered by cybersecurity firm Dragos in mid-November 2017, could
have caused catastrophic damage — potentially causing loss of life and widescale pollution. The
malware, however, didn’t achieve its
objective, as it inadvertently triggered the Triconex safety system’s emergency system shutdown
procedure it sought to suppress, helping lead to its discovery.
42
G. Boogaerts - Safety of Chemical Processes
43
21
05/11/2023
Triconex
44
Definitions and basic External standards and regulations

concepts
IEC 61508: Functional Safety of Electrical/
Electronic/Programmable Electronic safety
related systems
IEC 61511: Functional safety – Safety

instrumented systems for the process industry
sector
ISO/IEC 2700X: Information technology –

Security techniques – Information security
management systems – overview and
vocabulary
NIS/NIS2: EU directive on security of network

and information systems
45
22
05/11/2023

concepts
The Colonial Pipeline is the
largest pipeline system for
refined oil products in the
U.S. The pipeline – consisting of
three tubes – is 5,500 miles
(8,850 km) long and can carry 3
million barrels of fuel per day
between Texas and New York.
Colonial pipeline (2021)
46
Security:
Security can be defined as the perceived or actual ability to prepare for, adapt to, withstand, and
recover from dangers and crises caused by people’s deliberate, intentional, and malicious acts such
as terrorism, sabotage, organized crime, or hacking.
(Jore 2019)
47
23
05/11/2023
To treat any subject mathematically, precise definitions are necessary for a common understanding
Risk is related to safety, danger, hazard, loss, injury, death, toxicity and peril
This definitions concerns ‘hazard, peril and exposure to injury or loss’
= suggests an unrealized potential for harm.
48
Hazard characteristics :
• Natural man-made, Avoidable/unavoidable, Controllable / uncontrollable

• Local/global, Continuous/periodic, Familiar/unfamiliar
• Old/new, Known/unknown, Certain/uncertain
• Predictable/unpredictable, Changing/unchanging
• Stable (self-limiting)/unstable
49
24
05/11/2023
Examples of Hazards and Their Effects
Workplace Hazard Example of Hazard Example of Harm Caused
Thing Knife Cut
Substance Benzene Leukemia
Material Asbestos Mesothelioma
Source of Energy Electricity Shock, electrocution
Condition Wet floor Slips, falls
Process Welding Metal fume fever
Practice Hard rock mining Silicosis
50
Examples of hazards and their effects

Hazard:
An intrinsic chemical, physical, societal, economic or political condition that has the potential for
causing damage to a receptor (people, property or the environment). A hazardous event (undesirable
event) requires an initiating event or failure and then either failure of or lack of safeguards to prevent
the realisation of the hazardous event.
Examples of intrinsic hazards:
Toxicity and flammability – H2S in sour natural gas - High pressure and temperature – steam drum
Potential energy – walking a tight rope
Hazard:
An inherent property of a substance, agent, source of energy or situation having the potential
to cause undesirable consequences (e.g., properties that can cause adverse effects or damage to
health, the environment or property).
51
25
05/11/2023
Case Study:
On 21st March 2019, at approximately 08:00 AM an incident occurred during the

commissioning of a Spherical Tank. Spherical tank ruptured while being
purged with nitrogen prior to putting the tank in service. The tank had
successfully passed leak testing at a pressure of 24 bar few days before the
incident. Due to the “non-availability” of a nearby nitrogen production facility, a
mobile liquid nitrogen tank connected to a liquid nitrogen vaporizer
was used to generate the required nitrogen gas for the purging process. The
purging plan was to vaporize the liquid nitrogen and pressurize
the spherical tank using nitrogen in the gaseous form after vaporization with the
expectation that the PRVs would operate at a pressure of 10 bar as previously
tested. At a pressure of 4 bar, the spherical tank experienced a metallurgical failure
resulting in flying debris. The scattered flying debris claimed the lives of 25 persons
working below & nearby the tank area.
What Went Wrong?
“Root Cause Analysis of the Metallurgical failure revealed that liquid nitrogen flow
rate was higher than the capacity of the vaporizer connected, resulting in the
nitrogen reaching the spherical tank in its liquid state (–196°C).
The liquid nitrogen accumulated in the spherical tank triggering steel ductile to
brittle transition causing the tank rupture at a pressure of 4 bar”.
The flow rate of the liquid nitrogen was not controlled or restricted to ensure it
never exceeded the vaporizer capacity. The risk associated with the use of liquid
nitrogen was not adequately foreseen and mitigated. If the flow rate was
adequately controlled, the metallurgical failure would not have occurred.
52
a hazard is anything that may cause harm, such as chemicals, electricity, working from ladders, an
open drawer, etc;
And the risk is the chance, high or low, that

somebody could be harmed by these and other hazards, together with an indication of how serious
the harm could be.
53
26
05/11/2023
The emission aspects: emissions of matter
Nature of emission Examples of sources

