8/9/2019 Lecture-4 Risk Assessment and Safety
1/49
Chemical Engineering Plant DesignCHE 441
Dr. Asim Kh an
Assistant ProfessorEmail: [email protected]
Lectu re 4
8/9/2019 Lecture-4 Risk Assessment and Safety
2/49
Risk Assessment & Safety
8/9/2019 Lecture-4 Risk Assessment and Safety
3/49
Assignment Submission
https://www.easychair.org/conferences/?conf=cepd14
3
https://www.easychair.org/conferences/?conf=cepd14https://www.easychair.org/conferences/?conf=cepd14https://www.easychair.org/conferences/?conf=cepd14https://www.easychair.org/conferences/?conf=cepd14https://www.easychair.org/conferences/?conf=cepd14
8/9/2019 Lecture-4 Risk Assessment and Safety
4/49
Hazard & Risk
Hazardthe property of a substance or situation
with the potential for creating damage.
Risk
the likelihood of a specific effect within
a specified period complex function of probability ,
consequences and vulnerability
4
8/9/2019 Lecture-4 Risk Assessment and Safety
5/49
Material Hazards
5
Short term (Safety hazard)
Long term (Health and hygiene hazard)
Permissible limits
LD50
Threshold limit value Sources of exposure
Inhalation (Cutting, Grinding, volatile liquids, gases)
Pumps and valves
Filling of tanks
Maintenance of closed systems
Annual
MSDS
8/9/2019 Lecture-4 Risk Assessment and Safety
6/49
Fire and Explosion Hazard
6
Flammable liquids, gases, dust
Lower flammable limits (LFL)
Upper flammable limits (UFL)
Limiting oxygen index (LOI)
Auto ignition temperature (AIT) Flash point
8/9/2019 Lecture-4 Risk Assessment and Safety
7/49
8/9/2019 Lecture-4 Risk Assessment and Safety
8/49
8
8/9/2019 Lecture-4 Risk Assessment and Safety
9/49
Intensification of Hazards
9
Reactors
Runaway reactions Coolant failure
Rate of exothermic reaction and cooling with
temperature
Reducing inventory
Distillation column
Large inventory at boiling Sequencing
8/9/2019 Lecture-4 Risk Assessment and Safety
10/49
Intensification of Hazards
10
Heat transfer operations
Location of production and consuming plants
Relief systems
Direct discharge to atmosphere under dilutionconditions
Containment
Combustion in flare
Stronger design rather than relief systems
8/9/2019 Lecture-4 Risk Assessment and Safety
11/49
Risk Assessment
11
Risk Analysis
Hazard Identification
Hazard & Scenario Analysis
Likelihood Consequences
Risk
• ”What if” • HAZOP
• ETA• FTA• FMEA
8/9/2019 Lecture-4 Risk Assessment and Safety
12/49
I suppose that I
should have done that
HAZOP Study!
8/9/2019 Lecture-4 Risk Assessment and Safety
13/49
The HAZOP Method
13
systematic technique for identifying hazards detect any predictable deviation (undesirable
event) in a process or a system.
systematic study of the operations in eachprocess phase.
8/9/2019 Lecture-4 Risk Assessment and Safety
14/49
HAZOP study team
Independent leader (e.g., not from plant studied) Preferred but complete independence not essential
Project engineer/Design Engineer Provide engineering input
Operations representative Plant operation Discipline engineers
Process
Instrument/ electrical
Mechanical/ maintenance HAZOP minute recorder
One of the above
8/9/2019 Lecture-4 Risk Assessment and Safety
15/49
15
HAZOP Planning and Execution
PLAN
Select Team
Examine System
Keywords
CLOSE OUT
Record/File
Completed
ActionsTRACK
ACTIONSHAZOP
Review
Meeting
TEAM
System
Assessment
Team Activity
REPORT
Action List
HAZOP
Report
8/9/2019 Lecture-4 Risk Assessment and Safety
16/49
16
HAZOP - Hazard and operability
HAZOP keeps all team
members focused on the
same topic and enables
them to work as a team
1 + 1 = 3
NODE: Concentrate on one location in the process
PARAMETER : Consider each process variable individually(F, T, L, P, composition, operator action, corrosion, etc.)
GUIDE WORD: Pose a series of standard questions about deviationsfrom normal conditions. We assume that we know a safe “normal”
operation.
