Accepted Manuscript

Title: Industrial non-routine operation process risk assessment

using job safety analysis (JSA) and a revised Petri net

Authors: Weijun Li, Qinggui Cao, Min He, Yibo Sun

PII: S0957-5820(18)30205-2
DOI: https://doi.org/10.1016/j.psep.2018.05.029
Reference: PSEP 1400

To appear in: Process Safety and Environment Protection

Received date: 13-12-2017

Revised date: 9-4-2018
Accepted date: 25-5-2018

Please cite this article as: Li, Weijun, Cao, Qinggui, He, Min, Sun, Yibo,
Industrial non-routine operation process risk assessment using job safety analysis
(JSA) and a revised Petri net.Process Safety and Environment Protection
https://doi.org/10.1016/j.psep.2018.05.029

This is a PDF file of an unedited manuscript that has been accepted for publication.
As a service to our customers we are providing this early version of the manuscript.
The manuscript will undergo copyediting, typesetting, and review of the resulting proof
before it is published in its final form. Please note that during the production process
errors may be discovered which could affect the content, and all legal disclaimers that
apply to the journal pertain.
Industrial non-routine operation process risk assessment using job
safety analysis (JSA) and a revised Petri net

Weijun Li* a b, Qinggui Cao a b, Min He a b, Yibo Sun c

a
State Key Laboratory of Mining Disaster Prevention and Control Co-founded by Shandong

PT
Province and the Ministry of Science and Technology, Shandong University of Science and
Technology, Qingdao, China

RI
b
College of Mining and Safety Engineering, Shandong University of Science and Technology,
Qingdao, China

SC
c
Shandong HELP Safety and Environmental Protection Technology Pty Ltd.

* Corresponding author

U
State Key Laboratory of Mining Disaster Prevention and Control Co-founded by Shandong
Province and the Ministry of Science and Technology
N
A
College of Mining and Safety Engineering
Shandong University of Science and Technology, Qingdao, China
M

Tel.: +86 17505455080

E-mail address: weijunli2013@163.com
D
TE

Research funders
National Natural Science Foundation of China (Grant No. 51474138)
EP

Scientific Research Foundation of Shandong University of Science and Technology for

Recruited Talents (2017RCJJ002)
First-class Discipline of Mineral Engineering construction project of Shandong
CC

University of Science and Technology (Grant No. 01AQ01805)

A
Graphical abstract

Non-routine operations

PT
Process decomposition Graphical representation
with JSA with Petri net

RI
1 2 .. n

SC
Potential hazards analysis Abnormal time sequence

Probability Consequence Skipping Reverse order

U
Risk rank Abnormal Event
N
A
Preventive measures
M
D
TE

Highlights:

 The time sequence constraint feature of non-routine operation processes is addressed.

EP

 The main hazard source is the risk originating from the out-of-sequence scenarios.


CC

A united method of revised Petri net and job safety analysis is proposed.
A

Abstract:

An important feature of the industrial non-routine operation processes is the time

sequence constraint among its steps. Therefore, the main hazard source could be the risk
originating from the out-of-sequence scenarios. The traditional job safety analysis (JSA)
method does not take account of time sequence constraint and should be adapted to
address this problem. A graphical model based on Petri net is defined and further
integrated into JSA. A non-routine operation process can be divided into steps according
to JSA and then be represented as the basic unit of the revised Petri net. Through the
graphical model, abnormal time sequence scenarios and their corresponding abnormal
events can be identified. The united method can address time sequence and provide an
intuitive and logical risk assessment procedures. The results can also provide effective

PT
guidance for workers and supervisors in the non-routine operations process.

RI
Keywords: Job safety assessment; Risk assessment; Non-routine operation; Revised Petri

SC
net

U
1. Introduction
For industrial processes, there are two modes of operations, which are routine operations
N
and non-routine operations, respectively. For example in the gas transmission stations,
A
routine operations refer to daily activities such as facility inspection, pressure regulating,
M

etc., while non-routine operations include gas transmission startup and shutdown, venting
process, pigging process, etc.
D

Compared with routine operations, non-routine operations are performed infrequently

