Title: Holistic Approach to Safety
1Holistic Approach to Safety
- Bart Winters
- Honeywell
- May 24, 2006
2Presenter
- Bart Winters
- BS Manufacturing Engineering Brigham Young
University - 22 Years Honeywell Process Solutions
- Software Development HMI Alarm/Event Management
- Batch SCADA Project Engineering
- Engineering Management
- Batch Product Management
- Alarm Applications Product Management
- Asset People Effectiveness Business Consultant
3History Lesson
- Pat McLaughlin and Peter OReilly
- 1859 Six-Mile Canyon, Nevada
- Find a vein of quartz crystal laced with gold
- Biggest problem mining the gold was --
bluish-gray mud/clay that stuck to everything - Discarded in huge piles outside the mines
4History Lesson (cont.)
- John Mackay a miner with geology and mineral
training recognizes the mud - Assayed a sample of the bluish-gray mud
- Buys several of the spent mines
- Result
- Silver content worth 2500-3000 per ton in 1859
dollars - Annual silver production from 6M to 60M / year
- 50 1 silver to gold production
5When You Think SafetyDo You Think?
- Regulatory controls
- Safety instrumented systems
- Fire and gas systems
- Burner management systems
- Compressor / turbine monitoring systems
- Manually activated protective functions (e.g.,
remote isolation valves, water curtains/cannons)
6Standards Help ButAre We Safe Enough?
- Many Regulatory Requirements Standards
- OSHA (US) or HSE (UK) etc.
- EPA
- International Organization for Standardization
(ISO) - Instrumentation, Systems, and Automation Society
(ISA) - American Petroleum Institute (API)
- National Fire Protection Association (NFPA)
- International Electrotechnical Commissions (IEC)
- Engineering Equipment and Materials Users
Association (EEMUA) - American Institute of Chemical Engineers (AIChE)
7Consider the Following
314M
412M
500M
20B Annual Preventable Abnormal Situations is US
Alone
2,000M
1,400M
100M
275M
139M
Source ASM Consortium
8Abnormal Situation Management Consortium
- Charter
- Research the causes of abnormal situations
- Guidelines and best practices
- Technologies to address this problem
- Deliverables
- Technology, best practices, application
knowledge, prototypes, metrics - History
- Started in 1994
- Co-funded by US Govt (NIST)
- Budget 16M USD
www.asmconsortium.com
9Human Factors Are at the Core
- 42 of Abnormal Situations People Related
- ASM Consortium Research
- In systems where a high degree of hardware
redundancy minimizes the consequences of single
component failures, human errors may comprise
over 90 of the system failure probability. - A Managers Guide to Reducing Human Errors API
Publication 770, March 2001 - Human failures are responsible for up to 80 of
all types of accident - UK Health Safety Executive (HSE) Human Factors
Briefing Note No. 1 Introducing Human Factors
10Tendency to Blame The Operator
11Management Responsibility
- Most mistakes are committed by skilled, careful,
productive, well-meaning employees. - Rather than blaming the individual involved
attempt to identify the root causes of the error
in the work situation and implement appropriate
corrective actions. - A Managers Guide to Reducing Human Errors API
Publication 770, March 2001
12Components of Human Factors
- Actions or inactions of individuals are
influenced by - Organizations structure culture (formal
informal) - Procedures work processes (formal informal)
used to perform their activities - Automation and equipment involved in these
activities (software and hardware) - Environments in which the individual conducts
activities (control room, field, etc)
13ASM Guidelines
14Reducing Frequency Impact of Abnormal
Situations
x 10000
4
3
1) Initiating Event 2) Normal Detection
Intervention 3) Mistakes 4) Lapses (Misses
Event) 5) Ideal Detection Intervention
x 1000
x 100
Impact (Cost)
2
x 10
5
1
x 1
0
Time
Gartner group
15Learnings from ASM Member Companies Best
Practices
- Simulation Training
- ASM Operator Interface
- Operating Envelop Management
- Alarm Management
- Procedure Operations
16Learnings from ASM Member Companies Best
Practices
- Simulation Training
- ASM Operator Interface
- Operating Envelop Management
- Alarm Management
- Procedure Operations
17Unwanted By-products of Automation(or how to
make people stupid)
- Disabling expertise
- Slowing the rate of learning
- Teaching dysfunctional skills
18Recognition Primed Decision (RPD)Model (Klein)
Perceived as typical (Prototype or Analogue)
Recognition
Implement Action
Additional Steps Due to Lack of Expertise
19Experts Under Pressure
Good
3.2
Experts
3.0
Decision Quality
2.8
Novices
2.6
Poor
6 seconds
2.25 min
Time allowed for Decision
20ASM Effective Operations PracticesCategory 3
Knowledge Skills Development
- Continuous learning not one-time activity
- Define competency model
- Link to your site major accident risk assessment
- Team based with clear roles responsibilities
- Frequent study and incorporation of historical
upsets and near misses - Use of training simulator for best results
21Effective Training PracticesAreas of Focus
- Developing and Maintaining Staff Competence
- Health Safety Executive (HSE) 2002 ISBN 0 7175
17327 - Designing for Continuous Learning
- Bullemer, P. and Nimmo, I. New Training Strategy
Design the Work Environment for Continuous
Leaning. Chemical Engineering Progress. January
1998. - Operations and Maintenance Competency-Based
Training for ASM - Pankoff, J. Training Todays Process Plant
Operator. Hydrocarbon Process, August, 1999.
22Learnings from ASM Member Companies Best
Practices
- Simulation Training
- ASM Operator Interface
- Operating Envelop Management
- Alarm Management
- Procedure Operations
23An Effective Graphic?
