Call Girls Delhi {Jodhpur} 9711199012 high profile service
HAZOP.PPT
1. Hazard and Operability Studies
‘HAZOP’
(As a risk Identification Technique)
(pro-active monitoring)
2. Introduction
A Hazard and Operability (HAZOP) study is a
structured and systematic examination of a
planned or existing process or operation in order
to identify and evaluate problems that may
represent risks to personnel or equipment, or
prevent efficient operation.
The HAZOP technique was initially developed to
analyze chemical process systems, but has later
been extended to other types of systems and
also to complex operations and to software
systems.
3. Introduction
A HAZOP is a qualitative technique based on
guide-words and is carried out by a multi-
disciplinary team (HAZOP team) during a set of
meetings.
4. ‘HAZOP’
A technique for hazard identification and
analysis, where the consequences of
hardware failures and human error are
analyzed in relation to HSE and
economic losses.
5. The HAZOP Concept
The HAZOP is a qualitative type of
analysis, based on a multi-disciplinary
group approach.
The HAZOP process is based on the
principle that a team approach to hazard
analysis will identify more problems than
when individuals working separately
combine results.
6. The HAZOP Team
is made up of individuals with varying
backgrounds and expertise. The
expertise is brought together during
HAZOP sessions and through a
collective brainstorming effort that
stimulates creativity and new ideas, a
thorough review of the process under
consideration is made.
7. A HAZOP study is generally
completed by a team which includes
the designers, safety representatives
and a number of members with
expertise in a range of related fields.
The team should also include
individuals who have knowledge of
operating similar equipment and
plant.
8. When to perform a HAZOP?
The HAZOP study should preferably be carried out as
early in the design phase as possible - to have influence
on the design.
On the other hand; to carry out a HAZOP we need a
rather complete design. As a compromise, the HAZOP is
usually carried out as a final check when the detailed
design has been completed.
A HAZOP study may also be conducted on an existing
facility to identify modifications that should be
implemented to reduce risk and operability problems.
9. When to perform a HAZOP? (2)
HAZOP studies may also be used more extensively,
including:
- At the initial concept stage when design drawings are
available
- When the final piping and instrumentation diagrams
(P&ID) are available
- During construction and installation to ensure that
recommendations are implemented
- During commissioning
- During operation to ensure that plant emergency and
operating procedures are regularly reviewed and
updated as required
10. Types of HAZOP
Process HAZOP
The HAZOP technique was originally developed to assess
plants and process systems
Human HAZOP
More focused on human errors than technical failures
Procedure HAZOP
Review of procedures or operational sequences.
Sometimes denoted SAFOP - SAFE Operation Study
Software HAZOP
Identification of possible errors in the development of
software
(Only Process HAZOP and Procedure HAZOP are covered
in this presentation).
11. Team members and responsibilities
HAZOP team leader Responsibilities:
* Define the scope for the analysis
* Select HAZOP team members
* Plan and prepare the study
* Chair the HAZOP meetings
- Trigger the discussion using guide-words and
parameters
- Follow up progress according to
schedule/agenda
- Ensure completeness of the analysis
12. Team members and responsibilities (2)
The team leader should be
independent
(i.e., no responsibility for the
process and/or the
performance of operations)
13. Team members and responsibilities (3)
HAZOP secretary Responsibilities:
* Prepare HAZOP worksheets
* Record the discussion in the HAZOP meetings
* Prepare draft report(s)
14. HAZOP team members
The basic team for a process plant will be:
- Project engineer
- Commissioning manager
- Process engineer
- Instrument/electrical engineer
- Safety engineer
Depending on the actual process the team may be
enhanced by:
- Operating team leader
- Maintenance engineer
- Suppliers representative
- Other specialists as appropriate
15. How to be a good HAZOP participant
Be active! Everybody’s contribution is important
Be to the point. Avoid endless discussion of
details
Be critical in a positive way - not negative, but
constructive
Be responsible. He who knows should let the
others know
17. Pre-requisites
As a basis for the HAZOP study the following
information should be available:
Process flow diagrams
Piping and instrumentation diagrams (P&IDs)
Layout diagrams
Material safety data sheets
Provisional operating instructions
Heat and material balances
Equipment data sheets Start-up and emergency shut-
down procedures
18. HAZOP procedure
1. Divide the system into sections (i.e., reactor, storage,
…etc)
2. Choose a study node (i.e., line, vessel, pump, operating
instruction)
3. Describe the design intent (Pressure, Flow, Temp., …etc)
4. Select a process parameter
5. Apply a guide-word
6. Determine cause(s)
7. Evaluate consequences/problems
8. Recommend action: What? When? Who?
9. Record information
10. Repeat procedure (from step 2)
19. The HAZOP procedure may be illustrated as follows:
Divide section
into study nodes
Select a study node
Need more
information
Record consequences
and causes and
suggest remedies
Apply all relevant
combinations of guidewords
and parameters.
