Title: Major Hazard Facilities Hazard Identification
1Major Hazard Facilities Hazard Identification
2Overview
- This seminar has been split into two sections
- Hazard Identification
- Major Accident Identification and Risk Assessment
- The seminar has been developed to provide
- Context with MHF Regulations
- An overview of what is required
- An overview of the steps required
- Examples of hazards identified
3Some Abbreviations and Terms
- AFAP - As far as (reasonably) practicable
- DG - Dangerous goods
- Employer - Employer who has management control of
the facility - Facility - any building or structure at which
Schedule 1 materials are present or likely to be
present for any purpose - FMEA/FMECA - Failure modes and effects analysis/
Failure modes and effects criticality analysis - FTA - Fault tree analysis
- HAZID - Hazard identification
- HAZOP - Hazard and operability study
- HSR - Health and safety representative
- LOC - Loss of containment
- LOPA Layers of protection analysis
4Some Abbreviations and Terms
- MHF - Major hazard facility
- MA - Major accident
- OHS - Occupational health safety
- PFD Process Flow Diagram
- PID Piping and Instrumentation Diagram
- PSV Pressure safety valve
- SMS - Safety management system
5Topics Covered In This Presentation
- Regulations
- Definition Hazard
- Introduction
- HAZID Requirements
- HAZID Approach
- Consultation
- Conducting the HAZID
- Overview of HAZID techniques
- Review and Revision
- Sources of Additional Information
6Regulations
Basic outline
- Hazard identification (R9.43)
- Risk assessment (R9.44)
- Risk control (i.e. control measures) (R9.45, S9A
210) - Safety Management System (R9.46)
- Safety report (R9.47, S9A 212, 213)
- Emergency plan (R9.53)
- Consultation
7Regulations
Regulation 9.43 (Hazard identification)
states The employer must identify, in
consultation with employees, contractors (as far
as is practicable) and HSRs
- All reasonably foreseeable hazards at the MHF
that may cause a major accident and - The kinds of major accidents that may occur at
the MHF, the likelihood of a major accident
occurring and the likely consequences of a major
accident.
8Definition
- Hazard
- Regulatory definition per Part 20 of the
Occupational Health and Safety (Safety Standards)
Regulations 1994 - A hazard means the potential to cause injury or
illness - Interpreted Any activity, procedure, plant,
process, substance, situation or other
circumstance that has the potential to cause harm.
9Introduction
- HAZID is critical to safety duties and the safety
report - Employer must identify all major accidents and
their related causes using a systematic and
documented HAZID approach - The process must be transparent
- HAZID results must be reflected in risk
assessment, SMS, adoption of control measures and
safety report
10Introduction
- An example - Gramercy Alumina Refinery, US
Department of Labor Report ID No. 16-00352, 5
July 1999 at 5am
11Introduction
Were the hazards identified?
12Introduction
- HAZID process must be ongoing to ensure existing
hazards are known, and - New hazards recognised before they are
introduced - Prior to modification of facility
- Prior to change in SMS or workforce
- Before and during abnormal operations,
troubleshooting - Plant condition monitoring, early warning signals
- Employee feedback from routine participation in
work - After an incident
13Introduction
- Information from accident investigations can be
useful as input to determine contributing causes
14HAZID Requirements
- A systematic, transparent and comprehensive HAZID
process should be used based on a comprehensive
and accurate description of the facility - MAs and the underlying hazards should not be
disregarded simply because - They appear to be very unlikely
- They have not happened previously
- They are considered to be adequately controlled
by existing measures
15HAZID Requirements
The risk diagram can be useful for illustrating
this aspect, as shown below
16HAZID Requirements
Exclusions
- The HAZID process (for MHF compliance) is not
intended to identify all personnel safety
concerns - Many industrial incidents are caused by personnel
safety breaches, such as the following - Person falls from height
- Electrocution
- Trips/slips
- Contact with moving machinery
- etc
17HAZID Requirements
Exclusions
- These are generally incidents that do not relate
to the storage or processing of Schedule 9
materials and are covered by other parts of an
Employers safety management system for a
facility such as - Permit to work
- Confined space entry and management
- Working at heights
- Work place safety assessments
- etc
18HAZID Approach
- What can go wrong?
- What incidents or scenarios could arise as a
result of things going wrong? - What could cause or could contribute to these
incidents?