Electrons (Beta) Nuclear reprocessing
Alpha Particles Nuclear reprocessing
Neutrons Nuclear reprocessing
Molecules Loss of containment
Micro-organisms Biochemical processes: cooling towers
Aerosols Flashing liquids
Particulates Dusty processes
Missiles Explosions
Bulk liquids Loss of containment
Source: V. C. MARSHALL, 1990
54
Hazard Identification:
Systematic investigation of the possible hazards associated with an installation, particularly

identification of the hazards of the chemical(s) that can cause injury or death to people or damage
to property by the release of the chemical or by the release of energy in the event of an accident.
Risk is the chance of loss, injury or death
= a more explicit definition

Chance, likelihood and probability are all related words for a random process.
Risk is a nebulous concept: Putting risk on a mathematical foundation is a first step in setting a
number to risk
55
27
05/11/2023

Scheer, D., et al. (2014)
56
The opportunity for reward is also reflected in the Chinese word for risk wai chi, which means
“danger opportunity” (IRM, n.d.).
Opportunity and threat are therefore the two faces of risk and on balance each side has the
potential to prevail given the right circumstances.
The word ‘risk’ derives from the early Italian risicare, which means ‘to dare’.
In this sense, risk is a choice rather than a fate (Bernstein, 1996, p.8)
57
28
05/11/2023
Risk: uncertainty about negative consequences

(e.g. Sitkin & Weingart, 1995) = highly prevalent in everyday situations
It is an inherent trait in humans to take chances. We believe that even though

the future is uncertain we can make calculated choices based on our knowledge of past
occurrences and the outcomes will be skewed in our favor.
The nature of risk : Risk is a curious and complex concept. In a sense it is unreal in that it is always
concerned with the future, with possibilities, with what has not yet happened. If there is certainty,
there is no risk.
There is a fairy-tale sense to it, the ungrasp ability of something that can never exist in the present
but only in the future. Thus, risk is a thing of the mind, intimately linked to personal or collective
psychology even though as engineers we often try to give it the trappings of objectivity.
58
Renn (1992) has introduced different views of the problem of risk:
• Insurance-statistic based view

• Toxicological-epidemiological view
• The engineering approach
• Economical view
• Psychological view
• Social-theoretical view
• Cultural-theoretical view
See: Risk management
59
29
05/11/2023
Risk: origin is unclear – no true definition - Greek: accidents at see
(1) Colloquial language: a risk means a harmful event that may occur, but not with certainty. It can refer
both to probability and consequences
(2) Research: One common way to use the word is to let it refer to the probability of the occurrence of a
harmful event. If there is a measure of how harmful the event is (for instance the number of fatalities in
a sea accident), the risk may sometimes mean the product of the probability and the amount of harm.
Statisticians call this an expected value, and it has often been used to specify the concept of risk.
(3) A third use of the word has to do with the variation in the result, if a certain measure is taken. An
example could be the variation in travel time going by train or car, i.e., the risk of delay.
(4) A fourth definition is the experienced risk. That is, how large an individual considers the risk to be,
with the individual’s own interpretation of the word risk (Slovic, 2000; Renn, 2004)
60
Risk: Historical risk research
1970: opposition to nuclear power

