Event tree analysis and risk assessment

Issue 00 Rev.0Course Title 1
PLANT INCIDENT INVESTIGATION

Issue 00 Rev. 0Course Title 2
Day -4
 Accident investigation analytical techniques.
 Event tree analysis
 Risk analysis
 Systematic Cause Analysis Technique (SCAT)
 STEP (Sequential timed events plotting)

Accident investigation analytical techniques. (Cont.)
8. Event tree analysis:-
(Quantitative Risk Analysis)
An event tree is used to analyse event sequences
following after an initiating event.
The event sequence is influenced by either success or
failure of numerous barriers or safety functions/systems.
The event tree analysis is used to quantify the probability
of the possible consequences.

 When an accident or process deviation (i.e. an “event”)
occurs in a plant, various safety barrier systems (both
Engineering and Administration) come into play to prevent
the accident from propagating.
 These safety systems either fail or succeed.

 Event trees are used to follow the potential course of
events as it moves through the various safety systems.
 The probability of success or failure of each safety
intervention is used to determine the overall probability of
the final outcome.
Event
Safety systems/ Barriers
Acc.
fail
Safe
Shutdown
(safely)
Continuous
operation

 An Event Tree is used to determine the frequency of
occurrence of process shutdowns or runaway systems.
 Inductive approach
Specify/Identify an initiating even and work forward.
Identifies how a failure can occur and the probability of
occurrence

Steps to Construct an Event Tree:
A. Identify an initiating event of interest.
B. Identify the safety functions designed to deal with the
initiation followed by the impact of the safety system
C. Construct the event tree.
D. Describe the resulting accident event sequences.

A.Identify an initiating event:
 May have been identified during a HAZOP as a
potential event that could result in adverse
consequences.
 Usually involves a major piece of operating
equipment or processing step, i.e. a HAZOP
“Study Node”.

B.Identify safety functions:
From PID, process flow sheet, or procedures find what safety
systems are in place and what their functions are.
These can include things such as automatic controllers,
alarms, sensors, operator intervention, etc.
On you Event Tree write across the top of the page in the
sequence of the safety interventions that logically occur.
Give each safety intervention an alphabetic letter notation.
automatic
controllers alarms sensors
operator
intervention
Event
A B C D

Horizontal lines are drawn between
functions that apply
Vertical lines are drawn at each
safety function that applies
 Success – upward
 Failure – downward
Indicate result of event
 Circle – acceptable result
 Cross-circle – unacceptable result
Safety
Function
B
(Event A)
Probability
XA
XA (1- XB)
XB
Failure Probability
XA XB
 XB is the safety function B failure
probability or the unavailability of
 XA is the Event failure probability
Compute frequency of failures

Follow process through with each step to calculate the
frequency of each consequence occurring.
Typically three final results
Continuous operation
Shutdown (safely)
Runaway or fail

 Example:–
Loss of coolant to reactor
Four safety interventions
1. High temperature alarm
2. Operator noticing the high
temperature during normal
inspection
3. Operator re-establishes the coolant
flow
4. Operator performs emergency
shutdown of reactor

 Example:–
Loss of coolant to reactor
Assume loss of coolant occurs once per year
(occurrence frequency 1/yr)
Alarm fails 1% of time placed in demand
(failure rate of 0.01 failures/demand)
Operator will notice high reactor temperature
3 out of 4 times (0.25 failures/demand)
Operator will successfully restart coolant flow
3 out of 4 times (0.25 failures/demand)
Operator successfully shuts down reactor 9
out of 10 times (0.10 failures/demand)

Event Tree Analyses Example:
03.11.2011Course Title 15
Barriers
H.T.
Alarm
OP.
Notice
H.T.
Op.
ReOp.
Cooling
Op. Make
S/D Results
Loss of
Cooling
Event
One
Occurance /yer
X
X
X
Failure Demand 0.01 0.25 0.25 0.1
Continuance Operation
Safe S/D
Runaway
Failure Demand
1
E
A B C D
E (1-A)
EA
0.99
0.01
0.7425
0.2475
0.005625
0.001875
0.001875
0.000625
0.022275
0.02475
0.00016875
0.0001875
0.00005625
0.0000625
0.9
0.0075
0.0025
Safe S/D
Failure Demand
Safe S/D
0.1
0.09
0.1
0.09
0.1
0.75
0.25
0.25
0.75
0.75
0.25
0.25
0.75

