You are on page 1of 17

Hazop vs LOPA


SLChakravorty .

SLChakravorty .


Event Tree Analysis (ETA) SLChakravorty .

• LOPA usually receives output from a HAZOP . WHAT IS LOPA ( Layer of Protection Analysis) • LOPA is a semi-quantitative method using numerical categories to estimate the parameters needed to calculate the necessary risk reduction which corresponds to the acceptance criteria.

Layer 3: Critical alarms. SIS or ESD). relief devices).g. Layer 2: Basic controls. and operator supervision. down into layers. Layer 7: Plant emergency response. process alarms. operator supervision. dikes). inherently safer designs). Layer 5: Physical protection (e. Concept of layers of *Seven layers are shown in Fig. Layer 4: Automatic action (e. and not shown . 1 and are protection( LOPA) generally applied beginning at the center of the diagram. and manual intervention. Layer 6: Physical protection (e.g. Layer 1: Process Design (e.g.g.

SLChakravorty .

LOPA can be represented mathematically using the following computational equation: • Which multiplies the frequency of an initiating event (IEFi) by the probabilities that each independent protection layer will fail to perform( PFDs) its intended function: • Frequency of Consequence is Given By: .

) . if not interrupted by the successful operation of a layer of protection. results in a hazardous outcome.1/yr. (i) IEFi – Initiating event frequency • An initiating event is a failure that starts a sequence of events that. The initiating event frequency is considered once every 10 years (IEFi is therefore 0. Examples of common initiating events include mechanical failure. operator error. and control loop failure.

and the quench system is called upon to t action.probability of failure upon demand of Independent • Failure on demand Layers occurs when a safety system is called upon to act following an initiating event but failsthe xample: to Act.when demanded to act. A runaway occurs. reactor system has an emergency quench wate system piped to the reactor in the event of a runaway. it is established that this quench system will successf operate 9 times out of 10 times . his implies that it fails only one time out of 10 So PFD is 0. urther. This is considered a demad.9 .1 Success to act is 0. (ii) PFD .

operator supervision. process alarms. TAKE AN EXAMPLE . : PFD 4 Layer 6: Physical protection (dikes) : PFD5 . operator supervision: PFD2 Layer 3: Critical alarms.CASE STUDY FOR LOPA Application to a batch reactor system • Let's examine LOPA as applied to a batch reactor manufacturing ortho-nitroaniline from ammonia and orthonitrobenzene. and manual intervention: PFD3 Layer 4: Automatic action SIS or ESD : PFD3 Layer 5: Physical protection (relief devices). • let’s imagine that we want to prevent a reactor rupture/ the catastrophe incident. • IEFi (Initiating event frequency) • PFD (Probability of Failure on Deman) for each layer is given below: Layer 1 Process design : PFD 1 Layer 2: Basic controls.

In this case. frequency of the consequence occurring for scenario. Compare the resulted frequency with the risk tolerance level ... the risk tolerance level for a runaway reaction leading to vessel rupture is 10-5/yr .



. with   the risk tolerance level (/yr) .. frequency of the consequence occurring for scenario. Compare the resulted frequency..

001   3 =   3 4 0.1 to 0.00001 Highest = . probability of failure of SIS will be lowest with highest level IL as given below: SIL LEVEL PFD Integrity / Reliability of SIS 1 0.001 to 0.0001 to 0. t is Safety Integrity Level (SILs)? fety Integrated Level (SIL) is a measure of reliability & integrity for respective Safety instrumented system when a process demand occurs.0001   Highest = 4 0.01 to 0.01 Lowest = 2   2 0.