risk and hazop analysis
TRANSCRIPT
FACULTY OF MARINE SCIENCE AND MARITIME
TECHNOLOGY
DEPARTMENT OF MARITIME TECHNOLOGY
By O.O. Sulaiman PhD, CEng, CMarEng
Ocean of Discovery
O
Risk and Hazard Operability Process Of Deep Water Marine System Sulaiman1, W.B. Wan Nik2, A. H. Saharuddin3, A.S.A.kader4, M.F. Ahmad5
Ocean of Discovery
12/9/2010 28
i. INTRODUCTION
ii. RELATED WORK
iii. RISK PROCESS/ HAZOP PROCESS
iv. CONCLUSION
the word of water, maritime accident and consequential casualties.
increasing deep sea operation
challenge of design for safety , environment, reliability and
sustainability
uncertainty associated with deep sea operation, system complexity ,
environmental impose and human errors warrant
need for the use of scientific , reliability and risk base model for
sustainable, efficient and reliable system design
Uncertainty associated with HAZID -> use of HAZOP as one of the
best method for HAZID
11/23/2012 4
Introduction
GHG Amount Industrial contribution
CO2 67.5%, Combustion energy sector accounted for
86.7% of total CO2 emissions, landfills
(46.8%) and fugitive emissions from oil
and gas (26.6%)
CH4 32.4% landfills (46.8%) and fugitive emissions
from oil and gas (26.6%) accounted for
73.4% of total CH4 emissions
N2O 0.1% Traditional biomass fuels accounted for
86.4% of total N2O emissions
11/23/2012 5
Related Problem
i. Alpha piper
ii. BP oil spill
iii. Exon Valdez
KEY STUDIES
International Maritime Organisation (IMO)., (2006): Amendments to the
Guidelines for Formal Safety Assessment (FSA) for Use in the IMO Rule
Making Process. 2006., MSC/ – MEPC.2 / Circ 5 (MSC/Circ.1023 –
MEPC/Circ.392).
Parry, G. (1996), The Characterization of Uncertainty in
Probabilistic Risk Assessments of Complex Systems. Reliability
Engineering and System Safety. 54:2-3., 119-126.
N. ,, Soares, C., A. P. Teixeira. (2001).Risk Assessment in Maritime
Transportation. Reliability Engineering and System Safety. 74:3.,.,
299-309.
UK, HSE, 1999, Offshore Technology Report” Effective Collision
Risk Management for Offshore Instalation, UK, London
US
Coast
Guard’s
(USCG)
“The US Coast Guard’s (USCG) risk-based decision-making guidelines
categorize human error into four categories, which form a matrix: intentional
errors, unintentional errors, errors of omission, and errors of commission”
“An error of omission occurs when an operator fails to perform a step or task.
An error of commission occurs when an operator performs a step or task
incorrectly .”
Nivolian
itou et. al (2004)
“ Technical factors are more readily resolved than human factors through
technological and regulatory “fixes” leaving human-related errors and
breakdowns as the probable cause of industrial accidents.”
Hee et. al (1999)
“ Hee et. al concluded that human inputs to technological and engineering
processes may actually contribute to accident risks from the begin stages of
equipment design.”
11/23/2012 7
2.LIERATURE REVIEW Major References Best Practice Human Error Data and Process
Human Factors vs. Human Errors (based on Gordon, 1998)
Institution Studies
The Norwegian
Petroleum
Directorate
Guidelines on how to apply risk analysis to meet its
regulations
UK Health &
Safety Executive
Guidance on risk assessment in the context of
Offshore Safety Cases
Canada-
Newfoundland
Offshore Petroleum
Board
Guidance on installation Safety Analysis to help
operators meet its regulations
American
Petroleum Institute
Recommended practice for design and hazard
analysis offshore production platforms.
The UK Offshore
operators
Associations
Procedure for the conduct of formal safety
assessment of offshore installations, with very brief
coverage of hazard assessment.