TE

(Roughton and Crutchfield, 2008). Also, operators are prone to make operational errors
due to their lack of experience. Supervisors and managers hardly have time to conduct an
in-depth hazard analysis of non-routine works. All these characteristics of non-routine
EP

operations increase uncertainty and complexity to their risk scenarios control (Aven, 2015;
Malmén, et al., 2010; Shin, 2014). Studies have shown that about 70% of major accidents
CC

occur during non-routine operations (Rasmussen, 1989). For example, one of the causes of
BP Texas City Refinery explosion accident is that the pre-startup safety review was
A

inadequate (CSB, 2007). However, most hazardous industries focus more on normal or
routine operations rather than non-routine operations. Besides, most traditional safety
analysis and assessment methods have not paid enough attention to non-routine operations
(Lee and Park, 1997). Due to the uncertainty and dynamic variability of non-routine
operations, it requires a complete process hazard analysis and risk assessment to identify
hazard scenarios and prevent accidents.

Although some works on the safety during the startup or shutdown processes are now
available, there remains no widely accepted risk assessment frameworks or methods for
non-routine operations. Cameron, et al. (2017) summarized in their recently published
paper that few studies focus on non-continuous or transient operations like start-up,

PT
shutdown and turnaround operations. The widely used systematic method, which is Hazard
and Operability Analysis (HAZOP) has been used for non-routine operations risk analysis

RI
(Bridges and Marshall, 2016). However, non-routine operations can only be viewed as
deviations from normal operations during the HAZOP analysis, while the focus is still on

SC
the normal operations (Bridges and Clark, 2011). Another application of HAZOP to non-
routine operations risk analysis used guide words including who, what, when, and how
long to describe hazard elements (Ostrowski and Keim, 2010). The traditional methods fail

U
to provide intuitive representations for risk propagation paths of non-routine operations.
N
Consequently, misoperations and accidents have not been prevented in the past years.
A
Besides, due to the uncertainty feature of non-routine operations, the evaluation results are
usually not complete (Pasman and Rogers, 2016).
M

Job safety analysis (JSA) is an effective method to identify risks in operation process
D

(including non-routine operation process) and prevent accidents (Geronsin, 2001; MSHA,
1990; Rozenfeld, et al., 2010; Wang, et al., 2013; Zheng, et al., 2017; Zangoui, et al., 2014).
TE

Especially, Glenn (2011) indicated in his research that JSA seems to be especially suitable
for non-routine activities hazard evaluation. However, current JSA only involves static
EP

hazard assessment while neglecting the dynamic “process” safety analysis, which is an
essential feature of non-routine operations assessment. As Bridges and Clark (2011)
CC

pointed that the traditional JSA is lack of the capacity to identify process safety issues.
Specifically, the time sequence constraints have not been considered in current methods.
Although the JSA method has mentioned that job steps must be conducted sequentially, the
A

risk scenarios of out-of-order have not been considered, either (Zheng, et al., 2017).

To overcome the disadvantages of the aforementioned methods, a graphical model based

non-routine operations process assessment framework is proposed in our work. It should
be noted that although the model can be seen as a variation of the time Petri net model,
only the graphical structure is adopted. There have been many ways of using Petri net for
safety and risk analysis (Talebberrouane, et al., 2016). By depicting the non-routine
operation process into a graphical model, the risk propagation process is more intuitive,
which help managers and operators to grasp the whole picture. Therefore, the conventional
JSA can be improved with a graphical model through adding time sequence constraints to
risk assessment.

PT
The remainder of this paper is organized as follows. In Section 2, the revised Petri net

RI
model describing non-routine process is defined and some basic risk symbolic
representations are introduced. Further, the integration of the revised Petri net model and

SC
JSA is presented. The methodology is demonstrated with the gas transmission startup
process in Section 3. Finally, conclusions and discussions are summarized in Section 4.

U
2. Methodology
N
A
2.1 The revised Petri net
M

Graphical risk analysis methods can provide an intuitive way to depict and represent
D

structures and relations among risk elements. Especially in hazardous industries, graphical
TE

risk analysis has been used effectively to help risk identification, assessment, and
mitigation. For example, methods like Fault tree analysis (FTA), Bow-tie, Petri nets (PN)
EP

are the most widely used graphical methods to analyze causes contributing to critical
failures. Especially, Petri net (PN) represents complex system with an intuitive network
CC

structure and simulates risk propagation paths from a dynamic perspective. Due to its
ability of path marking and dynamic reasoning, it has been recently applied in many
domains, such as power system (Zhang, et al., 2016) and emergency response (Zhou, 2013).
A

Especially in the safety analysis domain, Petri net has been used extensively by integrating
with current safety-related theories and methods (Leveson and Stolzy, 1987; Vernez, et al.,
2003; Wang, et al., 2016). A Petri net is usually composed of places, transitions, arrows
and tokens. In this paper, only the graphical structure is studied while the quantitative
reasoning mechanisms of Petri net are not included. The basic elements symbols of the
graphical model are listed in Fig. 1.