Mean time between Shutdown:–
Mean Time Between Shutdown, MTBS is calculated from:
 MTBS=1/occurrences of shutdowns
Mean Time Between Runaway, MTBR is calculated from:-
 MTBR=1/ occurrences of runaways

 Example – Possible outcomes:–
The lettering is used to identify each final outcome.
 For instance, ABDE
 Indicates that after Initiating event A occurs, that safety
system B failed (high T alarm), that safety system D failed
(the operator was unable to re-start the coolant) and safety
system E failed (the operator was unable to successful shut
down the reactor).

 Example – Determination of MTBS:–
For Mean Time Between Shutdowns take the reciprocal of the
sum of all sequences that resulted in a shutdown. (Example gives
1/.225 = 4.4yrs)
For Mean Time Between Runaway do the same thing with all
sequences that resulted in a runaway. (Example gives 1/0.250 =
40yrs)

In Class Example
 Construct an Event Tree and determine the MTBS and
MTBR for a loss of coolant for the reactor shown in
Figure 11-8.
 Assume loss of coolant occurs once every three years.
 Alarm fails 0.1% of time placed in demand
 Operator will notice high reactor temperature 3 out of 4 times
 Operator will successfully restart coolant flow 4 out of 5 times
 Operator successfully shuts down reactor 9 out of 10 times

Solution – Construct Event Tree

Solution Continued –
Occurrence Frequency
Event A 0.999 0.8 0.7992
Event AD 0.999 0.2 0.9 0.17982
Event ADE 0.999 0.2 0.1 0.01998
Event AB 0.001 0.75 0.80 0.0006
Event ABD 0.001 0.75 0.20 0.9 0.000135
Event ABDE 0.001 0.75 0.20 0.10 0.000015
Event
× =
× × =
× × =
× × =
× × × =
× × × =
ABC 0.001 0.25 0.00025× =

Solution Continued –
Mean Time Between Events
Mean Time Between Shutdowns
1
Occurences of Shutdown
1
5.56
0.17982 0.000135
Mean Time Between Runaways
1
Occurences of Runaways
1
49.4
0.01998 0.000015 0.00025
MTBS
MTBS yrs
MTBR
MTBR yrs
=
∑
= =
+
=
∑
= =
+ +

9. Risk Analysis:-
(Qualitative risk Assessment)
 A Quantitative Risk Assessment (QRA) is a technique
offers guidelines to help you conduct your own step-
by-step analysis. It is used to analyses and recognize
workplace hazards so you can reduce, control and
report them.
 It s a valuable tool used to demonstrate the risk
caused by the activity and to provide the competent
authorities with relevant information to enable
decisions on the acceptability of risk related to the
activates.

9. Risk Analysis:-
 Hazard:
Something with the potential to cause harm (such as electricity, working on
a ladder or with dangerous machinery)
 Danger:
Likelihood of harm or injury.
 Risk:
Risk is the likelihood that harm will actually result in particular situation or
circumstance .
Probability that a hazard will result in an accident .
 Controls:
The measures or methods that we use to control the risk.

9. Risk Analysis:-
 Hazard, Risk and Danger:
Hazard means anything that can cause harm (eg
chemicals, electricity, working from ladders, etc) risk is
the chance, high or low, that somebody will be harmed
by the hazard. Danger is a situation where hazards is
involved.

9. Risk Analysis:-
 Risk Assessment Principles:
•Risk Assessments shall be performed before any work
commences by all projects, departments, units and on all
worksites where hazards have been identified or potential
hazards are thought to exist.
•Risk Assessments should be kept short and simple and
MUST be recorded.

9. Risk Analysis:-
 Timing Of Risk Assessments:
• Risk Assessment should be undertaken prior to:
•Performing any non-routine activity,
•Performing a new task,
•When new people are involved,
•When third party people are involved,
•When major changes to the work/system are considered

9. Risk Analysis:-
 How to assess the risks in your workplace
• The Risk Assessment procedure comprises 6 main key steps:
1. Identify task (breakdown the job into tasks)
2. Identify Hazard associated with each task
3. Identify who/what might be harmed
4. Apply existing control measures
5. Measure the risk
6. Reappraising the residual risk by applying
additional control measures.
(ensuring that residual risks are As Low As Reasonably Practicable -ALARP)

9. Risk Analysis:-
 Evaluation of Risk:-
Unfortunately, there are no standard criteria for the
acceptability of risk. However, it may be possible to:
1. Compare the level of risk with existing codes and
practices, or
2. Compare the level of risk with existing situations in
similar industries, or
3. To set your own criteria of acceptability.

