Safety Management System Performance Based on Organizational Factors of “Seveso” sites
Download ReportTranscript Safety Management System Performance Based on Organizational Factors of “Seveso” sites
Safety Management System Performance Based on Organizational Factors of “Seveso” sites Papadakis Georgios A., Kokkinos Konstantinos G. & Machaira Paschalia P. Industrial Risk Management Dept. of Production Engineering and Management Technical University of Crete (TUC), Chania, Greece TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA Purpose Of the Study • Development and analysis of an integrated model of Safety Management Systems (SMS) in “Seveso” sites for the control of major-accident hazards involving dangerous substances. • Linkage of the events of a Fault Tree to SMS and quantification of SMS performance through measuring reliability and performance of system elements and safety related procedures. TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA The SMS elements F COR CEN COM F COM Training Needs GP RAL PS ORK RAL RR Training (Management & Personnel) Equipment Performance PS OL Audit Overall Performance Rel.Data/Systems Perf.Data OK Planned Eq.&Pr.Changes Yes TK OL Training Needs Problem Identification QA-Perf. Evaluation TU GP Systems Performance Data Monitoring Performance RR COR CEN TU QA-Perf. Evaluation No OWN ORK CEN F OWN TK COM CEN COR COM TU F COR CEN COM QA-Perf.Evaluation GP Resource Alloc. RAL Available Resources PS OL Problem Identification Management & Leadership Overall Performance Problem Identification AS/CZ/RE PCMM Training Needs OWN ORK CEN F COM RAL RR PS PS F Training Needs ORK RAL RR Formalization Coordination OWN Training Needs GP Personnel Selection OL TK GP Roles-Respons. RR Emergency Planning TU Goal Prioritization Policy/Goals COR Plant Data/Systems Perf. Systems Perf. Data QA-Perf.Evaluation OWN TK F COR ORK TK COR CEN COM Problem Identification Training Needs Problem Identification Operations OL TU Training Needs GP RAL RAL RR Problem Identification Risk Assessment Problem Identification RR PS QA-Perf.Evaluation Maintenance PS Accident Scenarios/Consequence Zones/Risk Evaluation OL Corrective Maintenance Eq.&Struct. Monitoring Preventive, Control and Mitigation Measures OL OWN RAC ORK TK Equipment Performance Prev. Maintenance/Test OWN TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA ORK TK The SMS factors • 30 principal organizational and management factors related to the safety management. • 16 organizational factors proposed in nuclear safety research and catalogued in five general categories: 1. 2. 3. 4. 5. • decision making communications human resource allocation administrative knowledge Culture 14 management & other organizational factors not in taxonomy on the basis of the most important activities in operations with dangerous substances. TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA The SMS factors Organizational factors Decision Making: Centralization (CEN), Goal Prioritization (GP), Problem Identification (PI), Organizational Learning (OL), Resource Allocation (RAL) Communications: Communication (COM) (External, Inter/Intra-departmental) Human Resource Allocation: Quality Assessment (QA)/Perf. Evaluation, Personnel Selection (PS), Technical Knowledge (TK), Training Needs (TN) Administrative Knowledge: Coordination of Work (COR), Formalization (F), Organizational Knowledge (ORK), RolesResponsibilities (RR) Culture: Ownership (OWN), Time Urgency (TU) TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA The SMS factors Management & other organizational factors (not in taxonomy) Policy/Goals Available Resources Overall Performance Planned Equipment and Procedure Changes Plant Data/Systems Performance Systems Performance Data Equipment and Structures Monitoring Equipment Performance Corrective Maintenance Preventive Maintenance/Test Risk Assessment Criteria (RAC) Accident Scenarios/Consequences Zones/Risk Evaluation Control & Mitigation Measures (PCMM) Reliability Data/Systems Performance Data (AS/CZ/RE) Preventive, TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA The model action-flow diagram • Representation of SMS elements and factors in a model action-flow diagram using the Structured Analysis and Design Technique (SADT). • Interconnections between factors and elements and interrelations between elements can be defined and thus action flows can be delineated. • Localization of problem areas, discovery of organizational and management weaknesses of a SMS and user guidance to specific actions. TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA The system work-flow loops • Sequences of actions related to important safety operations. It is postulated that each loop: – Is closed (starts and ends at the same element) – Has a specified target and is operationally independent from other loops – Is discrete in time with specified duration and operates either in parallel or in series with other loops • Under these terms, the loops are bound to consist of factors that connect system elements and to show the logical arrangement of actions that should be performed for the safe operation of the system. TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA The system work-flow loops • Division of loops in: – “Fast response” loops (i.e. those related to safe operations of processes with dangerous substances) – “Slow response” loops (i.e. those related to implementation of training activities) • In order for a loop to be meaningful for safety: – All its factors and procedures should be considered operable and not fail on demand (reliability) – Its target should be met within predetermined period of time (effectiveness) • There is always one (or more) “controlling mechanisms” to which reliability and effectiveness of the loop is more sensitive. TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA Analysis of “Seveso” Sites operations in work-flow loops • Analysis of “Seveso” sites safety operations in loops with data from an industrial site in Greece. • Analysis of SMS operation considering 15 principal loops necessary for the prevention of accidents involving dangerous substances. • Identification of organizational factors as