Innovation and Science:

Safety and Risk Management in Process plants

Avoiding incidents in process plants is of central importance nowadays for several reasons: one the one hand the economic damage connected with it, especially production losses, can be considerable, and on the other hand the acceptance and tolerance of authorities and the public regarding hazards or damage to persons and the environment is low.

The sensitisation of the public in particular goes back to major damage events of the process industry during the last decades, for example Seveso 1976, Bhopal 1984, the destruction of the North Sea oil rig Piper Alpha in 1988, the tank farm fire in Buncefield / England in 2005 or the explosion in the USA Texas City refinery in 2005. But the accidents did have consequences.

Although the economic damage was normally covered by insurances, the insurers afterwards demanded increased efforts from the insured companies to prevent such cases in future. For apart from the humanitarian and ecological consequences one thing became clear quickly: Without a sound safety and risk management in producing industrial plants the possible amounts of damages exceed acceptable actuarial probabilities.

Hazard identification and risk analysis

The objective of a risk analysis is to get a general overview of the existing risks of a plant and to recognize any need for action required. For this one considers the effects on persons, the environment and material goods which can be caused through deviations from the intended operation.

Protective layer schematics as used in process plants (Multilayered safety precautions)

The safe operation of plants as we see it today requires a systematic approach in order to reliably recognize and minimize risks. The steps needed for this are the recognition of the causes of incidents, the assessment of the consequences (extent of damage), determination of counter measure, assessment of the probability of occurrence and a risk assessment according to the generally accepted definition of risk = probability of occurrence x extent of damage.

There are several methods for performing a systematic hazard and risk analysis whose application depends mainly on the required depth of the analysis and the time of the performance (first concept phase, design phase, existing installation etc.). During the concept phase check list methods are often the suitable way for identifying possible risks at an early stage.

These methods can still be extended by elements of an intuitive method, for example of the “what if” procedure. This combines the advantages of both methods – namely the given structures of the check list procedure with the creativity of the “what if” procedure. The analytic method used mostly in process technology, which is being used both in the design phase as well as for existing installations, is the so-called HAZOP procedure, named after the initial syllables of the terms “hazard“ and “operability“. This method uses - irrespective of the problem or the system under consideration – the following approach:

Dissection of the system into manageable functional units or action sequences
Formulation of the corresponding “reference functions“, which precisely describe verbally the purpose of the unit considered or the individual steps of the action sequence as requirement (“reference“)
Application of the so-called “control words“ no/not, more, less, both ... and, partly, reverse, other than to the previously formulated “reference functions“, thus systematic “generation“ of hypothetical deviations from the intended operating conditions
Discovery of the causes by applying the hypothetical deviations to the system examined and finding of real causes
Assessment of the effects, i.e. finding out the consequences of the deviation without taking into consideration counter measures
Assessment of existing counter measures and decision about their appropriateness or determination of additional measures required

The last step – assessing the appropriateness of the counter measures – represents the actual risk assessment. This can be done purely qualitatively, based on the knowledge and experience of the persons involved. But one can also use other methods:

Application of calibrated risk landscapes
semi-quantitative methods like the layer-of-protection analysis
Application of risk graphs for facilities of functional safety (plant safety by means of process control)

Functional safety

Process control (PLT) plays a major role in modern plants. With the increasing complexity of process plants safety tasks are being performed to a considerable extent by process control.

Risk Assessment Chart: Functional Safety

The function and demands of the PLT facilities deployed in a plant must be structured systematically and clearly defined. Safeguarding process plants by means of PLT requires a clear distinction between the safety-relevant tasks and other operational tasks. A high availability of safety facilities can be achieved through:

Use of reliable appliances and proven installation technology
Regular maintenance and inspection of the components
Short fault recognition times
Use of trained special staff and short repair times
Use of redundancy or diversity

Safety management and human error

For the production in process plants the most divergent organisational and practical work processes and procedures must take place. These can be for example

Installation and commissioning
Operation and monitoring of the plants
Specification of working/operating instructions
Qualification, training and management of staff
Dealing with changes/modifications (management of change)
Decisions and reactions in case of an incident etc.

All these processes are to be determined and the organisational procedures connected with it must be regulated. For this a suitable organization must be in place, especially with

a clear regulation of who is responsible for what
a clear description of the procedures and activities
a time plan/follow-up of results
determination of the work equipment and methods to be used
specifications regarding qualification, qualifying and training of staff

Numerous publications have shown that most of the incidents in process plants are ultimately due to defects in the safety culture (safety management, actual importance given to plant safety in an organization). These defects prepare the way for the causes, whether they are human or technical, . which actually trigger the incidents.

Risk based inspection

One understands by “risk based inspection“ (RBI) a systematic process for analysing hazard mechanisms of plant components under pressure and the probability of an accompanying break-down on the one hand, and of the consequences of such a break-down (seen from the safety technology and economic aspect) on the other hand. The method had its origins in the Anglo-American world, but during the last years corresponding European models were also developed, which take into consideration the safety philosophy prevailing over here.

The basic idea is to specify the necessary inspections and tests for plant components under pressure in relation to the probability of a break-down and the consequences of a break-down. This allows the step from purely time-limit conditioned to component-specific inspection activities and time limits. A great advantage of the RBI process is the systematic and detailed analysis of possible hazard mechanisms, which quasi establishes a corrosion management system.

Advice and support for the application

The plant safety group of TÜV AUSTRIA has been studying systematically methods and processes for determining risks and for increasing the safety and availability of process plants for years. The clients are offered complete solutions in a competent manner when introducing and implementing such processes and methods.

E-Mail: prr@tuv.at

TÜV AUSTRIA ACADEMY:

„Ausbildung zum/r zertifizierten Risikomanager/in"

Vienna: 02.-04.04.2008 oder 20.-22.10.2008

Information:

Susanne Kolm

01/6175250-8193

oder kol@tuv.at

sowie http://www.tuv-akademie.at/