Pitblado & Turney
(1995)
Introduction to QRA for the process industries,
Aven (1992) Discussion of offshore QRA, focusing in particular
on reliability analysis.
Crook (1997) Qualitative review of recent technical and
regulatory developments in the field of safety
against fire, inherently safer design, and human
factor.
Brian Veitch Rescue and evacuation from offshore platform
Best Practice Model Application Drawback
Brown et al
(1996)
Environmental performance of tankers Damage analysis
deal only with oil spill
Sirkar et al
(1997)
Consequences of collisions and
groundings
Difficulties on
quantifying
consequence metrics
Brown and
Amrozowicz
(2000)
Hybrid use of risk assessment,
probabilistic simulation and a spill
consequence assessment model
Oil spill assessment
limited to use of fault
tree
Sirkar et al
(1997)
Monte Carlo technique to estimate
damage and+ spill cost analysis for
environmental damage
Lack of cost data
IMO (IMO 13F
(1995)
Pollution prevention index from
probability distributions damage and
oil spill.
Lack (Sirkar et al
(1997) rational
Research
Council
Committee(199
9)
Alternative rational approach to
measuring impact of oil spills
Lack employment of
stochastic
probabilistic methods
Prince William
Sound, Alaska,
(PWS (1996)
The most complete risk assessment Lack of logical risk
assessment
framework (NRC
(1998))
Volpe National
Transportation
Center (1997)).
Accident probabilities using statistics
and expert opinion.
Lack employment of
stochastic methods
Puget Sound
Area, USCG
(1999))
Simulation or on expert opinion for
cost benefit analysis
Clean up cost and
environmental
damage omission
11/23/2012 8
3.0 Qualitative Analysis Process
• Qualitative:
• constructivist, naturalistic,
interpretive, postpositivist or
postmodern perspective.(Creswell,
2003)
• Used to describe the overall
framework/procedure
• used to look at reality,
• based on a philosophical stance
- models identify basic concepts and
describe what reality is like, and the
conditions by which we can study it.
- ideas identified in models are refer
to concepts.
Interviews:- Industry, ship Owner, classification
Society (Lloyd’s Register of Shipping), -
Manufacturer
Phone calls
Data analysis- HAZOP, expert rating
Deductive recommendation
Case study
Baseline data
Determine and collect the ship paint
application parameters and standards.
Methods:
DATA ANALYSIS
POP&C – POLLUTION PREVENTION & CONTROL
Safe Transportation of Hazardous Goods by Tankers
P6
Pollution Prevention
Environmental Impact Assessment
P7
Pollution Mitigation and Control
Environmental Impact Assessment
P5P3
P4
P2
FIRE/ EXPLOSION
pf1
COLLISION/
GROUNDINGpf2
STRUCTURAL
FAILURE pf3
LOSS OF DAMAGE
STABILITY/ SINKAGE
Pfd
LOSS OF
STRUCTURAL INTEGRITY
Pfs
OIL OUTFLOW- Co
LOSS OF VESSEL-Cp
DEATH/INJURY - Cl
Calibration of Probabilis tic Index-A us ing pertinent scenarios
to match historical risk
Formalised Risk Assessment or Risk -Based Design of Tankers
Risk = Σw.Pfi x Σw.Ci.Rf
PASSIVE SAFETY ACTIVE SAFETY
RISK REDUCTION
MEASURES/ INCIDENT
MANAGEMENT Rf
LO
SS
OF
WA
TE
RT
IGH
T I
NT
EG
RIT
Y
HA
ZID
(Wat
erw
ays
and
vess
el
Dat
abas
e)
Calibration of Pf through pertinent
scenarios , us ing
s tructural reliability, to match his torical risk
STAY AFLOAT
Pfi
11/23/2012 10
Qualitative and Quantitative Techniques Qualitative
Methods
Application
Checklist Ensure that organizations are complying with standard practice
Safety/Review
Audit
Identify equipment conditions or operating procedures that could
lead to a casualty or result in property damage or environmental
impacts.
