Tartalmi kivonat
Source: http://www.doksinet SA SAFETY Safety Engineering, Risk Analysis and Asset Integrity Safe design from concept to operation INERCO is currently developing major worldwide projects in the matter of industrial safety for large engineering companies and operators in industries such as Oil & Gas (upstream and downstream), petrochemical, chemical, mining and energy. Keywords Safety, Tools in the field of risk analysis, Risk management Juan Santos Remesal Manager Industrial Safety Division INERCO Alfredo Ramos Rodriguez Head of Industrial Safety Department INERCO 62 Industria Química Gabriela Reyes Delgado Process Safety Area Manager INERCO Pastora Fernández Zamora Risk Assessments Area Manager INERCO Special Achema 2015 Source: http://www.doksinet SAFETY ENGINEERING, RISK ANALYSIS AND ASSET INTEGRITY IN EACH SECTOR advanced safety criteria as well as applicable international standards and regulations are used. The set of tools applied in the projects goes from, among
others, HAZID/HAZOP Studies, SIL Analysis (SIL Index Determination, Safety Requirement Specification or SRS and SIL Verification), LOPA Analysis, Fire & Gas system design, Quantitative Risk Analysis and ALARP, to studies as RAMS Analysis, Risk-Based Inspection (RBI) and Risk Centered Maintenance (RCM), BOW-TIE, Safety Critical Elements Determination and design standards for these elements. Thus, both the promoters of these projects, as the engineering companies that developed them, implement, at the different stages of the project, risk analysis tools focused on increasing safety levels and achieve goals such as: • Identification of hazards from external sources that can potentially affect on plant inside. • Identification of hazards from internal sources that may lead to an accident scenario, due to the hazardous characteristics associated with the substances present and to operations during construction and operation phases of the plant. • Estimation of the consequences.
According to the hazardous characteristics of the substances capable of causing any risk situation quantifying the effects and consequences. • Estimation of the probability of occurrence for the identified hazards, so that the overall risk of the facilities can be known, once its consequences are assessed. • Identification of those points in the facilities where improvements might be needed in the design, inspection and maintenance to reach a safer operation. • Identification of areas, facilities, equipment and processes that contribute the most to risk, in order www.industriaquimicaes to establish adequate mitigation or protection measures to have in all cases an acceptable risk associated with the facilities. • Defining the strategic action plan in emergencies and development of emergency and contingency plans. Among others, the most widely used tools in the field of risk analysis are: • HAZID Analysis • HAZOP Analysis • Bow-Tie Analysis • SIL analysis (SIL Index
Determination, Safety Requirement Specification or SRS and SIL Verification) • QRA or HAZAN Analysis • FHA/FEHA • FMEA Analysis • RAMS Analysis • Risk-Based Studies Inspection (RBI) and Risk Centered Maintenance (RCM) • Safety Critical Elements (SCEs) and Performance Standards (PSs) • EERA • SVA HAZID (HAZARD IDENTIFICATION) ANALYSIS HAZID analysis is a tool to identify hazards and make an initial assessment of the risks. It aims to identify at an early stage all the hazards that the project can be exposed to, from an internal and external point of view. The areas where hazards are identified and risks are assessed include geographic location, environmental conditions, requirements in matter of environmental, engineering, safety, security or prevention of occupational hazards. The timing of a HAZID study is critical to maximize profit. Inevitably a HAZID will lead to changes in design or operational changes of the plant. It takes time to implement these changes, the
optimal time for a HAZID is in basic engineering and before starting the detailed design. The expected results of this type of study are, that in an early stage, hazards in all these areas are known sooner, before taking decisions that lead us to take significant risks or incur into significant costs due to the need to implement mitigation measures; to have a hazard register of the identified hazards and a corrective action plan in which the strategy of risk management is indicated and measures to avoid, reduce or control them during design phase are in place; the measures taken can be planned, implemented and audited or controlled in time by the project management; and delays in the design or construction and budgetary slippages by unidentified hazards are avoided. HAZOP (HAZARD AND OPERABILITY) ANALYSIS HAZOP studies are conducted in order to identify all those deviations from the design conditions that can lead to accidents, or constitute serious operability problems, with special
