Jouney of process safety (2)

Fail- safe designs &
Fall- back systems-
Journey of ……….
Process safety …….
May 2015
Balarama Krishna Rajasekhar Polapragada –
Principal Process Engineer –
SLFE- Kingdom of Saudi Arabia
Krishna- Principal process Engineer SLFE- Al-Khobar- K.S.A

Green and Sustainable
Design
Fail-safe
Design
Fall-Back
Safe- Design

Why Fail-Safe Designs ?
• Operators may not be qualified or trained ,
• 100% Safe Systems may not be developed .
• Instruments or equipments may fail.
• Design basis may be not be right.
• Natural disasters, war, sabotage etc.
• Not learnt from past failures ( history repeats).
But we want DESIGN to work safely.

Flixborough, England (1974)

What all can Fail ?
•Instruments ?
•Equipment ?
•Process or Utilities ?
•Operators ?
• Designers ?
•All the above !

Which should NOT fail ?
•
Fail- safe Designs !
• Fall-back safe systems !
• Fool- Safe operations!

Fail- Safe Designs !
-Golden Gate bridge in San Francisco
(designed for double load )
-Single redundancy
-Double redundancy
-SIL 1, 2,…… SIL 10.
-Why only Driver less cars ?
why not operator less plants ?
-90% learn from mistakes
-1% need second chance to learn.
-0.1% will never learn.
-Extra cost, extra caution, extra data
required.Krishna- Principal process Engineer SLFE- Al-Khobar- K.S.A

Fall – back safe systems
-Early DCS designs retained
pneumatic instruments .
-Spare equipment, units and plants !
-German designs have small spare
wheel so that M/C will not be
neglected.
- RAM
-Process Safety, HAZOP, PSSR,
-MOC, API 750.
-Continuous improvement of systems
is required.

Fool- safe Operation !
•Hanging restaurant
( protection for a fall /jump ?)
-Inter-locks
-Permissive
-Stand-by equipment
-Operator prompting
-Remote monitoring
-Remote Shut-off
-(satellite -Google style)
Krishna- Principal process Engineer
SLFE- Al-Khobar- K.S.A

Real time design failures
Data – Eg. Rain fall in Saudi Arabia is Nil
Samples/- Eg. Crude assay old or not available. .
Design basis - 3 refineries in india designed oSulfur units for
80:20 Al/AH vs sweet Bombay high crude
Design changes : Fuel gas H2S content is different , when
tested.
-Cost cutting : Universal management strategy.
-Tight schedule : Do it yesterday !
- Design tools - Approved Software or lack of it !
-Expertise/training : Updating of software or lack of practice.
-Crash tests : Unlike automobiles, crash tests are not feasible.
-Common standards : on learning curve or declining curve ?.
-Risk levels : Risk levels are based on past experiences.
- Future God knows ?

Why designs fail ?
-Inadequate protection –
no. of Cheese layers.
-Lack of data /accurate data
-Lack of samples/ right samples.
-Lack of clarity on design basis
-Frequent changes to design
-Cost cutting
-Squeezing tight schedule
-Lack of right design tools
-Lack of design expertise/training
-Lack of crash tests
-Lack of agreed standards.
-Under estimating risk levels.

Case 1 : Reformer Reactor failure
: RAM Rating Act A3- Pot. A-4C
What happened ?
•6X 9 “ hole on reactor plate
•Where ?
•Refinery catalytic reformer
•Final element failure “
•Valve to shut-off did not get
signal from DCS.
•What design failure ?
•Shut –off logic design.
•Two-state shut-off , where valve
was kept on manual in 1st
stage.
•programming error .
.
How hard wired trip are
made fail-safe ?
-By redundancy
-By Voting mechanism,
How complicated are Nuclear
reactor Computer trip systems
designs ?
Same way as hard wired. But trip
checking mechanisms are
complicated.
What is the solution ?
Failure Mode and Effect Analysis
to be made.

Safe Design Solutions – case 1 :
Inherently safe Design !
ESP implementation, for higher reactor
temperature.
•Fail-safe design : Provide Air Valve trip on
High oxygen .
•Fall-Back system : Independent valve trip.
•Fool-safe Operation : DCS logic change need
to be part of Hazop

Case 2 :Steam turbine Rotor failure
Ref. Shell Global solutions reports: RAM Rating Act A4- Pot. A-4D
What happened ? Loss of Turbine Blades
Where ? 3rd Stage Steam turbine
Root cause/ Final element failure
•Corrosion assisted fatigue ;
•Erosion due to high pH steam condensing.
What failed ?
•Failure to maintain Blow down. – Operation failure
•No steam sampling point– Design failure .
• Fail-safe design : Automatic Blow-down
• Fall-Back system : Additional Polisher system .
• Fool-safe Operation : Remote monitoring of BFW/steam
analyzers
•
.

Case 3 : FCC air Blower trip
RAM Rating Act C4- Pot. D4/D5
What happened ? Level control for BFW froze and tripped
Boiler. Water entered steam driven air blower and turbine was
damaged.
Where ? Air blower trip damaged Steam turbine
•Re-starting Boiler with high steam drum level.
What failed ?
•Level instrument . Design failure . Inadequate freeze protection
•Fail-safe design : protection for severe winter. Review Site
conditions. Eg. Saudi Arabia. Nil rain fall is not true.
•Fall-Back system : Additional permissive to start Boiler on high
steam drum level.
•Fool-safe Operation : share freeze-protection practices.
•
.

Case 4 : Failure of piping
RAM Rating Act C4- Pot. D4/D5
What happened ? Furnace Transfer line dislodged.
What impact ? Vacuum tower internals damaged ( 20 days
shutdown of plant)
•Steam introduced for furance emergency contained water
What failed ? Design failure
Inherently safe Design ! Piping slope to drain and , min. distance
between remote valve and steam injection point.
•Fail-safe design : Slow opening of emergency valve.
•Fall-Back system : Additional knock-out pot on steam line
•Fool-safe Operation : all valves between remote valve and steam
traps to be open
•
.

Case 5 : Reactor air-cooler Freezing
RAM Rating Act A5- Pot. C4
What happened ? Reactor Effluent air cooler leaked and caught
fire. (estimated USD 80 Million loss )
Where ? During de-pressuring of reactor
•Wash water was continued to air cooler , while de-pressurising.
What failed ? Design failure for air cooler protection during
water freezing.
Inherently safe Design : Air cooler design for protection during
freezing.
•Fail-safe design : TI point to be provided for low temp. below
zero and air cooler metallurgy to consider freezing.
• Fall-Back system : Automated system to stop water .
•Fool-safe Operation : Hazop to include freezing hazard.
•
. Krishna- Principal process Engineer SLFE- Al-Khobar- K.S.A

How to build Intrinsic safe designs ?
-Built –in Protection
How ?
• Accurate data
-Right samples.
- Clarity on design basis
-Firm Design
-Provide cost and time
-Provide right design tools
-Right Design expertise/training
-Common safety standards.
-Over- estimating risk levels.

What Next ?
Green and Sustainable
Design
Fail-safe
Design Fall-Back
Safe- Design
Intrinsic Safe
Design
Thanks !
Fool-proof
operation

Every one needs Rest and Sleep
what is the ultimate ? ,
Intrinsic…..
Safe Designs to
sustainable , green
designs ?
Intrinsically
Safe Designs with
built in Intelligence ?

Jouney of process safety (2)

Recommended

Recommended

More Related Content

What's hot

What's hot (8)

Similar to Jouney of process safety (2)

Similar to Jouney of process safety (2) (20)

Recently uploaded

Recently uploaded (20)

Jouney of process safety (2)