IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011            Risk and Hazard Operabilit...
IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011conditions and events. In the maritime...
IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011   IV. BENEFITS AND LIMITATIONS OF USI...
IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011                                      ...
IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011the system can be assessed under diffe...
IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011dynamic systems. The general hypothesi...
IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011discussion- avoid endless discussion, ...
IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011to be more cost-effective than mitigat...
IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011ALARP Principal, Risk Acceptability Cr...
IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011randomness of the system itself) and e...
Upcoming SlideShare
Loading in …5

Risk and Hazard Operability Process of Deep Water Marine System


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Risk and Hazard Operability Process of Deep Water Marine System

  1. 1. IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011 Risk and Hazard Operability Process of Deep Water Marine System A.H. Saharuddin, O. O. Sulaiman and A.S.A. Kader grounding. This paper discusses a model of reliability for the Abstract—The maritime and offshore industry has made use assessment and analysis of marine accident scenarios leadingof the ocean in a very responsible way, the challenged posed by to design for the prevention and protection of theenvironmental concern in the coastline is evolving new environment. The paper will address risk process that cantechnology and new ways for technological development. In anage so dire to find alternative and sensitive ways to mitigate optimize design, existing practice, and facilitate decisionchallenge of global warming, climate changes and its associated support for policy accommodation for evolving offshoreimpact, maritime and offshore activities is loaded with deepwater regime [1], [2].requirement to build new sustainable and reliable technologyfor deep sea operation in order to fulfil alternative mitigation II. RISK RELIABILITY MODELLING REQUIREMENToptions for climate change, decline of coastline resources andenthophication. Expanding deep sea operation require In order to build reliable deep water offshore system anddevelopment of technology related to dynamic position, mobile supporting transportation system, it is important toberthing facilities, collision aversion, impact of new understand the need analysis through examination of theenvironment, wave, wind on marine structure, supply vessel components of system functionality and capability. Thisoperation and fact that coastal water transportation attracts functionality capability of the platform, environmentallow probability and high consequence accidents. This makes loading and other support system environmental risk as wellreliability requirements for the design and operability for safetyand environmental protection very necessary. This paper as ageing factors related to design, operation, construction,discusses process work in risk, hazard and reliability based maintenance, economic, social, and disposal requirement fordesign and safe and efficient operability deep water operation sustainable marine system need to be critically analysed. Riskwaters. This includes a system based approach that covers identification work should be followed by risk analysis thatproactive risk as well as holistic multi criteria assessment of include risk ranking, limit acceptability and generation ofrequired variables to deduce mitigation options and decision best options towards development of safety andsupport for preventive, protective and control measures of riskof hazard for deep water marine offshore operation. environmental risk mitigation and goal based objective for evaluation of the development of sustainable cost effective Index Terms— Risk, Reliability, Safety, Environment, inland water transportation that fall under new generationDeepwater, Marine green technology [3], [8]. Weighing of deductive balancing work requirement for reliable and safety through iterative I. INTRODUCTION components of all elements involved should include social, Offshore operation and marine transportation service economic, health, ecological and technologicalprovide substantial support to various human activities; its considerations. Other concerns are related to other uses ofimportance has long been recognized. The clear cut water resources and through best practice of sedimentadvantage of inland transportation over other modes of disposal, mitigation for environmental impact, continuoustransportation, short sea service and evolving deep sea management, monitoring, and compensation for uncertaintyactivities are being driven by recent environmental problems as well as preparation for future regulation beyondand dialogues over alternative renewable ways of doing compliance policy or principles.things. The criticality of offshore and marine transportation Risk assessment has been used by the business communityoperations within the coastline and the prohibitive nature of and government, and safety cases of risk assessment havethe occurrence of accidents due to high consequence and been used by United Kingdom (UK) health safety andlosses have equally made it imperative and necessary to environment (HSE). In the maritime industry, riskdesign operate and maintain sustainable, efficient and assessment has been used for vessel safety, marine structure,reliable deepwater offshore operation and marine transportation of liquefied natural gas (LNG), and offshoretransportation systems. Marine accidents fall under the platforms. In Europe maritime risk assessment has been usedscenarios of collision, fire and explosion, flooding, and for coastal port risk analyses and pilot fatigue. International Maritime Organization (IMO) and United State Coast Guard (USCG) rule making have issued guidelines and procedures Manuscript received April 3, 2011, revised July 20, 2011. O.O. Sulaiman is with the University Malaysia Terengganu, Faculty of for risk based decision making, analysis and managementMaritime Studies and Marine Science, 21030, Kuala under formal safety assessment [4], [12]. Risk analysis whenTerengganu,Terengganu, Malaysia (e-mail: o.sulaiman@umt.edu.my). used for rulemaking is called Formal Safety Assessment A.H. Saharuddin is with the University Malaysia Terengganu, Faculty ofMaritime Studies and Marine Science, 21030, Kuala (FSA), while when it is used for compliance is addressed asTerengganu,Terengganu, Malaysia (e-mail: sdin@umt.edu.my). Quantitative Risk Analysis (QRA). Contemporary time has A.S.A Kader is with the University Technology Malaysia, Faculty of seen risk assessment optimization using scenario basedMechanicak Engineering, Johor Bahru, Skudai, Malaysia (e-mail: assessments, which considered the relative risks of differentabsaman@fkm.utm.my). 359