How? To estimate the magnitude of various risks
Smoking: large risk compared to nuclear power
Opposition was persistent
Researchers realized that it was necessary to try to understand the factors that affect how people react
to risks.
Chauncey Starr (1969): We seem to be prepared to accept much larger risks if they are voluntary than if
they are forced upon
The perception of risks was born – risk acceptability
61
30
05/11/2023
The most common definition of risk (Proske 2008) :
= Two components
• Indetermination: will be elaborated
• Damage
62
The question that now arises is, in which direction will

the donkey move and why? Of course, if there would be
circumstances influencing the decision of the donkey
been known they might be excluded. This yields to the
query, “Can all causes be identified or are there some
limits to identification?” If the latter is true, in
determination exists under all conditions.
63
31
05/11/2023
The question that now arises is, in

which direction will the donkey move
and why? Of course, if there would be
circumstances influencing the decision
of the donkey been known they might be
excluded. This yields to the query,
“Can all causes be identified or are
there some limits to identification?”
If the latter is true, indetermination
exists under all conditions.
64
Types of indetermination (Proske 2008):
• Non-specification (absence of information) = unclear definition

• Uncertainty (absence of accuracy) = uncertainty of a judgement
• Dissonance (absence of arbitration) = will it happen or not?
• Confusion (absence of comprehension) = lack of understanding
65
32
05/11/2023
Damage (Mechler 2003)
• More than 100 fatalities

• Financial damage higher than 1% of the gross domestic product
• More than 1% of the population is affected by the event or
• More than 10 fatalities
• More than 100 people are affected
• Emergency case announced
• The country asks for international help
66
Disaster UN
The United Nations describe a disaster as “the disruption of the functionality of a society, the loss of
life, real values and environmental values and exceedance of the capability of a society to cope with
such an event”
67
33
05/11/2023
Bodily injuries Financial loses

Fatal injury Losses to the public
Disabling physical injury Cost of combatting emergencies
The nature of harms
Non-disabling physical injury Cost of recovering bodies
Mental injury Cost of conducting inquiries
Fatal disease Loss of property values in public domain
Non-fatal disease Losses to the company
Compensation for death and injury
Loss of share values
Loss of sales and customers
Damage to water supplies
Long term ecological damage
Environmental damage Property damage
Loss of amenity for residents Damage to equipment, stored materials and on site
Injury to flora and fauna buildings
Damage to water supplies Damage to property in the public domain
Long term ecological damage
Social damage
Evacuation
Loss of livelihood
Production of social trauma
Source: V. C. MARSHALL, 1990
68
69
34
05/11/2023
70
Public domain accidents Environmental damage

Long range I short duration Long range / long duration
Explosions, fires and

Whole site accidents toxic releases leading
Range
Medium range I short duration to long term damage
Personal accidents Occupational diseases

Short range I short duration Short range I long duration
Source: V. C. MARSHALL, 1990 duration
71
35
05/11/2023
Events Identification:
Determination of the different situations that can occur and lead to harm, including estimation of
the probable quantity, concentrations, transport, and fate of the hazardous substance(s) or energy
released in each specified situation, as determined in part by the environmental conditions at the
time of the event.
Events Frequency:
An estimate of the number of times a specified phenomenon (event) occurs within a specified
interval.
Consequence Assessment:
A calculation or estimate of the nature and extent of the damage caused by all specified hazardous
events, including the influence of environmental factors and the probability of exposure of
individuals, populations orecosystems.
72
Risk Characterization:
Integrates the previous components into an estimation of the combination of the event frequencies
and consequences probabilities of the hazardous events specified (for each event and the sum of all
events)
Determining Significance:
Evaluation of the significance of the risk estimation and each of the components of the risk
assessment process, including elements of risk perception and cost/benefit
Considerations:
The components of the risk assessment process defined above lead to a definition of risk
assessment - a value judgment that combines the results of risk characterisation and the estimate
of the significance of the risk.
73
36
05/11/2023
Risk analysis: systematic use of information to identify sources and to estimate the risk
Risk estimation: process used to assign values to the probability and consequences of a risk
Risk evaluation: process of comparing the estimated risk against given risk criteria to determine the
significance of the Risk
Risk assessment: overall process of risk analysis and risk evaluation
74
The nature of risk

Another reason for its strangeness is that risk is a composite idea. It brings together three separate
aspects (1) likelihood (or chance), (2)consequences and (3)context.
All three contribute to any assessment or quantification of risk.
Risk quantification:
Actuarial of Linear Risk
Chance: probability
Loss: consequences
Of: multiplication
Risk = Probability times Consequences
R=p*C
75
37
05/11/2023
A risk management system or risk management

Influence on quantification?
Operational discipline: What is this?
Operational discipline:
Operational discipline: What is this?

