USPEnergies
USPEnergies
The SHAH Gas Expansion Project - a critical analysis of the process design
HAZOP Study - Lessons Learnt
HAZOP - The great Causes / Safeguards conundrum
During the course of Hazop Studies, the analysis can often get confusing and muddled, owing to the nature of a Hazop study and complexity of the process under review. The results can lead to erroneous estimation of the consequences, defeating the purpose of a Hazop study. In a recent Hazop study, I realized that the team members were underestimating the severity of consequences, to the extent of not anticipating a consequence considering the safeguards in place. For example, if there was an NRV in place, the consequence related to reverse flow were not considered; if there was a pump min flow line provided, then pump cavitation was not considered; if there was a vent to flare (PAHH to Open XV), then overpressurization was ignored. So on and so forth......the situation gets even more confusing with safeguards related to inherently safe designs and BPCS. If the line was designed for the pump shutoff pressure, then the line could not overpressurized; if there was an independent level control then overfilling was not a credible consequence, just to cite a few examples.
It is the duty of the chairman to intervene and make the team realize the error in their thought process. All safeguards have a failure rate, including inherently safe designs. The inherently safe design failed in the Bhopal Gas incident. The other aspect is that safeguards function ONLY on demand. Here the independent BPCS is an exception. Ofcourse, independent BPCS will be considered as a cause, but it is a safeguard who's failure resulting in a consequence needs to be evaluated.
So remember, in a Hazop study, safeguards act on demand, where as causes are related to normal or continuous operation. Causes such as pump failure, control loop malfunction, human error etc are valid causes for consequences and need to be evaluated without safeguards. Safeguards act on demand and need to be considered to mitigate the consequence to acceptable levels, Thanks! Let me know your thoughts and write to me for further discussion.
My obsession with spurious trips (of SIFs)
SILPro for STL calculations
My obsession with spurious trips stems from the long years in the industry; going by Murphy’s law’ “Anything that can go wrong will go wrong”. Adapting this to SIFs, Imagine we have a plant operating smoothly, well managed and with-in the operating envelope. Then the spurious trip of the SIF happens and the whole plant is brought to a shutdown position resulting in huge loses of inventory and profitability. This can drive the operators crazy and they will be tempted to bypass the SIF or worse, remove it completely.
I recommend designers to verify not only the PFD of a SIF but also the PFS; make sure that the spurious trip rate is low in order to ensure business continuity when the system is Not in demand mode. In SILPro, we give STL calculations as standard with a visual graphic to enable the designer to not only meet the target SIL, but also the STL/STR in-line with the business requirements with estimated costs that are calibrated to spurious trips
My Favourite "PHA" quotes........
Dr Trevor Kletz
“For a long time, people were saying that most accidents were due to human error and this is true in a sense but it’s not very helpful. It’s a bit like saying that falls are due to gravity.”
“There’s an old saying that if you think safety is expensive, try an accident. Accidents cost a lot of money. And, not only in damage to plant and in claims for injury, but also in the loss of the company’s reputation.”
"What you don't have, can't leak…”
“Organizations have no memory…”…”
Ron Smith, Ch.E., P.E.
"PHA’s - You will never find ALL the answers you need until you ask ALL the questions you should"
"for the PHA to be successful in identifying ALL specific points of concern (failure modes) with the process, you must have ....
Sufficiently knowledgeable, experienced, and committed people (engineers, chemists, technicians, operators, & others) to fully participate in and contribute to the PHA study. If they aren’t available at any given time, the PHA must stop until they are available, no exceptions"
"The PHA challenge:
I’ve seen so much
But have I thought too little
To help prevent the disasters
That could happen still"
"The failure to identify all the possible ways your chemical process/plant can catastrophically fail is a “failure of imagination”. If you can imagine it, you can prevent it. If you can’t, you may be forced to endure it!"
"Process safety failure - if you can anticipate with clarity you can prevent with certainty.
That’s what PHA’s are supposed to do!"
"The next time you hear someone say they’ve done something potentially dangerous many times without anything bad happening to them, just remind them of this ...."
“The absence of consequences does not prove the absence of risk.”
Process Safety Lessons from Formula-1
Analaysis
The Crash
The crash on 29th Nov 2020 crash at the Formula-1 Grand Prix at the Bahrain's Sakhir circuit, is one of the most dramatic incidents seen in recent times, infact the fireball which engulfed the car after the crash was so intense that the driver could not be seen for almost 30 seconds till he emerged from the inferno.
Very much like the process industry involving flammable and toxic chemicals, Formula-1 is a sport which involves hazards owing to the high-powered machines traveling at very high speeds. In addition, the competitiveness of the drivers makes for a lethal mix of adding fuel to fire.
The Incident
The incident can be classified as a near-miss. It shows once again that hazards can be mitigated but they cannot be eliminated. Hazardous incidents will happen, but that adequate safety measures will save lives. Mitigating the consequences to ALARP can be achieved by deploying adequate safeguards. The Formula-1 sport has developed a strong safety culture and invested considerable amounts of money to ensure the safety of the drivers, crew and the public in general. In the context of the crash of the Haas car, it must be noted that the driver who crashed into the metal barrier at a speed of 220 km/hr, resulting in the fuel getting ignited and further resulting in a fire ball, actually walked almost unscathed apart from some minor burns. It could have been far worse; the safeguards averted what could have been a catastrophic and fatal incident.
The Analysis
A thorough and in-depth analysis of the near-miss incidents is vital to reinforce the safeguards. Questions must be asked if the fuel tank could have been fabricated to avoid rupture. Could the collision avoidance system be deployed in the cars with-in the frame work of sporting norms. Could there be air-bags or even an eject button available to the driver. Could there be fire hydrants and fire monitors to cover the track in case of an emergency.....so on and so forth.
The process industry must borrow from the Formula-1 experience and be open, and not be shackled by what has been the norm over the years. Questions must be asked even if they are off the beaten path.
Safeguards will Work
The Cars safety features worked like magic, the halo saved the driver from serious injury or fatality. Though much resistance was there to install the Halo in the first instance, it's deployment proved to be a key safeguard.
Similarly, in the process safety industry, we must be able to deploy the protection layers which work-on-demand. The reliability of the all the safety equipments must be ensured. Further, new ideas must be heard with an open mind and implemented, even if the consensus is sometimes otherwise.
The first responders and safety professionals
They can make the difference between life and death. Their training is vital for safe operations, the good doctor along with the fire extinguisher crew was on the crash site with-in seconds and was able to help the driver to jump over the railing to safety.