19HAZID Approach
- Considers all operating modes of the facility,
and all activities that are expected to occur - Human and system interfaces together with
engineering issues - Dynamic process to stay ahead of any changes in
the facility that could erode the safe operating
envelope or could introduce new hazards
20HAZID Approach
- The HAZID approach is required to
- Be team-based
- Use a a process that is systematic
- Be pro-active in searching for hazards
- Assess all hazards
- Analyse existing controls and barriers -
preventative and mitigative - Consider size and complexity in selecting
approach to use
21HAZID Approach
- Consideration needs to be given in selecting the
HAZID technique - Some issues to take into account are
- Life cycle phase of plant
- Complexity and size
- Type of Process or activity covering
- Engineering or procedural
- Mechanical, process, or activity focussed
22HAZID Approach
Life Cycle Phases of a Project
- The HAZID approach can be used in the first
stages of the life cycle phase of a project - Prior to design phase, little information will be
available and the HAZID approach will need to be
undertaken on flow diagrams - Assumptions will need to be transparent and
documented
23HAZID Approach
- Complexity and Size
- The complexity and size of a facility includes
the number of activities or systems, the number
of pieces of equipment, the type of process, and
the range of potential outcomes - Some HAZID techniques may get bogged down when
they are applied to complex processes - For example, event tree and fault tree analyses
can become time consuming and difficult to
structure effectively - However, simple techniques may not provide
sufficient focus to reach consensus, or
confidence in the identification of hazards - Conclusion Start with simple techniques and
build - in complexity as required
24HAZID Approach
- Type of Process or Activity
- Where activities are procedural or human error is
dominant then task analysis may be appropriate
(e.g. task analysis, procedural HAZOP, etc) - Where knowledge of the failure modes of equipment
is critical (e.g. control equipment, etc) then
FMEA may be appropriate
25HAZID Approach
- Type of Process or Activity
- Where the facility is readily shown on a process
flow diagram or a process and instrumentation
diagram, then HAZOP may be used - Where multiple failures need to be combined to
cause an accident, or multiple outcomes are
possible then fault tree analysis and event tree
analysis may be beneficial
26Consultation
- The MHF Regulations require Employers to consult
with employees in relation to - Identification of major hazards and potential
major accidents - Risk assessment
- Adoption of control measures
- Establishment and implementation of a safety
management system - Development of the safety report
27Consultation
- Consultation is also required in relation to the
roles that the Employer defines for employees - The adequacy of the consultation process is a key
step in decision-making with regards to the
granting of licences - A teamwork approach between the Employer, HSRs
and employees is strongly advocated for the
safety report development process as a whole
28Consultation
- Employees have a significant effect on the safety
of operations, as a result of their behaviour,
attitude and competence in the conduct of their
safety-related roles - The involvement of the employees in the
identification of hazards and control measures
enhances - Their awareness of these issues
- and
- Is critical to the achievement of safe operation
in practice
29Conducting the HAZID
- HAZID Team Selection
- The team selection for the area or plant is
critical to the whole hazard identification
process - Personnel with suitable skills and experience
should be available to cover all issues for
discussion within the HAZID process - A well managed, formalised approach with
appropriate documentation is required - Team selection and training in methodology used
is to be provided
30Conducting the HAZID
- HAZID Team Selection
- Facilitated multi-disciplinary team based
approach - Suitably qualified and experienced independent
person to facilitate - Suitably experienced and qualified personnel for
the process, operations and equipment involved
31Conducting the HAZID
- HAZID Team Selection
- These employees MAY BE the HSRs but DO NOT HAVE
TO BE - However, the HSRs should be consulted in
selection of appropriate persons - this process
must be documented and be transparent - No single person can conduct a HAZID
- A team approach will be most effective
32Conducting the HAZID
- HAZID Study Team
- The typical study team would comprise
- Study facilitator
- Technical secretary
- Operations management
- HSR/Operations representative
- Project engineer or project design engineer for
new projects - Process engineer
- Maintenance representative
- Instrument electrical representative
- Note the above team make up is indicative only
33Conducting the HAZID
- HAZID Planning
- The following steps are required
- Planning and preparation
- Defining the boundaries and provide system
description - Divide plant into logical groups
- Review PIDs and process schematics to ensure
accuracy - Optimise HAZID process by means of preplanning
work involving relevant stakeholders (operations,
maintenance, technical and safety personnel)
34Conducting the HAZID Consider the Past, Present
and Future
What has gone wrong in the past?