8/9/2019 Lecture-4 Risk Assessment and Safety
17/49
17
HAZOP - Hazard and operability
NODE: Pipe after pump and splitter
PARAMETER*: Flow rate
GUIDE WORD*: Less (less than normal value)
• DEVIATION: less flow than normal
• CAUSE: of deviation, can be more than one
• CONSEQUENCE: of the deviation/cause
• ACTION: initial idea for correction/
prevention/mitigation
All group
members focus
on the sameissue
simultaneously
8/9/2019 Lecture-4 Risk Assessment and Safety
18/49
Production of DAP (continuous process)
Ammonia
Valve B
Reactor
Diammonium
Phosphate
(DAP)
Valve C
Valve A
Phosphoric Acid
Study line 1Phosphoric acid delivery line
8/9/2019 Lecture-4 Risk Assessment and Safety
19/49
HAZOP Study Report
8/9/2019 Lecture-4 Risk Assessment and Safety
20/49
Preliminary HAZOP Example
T
C
Cooling
Coils
Monomer
Feed
Cooling
Water
to Sewer
Coolin
g Water
In
Thermocoupl
e
Refer to reactor system shown.
The reaction is exothermic. A coolingsystem is provided to remove the excessenergy of reaction. In the event of cooling
function is lost, the temperature ofreactor would increase. This would leadto an increase in reaction rate leading toadditional energy release.
The result could be a runaway reactionwith pressures exceeding the bursting
pressure of the reactor. The temperaturewithin the reactor is measured and isused to control the cooling water flowrate by a valve.
Perform HAZOP Study
8/9/2019 Lecture-4 Risk Assessment and Safety
21/49
HAZOP on Reactor
Guide Word Deviation Causes Consequences Action
NO
REVERSE
MORE
AS WELL AS
OTHER THAN
8/9/2019 Lecture-4 Risk Assessment and Safety
22/49
HAZOP on Reactor
Guide Word Deviation Causes Consequences Action
NO No cooling Cooling watervalve malfunction
Temperatureincrease in reactor
Install hightemperature
alarm (TAH)
REVERSE Reverse
cooling flow
Failure of water
source resulting
in backward flow
Less cooling,
possible runaway
reaction
Install check
valve
MORE More cooling
flow
Control valve
failure, operator
fails to take action
on alarm
Too much cooling,
reactor cool
Instruct
operators on
procedures
AS WELL AS Reactor
product in
coils
More pressure in
reactor
Off-spec product Check
maintenance
procedures andschedules
OTHER THAN Another
material
besides
cooling water
Water source
contaminated
May be cooling
ineffective and
effect on the
reaction
If less cooling,
TAH will detect.
If detected,
isolate water
source. Back up
water source?
8/9/2019 Lecture-4 Risk Assessment and Safety
23/49
Criticality - combination of severity of an effect and the probability
or expected frequency of occurrence.
The objective of a criticality analysis is to quantify the relative
importance of each failure effect, so that priorities to reduce the
probability or to mitigate the severity can be taken.
Example formula for Criticality:
Cr = P B S
Cr : criticality numberP: probability of occurrence in an year
B: conditional probability that the severest consequence will occur
S: severity of the severest consequence
HAZOP Criticality analysis
8/9/2019 Lecture-4 Risk Assessment and Safety
24/49
Categories
ProbabilityP
Cond. ProbabilB
SeverityS
Very rare 1 Very low 1 Low 1
Rare 2 Low 2 Significant 2
Likely 3 Significant 3 High 3
Frequent 4 high 4 Very high 4
Example values for P, B and S
8/9/2019 Lecture-4 Risk Assessment and Safety
25/49
Criticality Judgement Meaning
Cr < X Acceptable No action required
X < Cr < Y Consider modification
Should be mitigated within a
reasonable time period unless costsdemonstrably outweight benefits
Cr > Y Notacceptable
Should be mitigated as soon aspossible
The values X and Y have to be determined by a decision-maker. Itmight be necessary to formulate some additional criteria, for instance:
every deviation for which the severity is classified as “very high
severity” shall be evaluated to investigate the possibilities of reducing
the undesired consequences.