9. Risk Analysis:-
Stage 1 - Task identification
 review the job steps with the employee to make
sure you have not omitted something.
 reviewing the procedures to discussing associated
hazards in each task step.
 Involve staff, so that you can be sure that what you
propose to do will work in practice and won’t
introduce any new hazards.

9. Risk Analysis:-
Step 2 - Identify the hazards:
• Identify hazards for each task (use checklist)
• Identify where the hazard is relative to the task
• Does checklist cover all hazards
• Add to your hazard checklist

Checklist of Hazards
The following list acts as a guide to identifying potential hazards:
• Slip/trip/Fall Hazards • Flammable materials
• Chemicals/Pollution/Contaminants • Moving/Swinging objects
• Moving parts of machinery/vehicles • Ejection of material welding/grinding)
• Pressure/Vacuum • Electricity
• Working at height (over side) • Noise
• Dust • Fumes / Noxious Gases
• Position • Manual handling
• Poor lighting • Low/High temperature
• Low oxygen environment • Radiation
• Vibration • Hydrocarbons
• Restricted access • Tasks with RSI potential
• Single Point • Posture
• Weak structures • Unstable objects
• Y2K Bug • Explosives
• Crane operations • Weather conditions

9. Risk Analysis:-
Step 3 - For each hazard you need to be clear about
who might be harmed:
(People, Assets, Environment and Company Reputation).
Think about people who may not be at the work place at the time,
e.g. cleaners, visitors, contractors, and members of the public, etc.
Is there any chance that they might be harmed by the activities?

9. Risk Analysis:-
Step 4 – Add existing control:
 Having spotted the hazards, you then have to decide what to
do about them. The law requires you to do everything As Low
As Reasonably Practicable’ to protect people from harm.
 Think about what existing controls you have in place and how
the work is organized.
 List existing control measures against each hazard
 Then compare this with the good practice and see if there’s
more you should be doing to bring yourself up to standard.

9. Risk Analysis:-
Step 5 - Measure the risk:
 Risk is comprised of both Severity (S)
 and Likelihood or consequences (L)
 often expressed as...
Risk = S x L

9. Risk Analysis:-
 Severity or Consequences:
The consequences that could have resulted from the
hazard if things went out of control
 injury or illness to people,
 r property damage to Assists,
 or environmental impact,
 or company reputation
which is reasonably predictable.

9. Risk Analysis:-
 Likelihood or Probability:
likelihood is defined as: the chance that a given
event will occur; We can estimate the probability
based on the following:
 Number of employees exposed;
 Frequency and duration of exposure;
 Proximity of employees to the danger zone;

9. Risk Analysis:-
 Perception of Risk:
 Risk is often viewed very differently from individual to
individual base on individual perception.
 Perception is the way one looks at things. someone's ability
to notice and understand things that are not obvious to other
people, based on his/her First impression, Previous
experience, and Culture.
 Peoples perceptions change as familiarity with hazards
increases and the risks evaluation changes.

Perception
A pen
in the
the Pocket
A book
on the
the disk
A bird
on
the tree
41
The first impression of a person

9. Risk Analysis:-
 Likelihood Rating GuidanceLikelihood Rating Guidance:
The degree of likelihood is split into five categories:
(A) : VERY UNLIKELY Little or no chance of occurrence,
(B) : UNLIKELY Conceivable, occurrence would require multiple
failures of systems and controls
(C) : POSSIBLE Could happen, easy to assume a feasible
scenario where the situation would occur
(D) : LIKELY Not certainty but such an event have occurred
and represents a credible scenario
(E) : VERY LIKELY Almost inevitable

9. Risk Analysis:-
 Severity Rating GuidanceSeverity Rating Guidance:
 Severity is the degree of harm arising from the
hazard, which is reasonably predictable; Areas
affected by risk are:
9.People Injury or illness (P),
10.Assists or Properties damage (A),
11.Environment impact (E),
12.Reputation of the Company (R).