  2. 2. IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011conditions and events. In the maritime industry, door to innovation and radical novel andcontemporary time risk assessment has been instrumental to inventive, and cost effective design solution.make reliable decisions related to prediction of flood, Risk based approach for ROV follow wellstructural reliability, intact stability, collision, grounding and established quantitative risk analysis used infire safety. Probabilistic and stochastic risk assessment and offshore industries. The key to successful useconcurrent use of virtual reality simulation that considers the of risk based design require advance tool tobroader impacts of events, conditions, scenarios on determine the risks involved and to quantify thegeographical, temporal impacts, risks of conditions is effects of risk preventing/reducing measures asimportant to for continuous system monitoring. Additionally, well as to develop (evaluation criteria to judge their cost effectiveness. Components ofsensitivity and contingency (what if) analyses can be integrated risk includes:selectively used as tools to deal with remnant reliability anduncertainty that answer hidden questions in dynamic and 7) Front End: Model potential causes, locations,complex systems [13]. sizes, and likelihoods of acid releases from System. Analysis of system capabilities: III. SYSTEM FAILURE AND RISK BASED DESIGN identify those releases that are mitigatable. REQUIREMENT FOR DEEP WATER SYSTEM 8) Successful mitigation: release less than 1,500 gallons A basic principle for risk-based design has been 9) Consideration of diagnosis and response timesformulated: the larger the losses from failure of a component, 10) Back End: Model potential failure modes ofthe smaller the upper bound of its hazard rate, the larger the each system design, and estimate failurerequired minimum reliability level from the component. A likelihoodsgeneralized version and analytical expression for this 11) Analysis of system reliabilities reliability blockimportant principle have also been formulated for multiple diagram analysis systematic identification offailure modes. It is argued that the traditional approach based failure modes: human errors, equipmenton a risk matrix is suitable only for single failure failures, support system failuresmodes/scenarios. In the case of multiple failure modes 12) Analysis of consequences of unmitigatable or(scenarios), the individual risks should be aggregated and unmitigated releases:compared with the maximum tolerable risk. In this respect, a 13) Release size used as surrogate consequencenew method for risk-based design is proposed, based on measurelimiting the probability of system failure below a maximalacceptable level at a minimum total cost (the sum of the cost Risk can be calculated from:for building the system and the risk of failure). The essence R = Σ (Im x Amn x Cm) + (Ji x Di) (1)of the method can be summarized in three steps: developing asystem topology with the maximum possible reliability, Where:. R = Risk metric, . Im = Annual probability ofreducing the resultant system to a system with generic mitigatable leak at location/size m, . Ji = Annual probabilitycomponents, for each of which several alternatives exist of unmitigatable leak at location/size I,. Amn = Probability ofincluding non-existence of the component, and a final step AIES failure via moden given leak m,. Cm/Di =involving selecting a set of alternatives limiting the Consequence severity of leak m.probability of system failure at a minimum total cost.Determining the set of alternatives for the components can be ROV operating capabilities requirement that can befacilitated through the following elements. investigated is under risk based design are: 1) The goal of risk based design for marine system 1) Standardized intervention ports for all subsea BOP and its goal is to enhance safety. advantage of stacks to ensure compatibility with any available such system in system design include: ROV 2) Establishment of systematic method, tools to 2) Visible mechanical indicator or redundant telemetry assess operational, extreme, accidental and channel for BOP rams to give positive indication of catastrophic scenarios and integrating human proper functioning (e.g., a position indicator). elements into the design environment 3) ROV testing requirements, including subsea function 3) Development of safety based technology for testing with external hydraulic supply. reliable operation and deign 4) An ROV interface with dual valves below the lowest 4) Establishment of regulatory framework to ram on the BOP stack to allow well-killing facilitate first principle approach to facilitate operations. first principle approaches to safety 5) Electrical power requirement 5) Development of model that can demonstrate validation and practicability General requirements - refer to SOLAS requirements. Chapter II-1 - outlines requirements for Ship construction 6) Today, design shift towards knowledge sub-division and stability, machinery and electrical intensive product, risk based design is believed installations. The five part of this parts are: Part A –General, to be key elements for enhancement of Part B -Sub-division and stability, Part C-Machinery industrial competitiveness. The use of risk installations, Part D -Electrical installations, Part machinery based design, operation and regulation open spaces. 360