P0(m) P1(n) t(l) Output/input

Fig. 1 Basic elements symbols of the graphical model

PT
Fig. 1 indicates the basic elements of time Petri net (İftar, 2016). P0(m) is composed of
circle and dot, representing that a token is in the place P0. The constant m indicates the
time-delay of P0. Similarly, P1(n) represents place P1 with a time-delay n. The bar t(l)

RI
indicates transition. And the output/input arrow connects places and transitions according

SC
to their relationships.

The meanings of these elements are slightly different in the safety-related domain. For

U
safety analysis, the places usually represent causes or consequences of the abnormal event.
The place is marked with a token if the corresponding causal event is observed or detected.
N
The transitions indicate the production rules which describe the propagation of risks. If the
A
production rule is true, the corresponding transition occurs and the token is transferred to
M

the next place.

In this context, we define a graphical model based on the Petri net structure to depict the
D

generation and propagation of risks in the non-routine operational process. Non-routine

TE

operations can be divided into several steps and these steps require strict sequential orders.
Therefore, the framework should reflect time sequences as well as different operation steps.
We build a basic unit of the graphical model, as shown in Fig.2.
EP
CC

t1

P1
t3
A

t2 P3
P2

Fig. 2 Basic unit of the revised Petri net model

In the unit, the time sequence constraints are integrated into transitions. Each basic unit
corresponds to each step in the operation process. In the basic unit, the input places P1 and
P2 are the basic operations or elements of the corresponding step. And the output place P3
is the object of this step. For example, field staff wearing personal protection equipment
(PPE) is the first step of most operation process. In this step, P1 means that field staff
prepares to enter into the site, and P2 indicates staff wear PPE. The output place P3

PT
represents the completion of the first step.

RI
Transitions and time constraints are represented by arrows and t1, t2, t3. Different operations
modes can be reflected through the combinations of the arrows and time constraints. Within

SC
each step, there are two operation modes, which are the successful mode and the failure
mode. In the graphical model, these two modes can be described with time constraint
relationships. Take the same example, the successful mode is that field staff prepare to enter

U
into the site (P1) after wearing PPE (P2). We define the normal time sequence constraint (t2
N
→t1→t3) to depict this mode. Otherwise, the operation mode is failure if field staff enter
A
into the site without wearing PPE (abnormal time sequence constraint: t1→t3) or field staff
M

enter into the site before wearing PPE (abnormal time sequence constraint: t1→t2→t3).
D

2.2 JSA
TE

The job safety analysis method is a typical and effective method for job process risk
assessment (Collins, 2010; Chao, 2002; Gopinath and Johansen, 2016; Mattila and
EP

Hyödynmaa, 1988). The procedure of JSA can be divided into four steps, which separately
are job selection, process decomposition, potential hazards analysis, and preventive
CC

measures (Glenn, 2011).

In theory, all job processes imply risks. But in practice, not all of these risks need to be
evaluated with JSA due to limited time and financial resources. Generally, the jobs that
A

require the JSA include those with potential fatal factors, frequent injuries, or historical
accidents, etc. (Swartz, 2002). Then the job process can be divided into several sequential
steps and hazard analysis and risk assessment will be conducted for each step (Raveggi,
2010). Finally, some recommendations about the preventive measures will be proposed. In
this work, we apply the JSA to the risk assessment of non-routine operation process.
To address the uncertainty and dynamic variability of non-routine operations, many
modifications of JSA have been made. For example, Veland and Aven (2015) proposed an
improved JSA for the offshore platform modification work assessments by addressing the
characteristics of uncertainties and the unforeseen. Li et al. (2016) improved the traditional
JSA by using cumulative risk theory to describe risk dynamic propagation mechanisms and
applied it to the gas transmission station startup process. As we mentioned, an important

PT
feature of non-routine operations is that it requires strict time sequence constraints.
However, it can be seen from the above JSA procedures that traditional JSA lacks the ability

RI
to take account of time sequences. In other words, the risk scenarios of out-of-order can
not be identified in the current JSA.