What-If Identify hazards, hazardous situations, or specific accident events
that could lead to undesirable consequences.
Hazard and
Operability
Study
(HAZOP)
Identify system deviations and their causes that can lead to
undesirable consequences and determine recommended actions to
reduce the frequency and/or consequences of the deviations.
Preliminary
Hazard
Analysis
(PrHA)
Identify and prioritize hazards leading to undesirable
consequences early in the life of a system.
Determine recommended actions to reduce the frequency and/or
consequences of prioritized hazards.
Quantitative tools Application
Frequency and Consequence
Analysis
Involve analysis of causal
factor and impact of accident
Failure Modes and Effects
Analysis (FMEA)
Use to analyse the components
(equipment) failure modes and
the impacts on the surrounding
components and the system
Fault Tree Analysis (FTA) Use to analyse combinations
of equipment failures and
human errors that can result in
an accident
Event Tree Analysis (ETA) Use to analyse various
consequences of events, both
failures and successes that can
lead to an accident.
Technique for Human
Performance Reliability
Prediction (THERP)
Use to analyse human error
Components of
risk based method
11/23/2012 11
Components of Risk based Methods
Components of RBM
Process Suitable techniques
HAZID HAZOP, What if analysis,
FMEA, FMECA
Risk analysis FTA, ETA
Risk
evaluation
Influence diagram,
decision analysis
Risk control
option
Regulatory, economic,
environmental and
function elements
matching and iteration
Cost benefit
analysis
ICAF, Net Benefit
Human
reliability
Simulation/ Probabilistic
Uncertainty Simulation/probabilistic
Risk
Monitoring
Simulation/ probabilistic
Cause of Accident
HAZOP PROCESS • A HAZOP analysis is detail HAZID, it mostly divided into section or
nodes involve systemic thinking and assessment a systematic
manner the hazards associated to the operation. Hazard operability
(HAZOP) is done to ensure that the systems are designed for safe
operation with respect to personnel, environment and asset.
• In HAZOP all potential hazard and error, including operational
issues related to the design is identified. The quality of the HAZOP
depends on the participants. Good quality of HAZOP participants
are (HSE, 1999):
Politeness and unterupting
To the point discussion- avoid endless discussion
Be active and positive
Be responsible
Allow HAZOP leader to lead
• It involve How to apply the API 14C for those process
hazard with potential of the Major Accident.
• Dynamic simulation for consequence assessment of the
process deviation, failure on demand and spurious
function of the safety system, alarm function and
operator intervention is very important for HAZOP study.
• Identification of HAZOP is followed with application of
combined Event tree and Fault tree analysis for
determination of safety critical elements, training
requirement for the operators and integrity and review of
maintenance manuals.
HAZOP PROCESS
• HAZOP process is as followed:
• Guide word/ brainstorming -> Deviation -> Consequence -> Safeguard -
>Recommended action
Propulsion failure HAZOP could follow the following:
• Guide word :i.e. No pitch, No blade
• Description: I.e. No rotational energy transformed, object in water break the
blade
• Causes: i.e. operation control mechanism
• Safety measurement to address implementation of propeller protection such
grating, jet
• Also important HAZOP, is implementation of IEC61511 to assess the
hazards associated to failure on demand and spurious trips,
• In HAZOP record the worksheets efficiently to cover all phases also play
important role.
HAZOP PROCESS
• Advance HAZOP can also e implemented through Simulation operations to
identify, quantify, and evaluate the risks. SIMOP Methodology includes:
• Consequence Assessment
• Frequency Analysis
• Risk Calculation
• Risk Analysis
• Safety Criticality Elements
• HAZOP is not intended to solve everything in a meeting. Identified hazard is solved
in the closing process of the finding from the study. Table 2 shows typical HAZOP
report.
• Safety barrier management involve optimisation between the preventive and
mitigation measures fundamental.