  3. 3. IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011 IV. BENEFITS AND LIMITATIONS OF USING RISK AND This shows the extent and various ways human activities RELIABILITY MODELS and uses water resources affect the ecological and chemical Rampant system failure and problems related to reliability status of waterways system. Occurrence of accident withinhave brought the need to adopt a new philosophy based on the coastline is quite prohibitive due to unimaginabletop down risk and life cycle model to design, operate and consequences and effects to coastal habitats. Recentmaintain systems based on risk and reliability. Likewise, environmental performance studies on transportation modeelection of alternative ways to mitigate challenges of safety has revealed that transportation by water provides wideand environmental risk of system deserve holistic, reliability advantages in term of less, low Green House Gas (GHG)analysis approaches that provide the following benefits: release, large capacity, congestion, development initiative etc. These advantages tells about high prospect for potential 1) flexibility and redundancy for innovative, modal shift of transportation and future extensive use of alternative improvised design and concept inland water marine transportation where risk based system development will be necessary to provide efficient, sustainable and 2) evaluation of risk reduction measure and reliability safe clean waterways as well as conservation of transparency of decision making process environment. 3) systematic tool to study complex problem This equally shows that increase in human activities will 4) interaction between discipline have potential effects in coastal and marine environment, 5) risk and impact valuation of system from population pressure, increasing demands for space, 6) facilitate proactive approach for system, safety, competition over resources, and poor economic current design practice and management performances that can reciprocally undermine the sustainable 7) facilitate holistic touching on contributing factor in use of our oceans and coastal areas. Different forms of system work pollutants and activities that affect the quality of water, air 8) systematic rule making, limit acceptability and and soil as well as coastal ecosystems are: Water: pollution policy making development release directly or washed downed through ground water; Air 9) analysis of transportation system pollution, noise population, vibration; Soil: dredge disposal and contaminated sediments; Flood risk: biochemical The dynamic distributive condition, long incumbent reaction of pollution elements with water; Collision:period and complexity of marine system with limited operational; and Bio diversification: endangered andoversight makes the process of identification and addressing threatened species, habitat.human as well as organizational error including checks and Main sources of marine pollution: i. Point form pollution:balances, redundancy, and training more complicated. Other toxic contaminants, marine debris and dumping. ii. Nonpointinherits drawbacks associated with risk and reliability model form pollution: sewage, alien species, and watershed Issues.are [5, 6]: Main sources from ships are in form of: i. Operational: 1) lack of historical data (frequency, probability, expert judgment) operational activities along the shipping routes discharging 2) linking system functionality with standards waters contaminated with chemicals (whether intentionally requirement during analysis (total safety level vs. or unintentionally). ii. Accidental risk: Collision due to loss individual risk level, calculation of current safety of propulsion or control. level) Risk associated with environmental issue in the context of 3) risk indices and evaluation criteria (individual risk ship, design has impacts related to shipping trends, channel acceptance criteria and sustainability balance) design criteria, ship and oil platform manoeuvrability and 4) quantification of human error and uncertainty dynamic positioning and ship controllability. The complexity associated with human and organization VI. MODELING THE RISK AND RELIABILITY COMPONENTS OFrequires human reliability assessment and uncertainty COMPLEX AND DYNAMIC SYSTEManalysis to be modeled independently. The consequence of maritime accident comes with environmental problem. Marine system are dynamic system V. MARINE POLLUTION RISK CHALLENGES that have potential for high impact accidents which are A group of experts on the scientific aspects of marine predominately associated with equipment failure, externalpollution comment on the condition of the marine events, human error, economic, system complexity,environment in 1989, stated that most human product or environmental and reliability issues. This call for innovativewaste ends their ways in the estuarine, seas and finally to the methods, tools to assess operational issue, extreme accidentalocean. Chemical contamination and litter can be observed and catastrophic scenarios. Such method should be extensivefrom the tropics to the poles and from beaches to abyssal use to integration assessment of human element, technology,depths. But the conditions in the marine environment vary policy, science and agencies to minimise damage to thewidely. The open sea is still considerably clean in contrast to environment. Risk based design entails the systematic riskinland waters. However, time continue to see that the sea is analysis in the design process targeting risk prevention andbeing affected by man almost everywhere and encroachment reduction as a design objective. They should be integratedon coastal areas continues worldwide, if unchecked. This with design environment to facilitate and support sustainabletrend will lead to global deterioration in the quality and approach to ship and waterways designs need (See Figure 1)productivity of the marine environment [5]. 361
  4. 4. IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011 reduction at design stage, risk reduction after design in operation and separate analysis for residual risk for uncertainty and human reliability. Risk in complex systems can have its roots in a number of factors ranging from performance, technology, human error as well as organizational cultures, all of Figure 1: Risk modeling Components which may support risk taking or fail to sufficiently encourage risk aversion. Integrated risk based system design requires the 2) Cause of risk and risk assessment: this involveavailability of tools to predict the safety performance and system description, identifying the risk associatedsystem components as well as integration and hybridization with the system, assessing them and organizingof safety and environmental factors, lifecycle phases and them according to degree of occurrence and impactmethods. It important to develop refines, verify, validate in matrix form causes of risk can take many waysthrough effective methods and tools. Such integrative and including the following:total risk tools required logical process with holistic linkage i. Root cause: Inadequate operator knowledge, skillsbetween data, individual risk, societal, organizational, system or abilities, or the lack of a safety managementdescription, conventional laws, principle for