Risk = Function (Frequency, Consequence)
Risk = Function (Frequency, Consequence) / (Operational discipline)
76
Conduct of operations (operations) is the

execution of operational and management tasks in
a deliberate and structured manner.
It is also sometimes called "operational discipline" or "formality of operations", and it is closely tied
to an organization's culture.
77
38
05/11/2023
Conduct of operations institutionalizes the pursuit of excellence in the performance of

every task and minimizes variations in performance. Workers at every level are expected
to perform their duties with alertness, due thought, full knowledge, sound judgment, and a
proper sense of pride and accountability
Risk = Function (Frequency, Consequence) / (Operational discipline)
Overall Company Risk = Function (Frequency, Consequence, Resource allocation) / (Operational

discipline)
Process safety
78
Risk quantification:
50.000 traffic deaths per year is not newsworthy but a single accident killing 50.000 is very
newsworthy.
Solution: consequences are raised to the v-power.
Risk quantification: Why?
It is important to note that each organization must address their risks effectively to remain in
business.
To rank the risks
79
39
05/11/2023
Risk quantification: Why?
It is important to note that each organization must address their risks effectively to remain in
business.
To rank the risks
80
Intermezzo: Assurance
15th century Genoese

Protect against individual catastrophic shipping losses by sharing the risk
The insurer collects premium R for insuring N ships per year of which n are lost and an award C is
paid for each lost ship.
N*R= n*C R = (n/N)*C
For N very large n/N approaches probability, p
81
40
05/11/2023

Risk evaluation
82
Quantitative Risk Assessment Methodology
Deterministic risk considers the impact of a single risk scenario, whereas probabilistic risk considers
all possible scenarios, their likelihood and associated impacts. Deterministic approaches are used to
assess disaster impacts of a given hazard scenario, whereas probabilistic methods are used to
obtain more refined estimates of hazard frequencies and damages. Probabilistic assessments are
characterized by inherent uncertainties, partly related to the natural randomness of hazards, and
partly because of our incomplete understanding and measurement of the hazards, exposure and
vulnerability under consideration (OECD, 2012).
83
41
05/11/2023
Source: Deterministic or
probabilistic analysis? | Risktec
(tuv.com)
84
Deterministic or probabilistic (Kirchsteiger 1990)
= depends on the system
Deterministic systems are perfectly predictable. That is, they follow an entirely known rule (law, equation
or fixed procedure) so that the state of each component and of the entire system can be given at any
time for any time in the past and future. The states of deterministic systems can be described by
statements or by numbers specifying, for example, physical characteristics of the system (observables,
such as length and mass of a physical object).
Variables with known fixed values and connected by a known equation or rule = deterministic case
or variables with random values and connected by a known or unknown equation = probabilistic case
85
42
05/11/2023
Kirchsteiger (1999) concludes:
”… that there is neither a strictly deterministic nor a strictly probabilistic approach to risk analysis.
Each probabilistic approach to risk analysis involves deterministic arguments, each deterministic
approach includes quantitative arguments which decide how the likelihood of events is going to be
addressed.”
The concept of QRA, which has emerged in recent years with ever-increasing importance being
attached to it, deals with the following key aspects of accidents in CPIs (Khan and Abbasi, 1998):
• Development of tools and techniques to forecast accidents.
• Development of tools and techniques to analyse consequences of likely accidents
86
Incident versus risk analysis –

deterministic versus probabilistic
(Kirchsteiger ,1999)
87
43
05/11/2023
Deterministic or probabilistic (Kirchsteiger 1990)
Probabilistic systems involve some degree of uncertainty in predicting their behaviour and require
“random variables” to describe the system’s components and their interactions. In other words,
“randomness” simply implies small or negligible determinism. The theory of probability is the only
analytical tool available to help map the unpredictable. By describing the states of probabilistic
systems by probability numbers, it uses past knowledge to predict future states.
88
89
44
05/11/2023
The concept of QRA, which has emerged in recent years with ever-increasing importance being
attached to it, deals with the following key aspects of accidents in CPIs (Khan and Abbasi, 1998):
Development of tools and techniques to forecast accidents.
Development of tools and techniques to analyse consequences of likely accidents
90
Such consequence analysis fulfils two objectives:

a) It helps in setting of industries and management of sites to minimize the damage if accident do
occur;
b) It provides feedback for other exercises in accident forecasting and disaster management.
Development of managerial strategies for 'emergency preparedness' and 'damage minimization’.
The risk is defined in QRA as a function of probability or frequency and consequence of a particular
accident scenario:
Risk = F(s, c, f)
Where s = hypothetical scenario, c = estimated consequence(s), f = estimated frequency
91
45
05/11/2023
The risk is defined in QRA as a function of

probability or frequency and consequence of a
particular accident scenario:
Risk = F(s, c, f)
Where s = hypothetical scenario, c = estimated
consequence(s), f = estimated frequency
92
Qualitative risk assessment: Uncertainty
(1) Identification of the (a) Probability of the Probability part of the risk
possible undesired events – undesired events
sources – HAZARD
(2) Determination of the (b) Probability of the

physical effects undesired effect
(3) Determination of the (c) Probability of harm

possible harm
(4) Identification and presentation of the risk
93
46
05/11/2023
Determination of the fysical effects
Propane:
C3H8 – BP- -42°C - 44.1 g/mol
Butane:
C₄H₁₀ - BP- -1°C – 58.12 g/mol
Liquified natural gas:.

• BLEVE: pressure
• Flash fire – jet fire
(Gooijer, 2012)
94
95
47
05/11/2023
Individual risk: is the annual risk of death or serious injury to which specific individuals are exposed.
Whether the risk is tolerable can be judged easily as individuals knowingly take and accept risks all the
time by, for ex., travelling in a car. By reference to known statistics about such risks, it is generally
accepted that risk of death or serious injury to third parties should not exceed 1 in 10,000 in any year
and that risk below 1 in 100,000 is negligible in relation to other accepted risks. Between these limits,
the risk arising from a hazard must be made “as low as reasonably practicable” (ALARP).
97
98
48
05/11/2023
Societal risk can be defined as ‘the relationship between frequency and number of people suffering
from a specified level of harm in a given population from the realisation of specified
hazards’ (Jones, 1992).
Societal risk assesses ‘the chances of more than one individual being harmed simultaneously in an
incident’, as opposed to individual risk, and ‘varies according to the surrounding population
(location and density)’. Societal risk is used to account for the harm caused by major, multiple
fatality risks.
99
100
49
05/11/2023
101
102
50
05/11/2023
First classification of risks
(1) Risks which are known about in advance and for which there is statistical documentation based
on earlier studies.
(2) Risks indicated by previous accidents, as a result of which it is possible, through some form of
check list, to evaluate the possible risks which exist.
(3) Risks which are shown to be possible based on separate and independent studies.
When working with very dangerous systems (e.g., nuclear energy), it is not possible to rely solely on
the experience gained from previous accidents. Here, it is essential to try to consider all the
potential deficiencies and faults in the systems. For obvious reasons, this type of risk assessment is
extremely difficult and requires very qualified experts.
103
How to handle risks?
• Self-evident measures
• Standards and norms
• The application of previous experience
• The design engineer’s own assessments
• Risk analysis
104
51
05/11/2023

(Macpherson, 2008)
Safety & Risk acceptability
When is something safe?
Antonyms: It is safe if it poses no risks?
All of the activities that we engage in pose some

risk to us (going for a walk, driving to the
supermarket, using a computer, …)
105

(Macpherson, 2008)
A thing is safe if its risks are judged to be

acceptable (W. W. Lowrance). Do you agree?
A thing is safe, were its risks fully known,

those risks would be judged acceptable by a
reasonable person in light of their settled value
principles (M.W. Marting, R. Schinzinger).
106
52
05/11/2023
A thing is safe, were its risks fully known,

those risks would be judged acceptable by a
reasonable person in light of their settled value
principles (M.W. Marting, R. Schinzinger).
You need to be aware of all the risks

Erroneous judgements (persons attitude)
107
The more general point to draw from these cases is

that risk acceptability seems to be much more
subjective than safety. So we need an analysis
that avoids the notion of
risk acceptability?
Risk acceptability takes into account the
potential benefits that could result from the
taking of the risk
So safety cannot be defined in terms of acceptable

risks?
108
53
05/11/2023
A new analysis of safety
Safe or unsafe
Safe qua cause / Safe qua recipient
Major factors: Safe qua recipient