SC
U
2.3 The integration of the revised Petri net and JSA
Given the advantages of graphical model in the aspect of reflecting time sequences, we
N
propose to integrate the revised Petri net model and JSA. The integration model is shown
A
in Fig. 3.
M
D

Non-routine operations
TE

Process decomposition Graphical representation

with JSA with Petri net

1 2 .. n
EP

Potential hazards analysis Abnormal time sequence

CC

Probability Consequence Skipping Reverse order

Risk rank Abnormal Event

A

Preventive measures

Fig. 3 Integration of the revised Petri net model and JSA

The blocks with green fill color represent the procedures determined by JSA, while those
with blue fill color are derived from the graphical model. We can see that the
complementary relationships between JSA and graphical model provide solutions to the
problems raised at the beginning of this article. Further, the procedures of the integrated
method can be described as follows:

(1) Divide the non-routine operation into steps. Then represent each step as a basic unit of

PT
the graphical model. Sequential steps are linked through time constraints;

(2) Identify potential hazards caused by the possible abnormal time sequence of the

RI
graphical model. For each step, two types of abnormal time sequences are mainly
considered to determine the abnormal events, which are skipping step and reverse order,

SC
separately;

(3) Evaluate the risks of the abnormal events by assigning probability level and

U
consequence level and referring to risk matrix;

N
(4) Establish preventive measures for each step according to its risk and abnormal events.
A
In the next section, a case study will illustrate the application of the integration method.
M

3. Risk assessment
D
TE

3.1 Gas transmission startup process

Non-routine activities in the gas transmission stations include startup, shutdown, blow
EP

down process, venting process, etc. In this paper, gas transmission startup process was used
to demonstrate the integration method. It should be noted that the method is also applicable
CC

for the risk analysis in other industries like mining and fire safety (Cheng, et al., 2017; Fan,
et al., 2018; Zhou, et al., 2017). The common startup process includes six steps. First,
operators entering the workplace should wear Personal Protective Equipment (PPE). Then
A

kindling checking should be proceeded. After entering the workplace, any valve should not
be opened until all valves’ status are checked. When the target valves are slowly opened,
the leakage test or detection must be conducted. After the valve opening process, the
operators should slowly open flow meter and automatic pressure regulator. Finally, all the
involved instruments and equipment leakage should be checked.
It can be seen that the safety of the startup process is determined by each step, including
correct operation procedures and strict sequence of these operations. Hazard emerges when
these procedures are not followed.

3.2 The revised Petri net model of gas transmission startup process

PT
For non-routine operation process, the main risk source is the risk originating from the out-
of-sequence of operations (Gao, et al., 2008). According to the revised Petri net model

RI
described in Section 2, the mechanism of risk can be represented in a network graph. The
revised Petri net model of gas transmission startup process and its symbolic meaning are

SC
shown in Fig. 4 and Table 1.

U
t1

P1
t3
N
A
t2 P3 t5
P2
M
t4 P5 t7
P4
t6 P7 t9
P6
D

t8 P9 t11 P14
P8
t10
TE

P11
P10
t12 P13

P12
EP

Fig. 4 The revised Petri net model of gas transmission startup process
CC

Table 1 Symbolic meaning in the gas transmission startup process model

Symbol Meaning
A

Unit: Wear PPE (Step 1)

t1
P1,t1: Staff prepare to enter into site at time t1
P1 P2,t2: Staff wear PPE at time t2
t3
P3: Staff enter into site wearing PPE (Object)
t2 P3 P3→t3: Step 1 is completed at time t3
P2 t1→t3: Step 1 is not completed at time t3
 t3 Unit: Check kindling (Step 2)
P4,t4: Check kindling at time t4
P3 t5 P5: Staff enter into site after checking kindling (Object)
t4 P5 P5→t5: Step 2 is completed at time t5
t3→t5: Step 2 is not completed at time t5
P4

t5
Unit: Checking all valves’ status (Step 3)
P6,t6: Checking all valves’ status at time t6
P5 t7 P7: Open valves after checking all valves’ status

PT
(Object)
t6 P7 P7→t7: Step 3 is completed at time t7
P6 t5→t7: Step 3 is not completed at time t7
Unit: Checking all valves’ status (Step 4)

