Transcript ppt -> 2679 kb - IPPC

This project is funded by the European Union
Projekat finansira Evropska Unija
HAZARD IDENTIFICATION
METHODS / Part 2
Antony Thanos
Ph.D. Chem. Eng.
[email protected]
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
Project implemented by Human Dynamics Consortium
Projekat realizuje Human Dynamics Konzorcijum
• What-if
 Setting of questions : “What (will happen) if…?”
for the examination of evolution of undesired
initial events (deviations from design, normal
operation) in small sections of establishment
 Areas covered by questions :
o Equipment failures
o Human errors (sequence of actions etc.)
o Operating conditions deviations from normal
o External events
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• What-if (cont.)
 Examples of questions :
o What-if tank level is very high ? (deviation
from normal)
o What-if gas phase connection valve remains
closed during LPG tank loading ? (human
error)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• What-if (cont.)
 Examples of questions for piping :
o What-if pipe leaks ?
o What-if pipe is plugged ?
o What-if pipe is subject to pressure surge ?
o ……. Please contribute……
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• What-if (cont.)
 Examples of questions for piping : (cont.)
o What-if pipe is subject to sudden flow
interruption (water hammer issues) ?
o What-if pipe is subject to vibration ?
o What-if pipe supports fail ?
o What-if pipe temperature rises ?
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• What-if (cont.)
 Examples of questions for heat exchangers :
o What-if feed temperature increases ?
o What-if flow stops in hot feed ?
o ……. Please contribute……
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• What-if (cont.)
 Examples of questions for heat exchangers :
(cont.)
o What-if flow stops in cold feed ?
o What-if there is excessive fouling ?
o What-if there is tube failure ?
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• What-if (cont.)
 Example What-if table for Road tanker movement during
loading
What if
Tanker
moves
Hazard /
Consequence
Hose rupture,
LPG leak
This Project is funded
by the European Union
Safeguards
Handbrake on
Blocks (shoes)
on tyres
Proposals
Break-away couplings
Project implemented by Human
Dynamics Consortium
• What-if (cont.)
Please apply What-if in vessel
PRV
FI
LC
LIT
HV
LCV
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• What-if (cont.)
 Example What-if table
What if
Level
rises
Hazard /
Consequence
Overpressure
and vessel
failure
Pressure Vessel failure
rises
This Project is funded
by the European Union
Safeguards
Proposals
LIC controls
level in vessel
Install Level Alarm High
(LAH)
Modify HV to
automatically and
remote operated for
shutting vessel feed line
PSV
Install redundant PSV
Project implemented by Human
Dynamics Consortium
• What-if (cont.)
 Example What-if table (cont.)
What if
LIT fails
with no
signal
provided
Hazard /
Consequence
Safeguards
Level control
fails, potential
high level
undetected
LCV fails Level control
and
fails, potential
stucks at high level
position
This Project is funded
by the European Union
Proposals
Install redundant LIT
and alarm for bad
quality level
measurement
LIT provided
indication of
level
Install Level Alarm High
(LAH)
Modify HV to
automatically and
remote operated for
shutting vessel feed line
Project implemented by Human
Dynamics Consortium
• What-if (cont.)
 Advantages :
o Simple
o Applicable even in rather early stage of
design
o Correlates hazards, causes and protection
measures
o General questions can be applied in every
process : e.g. “What will happen if
instrument air supply fails?”
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• What-if (cont.)
 Advantages : (cont.)
o Effectively applied with combination of
check lists
o Limited time requirements (in the order of 8
days for large processes)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• What-if (cont.)
 Disadvantages :
o Not strictly defined
o Success heavily depends on experience of
work team and questions set
o Hazards can be easily overlooked
o No evaluation of deviation cause (e.g. why
tank level is very low, why tanker moved?)
 Can be considered as suitable for Safety
Report, but proper judgment for “what-if”
questions is necessary
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• FMEA (Failure Mode and Effects Analysis)
 Focus on events caused by component failures
and not to deviations of operating parameters
 Bottom-up approach (initial failure to top event)
 Origin from military applications (MIL-P-1629)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• FMEA (cont.)