• Significant value
• Probability that the value in question could be lost or diminished must be significant
Again, we call things safe or unsafe in relation to the likelihood that they will cause harm, but we also call
things safe or unsafe in relation to the likelihood that they will be harmed
109
A new analysis of safety
Safety qua recipient: f(particular situation or

environment)
Safety qua cause: ‘interaction context’
Loss of value is intended.
110
54
05/11/2023
Cause Action Effect
Dangerous Harmful
situation Situation
Danger Gevaarlijk
e
Threat Harming Harm
111
Danger identify
(presence of an
intrinsic danger)
RISK FACTORS
Treat Terminate
Each element that is
associated with the
danger and that
determines the risk
Tolerate Transfer
Probability Evaluate
Risk
Harm Define
112
55
05/11/2023
https://screenshots.firefox.com/7p1NvJ8BzWFPEqif/safetyman
agementeducation.com
https://screenshots.firefox.com/7p1NvJ8BzWFPEqif/safetyman
agementeducation.com
113
Business Continuity Planning
114
56
05/11/2023
Definitions and basic concepts: Dombrowski(2009)
115
The aims of business continuity vary depending on the nature of the organization and are as general as
keeping the light on and as specific as providing all staff with chargers so that they can use their
phones and laptops following a Superstorm Sandy–type event.
Resilience: able to withstand or recover quickly from difficult situations

Organizations are increasingly facing with various types of disruptions that could take place individually
or simultaneously. Each disruption might have different effects on organizational resources.
116
57
05/11/2023
117
SOURCE: BS 25999-
118
58
05/11/2023
119
120
59
05/11/2023
BCP aims to develop appropriate plans at pre-disaster in order to resume key business operations to
a minimum acceptable predeﬁned level (i.e., Minimum Business Continuity Objective (MBCO))
immediately after a disruptive event within the so-called Maximum
Tolerable Period of Disruption (MTPD) through invoking appropriate BC plan(s).
On the other hand, DRP strives to ensure the full recovery (restoration) of all disrupted operations
to their normal business state at post-disaster (ISO:22310, 2012).
121
A standard: PAS 56
• holistic management process

• identifies potential impacts
• framework for resilience and response capability
• safeguard interests of key stakeholders.
A process that establishes a secure and resilient business environment capable of mounting an
immediate and effective response to a major incident
AS/NZ HB 221 HB 221 identifies the minimum level of acceptable performance and what
infrastructure, and resources are required to sustain it. AS HB 292 HB 292 summarizes best practices
from Australia, the United States, and the United Kingdom.
122
60
05/11/2023
Business continuity management (BCM) exists to avoid any interruptions that could lead to either significant
losses or a failure to achieve the organization’s principal objectives. BCM is both a process and a discipline.
The sorts of things business continuity exists to deal with are wide ranging, from the mundane to the most
dramatic events, such as from someone leaving the water running to volcanic ash clouds or space weather.
(Jamie Watters).
There are infinite possible causes or risks to your business, but they manifest as one of just five possible
outcomes. Don’t spend any time trying to identify all the possible potential causes of a problem and
preparing for each one in turn. Instead, focus on preparing for the possible outcomes.
The Five Possible Outcome Scenarios:
Loss of technology: The technology you use is not available or doesn’t work.
Loss of a building: A building is destroyed or out of action for the medium to long term
Denial of access to a building: Your staff is not allowed into their place of work.
Loss of staff: Key staff members are unable to attend work.
Loss of a supplier: A supplier is unable to provide critical services, products, or resources.
123
124
61
05/11/2023
Definitions and basic concepts: Risk management
The first risk classifications
Between the two world wars: Italy and Germany