attention to deviations that can cause accidents with major consequences. The team working on a HAZOP follows an analytical structure through a set of guidewords (no, more, less, etc.) to examine deviations from the normal process conditions at key points (called NODES) of the unit. These guidewords are applied to the most relevant parameters (flow, pressure, temperature, level, etc.) in order to identify potential causes that can lead to this situation, the consequences of the deviation of these parameters from the expected values and safeguards installed to avoid them. As a result of the development and application of HAZOP methodology to industrial facilities, recommendations would be obtained, for example, concerning the design conditions of the facilities (lines, equipment, need for additional instrumentation, valves, instrumentation and equipment accessibility, etc.), alarm configuration in controllers and indicators, status indication of motors, verification of Industria
Química 63 Source: http://www.doksinet SAFETY Table 1. PROJECT PHASE RISK ANALYSIS METHODOLOGY EXPECTED RESULTS CONCEPTUAL ENGINEERING HAZID CHECKLIST WHAT IF - Guidance for the selection process - Detect unacceptable process hazards - Help for process design - Identify key process modifications that reduce the risk level. - Assist in the geographical location of the project BASIC ENGINEERING PHA HAZID CHECKLIST WHAT IF FMEA HAZOP - Identify hazards in a more detailed way in the selected process and in the proposed design - Risks associated with the geographic location - Risks on special or critical equipment in the process DETAILED ENGINEERING CHECKLIST WHAT IF FMEA PHA HAZOP BOW-TIE Critical Elements studies, Safety Barriers and performance standards SIL/VERIFICATION AND SRS QRA FHA RAMS RBI/RCM EERA SVA - Identify all the hazards in the process, assessing the associated risks - Identify aspects of the operation not initially contemplated - Help to establish operating,
commissioning and start-up procedures FACILITIES IN OPERATION CHECKLIST HAZOP SIL/VERIFICATION AND SRS FHA QRA RAMS RBI/RCM EERA SVA - Ensure the operation and that the information regarding quality, legal requirements, process safety and operating procedures are complete and up to date - Incorporate lessons learned from recent accidents or incidents and consider the addition of new equipment, systems and technologies that will improve safety levels the design conditions of safety valves or the need to install or configure an interlock system or Safety Instrumented System in the facilities. BOW-TIE ANALYSIS The bow-tie analysis is a model that represents how a hazard can be released, escalate and how it is controlled. This methodology is usually applied to Major Accidents Hazards (MAH). For each MAH, the bow-tie methodology allows: • Identification of the hazard release, escalation and consequence scenarios. • Identification of controls, e.g barrier and escalation factor
controls required to manage hazards. • C a t e g o r i s a t i o n o f c o n t ro l s into Inherent Safety, Safety Critical 64 Industria Química Element (hardware) or Critical activity (procedures, processes, operator action). • A clear visual representation to enable ALARP review to be undertaken. • An aid in the incident review process if occurrence of such a major incident has occurred. The role of a barrier on the bow-tie diagrams is to prevent (Left hand side of BT) or limit (Right hand side of BT) the consequence of a major accident. The barriers are divided into the following different types: Structural Integrity (SI), Process Containment (PC), Ignition Control (IC), Detection Systems (DS), Shutdown Systems (SD), Protection Systems (PS), Emergency Response (ER), Life Saving (LS). Barriers shall be effective in preventing the Top Event or Consequence, able to prevent a specific Threat from releasing the Hazard, Verifiable – how shall the effectiveness of the barrier
be confirmed? And Independent of other barriers in the same Threat line, e.g no ‘common mode failure’. SIL ANALYSIS (SAFETY INTEGRITY LEVEL) SIL analysis is a risk study applied to interlock systems or Safety Instrumented Systems (SIS), in which the safety level or SIL index (Safety Integrity Level) is analyzed. In this sense, the SIL index has a direct relation with the average Probability of Failure on Demand and the Risk Reduction Factor. Functional Safety regulations and standards, ANSI-ISA-S84 and IEC61511/61508 establish the different stages to cover in the Safety Life Cycle Special Achema 2015 Source: http://www.doksinet SAFETY ENGINEERING, RISK ANALYSIS AND ASSET INTEGRITY of a Safety Instrumented System, from initial conception until its removal. According to the above normative, there are several methodologies for the development of SIL analysis, that may be qualitative (Risk Graphs), semiqualitative (Calibrated Risk Graph or Risk Matrices), semiquantitative ( L O PA