system design system in an organization.and operation need to be incorporated in the risk process. ii. Immediate cause: Failure to apply basic knowledge,Verification and employment of system based approach in skills, or abilities, or an operator impaired byrisk analysis should be followed with creation of database drugs or alcohol.and identification of novel technologies required for iii. Situation causal factor: Number of participantsimplementation. Unwanted event which remain the central time/planning, volatility environmental factors,front of risk fight is an occurrence that has associated congestion, time of day risk associated with system can be based on.undesirable outcome which range from trivial to catastrophic. iv. Organization causal factor: Organization type,Depending on conditions and solution based technique in risk regulatory environment, organizational ageand reliability work, the model should be designed to protect management type/changes, system redundancy,investment, properties, citizens, natural resources the system incident/accident history, individual,institution which has to function in sustainable manner within team training and safety management system.acceptable risk. The risk reliability modeling process begins with To deal with difficulties of risk migration marine systemdefinition of risk which stands for the measure of the (complex and dynamic by nature), reliability assessmentfrequency and severity of consequence of an unwanted event. models can be used to capture the system complex issues asFrequency at which a potential undesirable event occurs is well as patterns of risk migration. Historical analyses ofexpressed as events per unit time, often per year. Upon system performance is important to establish performanceestablishing understanding of whole system from baseline benchmarks in the system and to identify patterns ofdata that include elements of channel and vessel triggering events which may require long periods of time todimensioning as shown in figure 3, the frequency can be develop and detect. Likewise, assessments of the role ofdetermined from historical data. However, it is quite inherent human / organizational error and their impact on levels of riskthat event that does not happen often attract severe in the system are critical in distributed, large-scale systems.consequence and lack data, such event is better analysed This however imposes associated physical oversight linkedthrough probabilistic and stochastic model hybrid with first to uncertainty during system design. Effective riskprinciple and whatever data is available [9]. Incidents are assessments required three elements: 1). Framework, 2).unwanted events that may or may not result to accidents if Model, 3. Process:necessary measure is taken according to magnitude of eventand required speed of response. While accidents are A. Risk Frameworkunwanted events that have either immediate or delayed Risk framework provides system description, riskconsequences. Immediate consequences variables include identification, criticality, ranking, impact, possible mitigationinjuries, loss of life, property damage and persons in peril. and high level objective to provide system with what willPoint form consequences variables include further loss of life, make it reliable. The framework development involves riskenvironmental damage, and financial costs. identification which requires developing a structure for understanding the manner in which accidents, their initiating Risk (R) = Probability (P) X Consequence (C) events and their consequences occur. This includes(2) assessment of representative system and all linkages that areThe earlier stage of the risk and reliability process involves associated to the system functionality and regulatory impact.finding cause of risk, level of impact, destination and putting B. Modela barrier by all means in the pathway of source, cause andvictim. Risk and reliability process targets the following: The challenges of risk and reliability method for complex 1) Risk analysis and reduction process: This involves dynamic systems like ship motion at sea require reliable risk analytic work through selective deterministic and models. Risk mitigation measures can be tested and the probabilistic method that assures reliability in the tradeoff between different measures or combinations of system. Reduction process will target initial risk measures can be evaluated. Changes in the levels of risk in 362
  5. 5. IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011the system can be assessed under different scenarios and including port, waterway community, public officials,incorporating “what if” analyses in different risk mitigation regulators and scientists. Transparency, communitymeasures. Performance trend analysis, reassessment of participation, additional input to the risk process, checks themachinery, equipment, and personnel can be helpful in plausibility of assumptions could help ask the right questionsassessing the utility of different risk reduction measures. of the science.Figure 2 and 3 shows the risk components, systemfunctionality and regulatory requirement for reliability model Total integrated risk can be represented by:that can be followed for each risk scenario. Rt = fs (Rc, Rw,Re, Rs) (3) Where: Re (environment) = fe (sensitivity, advert weather…), Rs (ship) = fs (structural and system reliability, ship layout and cargo arrangement…), Rc (crew) = fc (qualification, fatigue, etc) Holistic and integrated risk based method combined various techniques in a process as depicted in Figure 6, this can be applied for each level of risk for system in question. Each level is complimented by applying causal analysis (system linkage), expert analysis (expert rating) and organizational analysis (Community participation). Goal based Rules / functional HAZID/ Risk level RCO Risk based requirements Functional Standards requirement requirement HAZID After risk matrix ranking RCO High RA level goal Good Reject CBA Yes HAZID RCO Decision No RA CBA Uncertainty/ RCO beyond compliance Recomme ndation Decision Sustainability / Integration Uncertainty Sustainability MODEL Components Figure 2: Risk model Figure 4: Holistic Risk analysis Process Map Figure 5: Holistic risk analysis process Table 1 shows models that have been used in the design system based on risks. IMO and Sirkar et al (1997) methods lack assessment of the likelihood of the event. Other models lack employment of stochastic method whose result may Figure 3: Goal based assessment cover uncertainties associated with dynamic and complex components of channel, ship failure and causal factors like navigational equipment, better training and traffic control . C. Process Therefore, combination of stochastic, statistical, reliability The process should be developed to provide effective and and probabilistic together with hybrid employment of goalsound risk analysis where accuracy, balance information that based, formal safety assessment methods and fuzzy multimeets high scientific standards of measurement can be used criteria network method that use historical data of waterways,as input. This requires getting the science right and getting vessel environmental and traffic data could yield efficient,the right science by targeting interests of stakeholders sustainable and reliable design product for complex and 363