 FMEA development :
 Identification of sub-systems to be examined
 Identification of equipment/components per subsystem
 Definition of failure type per equipment (failure cause
could also be defined)
 Definition of outcomes per failure (assuming that
protection measures are not in operation)
 Identification of safeguards (protection measures)
 Proposals
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• FMEA (cont.)
 General failure types :
o Failure in operation (e.g. unintended stop of
agitator)
o Failure to operate at prescribed time (e.g.
agitator failure to start when required by
process)
o Failure to cease operation at prescribed time
(e.g. feed valve failure to close after necessary
time to feed reactor – batch process)
o Operation at premature time (e.g. pump starts
before discharge valve opens)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• FMEA (cont.)
 Effects (outcomes) types: Local/System
 Can be complemented with probability
calculations and severity estimation (FMECA
variation of method)
 Applicable widely also in electronics aviation,
space, automobile industry
 Indispensable for reliability concept. Essential
method in Safety Integrity Level (SIL) evaluation
(FMEDA variation of method)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• FMEA (cont.)
Example of simplified results table for LPG road tanker
loading hose
Element
Failure
Effects
Detection/
Proposal
Compensation
(Safeguards)
LPG
Road
tanker
hose
Hose
leaks
LPG leak with
fire
This Project is funded
by the European Union
Regular testing
/ inspection of
hose
Install remote operated
isolation valve in both PG
establishment and road
tanker piping
Project implemented by Human
Dynamics Consortium
• FMEA (cont.)
Please apply FMEA to regulating valve (FCV) at reactor inlet
PRV
FI
LC
LIT
FCV
LCV
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• FMEA (cont.)
 Example FMEA table
Element
Failure
Effects
Detection/
Proposal
Compensation
(Safeguards)
Reactant
flow
control
valve
(FCV)
Failure in
full open
position
This Project is funded
by the European Union
High reactant
flow to reactor
Local flow
indicator (FI) in
feed line
Flow indicator transmitter
(FIT) with signal to DCS and
flow alarm high (FAH)
High level to
reactor,
overpressure
Level indicator
transmitter (LIT)
signal to
Distributed
Control System
(DCS), automatic
level control by
LCV
High/High-High alarm from
level transmitter (LAHH)
Independent high-high level
switch (LSHH) with interlock
to feeding pump operation
Project implemented by Human
Dynamics Consortium
• FMEA (cont.)
 Advantages :
o Strictly defined and systematic method (IEC
60812)
o Direct correlation of hazards and causes
and effects
o Easily applied in systems with simple and inseries failures
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• FMEA (cont.)
 Disadvantages :
o Emphasis only to component failures and
not to deviations caused by failures in other
processes
o Only single failures are used
o Hard to implement in systems where
hazards appear as outcome of failure
combinations (undetectable failures must be
checked for potential hazards in
combination with other failures)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• FMEA (cont.)
 Disadvantages : (cont.)
o Human errors are not easily encountered
(only indirectly by component failures
incurred)
o Not focused on system/process behaviour
o Experienced personnel required
o Time consuming (in the order of 4 weeks for
large systems)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• FMEA (cont.)
 Can be considered as suitable for Safety
Reports under the condition of human errors
taken into account
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Fault tree
 Fault tree development :
o Accident (top event) selection
o Accident causes identification (all
intermediate events contributing to top
event, 1st stage)
o Identification of all events (2nd stage)
contributing to 1st stage events …..
o … down to basic fault events (component
faults)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Fault tree (cont.)
 Top-down approach
 Application of Boolean algebra operands (AND,
OR) for definition of sequence for failures and
errors (incl. human) contributing to accident
 Origin from military application (Bell
laboratories, 1962, Minuteman I ICBM) Missile)
 Applicable in electronics, aviation, space and
nuclear industry, robotics
 Results presented in logic diagram form
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Fault tree (cont.)