RI
t7
P8,t8: Checking valve leakage at time t8
P7 t9 P9: Continue the operations after checking valve
leakage (Object)

SC
t8 P9 P9→t9: Step 4 is completed at time t9
P8 t7→t9: Step 4 is not completed at time t9
Unit: Regulate flow and pressure (Step 5)
t9 P10,t10: Open flow meter and automatic pressure

U
regulator at time t10
P9 t11 P11: Open flow meter and automatic pressure regulator

P10
t10 P11 N
after opening valves (Object)
P11→t11: Step 5 is completed at time t11
t9→t11: Step 5 is not completed at time t11
A
Unit: Job complete (Step 6)
M
P12,t12: Check instruments and equipment leakage at
t11 P14
time t12
P11 P13: Job complete after checking instruments and
equipment leakage (Object)
D

t12 P13 t11→P13: Step 6 is completed

P12
t11→P14: Step 6 is not completed
TE

3.3 Risk assessment combining the revised Petri net model and JSA
EP

Probability and consequence are two key elements of risk. The ultimate risk rank can be
determined by the intersection of the probability and the consequence. The risk assessment
CC

matrix has proven to be an effective tool to quantify risk (Duan, et al., 2016). A detailed
description of risk assessment matrix used in the JSA can be found in (Li, et al., 2016). For
non-routine operations, probability statistics are inapplicable due to lack of enough data
A

(Aven, 2010; 2011). Therefore, we adopt frequency description to measure the probability
of risk. Note that the probability is only the indication and description of the likelihood of
accidents rather than the accurate one (Xin, et al., 2017).

With regard to probability, we divide it into four levels according to the number of
abnormal events out of every 10 operations, which is shown as follows:

 Very likely: Abnormal events occur more than 5 times.

 Probable: Abnormal events occur 3-4 times.

 Possible: Abnormal events occur 1-2 times.

PT
Unlikely: Abnormal events never occurred but should be concerned.

As for the consequence dimension, we divide it into four levels according to the number

RI
of deaths and injuries during an abnormal event. Most non-routine operations involve
limited field personnel and they are usually dispersed to different process units. Therefore,

SC
the number deaths and injuries is relatively low. The levels of consequence is shown as
follows:

U
 Fatality: More than one person die.

 Critical: Someone dies or more than 5 injured. N

A
 Marginal: No death and 3-4 injured.
M

 Minor: No death and 1-2 injured slightly.

The risk matrix is shown in Table 2.

D

Table 2 Risk matrix (Li, et al., 2016)

TE

Severity (S)
Risk (R)
Minor Marginal Critical Fatality
EP Probability (P)

Very likely 10 13 15 16
Probable 6 9 12 14
Possible 3 5 8 11
CC

Unlikely 1 2 4 7
A

On the basis of the above risk assessment principles, risk ranks of each step can be obtained.
The risk assessment results of gas transmission startup process are shown in Table 3.
 Table 3 Risk assessment results of gas transmission startup process
Normal Abnorm Ris
Abnorma
Ste time al Probabilit Consequen k Recommendatio
l
p constrain time y ce ran ns
event
t sequence k
Staff enter (1) Check the
into site integrity of PPE;
t1→t3 without Possible Marginal 9 (2) Strengthen the
wearing training of staff

PT
PPE about the
operation
1 t2→t1→t3
Staff enter sequence;

RI
into site (3) Strengthen
t1→t2→t3 before Possible Minor 3 site supervision to
wearing make sure PPE is

SC
PPE equiped before
entering into site.
Staff enter
(1) Strengthen the
into site
training of staff

U
t3→t5 without Very likely Minor 10
about the
checking
operation
kindling
2 t4→t3→t5 Check
kindling
N sequence;
(2) Strengthen
A
site supervision to
after the
t3→t4→t5 Possible Minor 3 make sure no
staff
kindlings enter
M

entering
into site.
into site
Open (1) Install gas leak
valves detectors near
D

without valves;
t5→t7 Probable Fatality 14
checking (2) Strengthen the
TE

all valves’ training of staff

status about the
operation
3 t6→t5→t7
Open sequence;
EP

valves (3) Strengthen

before site supervision to
t5→t6→t7 Possible Critical 8
checking make sure all
all valves’ valves’ status are
CC

status confirmed before

opening valves.
(1) Install gas leak
detectors near
A

Do not
valves;
check
4 t8→t7→t9 t7→t9 Probable Fatality 14 (2) Strengthen the
valve
training of staff;
leakage
(3) Strengthen
site supervision.
Do not (1) Make sure
t9→t10→t
5 t9→t11 open flow Unlikely Marginal 2 instruments work
11
meter and properly;
 automatic (2) Strengthen the
pressure training of staff;
(3) Strengthen
site supervision.
(1) Strengthen the
Job
training of staff
complete
about checking
without
instruments and
checking
6 t11→t12 t11 Possible Critical 8 equipment again
instrument