A n a l y s i s a n d L a y e r s o f Protection Analysis) or quantitative (Markov Analysis or Quantitative Risk Analysis). The methodology finally used must be selected by the engineering company according to specifications, the critical nature of processes and resources allocated for the development of the study and will be based on risk acceptability criteria established by the Property. SRS (SAFETY REQUIREMENT SPECIFICATION) AND SIL VERIFICATION FOR THE CONCEPTUAL DESIGN OF THE SIS SRS or Safety Requirement Specification is another step in the life cycle of Safety Instrumented Systems in which the safety requirement specification is developed, essentially the system operation philosophy. Each safety function must have an associated SIL requirement and reliability requirements for spurious trip. It should include all operating conditions of the process, from start-up to shutdown, including maintenance for each operation mode of the process. www.industriaquimicaes SIS requirements
shall be expressed and structured so that they are clear, accurate, verifiable, sustainable, feasible and written so that they can be understood and applied. The design requirements specification for the SIS shall include the system or system component function, the actions that the system or component shall do under prescribed circumstances (functional specification) and the required integrity (reliability and availability) to operate in these circumstances (integrity specification). SIS conceptual design is specified in SIL Verification, defining the acquisition of the elements of the SIS according to safety and reliability criteria, as well as setting ranges of system maintenance, to comply with safety specifications derived from the SIL index determined in the previous step. QRA (QUANTITATIVE RISK ASSESSMENT) OR HAZAN (HAZARD ANALYSIS) Quantitative Risk Assessment or HAZard ANalysis is a tool by which a risk identification followed by a numerical evaluation of its consequences and
frequencies of occurrence is performed, to finally combine both factors and obtain a risk measure associated to the activity analyzed on people. This risk measure can be performed for both to employees as to the outside population of the facilities. The general methodology of QRA development comprises: identifying accident initiating events, causes and frequencies, determining the evolution of initiating events to end accidents, determining the probability of weather conditions, the lethal threshold values, the range of the lethal consequences and determination of the probability of people presence nearby and / or distribution of workers at the facility and risk quantification through a combination of all the above factors, for all scenarios identified. The results of the QRA will allow, among other applications, to compare obtained risk levels with tolerable individual and social risk levels, or to identify those accidental scenarios that contribute the most to risk, to make
decisions on optimal risk reduction measures to implement in order to achieve acceptable risk levels in case that the risk obtained is not acceptable. It is a dynamic tool to be updated not only during engineering but also during operation since the enlargement and new projects modify the risk and will be useful for management and decision making regarding the safety of the facilities. FHA (FIRE HAZARD ANALYSIS), FEHA (FIRE AND EXPLOSION HAZARD ANALYSIS) OR CONSEQUENCE SCOPE ANALYSIS Fire Hazard Analysis or Fire and Industria Química 65 Source: http://www.doksinet SAFETY Explosion Hazard Analysis is a structured and systematic approach to identify and assess fires and explosions, to ensure, in the design of the facilities, adequate fire and overpressure protections for various equipment and facilities, reducing the possibility of accidental climbing and ensuring as far as possible the integrity of the plant. Consequence Scope Analysis include hazard identification, consequences
calculation and risk zones according to predefined threshold values and the calculation of vulnerability of people and property. T h e re s u l t s a l l o w o b t a i n i n g information to ensure safe and reliable operation of the facilities for all phases of the project. FMEA ANALYSIS (FAILURE MODE EFFECTS ANALYSIS) Failure Mode Effects Analysis (FMEA) is a technique for identifying hazards associated with equipment of a process plant. This tool aims in its application, to establish possible faults in each and every one of the elements (process and control) in a plant, to analyze the consequences of the failures established in the previous step, to detect those that may lead to accidents and to establish protection measures to prevent equipment failures that are significant. The FMEA can be used to complement other hazard identification techniques such as HAZOP analysis of special systems, as furnaces or electrical / electronic systems. The FMEA comes from of a list of equipment