 Example : Overfilling of NH3 road tanker
TOXIC RELEASE FROM SAFETY VALVE
4x10-4 per year
AND
OVERFILLING
LOADINGS
200 per year
1x10-6 per year
LEVEL
INDICATOR (LI)
FAILURE
10-3 per year
This Project is funded
by the European Union
OR
2x10-6 per year
AND
OPER.FAILS
TO IDENTIFY LI
FAILURE
10-3 per year
OPERATOR
ABSENT DURING
LOADING
10-6 per year
Project implemented by Human
Dynamics Consortium
• Fault tree (cont.)
 Advantages :
o Well defined (IEC 61025)
o Correlation of hazards and causes
o Combinations of human errors and
equipment failures can be identified
o Accident probability calculations possible, if
failure/error database is available
o Supplement to other techniques (e.g. whatif, HAZOP) for more detailed examination of
causes for significant accidents
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Fault tree (cont.)
 Disadvantages :
o Complete dependence on final accidents
(top events) selected for building trees
o Not all top events guarantied to be identified
o Sequence errors not easily taken into
account
o High experienced personnel and proper
software required
o Time consuming (in the order of 2 months
for large processes)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Fault tree (cont.)
 Can be considered as suitable for Safety
Report, but judgment is necessary on
completion of top events considered
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• HAZOP (HAZard and OPerability) Study
 Hazards and malfunctions are expressed via
deviation of operating parameters from normal
values, or due to human errors, equipment
failures
 Usual parameters to be examined :
o Pressure
o Temperature
o Flow
o Level
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 Usual deviation keywords :
Keywords
Νο
Deviation interpretation
Lack/absence, e.g.
No flow : zero flow
No mixing : mixer failure
More
Value higher than normal, e.g.
More Temperature : higher temperature, e.g. high
temperature in cooling water due to cooling system failure
Less
Value lower than normal, e.g.
Less pressure : Lower pressure, e.g. product withdrawal from
tank while PVV stuck
Reverse
Usually refers to flow with direction reverse to normal
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 Usual deviation keywords (cont.) :
Keywords
Part of
As well as
Before/after
Early/late
Deviation interpretation
Fraction of normal value, usually for solutions concentration
Qualitative increase, as for new phase development, or
presence of impurities (e.g. water in anydrous ammonia,
corrosive)
Errors in operations sequence, e.g. addition of sulphuric acid
before water in dilution tank during solution preparation
Action in wrong time (e.g. early stop of batch reaction)
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 Usual deviation keywords (cont.) :
Keywords
Deviation interpretation
Any event of “Loss of Containment”, not attributed to operation
Loss of
deviation, e.g.
Containment
Leak from tank failure due to weld failure
Collision of road tanker
Utilities
failure
e.g. lack of instrument air or electric power for
pneumatic/motorized valves (lack of control action),
lack of cooling water supply
Environmental Earthquakes, floods, lightnings
Other than
Complete substitution, e.g. wrong stream feed (for example, feed
of propane in butane line)
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 HAZOP examination sessions overview
Step 1
Design
comprehension
Step 2
Systematic
examination of
deviations
Keyword
• NO
• LOW
• HIGH
• AS WELL AS
Parameter
• Flow
• Pressure
• Temperature
Step 3
Comments, proposals
Nr
DEVIATION
CAUSES
CONSEQUENCES SAFEGUARDS
COMMENTS /
PROPOSALS
P-1
P-2
HAZOP Table
HAZOP Team
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 HAZOP steps
Next
section
Unit Section (P&ID)
Design comprehension
Next
parameter
Key-words
application
This Project is funded
by the European Union
Identificatio
n
of deviation
causes
Consequences,
safeguards
identification
Ομάδα
Discussion,
comments,
proposals
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 Unit/Sections (Nodes) identification based on
main activities. Definition of Section
borderlines and related drawings
 Sections identification examples :
o Pipeline from port to tank
o Tank
o Tank pump-house
o Road tanker loading station
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 Main equipment definition per Section
 Equipment example for Road Tanker loading
station :
o Liquid phase piping from pump-house
o Gas phase return piping to tank
o Hoses/loading arms
o Road tanker
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 Before each session, Leader defines Section to
be examined
 An outline of operation for Section has to be
given (appr. 15 min), so that all group
members understand the basic elements of
process examined
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 Example case
PRV
FI
LC
LIT
FCV
LCV
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 HAZOP Table example for feed line :
HAZARD AND OPERABILITY STUDY
Company :
Site :
Unit :
Section:
No
Deviation
High flow
5
ABC S.A.