PT
before the job is
s and
finished;
equipment
(2) Strengthen
leakage
site supervision.

RI
We can see from Table 3 that the revised Petri net model can reveal operational risk from

SC
time constraint perspective. Generally for each step, there two types of risk scenario:

skipping step (t1→t3, t3→t5, t5→t7, etc.) and step disorder (t1→t2→t3, t3→t2→t1, etc.).

U
However, some abnormal time sequences are unreasonable or impracticable, which are not
N
listed in Table 2. For example, the time sequence t3→t2→t1 is unreasonable because P3→t3
A
represents that step 1 is completed at time t3. Therefore, all the reasonable abnormal time
M

sequences and abnormal events in each step are identified.

From the risk ranks of each step, it can be seen that the highest risk ranks exist in step 3
D

and step 4, which respectively are “did not check valve leakage (risk rank = 14)” and “open
valves without checking all valves’ status (risk rank = 14)”. In step 3, the abnormal time
TE

sequence is t5→t7, which means that t6 is skipped. Similarly, t8 is skipped in the abnormal
time sequence t7→t9 of step 4. Accordingly, both of these two abnormal events result from
EP

skipping steps.
CC

We can further see that the risk rank of skipping a step is higher than that of step disorder.
In other words, although step disorder risk threatens operation safety, yet it can reduce the
risk resulted from skipping a step. For example, the skipping step risk rank of step 1 is 9
A

(t1→t3), while step disorder risk rank is only 3 (t1→t2→t3). We can take a hint that better
late than never. In practice, strict non-routine operational procedures should be followed to
avoid skipping steps. Once omission occurs, site supervisors can adopt remedial measures
to limit the risk rank to a relatively low level.
4. Conclusions and discussions

Non-routine operation process has always been a weak link in an industrial system due to
its uncertainty and dynamic features. Risk assessment is an important tool to identify

PT
potential hazards, establish measures to reduce the possibility and consequence of possible
accidents. Although JSA has proven to be appropriate for non-routine operations risk

RI
analysis, challenge lies in considering time constraint, which is usually the source of risk.
Therefore, we present an integrated model of a revised Petri net model and JSA to address

SC
this problem.

By dividing a whole process into steps, risk can be described in detail for each step. Further,

U
we use the basic graphical unit to represent each step. It’s obvious that through the revised

N
Petri net, the generation and propagation of risks can be depicted intuitively and logically.
Since non-routine operations place a high demand on time sequences, the concept of
A
abnormal time sequence is introduced. Studies show that risk could generate from skipping
M

some steps or conducting operations with an improper sequence. Consequently, the

abnormal events of non-routine operations can be determined. Then the risk rank of each
D

abnormal event is obtained according to risk matrix. By comparison, the risk rank of
TE

skipping a step is higher than that of step disorder. To conclude, through integrating the
graphical model into JSA, the conventional JSA can be extended by including more risk
scenarios. The results of this study can provide effective guidance for workers and
EP

supervisors in the non-routine operations workplace.

It should be noted that the permutation and combination of the basic operation steps can
CC

generate more risk modes, but only the abnormal time sequences in contiguous steps are
identified by the proposed method. This is consistent with the feature of JSA, which is a
A

step-by-step process risk analysis method. In the future, more risk scenarios and abnormal
time sequences will be studied.

The current work focused on the static and qualitative (semi-quantitative) risk analysis of
the non-routine process. Therefore, the Petri net was used only as a graphical modeling
tool which represents the abstraction of the process. The result showed that it is an effective
tool because each step and its time sequence constraint can be described visually and
distinctly. However, it should be noted that the capability of Petri net is far beyond merely
a graphical modeling method. Future work will address state transition and dynamic
simulation of the model, which can help the real-time monitoring of non-routine process.