• To determination of the safety critical elements (SCE), performance standards for
the design of safety Critical Elements and in integrity assurance.
HAZOP PROCESS
• Safety level integrity (SIL) involves assessment and
verification according to IEC61508 and
IEC61511Qualitative SIL assessment uses the risk
graphs and calibration tables during the brainstorming
sessions where the required SIL is assigned to the
safety systems.
• dynamic simulation could be optimised with greater
accuracy. This saves a significant effort, time and cost
for the project. It involve application of
HAZOP & SIL assessment
Alarm Management
Fire & Explosion Stud
Case study
HAZOP PROCESS
Components SERM Collision Risk Model
11/23/2012 18
Fire Accident Scenario Analysis
Compression
area
Fire Hot work 3
Manifold area Toxicity Radio active
products
4
HP gas area PPE 2
Separation
area
Management
of work
permit (A)
If PTW is not
followed correctly
, the accident may
happen
3
Compressor
area
Fire &
Explosion
3
Process area Handling Halting of
proximity of
process under
pressure
4
Untility area Fire fighting
system
No availability of
Fire Fighting
system
2
Separation Fire &
Explosion
Escape routes are
obstructed
3
PPE Contractor not
using PPE
2
PPE 3
Tank area Fire No Fire & Gas
detection
2
Compression
area
Explosion Escape routes are
obstructed
3
Compression
area
Fire Hot work 3
Manfold area Toxicity Radio active
products
4
Fire ExplosionModel
Fire ExplosionFire ExplosionModelModel
LPG Hazard Model LPG Hazard Model LPG Hazard Model
Suvivability ModelSuvivabilitySuvivability ModelModel
Evacuation modelEvacuation modelEvacuation model
AccommodationAccommodationAccommodation
Compressor
room
CompressorCompressor
roomroom
Cargo leakage ModelCargo leakage ModelCargo leakage Model
Fire Protection Model Fire Protection Model Fire Protection Model
Engine room
Engine Engine room room
Loading Condition
Model
Loading ConditionLoading Condition
ModelModel
CONSEQUENCECONSEQUENCE
consequenceconsequenceconsequence
Collision Model on Langat River
11/23/2012 20
Data and Model
11/23/2012 21
Assessment of rainfall-Runoff model
Assess the impacts of wind loading
Assessment of wave loading
Assessment of system design
Assessment of disposal
Assessment of dynamic positioning
Assessment of energy system
Assessment of passing vessel
Assessment of human reliability analysis
Assessment of location
Assessment of historical data
(v). ACCIDENT DATA
Total risk
concept Risk based
method
Technolohgy element
Environmetal elements
Human element
Risk based regulation
risk based operation
risk based design
Risk (R) = Probability (P) X Consequence (C) 11/23/2012 22
Primary data Secondary data from UK Marine Accident Investigation Branch (MAIB)
Categorized different types of marine casualties and incidents
System Risk Analysis: Components of System Vs
Standard Compliance Analysis High level goal assessment / Safety and environmental
protection objective
-Standards requirement
- Functional requirement
Regulatory instruments/ Classification rules, industrial
standards
Class guides, technical procedure
Secondary standards for company or individual system
- Code of practice, safety and quality systems
shipbuilding, operation maintenance and manning
Tier
1&2
Tier 3
Tier 5
Goal A
naly
sis
Goal b
ased
verificatio
n o
f
com
plian
ce
criteria
Desig
n p
rocess
Appro
val
pro
cess
Tier 4
11/23/2012 23
Components of Integrated Risk Analysis
11/23/2012 24
Formal
safety
analysis Lesson
learnt/
experience
Regulatory
standards
Hazard
assessment
Define objective
StandardA apply
Design concept
Design detail
Manufacture
Testing
Installation
Trial
Operation in service
Maintenance
Repair
Modifications
Ddecommissioning
STEP 1: Identify a
Failure Mode
STEP 2: Determine Severity
STEP 3: Determine Occurrence
STEP 4: Determine
Detectability
Risk Priority Number (RPN)
System Level Analysis -Failure Modes and
Effects Analysis (FMEA)
FMEA
Action & Check
Simplified Processes of Failure Modes and Effects Analysis (FMEA)
RPN = Severity Rating x Occurrence Rating x Detection Rating
11/23/2012 25
Five steps of FTA:
Define the undesired event to
study
i. Obtain an understanding of
the system
ii. Construct the fault tree
iii. Evaluate the fault tree
iv. Control the hazards identified
Fault Tree Analysis (FTA)
AND
Gate
Output event
Input events
OR
Gate
Output event
Input events
Basic
Event
Undeveloped
Event
Figure 1: Logic Gates & Typical Primary Events
11/23/2012 26
ETA process:
i. Define the system.