XYZ Site
U-1234
Reactor feed line
Causes
Drawing :
HAZOP Date :
Work group :
Rev. :
Consequences
Safeguards
S-9871 (31/12/03)
01/10/13
See attendance list
5
Comments,
Recommendations
Failure of feed High level in reactor FI (local indicator) (R) FIT (remote flow
control valve at and potential
transmitters) with flow
LIT (remote
open position overpressure
high alarm (FAH)
indicator
transmitter)
 Please apply HAZOP for high level and high pressure in
reactor
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 HAZOP Table example (cont.):
HAZARD AND OPERABILITY STUDY
Company :
Site :
Unit :
Section:
No
Deviation
High
pressure
76
ABC S.A.
XYZ Site
U-1234
Reactor vessel
Causes
High level in
reactor
Drawing :
HAZOP Date :
Work group :
Rev. :
Consequences
Reactor failure
High
temperature in
feed
Blocked PSV
due to ice
accumulation in
discharge pipe
This Project is funded
by the European Union
Safeguards
PSV
S-9871 (31/12/03)
04/10/13
See attendance list
5
Comments,
Recommendations
(R) As product is very
toxic, include rupture
disc upstream PSV in
order to avoid product
(toxic) dispersion in case
of PSV leakage
(R) Light weight cup in
PSV discharge pine
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 HAZOP Table example (cont.):
HAZARD AND OPERABILITY STUDY
Company :
Site :
Unit :
Section:
No
Deviation
High level
ABC S.A.
XYZ Site
U-1234
Reactor vessel
Causes
Drawing :
HAZOP Date :
Work group :
Rev. :
Consequences
Failure of either Reactor
feed (open) or overpressure
product (closed)
valve
75
This Project is funded
by the European Union
Ομάδα
Safeguards
S-9871 (31/12/03)
04/10/13
See attendance list
5
Comments,
Recommendations
LIT (remote
indicator)
(C) Check that error in
LIT provides error
Level control valve signal to DCS and last
good value is not
(LCV)
retained
(R) Provide level alarm
high (LAH) and high –
LAHH) from LIT signal
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 HAZOP Table example (cont.):
HAZARD AND OPERABILITY STUDY
Company :
Site :
Unit :
Section:
No
Deviation
ABC S.A.
XYZ Site
U-1234
Reactor vessel
Causes
Drawing :
HAZOP Date :
Work group :
Rev. :
Consequences
High level
Comments,
Recommendations
(R) Provide level highhigh switch (LHHS)
from independent level
transmitter forcing trip
of feed pump
75
This Project is funded
by the European Union
Safeguards
S-9871 (31/12/03)
04/10/13
See attendance list
5
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 HAZOP Study organisation
Team
formation
P&IDs
study
 HAZOP team structure
Examination
sessions
o Leader/facilitator
o Recorder (Scribe)
o Members (design, operator, maintenance,
H&S, I&C, inspection)
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 HAZOP Team
o Usually 4-12 members
o Very small groups lack broad disciplines,
o Very large groups proceed very slowly and
have limited discussions between members
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 HAZOP leader
o Facilitator of team operation
o Keeps team on track
o Avoid unnecessary delays (e.g. unclear
issues which need additional information to
be provided in later stage)
o Follows up pending issues
o Experienced in HAZOP method application
o Not necessarily a technical expert on the
process
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
o HAZOP Members disciplines :
o Design
o Operator
o Maintenance
o Health and Safety (H&S)
o Instrumentation and Control (I&C)
o Inspection
o ….