PT
Acknowledgments
This paper is supported and funded by the program of National Natural Science Foundation

RI
of China (Grant No. 51474138), Scientific Research Foundation of Shandong University
of Science and Technology for Recruited Talents (2017RCJJ002), First-class Discipline of

SC
Mineral Engineering construction project of Shandong University of Science and
Technology (Grant No. 01AQ01805), and State Key Laboratory of Mining Disaster

U
Prevention and Control Co-founded by Shandong Province and the Ministry of Science
and Technology. The authors would like to thank the authors of the references.
N
A
References
M

Aven, T., 2010. On how to define, understand and describe risk. Reliab. Eng. Syst. Safe.,
95(6), 623-631.
D

Aven, T., 2011. A risk concept applicable for both probabilistic and non-probabilistic
TE

perspectives. Saf. Sci., 49(8–9), 1080-1086.

Aven, T., 2015. Risk analysis. John Wiley & Sons, pp. 55-83.
EP

Bridges, W., Marshall, M., 2016. Necessity of Performing Hazard Evaluations (PHAs) of
Non-normal Modes of Operation (Startup, Shutdown, & Online Maintenance). In 12th
CC

Global Congress on Process Safety. Houston, TX. Process Improvement Institute, Inc.
(Unpublished results)
A

Bridges, W., Clark, T., 2011. How to efficiently perform the hazard evaluation (PHA)
required for non-routine modes of operation (startup, shutdown, online maintenance). In
7th Global Congress on Process Safety. Chicago, IL. Process Improvement Institute, Inc.

Cameron, I., Mannan, S., Németh, E., Park, S., Pasman, H., & Rogers, W., et al. (2017).
Process hazard analysis, hazard identification and scenario definition: are the conventional
tools sufficient, or should and can we do much better? Process Saf. Environ., 110, 53-70.

Cheng, W., Hu, X., Xie, J., Zhao, Y., 2017. An intelligent gel designed to control the
spontaneous combustion of coal: Fire prevention and extinguishing properties. Fuel, 210,
826-835.

Collins, R. L., 2010. Integrating job safety analysis into process hazard analysis. Process

PT
Saf. Prog. 29(3), 242–246.

CSB, US Chemical Safety and Hazard Investigation Board, 2007. Investigation report:

RI
refinery explosion and fire. http://www.csb.gov/assets/1/19/csbfinalreportbp.pdf (accessed
16 November 2017).

SC
Chao, E. L., Henshaw, J. L., 2002. Job hazard analysis. OSHA publication 3071 2002
(revised). Occupational safety and health administration, US Department of Labor,

U
Washington.
N
Duan, Y., Zhao, J., Chen, J., Bai, G., 2016. A risk matrix analysis method based on potential
A
risk influence: a case study on cryogenic liquid hydrogen filling system. Process Saf.
M

Environ., 102, 277-287.

Fan, T., Zhou, G., Wang, J., 2018. Preparation and characterization of a wetting-
D

agglomeration-based hybrid coal dust suppressant. Process Saf. Environ., 113, 282-291.
TE

Gopinath, V., Johansen, K., 2016. Risk assessment process for collaborative assembly - a
job safety analysis approach. Procedia CIRP, 44, 199-203.
EP

Glenn, D. D., 2011. Job Safety Analysis: Its Role Today. Prof. Saf. 56(03), 48-57.

Gao, J.J., Wang, F., Zhang, X., Yang, J.F., Wang, S.D., 2008. The research of hazard and
CC

operability analysis about the manual mistake operation in chemical production. Eng. Sci.
10(8), 35-39. (In Chinese)
A

Geronsin, R., 2001. Job hazard assessment: A comprehensive approach. Prof. Saf. 46(12),
23-29.

İftar, A., 2016. Supervisory control of manufacturing systems modeled by timed petri nets.
IFAC PapersOnLine, 49(31), 120-124.

Li, W., Zhang, L., Liang, W., 2016. Job hazard dynamic assessment for non-routine tasks
in gas transmission station. J. Loss Prevent. Proc. 44, 459-464.

Lee, S., Park, S., 1997. A knowledge-based approach to safety evaluation for plant start-
up. J. Intell. Manuf. 8(6), 517-524.

Leveson, N. G., Stolzy, J. L., 1987. Safety analysis using Petri nets. IEEE T. Software Eng.
13(3), 386-397.