  6. 6. IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011dynamic systems. The general hypothesis behind assessing (FSA) is use in marine industry. QRA should be simplifiedphysical risk model of ship in waterways is that the for to be used for determination for safety criticality criteria,probability of an accident on a particular transit depends on a safety criticality test for failure on demand and time ofset of risk variables which required to be analyzed for test/repair, HSE toolkit application, combined Event tree,necessary conclusion of prospective reliable design [10]. Fault tree Analysis. Standards safety critical elements identification could be analyzed through development of risk TABLE 1: RISK MODELS matrix, regulation scope and boundary compliance, Process Suitable techniques performance standard and assessment, system capability , functionality, reliability, survivability assurance and HAZID HAZOP, What if analysis, FMEA, FMECA verification analysis.The dynamic risk analysis process starts Risk analysis FTA, ETA with system description, functionality, regulatory Risk evaluation Influence diagram, decision analysis determination and this is followed with analysis of [3]: Risk control option Regulatory, economic, 1) Fact gathering for understanding of contribution environmental and function factor elements matching and iteration 2) Fact analysis for check of consistency of accident Cost benefit ICAF, Net Benefit history analysis 3) Conclusion on causation and contributing factor Human reliability Simulation/ Probabilistic Countermeasures and recommendations for prevention of Uncertainty Simulation/probabilistic accident ` and studies of the system or project. Risk Monitoring Simulation/ probabilistic Major areas of concern of HSE analysis are: 1) Examination of relevant case of risk, hazard, Process Risk and reliability modeling involves hazard Safety and reliability leading to HAZIDidentification, risk screening, broadly focused, narrowly 2) Identification of Safety Critical Elements,focused and detailed Analysis, Table 2 shows iterative 3) Examination and comparison of performancemethod that can be incorporated for various needs and stages standardsof the process. 4) Examination of release and consequence model (Fire, Explosion and Toxic Release Consequence VII. ACCIDENT ANALYSIS Modelling & Design) Accident and incident need to be prevented as the 5) Training on fundamental of the Risk Assessment &consequence of is a result of compromise to safety leading to Case Study and Implementation of HSEunforgettable losses and environmental catastrophic. Past Management Systemengineering work has involved dealing with accident issues 6) Conduct of HAZOP Methodology and Simultaneousin reactive manner. System failure and unbearable Operationenvironmental problems call for new proactive ways that 7) Risk Based Design acceptability criteria and &account for equity requirement for human, technology and Integrity Assuranceenvironment interaction in the system. The accidental 8) Applications of Dynamic Simulation in Processcategories and potential failure in waterways is shown in Safety DesignFigure 7. 9) Risk management, life cycle, traceable and auditable M ajor reference different phases of the project. acciden t risk Risk analysis is conducted using brainstorming worksheets, H ll & u M ne achi ry Fire G din roun g Allision C sion olli K ng issi Lou ng nderi C tac on t Miscella neous action tracking and follow-up. HAZID, HAZOP involve explosion &S din tan g &Fooding l F lu ai re Process safety Engineers, plant managers, safety supervisors, F lu ai re process engineers, safety Engineers and discipline engineers. F reto ailu C troll on ve el ss na ga vi te Elements of QRA include: Failure Case definition, Figure 7: Accident scenario Consequence assessment, Frequency analysis, Risk calculation, ALARP demonstration, Identification of SafetyThe methodologies that may be used to identify safety critical Critical Systems, Traceability and audibility of Safetysystems, subsystem and elements include: Critical Elements. i. Major Accident Hazard; definition, examples, compliance with regulations such as SEVESOII VIII. HAZARD OPERABILITY (HAZOP) (COMAH) and PFEER. Hazard operability (HAZOP) is done to ensure that the ii. Qualitative method for determination of the safety risk systems are designed for safe operation with respect to including:- Brainstorming session methodology and personnel, environment and asset. In HAZOP all potential example- safety criticality criteria- Required hazard and error, including operational issues related to the supporting documents and evidences- Action design is identified. A HAZOP analysis is detail HAZID, it tracking mostly divided into section or nodes involve systemic iii. Quantitative method for frequency and consequence thinking and assessment a systematic manner the hazards analysis. associated to the operation. The quality of the HAZOP Quantitative risk analysis (QRA) is widely use quantitative depends on the participants. Good quality of HAZOPmethod for offshore industry, while formal safety assessment participants are [15]: Politeness and unterupting, To the point 364