Decision making
8/9/2019 Lecture-4 Risk Assessment and Safety
26/49
Fault Tree Analysis
Graphical representation displaying the relationship
between an undesired potential event (top event) and
all its probable causes
top-down approach to failure analysis
starting with a potential undesirable event - top event
determining all the ways in which it can occur
mitigation measures can be developed to minimize the
probability of the undesired event
8/9/2019 Lecture-4 Risk Assessment and Safety
27/49
Fault tree construction
AND gateThe AND-gate is used to show that the output event occurs only if
all the input events occur
OR gate
The OR-gate is used to show that the output event occurs only if one or more of the input events occur
Basic event
A basic event requires no further development because theappropriate limit of resolution has been reached
Intermediate event
A fault tree event occurs because of one or more antecedentcauses acting through logic gates have occurred
Transfer
A triangle indicates that the tree is developed further at theoccurrence of the corresponding transfer symbol
Undeveloped event
A diamond is used to define an event which is not further developed either because it is of insufficient consequence or because information is unavailable
8/9/2019 Lecture-4 Risk Assessment and Safety
28/49
Basic FTA example: A barrel is being filled from pipe B and Pipe C.
8/9/2019 Lecture-4 Risk Assessment and Safety
29/49
Example Fault Tree
8/9/2019 Lecture-4 Risk Assessment and Safety
30/49
Procedure
Procedure for Fault Tree Analysis
Define TOP
event
Define overall
structure.
Explore each
branch in
successive levelof detail.
Solve the fault
tree
Perform
corrections if
required and
make decisions
8/9/2019 Lecture-4 Risk Assessment and Safety
31/49
Procedure
Define Top Event: Use P&ID, Process description etc., to define the top event.
If its too broad, overly large FTA will result. E.g. Fire in process.
If its too narrow, the exercise will be costly. E.g. Leak in the valve.
Some good examples are: Overpressure in vessel V, Reactor hightemperature safety function fails etc.,
8/9/2019 Lecture-4 Risk Assessment and Safety
32/49
Procedure
Procedure for Fault Tree Analysis
Define TOP
event
Define overall
structure.
Explore each
branch in
successive level
of detail.
Solve the fault
tree
Performcorrections if
required and
make decisions
8/9/2019 Lecture-4 Risk Assessment and Safety
33/49
Procedure
Procedure for Fault Tree Analysis:
Define TOP
event
Define overall
structure.
Explore each
branch in
successive levelof detail.
Solve the fault
tree
Perform
corrections if
required and
make decisions
8/9/2019 Lecture-4 Risk Assessment and Safety
34/49
Procedure
Procedure for Fault Tree Analysis:
Define TOP
event
Define overall
structure.
Explore each
branch in
successive levelof detail.
Solve the faulttree
Perform
corrections ifrequired and
make decisions
8/9/2019 Lecture-4 Risk Assessment and Safety
35/49
Event tree analysis evaluates potential accident
outcomes that might result following an equipment
failure or process upset known as an initiatingevent. It is a “forward-thinking” process, i.e. the
analyst begins with an initiating event and
develops the following sequences of events that
describes potential accidents, accounting for boththe successes and failures of the safety functions
as the accident progresses.
Event Tree Analysis
8/9/2019 Lecture-4 Risk Assessment and Safety
36/49
Step 1: Identification of the initiating event
Step 2: Identification of safety function
Step 3: Construction of the event tree
Step 4: Classification of outcomes
Step 5: Estimation of the conditional probability of each branch
Step 6: Quantification of outcomes
Step 7: Evaluation
ETA Procedure
8/9/2019 Lecture-4 Risk Assessment and Safety
37/49
8/9/2019 Lecture-4 Risk Assessment and Safety
38/49
Example Event Tree
8/9/2019 Lecture-4 Risk Assessment and Safety
39/49
Step 1 Identify the initiating event
system or equipment failure
human error
process upset
[Example]
“Loss of Cooling Water”
to an Oxidation Reactor
8/9/2019 Lecture-4 Risk Assessment and Safety
40/49
Reactor
TIA
TIC
AlarmatT1
Cooling Coils
Thermocouple
High Temperature Alarm
TemperatureController
Reactor Feed
Cooling Water Out
CoolingWater In
Shutdown atT2
8/9/2019 Lecture-4 Risk Assessment and Safety
41/49
Step 3: Construct the Event Tree
a. Enter the initiating event and safety functions.
SAFETYFUNCTION
Oxidation reactor
high temperature
alarm alerts
operator
at temperature T1
Operator
reestablishes
cooling water flow
to oxidationreactor
Automatic
shutdown system
stops reaction attemperature T2
INITIATING EVENT:
Loss of cooling waterto oxidation reactor
FIRST STEP IN CONSTRUCTING EVENT TREE
8/9/2019 Lecture-4 Risk Assessment and Safety
42/49
Step 3: Construct the Event Tree
b. Evaluate the safety functions.