Any hazards or
operating problems?
NOT SURE
No
Yes
HAZOP report
20. Modes of operation
The following modes of plant operation
should be considered for each node:
Normal operation
Reduced throughput operation
Routine start-up
Routine shutdown
Emergency shutdown
Commissioning
Special operating modes
21. Process HAZOP worksheet
Source: IEC 61882
Study title: Page: of
Drawing no.: Rev no. : Date:
HAZOP team: Meeting date:
Part considered:
Design intent:
Material: Activity:
Source: Destination:
No Guideword Element Deviation
Possible
causes
Consequences Safeguards Comments
Actions
required
Action allocated
to
22. Worksheet entries
Node
A node is a specific location in the process in
which (the deviations of) the design/process
intent are evaluated.
Examples might be: separators, heat
exchangers, scrubbers, pumps, compressors,
and interconnecting pipes with equipment.
24. Design Intent
The design intent is a description of how the
process is expected to behave at the node; this
is qualitatively described as an activity (e.g.,
feed, reaction, sedimentation)
and/or
quantitatively in the process parameters, like
temperature, flow rate, pressure, composition,
etc.
Worksheet entries
25. The design intention,
(e.g. flow rate/min, Temp, Pressure, ….etc)
cooling water circulate
at an initial temperature
of xx ºC and at a rate of
xxx liters per hour".
Worksheet entries
26. Deviation
A deviation is a way in which the process
conditions may depart from their design/process
intent.
Worksheet entries
27. Parameter
The relevant parameter for the condition(s) of the
process
(e.g. pressure, temperature, composition).
Worksheet entries
28. Guideword
A short word to create the imagination of a deviation of the
design/process intent.
The most commonly used set of guide-words is:
no, more, less, as well as, part of, other than,
and reverse.
In addition, guidewords like: too early, too late,
and instead of, are used; the latter mainly for batch-like
processes.
The guidewords are applied, in turn, to all the parameters,
in order to identify unexpected and yet credible
deviations from the design/process intent.
Worksheet entries
30. Cause
The reason(s) why the deviation could occur.
Several causes may be identified for one
deviation. It is often recommended to start with
the causes that may result in the worst possible
consequence.
Worksheet entries
31. Consequence
The results of the deviation, in case it occurs.
Consequences may both comprise process
hazards and operability problems, like plant
shut-down or reduced quality of the product.
Several consequences may follow from one
cause and, in turn, one consequence can have
several causes
Worksheet entries
32. Safeguard
Facilities that help to reduce the occurrence
frequency of the deviation or to mitigate its
consequences (barriers).
Worksheet entries
33. There are, in principle, five types of safeguards that:
1. Identify the deviation (e.g., detectors and alarms, and human
operator detection)
2. Compensate for the deviation (e.g., an automatic control system
that reduces the feed to a vessel in case of overfilling it. These are
usually an integrated part of the process control)
3. Prevent the deviation from occurring (e.g., an inert gas blanket in
storages of flammable substances)
4. Prevent further escalation of the deviation (e.g., by (total) trip of the
activity. These facilities are often interlocked with several units in
the process, often controlled by computers)
5. Relieve the process from the hazardous deviation (e.g., pressure
safety valves (PSV) and vent systems)
34. The basic HAZOP guide-words are:
Guide-word Meaning Example
No (not, none) None of the design
intent is achieved
No flow when
production is expected
More
(more of, higher)
Quantitative increase in
a parameter
Higher temperature than
designed
Less
(less of, lower)
Quantitative decrease in
a parameter
None of the design
intent is achieved
As well as
(more than)
An additional activity
occurs
Other valves closed at
the same time (logic
fault or human error)
Part of Only some of the design
intention is achieved
Only part of the system
is shut down
Reverse Logical opposite of the
design intention Occurs
Back-flow when the
system shuts down
Other than
(other)
Complete substitution -
another activity takes
place
Liquids in the gas piping
35. Additional guidewords
Guide-word Meaning
Early / late The timing is different from the
intention
Before / after The step (or part of it) is effected out
of sequence
Faster / slowe The step is done/not done with the
right timing
Where else Applicable for flows, transfer, sources
and destinations
37. A deviation or departure from the design intent
in the case of our cooling facility would be a
cessation of circulation, or the water being at
too high an initial temperature.