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 HAZOP examination sessions organisation:
o Predefined
o Participants presence verified
o Participants do not leave during meeting
(dedicated time)
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 HAZOP examination sessions :
o Usually 2-3 hours, up to 4-6 hours
o Longer sessions result to actually slower
progress and bad quality of results due to
group fatigue
o Sessions must not be interrupted
o Successive days should be avoided if
possible
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 Necessary support material for examination
session to begin :
o Updated P&IDs
“Carrying out a HAZOP on a incorrect line
diagram is the most useless occupation in
the world”, Trevor Kletz
o Plot plans
o Flow sheets
o Operating manuals, control documentation
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 Necessary support material for examination
session to begin (cont.) :
o ESD procedures
o Equipment specifications
o SDS
o Accident reports
 Support material available to HAZOP team at
least 1 week before sessions to begin
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 HAZOP examination session room :
o Sufficient space, isolated from other
activities
o Big table available
o Laptop for HAZOP table entry during
session
o Wall/floor stand for drawings
o Projector for clarifications presentation (if
necessary, especially in large groups)
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 Advantages :
o Well defined (IEC 61882)
o Widely applied and recognised
o Systematic and comprehensive nevertheless creative- technique
o System (process) oriented (developed by ICI)
o Covers both causes and effects of hazards,
along with safeguards, in a robust format
o Human errors and equipment failures can
be identified
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 Disadvantages :
o Mature design data are needed (not suitable
for early design stages)
o Interactions between sections not
straightforward examined
o Special hazards need use of special
keywords
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 Disadvantages : (cont.)
o Rather time consuming (in the order of 4
weeks for large processes)
o Plant layout issues not inherently taken into
account
 Can be considered as suitable for Safety
Reports
Nevertheless, please do not forget …
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• HAZOP (cont.)
 “A HAZOP is no substitute for knowledge and
experience. It is not a sausage machine which
consumes line diagrams and produces lists of
modifications. It merely harnesses the
knowledge and experience of the team in a
systematic and concerned way”, Trevor Kletz
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Event tree
 Logic evolution of potential outcomes (top
event) of an initial event
 Bottom-up approach
 Results in tree form (sequence of failures
leading to accident)
 Safety measures taken into account
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Event tree (cont.)
 Development of event tree :
o Selection of initial events, such as :
process upset (e.g. high pressure)
equipment failure (e.g. hose rupture)
human error (e.g. closure of valve at
pump discharge)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Event tree (cont.)
 Development of event tree : (cont.)
o For each initial event, identification of safety
measures, such as :
 equipment for prevention of further escalation of
upsets (e.g. PSV for high pressure upset,
emergency shut down systems)
 alarms (if mitigation actions are possible)
 operator actions (e.g. operator closes remoteoperated isolation valves in loading station and
road tanker)
 mitigation equipment (e.g. water courtains)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Event Tree (cont.)
 Example case for high flow to reactor (assuming
containing LPG)
PRV
FI
LC
LIT
FCV
LCV
This Project is funded
by the European Union
Ομάδα
Project implemented by Human
Dynamics Consortium
• Event tree (cont.)
 Example tree
INITIAL
LCV
EVENT
PSV
IGNITION
LCV
OPERATES
HIGH
FLOW
LCV FAILS
SAFE
PSV OPENS IMMEDIATE
DELAYED
PSV FAILS
This Project is funded
by the European Union
TOP EVENT
JET FLAME
FLASH
FIRE/UCVE
BLEVE
(FIREBALL)
Project implemented by Human
Dynamics Consortium
• Event tree (cont.)
 Usually used in categorisation of final accidents
(top events) per initial release identified (e.g. jet
flame after failure of pipeline due to corrosion)
 Typical top events :
Pool fire,
BLEVE (fire ball)
Flash fire
UVCE
Toxic dispersion Missiles
 Technique in the borderline of hazard
identification and consequence analysis
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Event tree (cont.)