Risk classifications in managerial literature: several classifications
Risks classified based on the effects resulting from the event occurrence. On this basis, we
would distinguish between economic risks and non–economic risks . The former would be
susceptible to causing monetary losses, while the latter would be susceptible to causing
non-monetary losses.
125
Drucker, based on the same criterion, distinguished between physical risks and
economic risks : the former due to improper actions of physical and natural forces,
the latter associated with man’s economic activities.
Oberparleiter has further distinguished the economic risks into social, natural,
commercial subjective (i.e., specific to the entrepreneur) and commercial objective
(i.e., specific to the product)
126
62
05/11/2023
Static risks and dynamic risks. The former are linked to losses caused by the improper
action of nature and errors and misunderstandings by human beings. The latter are associated with
economic changes, especially in human needs and technological and organizational improvements.
Risks classified based on the type or nature of the economic result resulting from the event. They
are broken down as follows:
property risks: these relate to the destruction, damage, disappearance of the property with
resulting costs and liability risks: events entailing a legal liability
personal risks: events involving physical risks for people.
127
Pure risks from speculative risks. Pure risks are all those earlier identified as property, liability, and
personal risks. Speculative risks are encountered daily in most business
decisions: for instance, the extension of a factory may create earnings but also losses.
The risk appetite concept has been given considerable attention recently in enterprise risk
management contexts. Several definitions exist, most with a link to risk acceptability, but also
values and goals.
The usefulness of the concept is, however, disputed; some authors argue that we can in fact do
better without it.
128
63
05/11/2023
Article: (i) to argue that the risk appetite concept, suitably interpreted, has a role to play in risk
management, (ii) to show that the risk appetite concept is well supported by some types of risk
perspectives and not by others, and (iii) to show how the risk appetite concept is linked to other
related concepts, such as risk seeking and risk acceptability.
129
130
64
05/11/2023
HERKERT, J., BORENSTEIN, J. & MILLER, K. 2020. The Boeing 737 MAX: Lessons for Engineering Ethics. Sci Eng Ethics, 26, 2957-
2974.
https://ourworldindata.org
Research in Transportation Economics, Adres W. Evans, Imperial Collega Londen, 2013
Global risk report, www.weforum.org, 2017, 2019, .., 2023
Catalogue of risks, natural, technical, social and health risks, Dirk Proske, Austria,2008
Aleksander Shadkowski, Rail transport system approach, 2017
Abdo, H., Flaus, J., & Masse, F. (2017). Uncertainty quantification in risk assessment - Representation, propagation and
treatment approaches: Application to atmospheric dispersion modeling. J. Loss Prev. Process Ind., 49(PB), 551-571.
doi:10.1016/j.jlp.2017.05.015
Article, Representing societal risk as an FN curve and calculating the expectation value, Martin Goose, 5th March 2010
NASA System Safety Handbook , Washington, 2011
Airport Watch Briefing –Third Party Risk around airports, anonymous
Safety, Risk Acceptability, and Morality, James A. E. Macpherson, 2008
Process safety, CCPS
CPQRA, University of Toronto, April 6, 2015 (rev 4)
Probabilistic Safety Assessment in the chemical and nuclear industries, Ralph R. Fullwood, Butterworth Heinemann, 2000
Integrated business continuity and disaster recovery planning: Towards organizational resilience, N. Sahebjamniaa,S.A.Torabia,∗,
S. A. Mansourib
ISO Guide 73, Risk management - Vocabulary - Guidelines for use in standards, Zwitserland, 2002
Monitoring Trends in Global Combat: A New Dataset of Battle Deaths, BETHANY LACINA , Stanford University, Palo Alto, CA, U.S.A.
Lennart Sjöberg, Bjørg-Elin Moen, Torbjørn Rundmo, Explaining risk perception. An evaluation of the psychometric paradigm in
risk perception research
Business continuity management (BCM) workshop, Workshop 1 – Emergency response, Zwitserland, 2005
Safety, Risk Acceptability, and Morality, James A. E. Macpherson, 2007
On Different Types of Uncertainties in the Context of the Precautionary Principle Terje Aven, 2011
Guidelines for Integrating Management Systems and Metrics to Improve Process Safety Performance, CCPS, New York, 2015
131
CREMER, F., SHEEHAN, B., FORTMANN, M., KIA, A. N., MULLINS, M., MURPHY, F. & MATERNE, S. 2022. Cyber risk and cybersecurity: a
systematic review of data availability. Geneva papers on risk and insurance. Issues and practice, 47, 698-736.
GRIMVALL, G., HOLMGREN, Å., JACOBSSON, P. & THEDÉEN, T. 2010. Risks in Technological Systems
edited by Göran Grimvall, Åke Holmgren, Per Jacobsson, Torbjörn Thedéen, London : Springer London : Imprint Springer.
JORE, S. H. 2019. The Conceptual and Scientific Demarcation of Security in Contrast to Safety. European journal for security research,
4, 157-174.
HERKERT, J., BORENSTEIN, J. & MILLER, K. 2020. The Boeing 737 MAX: Lessons for Engineering Ethics. Sci Eng Ethics, 26, 2957-2974.
RENN, O. 1992. Concepts of risk: A classification.
SCHATZ, D., BASHROUSH, R. & WALL, J. 2017. Towards a More Representative Definition of Cyber Security. The journal of digital
forensics, security and law, 12, 53-74.
SCHEER, D., BENIGHAUS, C., BENIGHAUS, L., RENN, O., GOLD, S., RÖDER, B. & BÖL, G.-F. 2014. The Distinction Between Risk and Hazard:
Understanding and Use in Stakeholder Communication: Distinction Between Risk and Hazard. Risk analysis, 34, 1270-1285.
SIEGRIST, M. & ARVAI, J. 2021. Risk Perception: Reflections on 40 Years of Research (vol 40, pg 2191, 2020). Risk Analysis, 41, 221-
221.
PRINSLOO, J., SINHA, S. & VON SOLMS, B. 2019. A review of industry 4.0 manufacturing process security risks. Applied sciences, 9, 5105.
WATTERS, J. & WATTERS, J. 2014. Disaster Recovery, Crisis Response, and Business Continuity: A Management Desk Reference, Berkeley, CA,
Apress.
WEINSTEIN, N. D. 1989. Optimistic Biases about Personal Risks. Science (American Association for the Advancement of Science), 246,
1232-1233.
"We have not succeeded in answering all of our problems. The