24Consider
- Tasks being performed
- Use of color (salience)
- Display navigation
- Number of keystrokes
- Use of symbols process connections
- Use of text and numbers
- Memory limitations
- Visual coding (pattern recognition)
- Impact of shift work
- Work environment (lighting, noise, etc.)
25ASM User InterfaceWorth 1M/yr for ethylene plant
- Comparing ASM designed operator interface vs
traditional standard operator interface - Operators with similar experience on identical
units measured with simulation based scenarios - gt38 improvement in recognition of process
deviations before the 1st alarm - 26 improvement in their ability to successfully
resolve problem - 35-48 improvement in overall operator response
time to deviations
Source ASM Meeting report Oct. 2004 see also
http//www.chemicalprocessing.com/articles/2006/04
1.html
26Learnings from ASM Member Companies Best
Practices
- Simulation Training
- ASM Operator Interface
- Operating Envelop Management
- Alarm Management
- Procedure Operations
27Quotes from Longford
- ... operating in alarm mode was sometimes
necessary to meet the gas order - Informal rules evolve to achieve goals quite
different from those originally intended by the
system designers
28Determining Safe Operating Boundaries
Source of Limits
Location of Limits
Users of Limits
Reliability xxx yyy
29Boundary Management
EquipmentConstraints
Operating Boundaries
Application Limits
Hi Hi Alarm Limit (Safety)
Design Safety Corrosion Proces Reliability Environ
mental
Manager UserAlert Hi-Hi Alert Limit
HI Alarm Limit (Reliability)
Environmental Engr. UserAlert Limit
APC Limit
Operational Target Limit
Operator X UserAlert Limit
Lo Lo Alarm Limit (Safety)
- Consistent reference point based on facts,
documented and available to the entire operating
team and other applications - Thorough PHA, HAZOP, and alarm system design with
cross functional team - Clear definition of safe upper and lower limits
(OSHA 1910.119) - Identify what to monitor (alarms, alerts,
production targets) - Captured and make available knowledge from PHA,
HAZOP, AOA, other processes
30Do You Know Your Limits?Does the Operator Know?
- Information from HazOp and other critical
processes captured and used to design for
operability - What are the limits?
- How to respond to deviations
31Operator Feedback
- We cant set our targets out of the unit limits
- Thought I knew everything - learned something
from this work - No more "just do it" - now why is explained
32Operating Envelope Management Improves
Operational Reliability
- Management of Alarm Limits
- Alarm rationalization ( of alarms)
- Integrity of alarm limits (understanding
context) - Expected actions in response to alarms
- Mode-based alarming
- Alarm enforcement
- Management of change
- Improve Operator Workflow, Data Access and
Visibility - Shift/daily operating plan
- Operating procedures
- Operator task management
- Improve communication between operators
- Checklist shift handover
- Electronic logbook
- Validate operating plan against operating
envelope boundaries - Provide analysis tools for continuous
improvement
33Learnings from ASM Member Companies Best
Practices
- Simulation Training
- ASM Operator Interface
- Operating Envelop Management
- Alarm Management
- Procedure Operations
34Alarm Management Risk Factors
- High alarm rates
- High of standing/stale alarms
- High of disabled alarms
- Little or no priority distribution
- Temporary changes become permanent
- No rationalization and documentation information
- No operator guidance or alarm help
35Alarm Management Life Cycle
Drill Down
Level of Effort Required for Analysis
Performance Monitoring
Root Cause Event Analysis
Dynamic Analysis
Static Configuration Reports
Alarm Documentation
Industry Benchmarks
Alarm Enforcement
Unit Benchmarking
36Learnings from ASM Member Companies Best
Practices
- Simulation Training
- ASM Operator Interface
- Operating Envelop Management
- Alarm Management
- Procedure Operations
37Procedure Challenges
- Ensure procedures are followed correctly and
consistently for safety, increased production and
best on-spec product - Capturing the knowledge of staff due to
retirement and change - Improve transitions between operating modes or
feed-stocks in response to market demand - Reduce operator workload in non-value added
areas, to consolidate the work-force, thereby,
allowing operators to have more time to focus on
cost control and profit maximization.
38Procedures on Continuous Processes
Shutdown/Startup seldom executed therefore
subject to error or inconsistencies
Grade Change Normal production change (grades,
rates, equipment, etc)
Abnormal Condition resulting in SafePark
Bringing the plant to a safe holding point that
may be resumed by Operations, or subsequently to
Shutdown the plant.
Cyclic Planned Activities Tasks repeated based
upon well defined criteria, normal operations
(regeneration, pump changeover, decoking, etc)
39Procedure Identification
Procedure HAZOP Expert Judgment
Complexity Consequence Frequency
In-task Review Resource
Field or Console
Inputs
Interaction Techniques (Paper and Electronic) -
Procedure Content - Procedure Structure -
Procedure Format - Navigation - Terminology -
Status Format - Data Entry
Effective Procedure Design for Context of Use
Outputs
40Effective Interaction w/ Procedures Solution
Concepts
- Paper-based procedures Typically in a binder or
printed as needed from database - On-line static procedures Viewed in on-line
can be browsed and printed. - On-line interactive procedures Can be tracked,
updated, and status information may be presented
from various sources automated workflow - On-line hybrid procedures Provide feedback on
status and can execute actions automatically or
initiated by the operator
41(No Transcript)
42Conclusions
43When You Think Safety Do You Think Human Factors?
- Are human factors considered in all the aspects
of safety engineering? Is it part of your
culture? - Identification
- Assessments
- Mitigation
- Standards a necessity but remember the big
picture - Remember the 501 Ratio
44Questions?