underlying causes of SMS failure and contributing to SMS inefficiency. TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA Quantification of SMS performance • Based on SAM approach (Pate-Cornel & Murphy 1996), SMS reliability is measured by linking the probability of each top event (i.e. release of dangerous substance) to work-flow loops. • The events (technical, organizational, managerial) identified in a fault tree of an accident scenario (top event) are assumed to be linked to the SMS. • Principal feature of the proposed approach is the use of Minimal Cut Sets (MCS = minimal set of events that lead to the undesired top event). • The probability of a MCSk is assumed to be influenced by the actions and procedures of the SMS, found in (j) loops, Bjk. TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA Quantification of SMS performance If a specific top event F is analyzed using FTA, the probability of that top event P(F) can be described by: P( F ) PMCS k | B jk PB jk k j Each loop Bjk consists of (i) independent factors Oij in series. The conditional probability of a top event F if a factor Oij fails can be expressed by: P F | Oij PMCS k | B jk k j Given the condition that each loop is operationally independent from others, the probability of a MCSk can be calculated by: PMCS k PB jk j TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA CASE STUDY In the simplest case of two loops influencing a MCSk, the probability of the MCSk can be estimated by the equation: 1 e e e 2 RMCSk t 1 1 RB j t 1 1 RB1 1 RB2 1 1 e j 1 B1t B2 t Assuming that: e B1t B1 B1 t t B1 B1 t B1 e B2 t B2 B2 t t B2 and e e e B2 t B2 B1 t B1 t t B1 B2 t B2 t t B2 e the probability of the MCSk can be expressed by: RMCSk t e B1 t t B1 e B2 t t B 2 TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA CASE STUDY To further the analysis, the following cases are examined: – Loop B1 is assumed to be a “fast response” loop and loop B2 a “slow response” loop. In this case the MCSk reliability was found to be determined by the reliability of the “fast response” loop when λB1 < λB2. – Both two loops are assumed to be “fast response” loops (tB1, tB2→0). The MCSk reliability is then determined by the reliabilities of both loops for t > tB1, tB2: RMCSk t e B1 t e B2 t The quantitative results show that the reliability of a MCSk is mostly controlled by the “fast response” loops (tB0) and thus safety performance is expected to depend more on “fast response” loops. TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA CASE STUDY • Given the condition that each loop Bj consists of (i) independent factors Oij in series the reliability of a loop can be calculated by multiplying the reliabilities for all factors. Using the reliability expressions for each factor, the reliability of a loop Bj during the time interval (0, t) can be expressed by: n R j t e i 1 ij t t i n e ij t i i 1 where λij = constant failure rate of factor Oij; ti = operational time of factor Oij; and n = total number of factors. The above expression shows that the reliability of a loop is controlled by the factors with short duration (ti →0) and thus safety performance is expected to depend more on these factors. TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA Example of a loop for the prevention of fuel release F COR CEN COM F COM Training Needs GP RAL PS ORK RAL RR Training (Management & Personnel) Equipment Performance PS OL Audit Overall Performance Rel.Data/Systems Perf.Data OK Planned Eq.&Pr.Changes Yes TK OL Training Needs Problem Identification QA-Perf. Evaluation TU GP Systems Performance Data Monitoring Performance RR COR CEN TU QA-Perf. Evaluation No OWN F ORK CEN OWN TK COM CEN COR COM TU F COR CEN COM QA-Perf.Evaluation GP Resource Alloc. RAL Available Resources Emergency Planning OL Problem Identification Management & Leadership Overall Performance Problem Identification AS/CZ/RE PCMM Training Needs OWN F ORK CEN COM RR PS PS F Coordination ORK RR Formalization Training Needs OWN Training Needs GP RAL Personnel Selection OL TK GP RAL Roles-Respons. RR PS TU Goal Prioritization Policy/Goals COR Problem Identification Operations OL Plant Data/Systems Perf. Systems Perf. Data QA-Perf.Evaluation OWN TK F COR ORK TK COR CEN COM Problem Identification Training Needs TU Training Needs GP RAL Problem Identification Problem Identification RAL RR Risk Assessment RR PS QA-Perf.Evaluation Maintenance PS Accident Scenarios/Consequence Zones/Risk Evaluation OL Corrective Maintenance Eq.&Struct. Monitoring Preventive, Control and Mitigation Measures OL OWN RAC ORK TK Equipment Performance Prev. Maintenance/Test OWN TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA ORK TK CASE STUDY RESULTS 0 10 Ra Rb R -2 10 -4 R 10 -6 10 -8 10 Figure presents MCSk reliability (R) with respect to the reliability of critical loops B1 (Ra) and B2 (Rb) with λB1=0.005 hr -1, tB1=4 hrs, λΒ2=0,01 hr -1 and tB2=100 hrs -10 10 200 400 600 800 1000 t 1200 1400 1600 1800 2000 TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA Conclusions • The model action-flow diagram can be used in its own right as a means of identifying organizational and management weaknesses of a SMS. • The analysis of important safety operations in work-flow loops shows the applicability and usefulness of the proposed model. • The model can be widely used as a decision support tool for safety critical actions in the SMS of any organization. • The linkage of events of a fault tree to the SMS help to discover “controlling” organizational factors in the SMS that affect system performance. TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA Conclusions • There are indications that fast safety actions influence more SMS performance. • There are indications that the “controlling mechanisms” mostly contributing to SMS failure and SMS inefficiency are factors which achieve their tasks in short time. • Proposals to future research: – Application of SMS in other activities involving dangerous substances. – Use of quantitative data for better understanding of the impact of organizational factors on performance and reliability of SMS. TUC PAPADAKIS, KOKKINOS & MACHAIRA SRA-E 11-13 SEPTEMBER 2006 LJUBLJANA, SLOVENIA