ii. Identify the accident scenarios.
iii. Identify the initiating event (IE).
iv. Identify pivotal events.
v. Build the event tree diagram.
vi. Obtain the failure event probabilities.
vii.Identify the outcome risk.
Event Tree Analysis (ETA)
11/23/2012 27
Accident Consequence Modeling
Accident
Categories
Causes
C1
C3
C2
C12
C
Failures, Human and Organizational Errors, Environmental Stressors
Safeguards, Barriers, Operational Controls, Risk Control Options
Consequences
Fate and
Transport
C11
28
As Low as Reasonable Possible Principle (ALARP), Risk
Acceptability Criteria, cost Effectiveness Assessment (CEA)
Scenario Probability Consequence Cumulative Probability
S1 P1 C1 P1=P1+P2
S2 P2 C2 P2=P3+P2
Si Pi Ci Pi=Pi+3+Pi
Sn+1 Pn+1 Cn+1 Pn-1=Pn+Pn+1
Sn Pn Cn Pn=Pn
11/23/2012 29
(iii). Channel Complexity Analysis
Human Reliability Analysis
DP
Visibility
Mooring
11/23/2012 30
Criticality/ MTTB/
Stochastic Poison, Binomial
• Risk control measures are used to group risk into a limited number of
well practical regulatory and capability options. Risk Control Option
(RCO) aimed to achieve (David, 1996):
– Preventive: reduce probability of occurrence
– Mitigation: reduce severity of consequence
• In estimating RCO, the following are taken into consideration:
• DALY (Disability Adjusted Life Years) or QALY (Quality Adjusted
Life Years)
• LQI (Life Quality Index)
• GCAF (Gross Cost of Averting a Fatality)
• NCAF (Net Cost of Averting a Fatality)
• ICAF (Implied Cost of Averting Fatality
Cost Benefit Analysis, RCO
11/23/2012 31
Sustainability Analysis
Minimum sum of cost
Minimum sum of cost
costt
Cost of polution control
High damage cost with
no control
No economic gain from
polusion control
Cost of damage from
polution
Diferent between cost of polution
control and environmetal damage
11/23/2012 32
Validation
Frequency model
Consequence Model
ALARP
11/23/2012 33
Validation of HAZOP
Expert Rating workshop:
Industry
Manufacture
Classification Society
Operator
accademecian
Conclusion • Following need for maritime activities to operate in much harsh
condition, institutions are adopting system based approach that
account for total risk associated with system lifecycle to protect the
environment and prevent accident.
• Employment of risk method to address each contributing factor to
accident is very important. Qualitative risk in system description and
hazard identification can best be tackled through HAZOP.
• The outcome of HAZOP can be processed in quantitative analysis
which may include probabilistic and stochastic dynamic simulation
process for system level analysis, while fault tree and event tree
quantitative analysis can be utilized to determine risk index
• Translation of dynamic risk analysis can be translated into ALARP
influence diagram can provide decision support risk cost control option
towards sustainable, reliable, efficient propulsion technology choice y
for system design and operability.
Thank You
Ocean of Discovery