Note the difference between a
deviation and its cause. In the
case, failure of the pump
would be a cause, not a
deviation.
42. V-3 Pump
P-2
Pump
P-1
Line 2
V-4 CV-3
To
reactor
FIC
PI
V-2
V-1
V-5
Suction from
Intermediate
Storage tank
150m3 capacity
Line 1
Atmosphere Nitrogen To flare
PIC CV-1
V-7
V-8
CV-2
Relief
valve
Flammable
liquid
storage tank
TK-1
25m3
1.1bar
20oC
43. Example of HAZOP worksheet
HAZOP WORKSHEET
Storage tank T-1
Intention: To store flammable reagent at 1.1 bar and 20o C
GUIDE WORD DEVIATION POSSIBLE CAUSES CONSEQUENCES ACTION REQUIRED
Incorporate high level alarm
and trip
Consider check valve line 2
Can reagent explode?
If pump overheats?
Consider alarm and pump
shut-down
Consider alarm
Same
What external events can
cause rupture?
Reagent released
Reagent released
Damage to P-1
Reagent released
Reagent released
Same
same
1. Pump P-1 fails to
stop
2. Reverse from
process
1-. Pump P-1
cavitates
2. Rupture in Line 2
3. V-3 open
4. V-1 open
5. Tank rupture
Same as LESS
Level
More
Less
No
44. Storage tank T-1
To store flammable reagent at 1.1 bar and 20o C
GUIDW WORD DEVIATION POSSIBLE CAUSES CONSEQUENCES ACTION REQUIRED
Incorporate high level
And trip
Consider check valve line
Can reagent explode?
If pump overheats?
Consider alarm and pump
Shut down
Consider alarm
Same
What external events can
cause rupture?
Reagent released
Reagent released
Damage to P-1
Reagent released
Reagent released
Same
Same
1. Pump P-1 fails to stop
2. Reverse from process
3. Pump P-1 capitates
4. Rupture in Line 2
5. V-3 open
6. V-1 open
7. Tank rupture
Same as LESS
LEVEL
MORE
Alarm
2
LESS
No
OTHER THAN
AS WELL AS
COM-POSITION 8. Wrong reagent
9. Impurity in reagent
Possible reaction
Possible overpressure,
if volatile
Is reagent sampled before
pumping?
What are the possible
impurities?
Consider low pressure
What is design vacuum of
tank?
What is capacity of CV-1
Is V-7 locked open?
IS V-8 locked open?
Reagent released
Tank implodes
Tank implodes
Tank implodes
Reagent released via R.valve
R. valve?
Reagent released via Relief
Same as (15)
See (6)
10. Break in flare or
nitrogen lines
11. Loss of nitrogen
12. CV-2 fails closed
13. PIC fails
14. PIC fails
15. CV-1 fails closed
16. V-7 closed
17. Overfill tank
PRESSURE
LESS
alarm
MORE
HAZOP Work-sheet
46. WHAT IF is
a loosely structured brainstorming
technique for identifying potential
hazards by challenging subject matter
experts to answer questions derived
from a review
Teams knowledge and experience.
47. WHY PERFORM A WHAT IF ANALYSIS?
WHAT IF analyses can identify potential
hazards associated with the design,
construction, operation, maintenance, and/or
management of any process or activity. These
hazards may threaten
Public health and safety
Employee health and safety
Environmental quality
Plant productivity
48. HOW IS A WHAT IF ANALYSIS PERFORMED?
A small team of experts formulates
a series of questions that must be
answered by the team members or
by other experts. The team then
Suggests corrective actions when
the questions/ answers reveal
significant hazards.
49. WHAT IF TERMINOLOGY
INTENTIONS
How the process or activity are
expected to work
QUESTIONS
Challenges to the intentions , usually
beginning with the phrase ( WHAT IF )
RESPONSES
Answers to the questions that describe
the potential hazards in light of existing
safeguards
SAFEGUARDS
Provisions for reducing the frequency
or the consequence
ACTIONS
Suggestion for procedural change ,
design change or further study
50. WHAT IF TECHNIQUE
• Define areas of investigation
• Formulate questions
• Investigate answers
• Suggest
improvements/alternatives
51.
52. FORMULATING QUESTIONS
• Select area of investigation
• Ask "what if" each active component failed
• Ask "what if" each process parameter
(flow, level, temperature) were abnormal
• Ask "what if" each operator action were
performed incorrectly
• Use relevant checklist items to provoke
additional questions.
53. INVSTIGATING ANSWERS
• What if the cooling water to the
condenser were lost?