Historical conditions
Identified Hazards
What could go wrong currently?
Existing conditions
What could go wrong due to change?
unforeseeable
Future conditions
35Conducting the HAZID
- It is tempting to disregard Non-Credible
Scenarios BUT - Non-credible scenarios have happened to others
- Worst cases are important to emergency planning
36It happened to someone else
Aftermath of an explosion (U.S. CHEMICAL SAFETY
AND HAZARD INVESTIGATION BOARD, SIERRA CHEMICAL
COMPANY REPORT NO. 98-001-I-NV, January 1988)
37Conducting the HAZID
- Issues for consideration
- Equipment can be off-line
- Safety devices can be disabled or fail to operate
- Several tasks may be concurrent
- Procedures are not always followed
- People are not always available
- How we act is not always how we plan to act
- Things can take twice as long as planned
- Abnormal conditions can cross section limits
- Power failure
38Conducting the HAZID HAZID Process
System description
Define boundary
Divide system into sections
Existing studies
Selected methods
Systematically record all hazards
Independent check
Hazard Register
Revisit after risk assessment
39Conducting the HAZID
- Meeting Venue
- Hold on site if possible
- Avoid interruptions if possible
- Schedule within the normal work pattern, or
within the safety report activities - Meetings less than 3 hours are not effective
- Meetings that last all day are also not
effective, however practicalities may require all
day meetings - Dont underestimate the time required
40Conducting the HAZID
- Recording Detail
- The level of detail is important for
- Clarity
- Transparency and
- Traceability
- A system (hazard register) is required for
keeping track of the process for each analysed
section of the facility - The items to be recorded are
- Study team
- System being evaluated
- Identified hazard scenario
- Consequences of the hazard being realised
- Controls in place to prevent hazard being
realised and their adequacy - Opportunity for additional controls
41HAZID Techniques - Overview
Increasing effort required
- Checklists - questions to assist in hazard
identification - Brainstorming - whatever anyone can think of
- What If Analysis - possible outcomes of change
- HAZOP - identifies process plant type incidents
- FMEA/FMECA - equipment failure causes
- Task Analysis maintenance activities,
procedures - Fault Tree Analysis - combinations of failures
42Checklists
- Simple set of prompts or checklist questions to
assist in hazard identification - Can be used in combination with any other
techniques, such as What If - Can be developed progressively to capture
corporate learning of organisation - Particularly useful in early analysis of change
within projects
43Checklists
44Checklists
- Advantages
- Highly valuable as a cross check review tool
following application of other techniques - Useful as a shop floor tool to review continued
compliance with SMS - Disadvantages
- Tends to stifle creative thinking
- Used alone introduces the potential of limiting
study to already known hazards - no new hazard
types are identified - Checklists on their own will rarely be able to
satisfy regulatory requirements
45Brainstorm
- Team based exercise
- Based on the principle that several experts with
different backgrounds can interact and identify
more problems when working together - Can be applied with many other techniques to vary
the balance between free flowing thought and
structure - Can be effective at identifying obscure hazards
which other techniques may miss
46Brainstorm
- Advantages
- Useful starting point for many HAZID techniques
to focus a groups ideas, especially at the
projects concept phase - Facilitates active participation and input
- Allows employees experience to surface readily
- Enables thinking outside the square
- Very useful at early stages of a project or study
- Disadvantages
- Less rigorous and systematic than other
techniques - High risk of missing hazards unless combined with
other tools - Caution required to avoid overlooking the detail
- Relies on experience and competency of
facilitator
47What If
- What if analysis is an early method of
identifying hazards - Brainstorming approach that uses broad, loosely
structured questioning to postulate potential
upsets that may result in an incident or system
performance problems - It can be used for almost every type of analysis
situation, especially those dominated by
relatively simple failure scenarios
48What If
- Normally the study leader will develop a list of
questions to consider at the study session - This list needs to be developed before the study
session - Further questions may be considered during the
session - Checklists may be used to minimise the likelihood
of omitting some areas
49What If
- Example of a What If report for a single assessed
item
50What If
- Advantages
- Useful for hazard identification early in the
process, such as when only PFDs are available - What If studies may also be more beneficial than
HAZOPs where the project being examined is not a
typical steady state process, though HAZOP