and components of the plant under study that are likely to cause a failure, and for each one, its failure modes are identified. The analysis is complemented by determining a risk index using for example a double-entry matrix (probability and consequences) that help to prioritize the definition of corrective measures. 66 Industria Química RAMS ANALYSIS (RELIABILITY, AVAILABILITY, MAINTAINABILITY AND SAFETY) RAMS can be defined as an intrinsic feature of a facility that measures the long-term operation of the facility and that helps in decision making to reduce the costs derived from needs of shutdown for maintenance and reparation in both normal and scheduled operations as in those conducted by failures / unexpected shutdowns. The facility design must take into account this concept since its influence is direct in the life cycle and performance of the facility. Specifically, the concepts used in the RMS study are Reliability, Availability, Maintainability and Safety. RAMS analysis
aims to predict the performance, availability and safety of the process systems, as well as to provide a basis for optimization of such systems and ensure achievement of fixed targets for the facility. These studies are increasingly becoming a standard requirement for engineering design. It can be said that RAMS analysis shall form an intrinsic part of the original design and that its four branches are closely linked, so that each affects the other. RISK-BASED INSPECTION STUDIES (RBI) AND RISK CENTERED MAINTENANCE (RCM) RBI methodology facilitates the definition of maintenance m a n a g e m e n t p ro g r a m o f t h e facilities based on the results of a comprehensive study of the risks associated with each of its equipments. This allows to focus on the maintenance of equipment in those that suppose a greater risk to the human environment (workers, nearby towns), natural (air quality, water and soil) and socioeconomic (infrastructure, historical-landscape heritage, economic
activity). The theoretical basis on which the RBI methodology is based on, developed by the American Petroleum Institute, is described in a series of API standards, which include the API 580 standards: Risk Based Inspection and API 581: Risk Based Inspection. Base Resource Document. M o re o v e r, a s a c o m p l e m e n t to the maintenance strategy, the implementation of a methodology as Reliability Centered Maintenance, widely used in industries such as aerospace and automotive, to the Oil&Gas industry has as immediate effect an increase in equipment and components reliability and thus an increase in safety levels of the facility. The methodology aims to establish a maintenance strategy for each component or equipment according to their critical nature in the system that will be marked by the influence that a fault in the equipment or component has on parameters such as safety, environmental condition, production, repair costs, etc., in an effective way in the implementation
cost. It has been proved that the application of these maintenance strategies have a direct effect on the availability of the facilities and so on exploiting them and in the business. Both methodologies, RBI and RCM are complementary and can be implemented so that the synergies between the two are used for a greater economic benefit and to improve safety levels of any facility. SAFETY CRITICAL ELEMENTS (SCES) AND PERFORMANCE STANDARDS (PSS) The Safety Critical Elements are defined through a Bow-Tie Analysis of the Major Accidents Hazards (MAH). Barriers for high risk hazards shall be classified as High Risk Hazards Critical Elements and will be selected in accordance with corporative Standards and good engineering practices. A Safety Critical Element (SCE) is any item of hardware, system or logic software the failure of which could cause a major Accident Hazard or whose purpose is to prevent Special Achema 2015 Source: http://www.doksinet SAFETY ENGINEERING, RISK ANALYSIS AND ASSET
INTEGRITY or mitigate the effects of a Major Accident Hazard. For every SCE selected a Performance Standard (PS) shall be developed. A PS is a statement, which can be expressed in qualitative or quantitative terms, of the functional performance required of a SCE, and which is used as the basis for managing the risk from the Major Hazards. The Performance Standards for SCEs shall be established according to Design Standards and the results of safety and environmental studies performed on the project. Performance Standards are used as the basis for design and technical (operational) integrity verification and are expressed in terms of functionality, availability, reliability, survivability and dependencies/ interactions with other SCEs. Functionality is an expression used to define what the system or equipment is required to achieve in order to ensure design integrity. Reliability and Availability: Reliability is defined as the required probability that the system or equipment will