PT
Malmén, Y., Nissilä, M., Virolainen, K., Repola, P., 2010. Process chemicals–An ever
present concern during plant shutdowns. J. Loss Prevent. Proc. 23(2), 249-252.

RI
Mattila, M., Hyödynmaa, M., 1988. Promoting job safety in building: An experiment on

SC
the behavior analysis approach. J. Occup. Accid. 9(4), 255-267.

Mine Safety and Health Administration, United States, 1990. The Job safety analysis

U
process: a practical approach. Washington, D.C., U.S. Dept. of Labor, Mine Safety and
Health Administration.
N
Ostrowski, S.W., Keim, K.K., 2010. Tame your transient operations: use a special method
A
to identify and address potential hazards. Chem. Process.
M

Pasman, H. J., Rogers, W. J., 2016. How can we improve HAZOP, our old work horse, and
do more with its results? An overview of recent developments. Chem. Eng. Trans. 48, 829-
D

834.
TE

Rozenfeld, O., Sacks, R., Rosenfeld, Y., Baum, H., 2010. Construction job safety analysis.
Saf. Sci. 48(4), 491-498.
EP

Raveggi F., Mazzetti S., Bolognini M., Fiorenzano A., Marchesi F., 2010. Job Safety
Analysis as a mean to increase safety awareness and achieve sustainable improvements in
CC

safety performance. Chem. Eng. Trans. 19, 421-425.

Roughton, J.E., Crutchfield, N., 2008. Job hazard analysis: A guide for voluntary
A

compliance and beyond. Burlington: Butterworth-Heinemann, pp. 333-353.

Rasmussen, B., 1989. Chemical process hazard identification. Reliab. Eng. Syst. Saf. 24(1),
11-20.

Shin, I. J., 2014. Loss prevention at the startup stage in process safety management: From
distributed cognition perspective with an accident case study. J. Loss Prevent. Proc. 27, 99-
113.

Swartz, G., 2002. Job hazard analysis. Prof. Saf. 47(11), 27-33.

Talebberrouane, M., Khan, F., Lounis, Z., 2016. Availability analysis of safety critical
systems using advanced fault tree and stochastic petri net formalisms. J. Loss Prevent. Proc.
44, 193-203.

PT
Veland, H., Aven, T., 2015. Improving the risk assessments of critical operations to better
reflect uncertainties and the unforeseen. Saf. Sci. 79, 206-212.

RI
Vernez, D., Buchs, D., Pierrehumbert, G., 2003. Perspectives in the use of coloured Petri

SC
nets for risk analysis and accident modelling. Saf. Sci. 41(5), 445-463.

Wang, R., Zheng, W., Liang, C., Tang, T., 2016. An integrated hazard identification method

U
based on the hierarchical Colored Petri Net. Saf. Sci. 88, 166-179.

N
Wang, G., Xu, C., Chen, G., 2013. Risk assessment on towing operation of jack-up platform
based on job safety analysis and risk matrix method. J. Saf. Sci. Tech. 9(10), 109-114. (In
A
Chinese)
M

Xin, P., Khan, F., Ahmed, S., 2017. Dynamic hazard identification and scenario mapping
using bayesian network. Process Saf. Environ., 105, 143-155.
D

Zheng, W., Shuai, J., Shan, K., 2017. The energy source based job safety analysis and
TE

application in the project. Saf. Sci. 93, 9-15.

Zhang, Y., Zhang, Y., Wen, F., Chung, C. Y., Tseng, C. L., Zhang, X., ... Yuan, Y., 2016. A
EP

fuzzy Petri net based approach for fault diagnosis in power systems considering temporal
constraints. Int. J. Elec. Power. 78, 215-224.
CC

Zangoui, A., Yousefi, H., Jafari, H., 2014. Evaluation of the Role and Importance of Job
Safety Analysis in Improving Safety of Iranian Seaports. J. Soc. Humanit. 2(11), 56-51.
A

Zhou, G., Zhang, Q., Bai, R., Fan, T., Wang, G., 2017. The diffusion behavior law of
respirable dust at fully mechanized caving face in coal mine: cfd numerical simulation and
engineering application. Process Saf. Environ., 106, 117-128.

Zhou, J., 2013. Petri net modeling for the emergency response to chemical accidents. J.
Loss Prevent. Proc. 26(4), 766-770.