methodologies do exist for batch and sequence
processes - Disadvantages
- Inability to identify pre-release conditions
- Apparent lack of rigour
- Checklists are used extensively which can provide
tunnel vision, thereby running the risk of
overlooking possible initiating events
51HAZOP
- A HAZOP study is a widely used method for the
identification of hazards - A HAZOP is a rigorous and highly structured
hazard identification tool - It is normally applied when PFDs and PIDs are
available - The plant/process under investigation is split
into study nodes and lines and equipment are
reviewed on a node by node basis - Guideword and deviation lists are applied to
process parameters to develop possible deviations
from the design intent - HAZOP results in a very a systematic assessment
of hazards -
52HAZOP
Example of a HAZOP report for a single assessed
item
53HAZOP
- Advantages
- Will identify hazards, and events leading to an
accident, release or other undesired event - Systematic and rigorous process
- The systematic approach goes some way to ensuring
all hazards are considered - Disadvantages
- HAZOPs are most effective when conducted using
PIDs, though they can be done with PFDs - Requires significant resource commitment
- HAZOPs are time consuming
- The HAZOP process is quite monotonous and
maintaining participant interest can be a
challenge
54FMEA/FMECA
- Objective is to systematically address all
possible failure modes and the associated effects
on a technical system - The underlying equipment and components of the
system are analysed in order to eliminate,
mitigate or reduce the failure or the failure
effect - Best suited for mechanical and electrical
hardware systems evaluations
55FMEA/FMECA
- Example of an FMEA/FMCEA report for a single
assessed item
56FMEA/FMECA
- Advantages
- Generally applied to solve a specific problem or
set of problems - FMEA/FMECA was primarily considered to be a tool
or process to assist in designing a technical
system to a higher level of reliability - Designed correction or mitigation techniques can
be implemented so that failure possibilities can
be eliminated or minimized - Disadvantages
- It is very time consuming and needs specialist
skills from different backgrounds to obtain
maximum effect - Very hard to assess operational risks within an
FMEA/FMECA (like they can be within a HAZOP or
What if study)
57Task Analysis
- Technique which analyses human interactions with
the tasks they perform, the tools they use and
the plant, process or work environment - Approach breaks down a task into individual steps
and analyses each step for the presence of
potential hazards - Used widely to manage known injury related tasks
in workplace - Excellent tool for hazard identification related
to human tasks
58Task Analysis
- Disadvantages
- Does not address plant process deviations which
are not related to human interaction - Caution
- Relies on multi-disciplined input with specific
input of person who normally carries out the task - Often assumed to be the only tool of hazard
identification or risk assessment, as it is used
generally at the shop floor
59Fault Tree Analysis
- Graphical technique approach
- Provides a systematic description of the
combinations of possible occurrences in a system
which can result in an identified undesirable
outcome (top event) - This method combines hardware failures and human
failures - Uses logic gates to define modes of interaction
(ANDs/ ORs)
60Fault Tree Analysis
61Fault Tree Analysis
- Advantages
- Quantitative - defines probabilities to each
event which can be used to calculate the
probability of the top event - Easy to read and understand hazard profile
- Easily expanded to bow tie diagram by addition of
event tree - Disadvantages
- Need to have identified the top event first
- More difficult than other techniques to document
- Fault trees can become rather complex
- Time consuming approach
- Quantitative data needed to perform properly
62Review and Revision
The following are examples of when a HAZID
revision should occur
HAZID Revision
63Sources of Additional Information
- Loss Prevention In The Process Industries, Second
Edition, Reed Educational and Professional
Publishing, F. P Lees,1996 - Guidelines for Hazard Analysis, Hazardous
Industry Planning Advisory Paper No.6, NSW
Department of Planning, June 1992 - HAZOP and HAZANs, Notes on the Identification and
Assessment of Hazards, Second Edition, Trevor
Kletz, The Institution of Chemical Engineers, 1986
64Sources of Additional Information
- Guidelines for Hazard Evaluation Procedures,
Second Edition, Centre for Chemical Process
Safety, American Institute of Chemical Engineers,
1992 - Layer of Protection Analysis, Simplified Process
Risk Assessment, Centre for Chemical Process
Safety, American Institute of Chemical Engineers,
2001 - Hazard Identification and Risk Assessment, Geoff
Wells, The Institution of Chemical Engineers, 19. - MIL-STD-1629A, 1980
- Failure Modes and Effects Analysis, J. Moubray,
RCM II, 2000
65Questions?