Chemical Engineering Plant Design CHE 441
Lectu re 4
Dr. Asim Kh an
Assistant Professor
Risk Assessment & Safety
Risk Assessment & Safety
Assignment Submission
https://www.easychair.org/conferences/?c onf=cepd14
Hazard & Risk
Hazard
the property of a substance or situation with the potential for creating damage.
Risk
the likelihood of a specific effect within a specified period
complex function of probability of probability , consequences and onsequences and vulnerability
Material Hazards
Short term (Safety hazard)
Long term (Health and hygiene hazard)
Permissible limits
LD50
Threshold limit value
Sources of exposure
Inhalation (Cutting, Grinding, volatile liquids, gases)
Pumps and valves
Filling of tanks
Maintenance of closed systems
Annual
MSDS
Fire and Explosion Hazard
Flammable liquids, gases, dust
Lower flammable limits (LFL)
Upper flammable limits (UFL)
Limiting oxygen index (LOI)
Auto ignition temperature (AIT) Flash point
Fire and Explosion Hazard
Types of Fire
Description
A
ordinary combustibles including paper, wood, clothe rubber and many plastics
B
petroleum or flammable liquids and gases, paints, solvents and greases
C
energized electrical equipment/ circuits
D
Chemicals and metals like magnesium, potassium, lithium and Sodium
Fire fighting
Starving
Cooling
Smothering
Intensification of Hazards
Reactors
Runaway reactions
Coolant failure
Rate of exothermic reaction and cooling with temperature
Reducing inventory
Distillation column
Large inventory at boiling
Sequencing
Intensification of Hazards
Heat transfer operations
Location of production and consuming plants
Relief systems
Direct discharge to atmosphere under dilution conditions
Containment
Combustion in flare
Stronger design rather than relief systems
Risk Assessment Risk Analysis Hazard Identification
• ”What if” • HAZOP • ETA
Hazard & Scenario Analysis Likelihood
Consequences
Risk
• FTA • FMEA
I suppose that I should have done that HAZOP Study!
The HAZOP Method
systematic technique for identifying hazards
detect any predictable deviation (undesirable event) in a process or a system.
systematic study of the operations in each process phase.
HAZOP study team
Independent leader (e.g., not from plant studied)
Project engineer/Design Engineer
Plant operation
Discipline engineers
Provide engineering input
Operations representative
Preferred but complete independence not essential
Process Instrument/ electrical Mechanical/ maintenance
HAZOP minute recorder
One of the above
HAZOP Planning and Execution
REPORT Action List HAZOP Report TEAM System Assessment Team Activity PLAN Select Team Examine System Keywords
TRACK ACTIONS HAZOP Review Meeting
CLOSE OUT Record/File Completed Actions
HAZOP - Hazard and operability HAZOP keeps all team members focused on the same topic and enables them to work as a team 1+1=3 NODE: Concentrate on one location in the process PARAMETER : Consider each process variable individually (F, T, L, P, composition, operator action, corrosion, etc.)
GUIDE WORD: Pose a series of standard questions about deviations from normal conditions. operation.
We assume that we know a safe “normal”
HAZOP - Hazard and operability
NODE: Pipe after pump and splitter PARAMETER*: Flow rate GUIDE WORD*: Less (less than normal value) •
DEVIATION: less flow than normal
•
CAUSE: of deviation, can be more than one
•
CONSEQUENCE: of the deviation/cause
•
ACTION: initial idea for correction/ prevention/mitigation
All group members focus on the same issue simultaneously
Production of DAP (continuous process) Valve A
Phosphoric Acid Study line 1 Phosphoric acid delivery line
Valve C Valve B Ammonia Diammonium Phosphate (DAP) Reactor
HAZOP Study Report
Preliminary HAZOP Example Monomer Feed
Cooling Coils
Refer to reactor system shown. The reaction is exothermic. A cooling system is provided to remove the excess energy of reaction. In the event of cooling function is lost, the temperature of reactor would increase. This would lead to an increase in reaction rate leading to additional energy release.