  7. 7. IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011discussion- avoid endless discussion, Be active and positive, TABLE 2: TYPICAL HAZOP REPORTBe responsible and Allow HAZOP leader to lead Compression Fire Hot work 3 area Manfold area Toxicity Radioactive 4 It involve How to apply the API 14C for those process productshazard with potential of the Major Accident. Dynamic HP gas area PPE 2simulation for consequence assessment of the process Separation Management If PTW is not 3deviation, failure on demand and spurious function of the area of work followedsafety system, alarm function and operator intervention is permit (A) correctly , thevery important for HAZOP study. Identification of HAZOP accident may happenis followed with application of combined Event tree and Compressor Fire & 3Fault tree analysis for determination of safety critical area Explosionelements, training requirement for the operators and integrity Process area Handling Halding of 4and review of maintenance manuals. proximity ofHAZOP involved use of the following: process under 1) Guide word :i.e. No pitch, No blade pressure 2) Description: I.e. No rotational energy transformed, Untility area Fire fighting No availability 2 object in water break the blade system of Fire Fighting 3) Causes: i.e. operation control mechanism system Seperation Fire & Escape routes 3 4) Safety measurement to address implementation of Explosion are obstructed propeller protection such grating, jet PPE Contractor not 2 The following are some of the guideword that can be used using PPEfor Propulsion failure HAZOP includes: no pitch, no blade, PPE 3no control bar, no crank. Tank area Fire No Fire & Gas 2 detectionHAZOP process is as followed: Compression Explosion Escape routes 3 area are obstructedGuide word/ brainstorming -> Deviation -> Consequence -> Compression Fire Hot work 3Safeguard ->Recommended action area Manfold area Toxicity Radioactive 4 Also important HAZOP is implementation of IEC61511 to productsassess the hazards associated to failure on demand andspurious trips. In HAZOP record the worksheets efficiently A. Subsystem analysis - Fire and explosionto cover all phases also play important role. Advance Consequence modelling of Fire, Explosion and ToxicHAZOP can also e implemented through Simulation release, understanding of the fundamental and the science ,operations to identify, quantify, and evaluate the risks. governing scenarios; consequence analysis criteria. GasSIMOP Methodology includes: Consequence Assessment, dispersion & hazardous area classification, Fire zonesFrequency Analysis, Risk Calculation, Risk Analysis, and (passive fire protection zones, the active fire protection zones,Safety Criticality Elements. HAZOP is not intended to solve Blast Zones, blast protection zones restricted areas) Thermaleverything in a meeting. Identified hazard is solved in the & blast effect on equipment, people and environment isclosing process of the finding from the study. Table 2 shows important to be incorporated in the risk process. Figure 8typical HAZOP report.Safety barrier management involves shows a typical fire and explosion risk model.optimisation between the preventive and mitigation measuresfundamental. Safety barrier management helps in determination of thesafety critical elements (SCE), performance standards for the Loading Condition Loading Condition Modeldesign of safety Critical Elements and in integrity assurance. Model Engine Engine room roomSafety level integrity (SIL) involves assessment and Fire Protection Model Fire Protection Modelverification according to IEC61508 and CONSEQUENCE Cargo leakage Model Cargo leakage Model Fire Explosion Fire Explosion Model Model consequence consequenceIEC61511Qualitative SIL assessment uses the risk graphs Accommodation Accommodation LPG Hazard Model LPG Hazard Modeland calibration tables during the brainstorming sessions Suvivability Model Suvivability Modelwhere the required SIL is assigned to the safety systems. Compressor Compressor room room Evacuation model Evacuation modelIntegrity and insurance Involve iteration of assessment ofidentification the credible scenarios, consequence assessment, Figure 8: Typical fire and explosion risk modelfrequency analysis, risk calculation, risk evaluation andranking. Dynamic simulation help to identify the process IX. COLLISION SCENARIOhazards, measure the extent and duration of the consequences Collision is the structural impact between two ships or oneand the effect and efficiency of the safety barriers. With ship and a floating or still objects that result could to damage.dynamic simulation could be optimised with greater accuracy. Collision is considered infrequent accident occurrence whoseThis saves a significant effort, time and cost for the project. It consequence in economical, environmental and social termsinvolves application of: HAZOP & SIL assessment, Alarm can be significant. Prevention of collision damages is likelyManagement, Fire & Explosion and Case study. 365
  8. 8. IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011to be more cost-effective than mitigation of its consequences.Probabilistic predictions can be enhanced by analyzing TABLE 3: FREQUENCY RISK ACCEPTABILITY CRITERIA FOR MARITIME INDUSTRY.operator effects, drifting and loss of power or propulsion thattake into account ship and waterway systems, people andenvironment into consideration. Other causative factor likethe probability of disabled ship as function of ship type, theprobability of a disabled ship drifting towards objects alsoneed to be accounted for. The collision model scenario alsoinvolves data that characterize of hull areas andenvironmental information. Figure 9 show a typical collisionconsequence situation [6], [7]. TABLE 4: CONSEQUENCE RISK ACCEPTABILITY CRITERIA FOR MARITIME INDUSTRY 12/9/2010 28 Figure 9: Cause of collision (Langat River) X. FAILURE MODES EFFECT ANALYSIS (FMEA) Outcome of analysis is followed by suitable Risk Control A Failure Modes Effect Analysis (FMEA) is a powerfulOptions (RCO), where iteration of factual functionality and bottom up tool for total risk analysis. FMEA is probably theregulatory elements is checked with cost. The benefit realised most commonly used for qualitative analysis and is also thefrom safety, environmental protection and effect of the least complex. FMEA has been employed in the followingprobability of high level of uncertainty associated with areas: The aerospace industry during the Apollo missions inhuman and organizational contributing factor to risk of the 1960s.The US Navy in 1974 developed a tool whichcollision are also important. The risk process functions to discussed the proper use of the technique. Today, FMEA isdetermine and deduce the idea for modest, efficient universally used by many different industries. There are threesustainable and reliable system requirement and arrangement main types of FMEA in use today: System FMEA: concept[11], [14]. Collision carried the highest statistic in respect to stage design system and sub-system analysis. Design FMEA:ship accident and associated causality. product design analysis before release to manufacturers. Process FMEA: manufacturing assembly process The consequences of accident are: analysis.FMEA process is shown in Figure 10: i. The loss of human