 Advantages :
o Can be combined with probabilities
calculation for initial event and conditions
for top event calculations
o Can be used in combination with Fault Trees
 Disadvantages :
o Total dependence on initial event selection
o Very complex in large processes
o Time consuming (8 weeks for large
processes)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Bow-Tie
 Combination of Fault Tree and Event Tree
 Development of Bow-Tie :
o Selection of critical event
o Identification of causes leading to critical event
(fault tree side)
o Identification of development of critical event to
top event/final accident (event tree side)
o Safety measures (safety barriers) included :
o prevention (fault tree side)
o mitigation/recovery (event tree side)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Bow-tie simplified example, LPG hose rupture
Tanker
moves
MITIGATION
BARRIERS
Handbreak
on
Break-away
couplings
Remote
isolation
valves
Ignition
control
Deluge
system
TOP EVENT
(final accident)
Safe
dispersion
OR
HOSE
RUPTURE
THREATS
PREVENTION
BARRIERS
Material
failure
Flash fire
VCE
(ignition
outside)
Inspection
Jet flame/
BLEVE
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Bow-Tie
 Advantages :
o Effective in early stage of design for
identification of safety measures required
o Easy to develop, understand and
communicate (graphical illustration of
problem)
o Not high expertise necessary
o Visible links to competencies, systems
compoments, HSE issues
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Bow-Tie
 Disadvantages :
o Total dependence on top event selection
o Very complex in large processes,
oversimplifications possible
o Possible confusion on relation of mitigation
measures with initial causes
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Conclusion for Hazard Identification Methods
 Not suit fits all
 Technique selection depends on:
o project maturity stage (concept, early
design, detailed design, existing
establishment)
o system complexity
o required outcomes (quantitative/ qualitative
results)
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Literature for Hazard Identification Methods
 Lees’ Loss Prevention in the Process Industries, Elsevier Butterworth
Heinemann, 3nd Edition, 2005
 Guidelines for Hazard Evaluation Procedures, CCPS-AICHE, 2nd Edition,,
1995
 Procedures for performing Effective pre-Startup Safety Reviews, CCPSAICHE, 2007
 HSL, Review of Hazard Identification Techniques, HSL/2005/58
 Nolan D., Application of HAZOP and What-if Safety Reviews to the
Petroleum, Petrochemical and Chemical Industries, Noyes Publications,
1994
 Vincoly J., Basic Guide to System Safety, John Wiley and Sons, 2 nd
Edition, 2006
 DOE Handbook, Chemical Process Hazards Analysis, US DOE, DOEHDBK-1100-2004
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Literature for Hazard Identification Techniques
(cont.)
 Methods for Determining and Processing Probabilities, Red Book,
CPR12E, VROM, 2005
 RIVM, Reference Manual Bevi Risk Assessments, 2009
 DOW Fire and Explosion Index, AICHE, 7th Edition, 1994
 The basics of FMEA, CRC Press, 2 nd Edition, 2009
 Guide Dépôts de Liquides Inflammables, Groupe de Travail Dépôt de
Liquides Inflammables (GTDLI), 2008 (in French, default fault trees
included)
 Syed Zaiful Hamzah, ABS Group, Use Bow Tie Tool for Easy Hazard
Identification, 14th Asia Pacific Confederation of Chemical Engineering
Congress Singapore, 21-24 February 2012
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium
• Literature for Hazard Identification Techniques
(cont.)

API RP 14C, Recommended Practice for Analysis, Design, Installation
and Testing of Basic Surface Safety Systems for Off-shore Production
Platforms, 7th Edition, 2001
 API RP 14J, Recommended Practice for Design and Hazard Analysis for
Off-shore Production Facilities, 2nd Edition, 2001
 IEC 31010, Risk Management -Risk Assessment Techniques, 2009
 IEC 60300, Dependability management , Part 3-1 Application guide –
Analysis techniques for dependability – Guide on methodology, 2003
 IEC 60812, Analysis techniques for system reliability – Procedure for
failure mode and effects analysis (FMEA), 2nd Edition, 2006
 IEC 61025, Fault Tree Analysis (FTA), 2nd Edition, 2006
 IEC 61882, Hazard and Operability Studies (HAZOP), Application Guide,
2001
This Project is funded
by the European Union
Project implemented by Human
Dynamics Consortium