SAFETYFUNCTION
Oxidation reactorhigh temperature
alarm alerts
operator
at temperature T1
Operatorreestablishes
cooling water flow
to oxidation
reactor
Automatic
shutdown system
stops reaction at
temperature T2
INITIATING EVENT:
Loss of cooling water
to oxidation reactor
REPRESENTATION OF THE FIRST SAFETY FUNCTION
Succes
s
Failure
8/9/2019 Lecture-4 Risk Assessment and Safety
43/49
Step 3: Construct the Event Tree
b) Evaluate the safety functions.
SAFETYFUNCTION
Oxidation reactor
high temperaturealarm alerts
operator
at temperature T1
Operator
reestablishescooling water flow
to oxidation
reactor
Automaticshutdown system
stops reaction at
temperature T2
INITIATING EVENT:
Loss of cooling water
to oxidation reactor
REPRESENTATION OF THE SECOND SAFETY FUNCTION
Succes
s
Failure
If the safety function does not affect the course of the
accident, the accident path proceeds with no branch
pt to the next safety function.
8/9/2019 Lecture-4 Risk Assessment and Safety
44/49
Step 3: b. Evaluate safety functions.
SAFETYFUNCTION
Oxidation reactor
high temperaturealarm alerts
operator
at temperature T1
Operator
reestablishescooling water flow
to oxidation
reactor
Automaticshutdown system
stops reaction at
temperature T2
INITIATING EVENT:
Loss of cooling water
to oxidation reactor
COMPLETED EVENT TREE
Succes
s
Failure
Completed !
8/9/2019 Lecture-4 Risk Assessment and Safety
45/49
Step 4: Describe the Accident Sequence
SAFETYFUNCTION
Oxidation reactor
high temperaturealarm alerts
operator
at temperature T1
Operator
reestablishescooling water flow
to oxidation
reactor
Automatic
shutdown system
stops reaction at
temperature T2
INITIATING EVENT:
Loss of cooling water
to oxidation reactor
ACCIDENT SEQUENCES
Safe condition,return to normaloperation
Safe condition,process shutdown
Unsafe condition,runaway reaction,
operator aware ofproblem
Unstable condition,process shutdown
Unsafe condition,runaway reaction,operator unawareof problem
B
A
C D
A
AC
ACD
AB
ABD
8/9/2019 Lecture-4 Risk Assessment and Safety
46/49
Failure Mode and Effect Analysis (FMEA
46
Specific equipment related
Evaluates the frequency and consequences of
failure
Only focuses on component failure and does not
consider operators mistakes
8/9/2019 Lecture-4 Risk Assessment and Safety
47/49
47
Production of H2 from biogas
8/9/2019 Lecture-4 Risk Assessment and Safety
48/49
48
N
o
.
Failure mode Cause Effects Controls F C Recommendations
1
Biogas line leak
prior to the
compressor
Mechanical failure Potential
fire/explosion
Combustible gas
detectors and
ventilation
systems,periodic
line inspection and
maintenance
L H Safe Shutdown of the
system
2
Desulphurization
Unit Failure
High Biogas flow
Rate or high levelof contaminants
Unable to remove
the heat of
adsorption resultingin fire in the unit
High flow shutdown
system to the
desulphurizationunit, measurement
of impurities level
L
H
-
3 Desulphurization
Unit Failure
Deactivation of the
Catalyst in the
desulphurizationunit
Unable to remove
contaminants,
poisoning the
reformer and shift
reactor's catalysts.
Reduction in
hydrogenproduction and
increase in purge
system resulting in
temperature
increase
Switch to the
standby system,L H
Control the amount of
contaminants in the
biogas feed to thedesulphurization unit
Failure Mode and Effect Analysis (FMEA
8/9/2019 Lecture-4 Risk Assessment and Safety
49/49
N
o
.
Failure mode Cause Effects Controls F C Recommendations
4
Biogas Compressor
high discharge
pressure
Instrument failureOverpressure in
the reformer
Opening of
pressure relief
valve on the
compressor and
reformer
L H -
5 No Steam
Mechanical failure,
failure in utilitysystem
No steam in the
reformer, plugging
of the catalyst and
coke formation inthe tube side,
resulting in tube
side failure
Shutdown of the
system L M
Increase redundancy
in the instrumentatrionsystem
6 Low quality steam
Failure in
deionization unit of
the utility system
Congestion of the
catalyst in the
reactors, plugging
in the pipelines
Installing
conductivity
analyzer in the
steam inlet
L L -
Failure Mode and Effect Analysis (FMEA