answers we have found only serve to raise a whole set of new
questions. In some ways we feel we are as confused as ever, but
we believe we are confused on a higher level and about more
important things." (Oksendal, 1985)
132
65

001.introduction To Safety Engineering - Intro.def - Exist.perc - Part.1.2024.Final - Ua

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

001.introduction To Safety Engineering - Intro.def - Exist.perc - Part.1.2024.Final - Ua

Uploaded by

Copyright:

Available Formats

05/11/2023

General introduction to safety

• Prof. M. Sc. Geert Boogaerts

• Prof. M. Sc. Geert Boogaerts

Date KUL Hour Topic

5/10 Definitions and existing risks and risk perception

12/10 Definitions and existing risks and risk perception

18/10 Explosion demo – presence = mandatory, Technopolis

09/11 Hazard / Risk identification & Risk analysis techniques

16/11 Hazard / Risk identification & Risk analysis techniques

23/11 Geen les, vervangmoment zoeken,

30/11 Risk quantification

07/12 The Seveso directive and the legislator

14/12 Process safety Management systems

21/12 Human and organizational factors

Overall learning objectives

Introduction to safety engineering with a focus on general knowledge of the domain.

“From a generic perspective towards a specific industrial approach”.

Definition and basic concepts

General Introduction to safety engineering

General Introduction to safety engineering

What is engineering about?

For an engineer safety is the quality of an artefact

Issues of these kinds have occupied

We quote freely from Hammurabi’s

If a master-builder builds a house for

If the collapse is such that the

(Grimvall, Holmgren et al. 2010)

What is engineering about?

(Grimvall, Holmgren et al. 2010)

Herkert, J., et al. (2020).

• Space Shuttle challenger

Too many hands

• Space Shuttle challenger

What can society expect?

Should society expect no failures?

Is it reasonable to expect perfect reliability

What can society expect?

Should society expect no failures?

Is it reasonable to expect perfect reliability of an engineered artefact?

Introduction to safety engineering

A person trained in accident prevention, especially in industrial situations.

Source: Encyclopedia Britannica

General Introduction to safety engineering

Definitions and basic concepts

When is something safe?

Definitions and basic concepts

Source: NPR 8715.3C

Definitions and basic concepts: Safety

Definitions and basic concepts

Definitions and basic concepts

Protection against human and technical failure

Protection against deliberate acts of people

Definitions and basic concepts

Safety versus security

Definitions and basic

Definitions and basic concepts

The safety of a state or organization against criminal activity such as

Cyber security – Building security – Data security

(Schatz, Bashroush et al. 2017)

Definitions and basic

Definitions and basic

“The approach and actions