Cooling Water to Sewer
Coolin g Water In
T C
The result could be a runaway reaction with pressures exceeding the bursting pressure of the reactor. The temperature within the reactor is measured and is used to control the cooling water flow rate by a valve. Thermocoupl e
Perform HAZOP Study
HAZOP on Reactor Guide Word NO
REVERSE
MORE
AS WELL AS
OTHER THAN
Deviation
Causes
Consequences
Action
HAZOP on Reactor Guide Word
Deviation
Causes
Consequences
Action
NO
No cooling
Cooling water valve malfunction
Temperature increase in reactor
Install high temperature alarm (TAH)
REVERSE
Reverse cooling flow
Failure of water source resulting in backward flow
Less cooling, possible runaway reaction
Install check valve
MORE
More cooling flow
Control valve failure, operator fails to take action on alarm
Too much cooling, reactor cool
Instruct operators on procedures
AS WELL AS
Reactor product in coils
More pressure in reactor
Off-spec product
Check maintenance procedures and schedules
OTHER THAN
Another material besides cooling water
Water source contaminated
May be cooling ineffective and effect on the reaction
If less cooling, TAH will detect. If detected, isolate water source. Back up water source?
HAZOP Criticality analysis Criticality - combination of severity of an effect and the probability or expected frequency of occurrence. The objective of a criticality analysis is to quantify the relative importance of each failure effect, so that priorities to reduce the probability or to mitigate the severity can be taken. Example formula for Criticality: Cr = P B S Cr : criticality number P: probability of occurrence in an year B: conditional probability that the severest consequence will occur S: severity of the severest consequence
Example values for P, B and S Categories Probability
Cond. Probabil
Severity
P
B
S
Very rare
1
Very low
1
Low
1
Rare
2
Low
2
Significant
2
Likely
3
Significant
3
High
3
Frequent
4
high
4
Very high
4
Decision making Criticality
Judgement
Meaning
Cr < X
Acceptable
No action required
X < Cr < Y
Should be mitigated within a Consider modification reasonable time period unless costs demonstrably outweight benefits
Cr > Y
Not acceptable
Should be mitigated as soon as possible
The values X and Y have to be determined by a decision-maker. It might be necessary to formulate some additional criteria, for instance: every deviation for which the severity is classified as “very high severity” shall be evaluated to investigate the possibilities of reducing the undesired consequences.
Fault Tree Analysis
Graphical representation displaying the relationship between an undesired potential event (top event) and all its probable causes
top-down approach to failure analysis
starting with a potential undesirable event - top event
determining all the ways in which it can occur
mitigation measures can be developed to minimize the probability of the undesired event
Fault tree construction AND gate The AND-gate is used to show that the output event occurs only if all the input events occur OR gate The OR-gate is used to show that the output event occurs only if one or more of the input events occur Basic event A basic event requires no further development because the appropriate limit of resolution has been reached Intermediate event A fault tree event occurs because of one or more antecedent causes acting through logic gates have occurred Transfer A triangle indicates that the tree is developed further at the occurrence of the corresponding transfer symbol Undeveloped event A diamond is used to define an event which is not further developed either because it is of insufficient consequence or because information is unavailable
Basic FTA example: A barrel is being filled from pipe B and Pipe C.
Example Fault Tree
Procedure Procedure for Fault Tree Analysis Define TOP event
Define overall structure.
Explore each branch in successive level of detail.
Perform corrections if required and make decisions
Solve the fault tree
Procedure Define Top Event:
Use P&ID, Process description etc., to define the top event.
If its too broad, overly large FTA will result. E.g. Fire in process.
If its too narrow, the exercise will be costly. E.g. Leak in the valve.
Some good examples are: Overpressure in vessel V, Reactor high temperature safety function fails etc.,
Procedure Procedure for Fault Tree Analysis Define TOP event
Define overall structure.
Explore each branch in successive level of detail.
Perform corrections if required and make decisions
Solve the fault tree
Procedure Procedure for Fault Tree Analysis: Define TOP event
Define overall structure.
Explore each branch in successive level of detail.
Perform corrections if required and make decisions
Solve the fault tree
Procedure Procedure for Fault Tree Analysis: Define TOP event
Define overall structure.
Explore each branch in successive level of detail.