operate on demand, when required. Availability is defined as the extent to which the system or equipment is required in order to retain its functional integrity. Survivability defines the external loading events such as fires, explosions or extreme weather, associated with the various MAHs against which the system or equipment is required to retain its functional integrity. Dependencies and Interactions. This is used to identify other systems or equipments that are critical to the functionality of the primary system or equipment. By identifying these dependencies and interactions it is ensured that all interfaces have been covered. EERA (ESCAPE, EVACUATION AND RESCUE ANALYSIS) The main objective of the Escape, Evacuation and Rescue Analysis (EERA) is to ensure that the facilities meet the highest level of safety in an emergency www.industriaquimicaes in a reasonable and feasible way. EERA is a widely used tool in the design of offshore platforms in which, taking into account the
characteristics of them, an emergency situation requires that the measures of evacuation and rescue are perfectly designed and analyzed since it is critical to ensure that people who live in there do not suffer major consequences. In ground facilities such as refineries this type of analysis is used to define the mobilization of emergency teams, the initial positioning of them and how shall be the procedure of each team, specifying firefighting or refrigeration equipment to use. This analysis can be completed with the determination and analysis of firefighting water needs for each risk scenario, depending on the flow demand of each equipment and the estimated running time. EERA is a technique for assessing the performance of emergency facilities and emergency response procedures designed for this purpose. It consists of a structured review of the realization of escape, evacuation and rescue facilities and the action procedures in the representative risk scenarios and takes as input the
results of a Consequence Scope Analysis. Performing this analysis in engineering design phase generates as the most relevant results and with direct transfer to facility design, aspects such as identifying needs of additional material resources, both fixed and mobile to equip the facility, identification of the location of commanding points, routes of attack of the firefighting brigades and the definition of the dimensions of the attack and evacuation routes and the possible isolation or zoning of the risks to prevent the expand of the accident or domino effect, confinement or containment dike sizing, safety distances, etc. All this will end up being the basis of a pre-fire plan or specific action procedure for each of the identified situations and constitute the operational part of emergency planning of the facility. SVA (SECURITY VULNERABILITY ANALYSIS) It is increasingly necessary to take into consideration during the design of industrial facilities aspects of protection from the
point of view of intentional threats on facilities. This is not solely a matter of controlling the perimeter or to have a security service. In industrial facilities in which threats can be addressed to equipment and systems handling hazardous substances that may be released intentionally and affect workers and nearby population, additional safety measures shall be applied. These measures shall be taken from design and engineering. To do this, Security Vulnerability Analysis or SVA can be used as a tool. SVA is a process that identifies and analyzes the operational physical vulnerabilities of the facilities against external threats determined as credible depending on the type of installation, geographic location or environment among others. CONCLUSIONS There are countless different tools that can be used depending on the phase of activity, the project to develop, the target objective and the risk management policy that the company has set to achieve its safety objectives. As a
reference, in the appended table it is shown in an illustrative way for the different phases of activity some of the most appropriate risk analysis tools depending on the expected results. Its application offers significant safety benefits throughout the lifecycle of an industrial plant and it is important to have the necessary experience to choose those that fit the installation to evaluate and the target objectives. In this sense INERCO has over 30 years of experience advising on risk management and increasing comprehensive safety levels in the industrial sector (Oil & gas, chemical, energy, mining, metallurgy, industrial engineering, etc.) using the most effective media in terms of costeffectiveness in reducing risk. Industria Química 67