life, impacts on the economy, safety and health, or the environment; ii. The environmental impact, especially in the case where large tankers are involved. However, even minor spills from any kind of merchant ship can form a threat to the environment; iii. Financial consequences to local communities close to the accident, the financial consequence to ship-owners, due to ship loss or penalties; Figure 10: FMEA process iv. Damage to coastal or off shore infrastructure, for example collision with bridges; It is strongly recommended that Serenity, Occurrence and Detection (SOD) for weak control should be noted. SOD Accident events are unplanned, always possible, but numbers is multiplied and the value is stored in RPN (riskeffectively manageable and frequently preceded by related priority number) column. This is the key number that will beevents that can be detected and corrected by having used to identify where the team should focus first. If, forunderlying root causes ranging from human errors, example, we had a severity of 10 (very severe), occurrence ofequipment failures, or external events. The result of 10 (happens all the time), and detection of 10 (cannot detect it)frequency and consequence analysis is checked with risk RPN is 1000. This indicates a serious situation that requiresacceptability index for industry of concerned. Table shown in immediate attention. The consequence could further be broken down into effect for ship, human safety, oil spill,Tables 3 and 4 show risk acceptability criteria for maritime damage, ecology, emission and other environmetal impacts.industry. The analyzed influence diagram deduced from the Number 1-10 are assigned according to level of serenity.comparison can be followed with cost control option using Risk priority number (RPN) for total serenity is determiningcost of averting fatality index or Imply Cost of Averting as follows Table 5 show typical risk matrix arrangement:Fatality (ICAF) and As Low as Reasonable Possible(ALARP) principle [12]. RPN = S X O X D (4) 366
  9. 9. IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011ALARP Principal, Risk Acceptability Criteria And Risk In addition to a sound process, robust risk framework andControl Option eventual deductive risk model, there are other considerations that should be factored into the design of an effective risk Risk acceptability criteria establishment is dynamic model. These items include the use of available data, the needbecause of differences in environment, diversity in industries to address human factors, areas of interest, stakeholderand choice of regulations requirement to limit the risk. Risk is interest and approaches to treating uncertainty in risk analysis.never acceptable, but the activity implying the risk may be Data required for risk work should involve information onacceptable due to benefits of safety reduced, fatality, injury, traffic patterns, the environment (weather, sea conditions,individual risk, societal risk, environment and economy. The and visibility), historical, current operational performancerationality may be debated, societal risk criteria are used by data, and human performance data. The models intentions areincreasing number of regulators. Figure 11 shows ALARP highly dependent on appropriately selected databases thatdiagram by IMO (Skjong et al., 2005). accurately represent the local situation and the effectiveness of the models However, there is always issue of missing data TABLE 5: RISK MATRIX or data limitations especially for complex system and their allow frequency, high consequence nature. Therefore creative procedures are required to develop compensation for data relationships. The model could use probabilistic, stochastic, simulation and expert judgments couple existing deterministic and historical method for a reliable system analysis of desired design [7]. When insufficient local data is available, world wide data from other areas may be referred to (e.g., Europe, south and North America), make assumptions about the similarity of operations in the concerned area or elsewhere. This is to ensure how behaviour in one aspect of operational (e.g., company management quality) parameter (e.g., loss of crew time) correlates with another area (e.g., operations safety). Figure 11 shows prescribed illustrative influence diagram The data from other areas can be used as long as majorby IMO. Based on the region where the graph falls, step for parameter and environmental factors are compared and wellrisk control option and sustainability balancing, cost benefit matched. Care is required with the use of worldwide data aseffectiveness towards recommendation for efficient, reliable, much of those data are influenced by locations or localsustainable decision can be taken. The frequency (F) of environmental conditions Electronic access to worldwideaccidents involving consequence (N) or more fatalities may casualty data such as the Paris MOU, U.K., and Marinebe established in similar ways as individual or societal risk Accident Investigation Board (MAIB) and IMO Port Statecriteria. For risks in the unacceptable/ Intolerable risk region, detention databases makes possible access to worldwidethe risks should be reduced at any cost. Risk matrix casualty statistics. Diligence should also be observed aboutconstructed from system and sub system level analysis can be the large number of small scale, localized incidents that occurdeduced according to acceptability index and defined that are not tracked by marine safety authorities, e.g smallaccording to Table 10 and Figure 11 to deduced measure of craft (not always registered or being able to be detected byAs Low As Reasonably Practicable (ALARP). Within VTS, AIS) accidents in waterways. American Bureau ofALARP range, Cost Effectiveness Assessment (CEA) or shipping (ABS) has begun an effort to identify precursors orCost Benefit Analysis (CBA) shown in Figure 11 may be leading indicators of safety in marine transportation.used to select reasonably practicable risk reduction measures. Human factor modeling should be considered for Diferent between cost of polution distributive, large scale systems with limited physical costt control and environmetal damage oversight. Assessing the role of human and organizational performance on levels of risk in the system is important, such Minimum sum of cost Cost of polution control error is often cited as a primary contributor to accident, which High damage cost with no control end up leaving system with many more unknown. Expert judgments and visual reality simulation can be used to fill No economic gain from such uncertainty gaps and others like weather data. Even polusion control when attempts are made to minimize errors from expert judgments, the data are inherently subject to distortion and Cost of damage from bias. With an extensive list of required data, there are limits polution that available data can place on the accuracy, completeness and uncertainty in the risk assessment results. Expert Minimum sum of cost judgments give prediction about the likelihood that failures Figure 11: Risk cost benefit analysis that would occur in specific situations can be used to quantify human reliability input in risk process. Uncertainty is always part of system behaviour. TwoRisk Analysis Considerations common uncertainties are: aleatory uncertainty (the 367