9. Risk Analysis:-
 Severity Rating GuidanceSeverity Rating Guidance:
Rate Severity meaning
0 Nothing happen Nothing.
1 Negligible Injuries Would require first aid and return to work.
2 Minor Injuries Typically a reversible injury or damage to health needing less
than three days away from work to recover.
3 Major Injuries Injury or damage to health requiring extended time off work
4 Fatal Death for one person
5 Multiply Fatality Death for more than one

Never heard of
in
EP industry
A
Has
occurred in
EP industry
B
Has occurred in
AFPC
C D
Happens
several times a
year in AFPC
E
Happens
several times a
year in the
facility
00
Severity
11
22
33
44
No
injury
P
People
Slight
injury
Minor
injury
Major
injury
SingleSingle
fatalityfatality
No
damage
A
Assets
Slight
damage
Minor
damage
Local
damage
Major
damage
No
effect
E
Env.
Slight
effect
Minor
effect
Localized
effect
Major
effect
No
impact
R
Reputation
Slight
impact
Minor
impact
Considerable
impact
National
impact
55
MultipleMultiple
fatalitiesfatalities
Extensive
damage
Massive
effect
International
impact
likelihoodlikelihood
Continuous
Im
provem
ent
M
edium
A
LA
R
P
Serious

46
Level of
Risk
Meaning Control required
Low Risk is accepted
Operation continue considering
existing barriers and control
measures are emplace and
maintained
Medium
ALARP*
Further risk reduction
measures must be
considered
A full demonstration that all risks
are managed to ALARP is
required.
High
Intolerable Risk
Risk unacceptable.
Operation should not be started,
Consult specialists
RISK CLASSES CRITERIA
Task Assessment:

ALARP
Risk
Cost/Benefit
Residual
Risk
” A level of risk that is tolerable and cannot be reduced further without the expenditure of
costs that are disproportionate to the benefit gained or where the solution is impractical to
implement”
Controlled
Risk
HighRiskwithlowcost
Low
RiskwithHighcost
Cost
Risk cost benefit.

9. Risk Analysis:-
Step 6 – Reappraisal residual risk:
 Risk controlRisk control:
 Once the risk is decide unacceptable, then
additional corrective measures are required either
to reduce the probability of the hazard occurring
(by improving the system reliability) or by mitigating
the consequences of the hazard.

 When making a risk assessment all the aspects of
likelihood and consequences should be taken into
consideration.
AccidentRate
Job Steps
Preparation Execution Completion
Lack Of
Supervision

When making a risk assessment all the aspects of likelihood and
consequences should be taken into consideration.
The Aspect of Risk Management
Severity
RelativeFrequencyofOccurrence
likelihood
Evolutionary of Risk
ExistingControl
Measures&SOP
EMERGENCY PREPAREDNESS
CatastrophicLow
High
Continues
Improvement

Methods for
reducing risk
Increase
reliability
Mitigate
consequenc
e
By design
By
procedure
Fail safe
principle
Protective
systems
Emergency
preparedne
s

 Elimination
 Substitution
 Isolation
 Tolerate
 Engineering Controls
 Administrative Controls
 Provide Special Personal Protective Equipment.
 Transfer (Contractor / Insurance) .
HIERARCHY OF CONTROL MEASURES

Identify source of Hazard Evaluate Risk
Hierarchy of risk control strategy
Terminate
Take action Substitution
or Replace
TransferTolerate
Verify
Contractor/Insurance
Engineering Controls
S.PPE
Administrative Controls
Yes
No
Yes
No
Yes
No
Isolate
Yes
No

Risk Assessment Form
No Task Hazard
Consequenc
es
Existing
Control
Measures
Risk Analysis
(existing controls) Required
Additional
Control Measures
Risk Analysis (with
extra controls)
S L Risk S L Risk
Completed by: Activity:
Checked by:
Line Manager:
Affectedparty
Residualrisk

Rule No.2
Never assume anything

Class Exercise 1
Horse Hot Stamping

Thank You

Event tree analysis and risk assessment

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (8)

Similar to Event tree analysis and risk assessment

Similar to Event tree analysis and risk assessment (20)

Recently uploaded

Recently uploaded (20)

Event tree analysis and risk assessment

Editor's Notes