Perform corrections if required and make decisions
Solve the fault tree
Event Tree Analysis Event tree analysis evaluates potential accident outcomes that might result following an equipment failure or process upset known as an initiating event. It is a “forward-thinking” process, i.e. the analyst begins with an initiating event and develops the following sequences of events that describes potential accidents, accounting for both the successes and failures of the safety functions as the accident progresses.
ETA Procedure Step 1: Identification of the initiating event Step 2: Identification of safety function Step 3: Construction of the event tree Step 4: Classification of outcomes Step 5: Estimation of the conditional probability of each branch
Step 6: Quantification of outcomes Step 7: Evaluation
Example Event Tree
Step 1 Identify the initiating event
system or equipment failure
human error
process upset
[Example] “Loss of Cooling Water” to an Oxidation Reactor
Cooling Coils
Reactor Feed
Cooling Water Out
Cooling Water In
Reactor TIC Temperature Controller
Shutdown at T2
Alarm at T1
TIA Thermocouple High Temperature Alarm
Step 3: Construct the Event Tree a. Enter the initiating event and safety functions.
Oxidation reactor high temperature alarm alerts operator at temperature T1
SAFETY FUNCTION
Operator reestablishes cooling water flow to oxidation reactor
Automatic shutdown system stops reaction at temperature T2
INITIATING EVENT: Loss of cooling water to oxidation reactor
FIRST STEP IN CONSTRUCTING EVENT TREE
Step 3: Construct the Event Tree b. Evaluate the safety functions.
SAFETY FUNCTION
Oxidation reactor high temperature alarm alerts operator at temperature T1
INITIATING EVENT: Loss of cooling water to oxidation reactor
Succes s
Operator reestablishes cooling water flow to oxidation reactor
Automatic shutdown system stops reaction at temperature T2
Step 3: Construct the Event Tree b) Evaluate the safety functions.
SAFETY FUNCTION
Oxidation reactor high temperature alarm alerts operator at temperature T1
Operator reestablishes cooling water flow to oxidation reactor
Automatic shutdown system stops reaction at temperature T2
INITIATING EVENT: Loss of cooling water to oxidation reactor
Succes s
If the safety function does not affect the course of the accident, the accident path proceeds with no branch pt to the next safety function.
Step 3: b. Evaluate safety functions.
SAFETY FUNCTION
Oxidation reactor high temperature alarm alerts operator at temperature T1
Operator reestablishes cooling water flow to oxidation reactor
INITIATING EVENT: Loss of cooling water to oxidation reactor
Succes s
Completed !
Automatic shutdown system stops reaction at temperature T2
Step 4: Describe the Accident Sequence
Oxidation reactor high temperature SAFETY alarm alerts FUNCTION operator at temperature T1 B
Operator reestablishes cooling water flow to oxidation reactor
Automatic shutdown system stops reaction at temperature T2
C
D A
Safe condition, return to normal operation
AC Safe condition, process shutdown INITIATING EVENT: Loss of cooling water to oxidation reactor A
ACD Unsafe condition, runaway reaction, operator aware of problem AB Unstable condition, process shutdown ABD Unsafe condition, runaway reaction, operator unaware of problem
Failure Mode and Effect Analysis (FMEA
Specific equipment related
Evaluates the frequency and consequences of failure
Only focuses on component failure and does not consider operators mistakes
Production of H2 from biogas
Failure Mode and Effect Analysis (FMEA N o .
Failure mode
1
Biogas line leak prior to the compressor
2
Desulphurization Unit Failure
3
Desulphurization Unit Failure
Cause
Effects
Controls
Combustible gas detectors and Potential ventilation Mechanical failure fire/explosion systems,periodic line inspection and maintenance High flow shutdown Unable to remove High Biogas flow system to the the heat of Rate or high level desulphurization adsorption resulting of contaminants unit, measurement in fire in the unit of impurities level Unable to remove contaminants, poisoning the reformer and shift Deactivation of the reactor's catalysts. Catalyst in the Reduction in Switch to the desulphurization hydrogen standby system, unit production and increase in purge system resulting in temperature increase
F
C
Recommendations
L
H
Safe Shutdown of the system
L
H
-
H
Control the amount of contaminants in the biogas feed to the desulphurization unit
L