  10. 10. IACSIT International Journal of Engineering and Technology, Vol.3, No.4, August 2011randomness of the system itself) and epistemic uncertainty REFERENCES(the lack of knowledge about the system). Aleatory [1] Bottelberghs, P.H. (1995) QRA in the Netherlands. Conference onuncertainty is represented by probability models while Safety Cases. IBC/DNV. London. [2] Skjong R., Vanem E. and Endersen.(2005) Risk Evaluation Criteria.epistemic uncertainty is represented by lack of knowledge SAFEDOR. Deliverable D.4.5.2 (Submitted to MSC 81 by Denmark).concerning the parameters of the model. Aleatory uncertainty [3] International Maritime Organisation (IMO). Amendments to theis critical, it can be addressed through probabilistic risk Guidelines for Formal Safety Assessment (FSA) for Use in the IMOanalysis while epistemic uncertainty is critical to allow Rule Making Process. 2006. MSC/ MEPC.2/Circ 5 (MSC/Circ.1023 – MEPC/Circ.392).meaningful decision-making. Simulation offers one best [4] Murphy, D.M. & M.E. Paté-Cornell. (1996), The SAM Framework. Aoption to cover extreme case uncertainty beside probability. Systems Analysis Approach to Modelling the Effects of ManagementEvaluation and comparison of baseline scenario to a set of on Human Behaviour in Risk Analysis. Risk Analysis.16:4.501-515. [5] GESAMP (1990) The State of the Marine Environment,scenarios of interest (tug escort) and operational IMO/FAO/UNESCO/ WMO/WHO/IAEA/UN/UNEP (1990) Jointcircumstance including timelines and roles. Response Group of Experts on the Scientific Aspects of Marine Pollution.Scenarios can also be analyzed for things that cannot be Blackwell Scientific Publications. London. [6] Cahill, R.A. (1983). Collisions and Their Causes. London, England:imagined or model to be accounted for in the simulator Fairplay Publications.(especially real time). A flexible critical path and slack [7] Cooke, R.M. (1997) Uncertainty Modelling: Examples and Issues.analysis can be performed as input to the system simulation Safety Science. 26:1, 49-60. [8] Det Norske Veritas. (2004). Thematic Network for Safety Assessmentand uncertainty analysis. Human reliability is best modeled of Waterborne Transportation. Norway.separately for a good result [4]. [9] Guedes Soares.C., A. P. Teixeira. (2001). Risk Assessment in Maritime Risk and reliability can be achieved by employing Transportation. Reliability Engineering and System Safety. 74:3,probability stochastic and expert rating in the risk process. A 299-309. [10] Kite-Powell, H. L., D. Jin, N. M. Patrikalis, J. Jebsen, V.safety culture questionnaire which assesses organizational Papakonstantinou. (1996). Formulation of a Model for Ship Transitand vessel safety culture and climate can be administered to Risk. MIT Sea Grant Technical Report.Cambridge, MA, 96-19.provide quantitative and qualitative input to the safety culture [11] Emi, H. et al (1997) An Approach to Safety Assessment for Ship Structures, ETA analysis of engineroom fire, Proceedings ofand environmental perception analysis for sustainable system ESREL ’97.International Conference on Safety and Reliability.Vol. 2.design. [12] Parry, G. (1996), The Characterization of Uncertainty in Probabilistic Risk Assessments of Complex Systems. Reliability Engineering and System Safety. 54:2-3.119-126. XI. CONCLUSION [13] Roeleven, D., M. Kok, H. L. Stipdonk, W. A. de Vries. (1995). Inland Following need for maritime activities to operate in much Waterway Transport: Modelling the Probabilities of Accidents. Safety Science. 19:2-3. 191-202.harsh condition, institutions are adopting system based [14] N.Soares, C., A. P. Teixeira. (2001).Risk Assessment in Maritimeapproach that account for total risk associated with system Transportation. Reliability Engineering and System Safety. 74:3.lifecycle to protect the environment and prevent accident. 299-309.Those that cannot be prevented and protected need or must be [15] UK, HSE. (1999). Offshore Technology Report. Effective Collision Risk Management for Offshore Installation, UK, Londoncontrolled under risk and reliability based design / operabilityplatform. Employment of risk method to address eachcontributing factor to accident is very important. Qualitativerisk in system description and hazard identification can bestbe tackled through HAZOP. The outcome of HAZOP can be A.H. Saharuddin is the Dean of Faculty of Maritimeprocessed in quantitative analysis which may include studies and Marine Science. He is expert in marine policy.probabilistic and stochastic dynamic simulation process forsystem level analysis, while fault tree and event treequantitative analysis can be utilized to determine risk indexof the subsystem factors. Interpretation of risk index intoALARP influence diagram can provide decision supportinformation necessary for cost control option towardssustainable, reliable, efficient technology choice for system O.O.Sulaiman is senior lecturer in faculty of maritime studies and marine science. He is chattered engineerdesign and operation. The cumulative results from qualitative under UK engineering council. He is expert in riskanalysis can be made more reliable through iterative based deisgn for safety and environemntal compliancequantitative, scientific stochastic and reliability analysis. of marin system.Risk methods provide valuable and effective decisionsupport tool for application of automated system engineeringanalysis that facilitate inclusion of reliability, environmentalprotection and safety as part of the iterative design processesfor new and innovative marine system designs, operability A.S.A. Kader is professor in the faculty of mechanicaland deployment of deep sea operability system. Intelligently engingineerijng. He is expert in Inland Wateradoption of HAZOP and other risk processes eventually can Transportation.results to safer, efficient, more reliable and sustainablesystem. 368