• Specify the physical response: The
column pressure would rise
• Specify the action (s) of any safeguard(s)
Pressure Indicator PI-407 should alarm
• Specify the ultimate consequences: "...
before the relief valve lifts and
discharges toxic material."
54. SUGGESTING IMPROVEMENTS/ ALTERNATIVES
Think about ways to reduce the
frequency of the initiating event:
"Consider installing a motor-driven
cooling water pump as a backup for the
steam-driven pump“
Think about ways to mitigate the
consequences of the upset: "Consider
interlocking the re - boiler
steam supply to close on high column
pressure“ "Consider routing the relief
valve discharge to the scrubber"
55. Procedure for What-if Analysis
Formulate
questions
Gather information
for study
Investigate
answers
Select team to
examine each
area
Suggest
improvements
Document study and
action items
Define the objective
and scope
Implement
accepted action
items
56. WHAT IF
PROCESS AND LOCATION -------------- TOPIC INVESTIGATED-------------
EQUIPMENT/ TASK INTENTION ----------------------------------------------------------------------
WHAT
IF
RESPONSE (
CONSIDERING
SAFEGUARD )
ACTION
ITEMS
RESPONSIBL
E INDIVDUAL
INITIAL AND
DATA
RESOLVED
57.
58.
59. WHAT IF ANALYSIS STRENGTHS
• Can be performed at any design stage
• Can easily focus on specific concerns
• Can examine non-process issues (e.g.,
work practices)
• Requires no formal training
• Requires less staff effort than most
other techniques
60. WHAT IF ANALYSIS LIMITATIONS
• Highly dependent on leader
experience
• Likely to miss some potential
hazards
• Difficult to audit for thoroughness
61. Summary of What-if Analysis
Questions
“What if {a specific
accident} occurs?”
“What if {a specific
system} fails?”
“What if {a specific
human error} occurs?”
“What if {a specific
external event}
occurs?”
Responses
“{Immediate system vessel
condition}
“potentially leading to
{accident of interest}
“if {applicable safeguards}
fail”
63. What is the FTA?
Deductive technique to identify
combination of (causes ) resulting in
particular outcome.
Useful technique for accident
investigation and one of the most
powerful risk management.
64. A TOP – DOWN approach to failure
analysis starting with an undesirable
event called a “TOP EVENT” , such as
a failure or malfunction and then
determining all the ways it can
happen.
The analysis proceeds by determining
how these TOP EVETS can be caused
by individual or combined lower level
failures or events.
65. FTA
Advantages
Provides breadth to the investigation.
Clear record of the analytical paths
considered.
FTA is automatically used when there is
question mark to follow lines of inquiry.
Systematically identifies the possible paths
from basic behaviour to the to the Top
Event.
66. FTA Uses
Fault – Trees have been widely used
to investigate the reliability and
safety of complex and large systems
for diagnostic applications.
The main reason for the widespread
use of it (particularly in nuclear and
aerospace industries ) is due to
concern for human safety).
If there is a critical failure mode, the
all possible ways that mode could
occur must be discovered.
67. FTAs are also used to evaluate
other potentially damaging
events during test, build or
operation.
FTAs are used to identify all the
causes of a SINGLE failure mode.
FTAs complement FMEAs keying
in on the worst identified failure
modes.
68. FTA Requirements
Through knowledge of how the
system works.
Knowledge of the logic relationships
in the system (interlocks, control
interfaces, power supply feeds).
Through knowledge of how the
software works (evaluated
separately).
70. Top Event: Toward which all fault tree
logic paths flow, or
Intermediate Events: describing a
system state produced by antecedent
events.
A Fault or Event caused by combination
of contributory causes
71. AND GATES:
Output exists only if all input
Events have occurred
Next level failure if ALL inputs
fail.
All inputs, individually must be
1. Necessary and
2. Sufficient to cause the
output event.
&
72. &
OR Gates
Produces out put if any
input exists.
Any input, individual, must
be
1. Necessary and
2. sufficient to cause the
output event.
OR
73. Basic Events
Tree branch stops here .
The basic event marks the limit of
resolution of the analysis
76. Remember that
Events and Gates are not component
parts of the system being analyzed. They
are symbols representing the logic of the
analysis.
77. Procedure for Fault Tree Analysis
4.0 Explore each
branch in
successive levels of
detail
5.0 Solve the fault
tree for the
combinations of
events contributing
to the TOP event
3.0 Define the
treetop structure
6.0 Identify
important
dependent failure
potentials and
adjust the model
appropriately
2.0 Define the TOP
event for the
analysis
7.0 Perform
quantitative
analysis (if
necessary)
1.0 Define the
system of interest
8.0 Use the results
in decision making