420 likes | 766 Views
ERT 322 SAFETY AND LOSS PREVENTION RISK ASSESSMENT. Prepared by: Miss Syazwani Mahmad Puzi. Introduction. Risk assessment includes: 1. Incident Identification 2. Consequence Analysis 1. Incident Identification - describe how an accident occurs - HAZOP 2. Consequence Analysis
E N D
ERT 322SAFETY AND LOSS PREVENTIONRISK ASSESSMENT Prepared by: Miss Syazwani Mahmad Puzi
Introduction • Risk assessment includes: 1. Incident Identification 2. Consequence Analysis 1. Incident Identification - describe how an accident occurs - HAZOP 2. Consequence Analysis - describes the expected damage - Dow F&EI is a form of consequence analysis
Objectives • To define the probability theory • To discuss, analyze and evaluate - Event Tree - Fault Tree - LOPA
Probability Theory • Component failures or faults occur after a certain period of time. • Reliability, R – the probability that the component will not fail: • µ is a constant failure rate (refer to Table 11-1 for selected component)
Probability Theory • Unreliability, P – failure probability:
Probability Theory • Mean time between failure (MTBF): - time interval between two failures of the component
Interaction between process unit • Accident in chemical/bioprocess plants are usually the result of a complicated interaction of a number of process components. • Parallel or series interaction. a) Parallel - logical AND function - Overall failure probability, P = multiply the P for the individual components - Overall reliability, R = 1 – P
Interaction between process unit: b) Series - logical OR function - Overall Reliability, R = multiply the R for the individual components - Overall failure probability, P = 1 – R
Example 11-1 The water flow to a chemical reactor cooling coil is controlled by the system shown in Figure 11-4. The flow is measured by a differential pressure (DP) device, the controller decides on an appropriate control strategy, and the control valve manipulates the flow of coolant. Determine the overall failure rate, the unreliability, the reliability, and the MTBF for this system. Assume a 1-yr period of operation.
The process component are related in series. • If any one of the components fail, the entire system fails. • Failure rates are from Table 11-1. • Reliability – Eq. 11-1 • Failure probability – Eq. 11-2
Overall reliability, R (Eq. 11-8) • Failure probability, P • Overall failure rate, µ • MTBF
Example 11-2 A diagram of the safety systems in a certain chemical reactor is shown in Figure 11-5. This reactor contains a high-pressure alarm to alert the operator in the event of dangerous reactor pressures. It consists of a pressure switch within the reactor connected to an alarm light indicator. For additional safety an automatic high-pressure reactor shutdown system is installed. This system is activated at a pressure somewhat higher than the alarm system and consists of a pressure switch connected to a solenoid valve in the reactor feed line. The automatic system stops the flow of reactant in the event of dangerous pressures. Assume a 1-yr period of operation.
Compute: a) the overall failure rate, b) the failure probability, c) the reliability, d) and the MTBF for a high-pressure condition.
A dangerous high-pressure reactor situation occurs only when both the alarm system and the shutdown system fail. • These two components are in parallel. • For the alarm system the components are in series:
The two systems are combined using Equation 11-6 (parallel):
For the alarm system alone a failure is expected once every 5.5 yr. • For a reactor with a high- pressure shutdown system alone, a failure is expected once every 1.80 yr. • However, with both systems in parallel the MTBF is significantly improved and a combined failure is expected every 13.7 yr.
Event Tree • Begin with initiating event and work toward a final result • Consider the chemical reactor system shown in Figure 11-8. • This system is identical to the system shown in Figure 10-6, except that a high-temperature alarm has been installed to warn the operator of a high temperature within the reactor. • The event tree for a loss-of-coolant initiating event is shown in Figure 11-9.
Four safety functions are identified. These are written across the top of the sheet. 1) The first safety function is the high-temperature alarm. 2) The second safety function is the operator noticing the high reactor temperature during normal inspection. 3) The third safety function is the operator reestablishing the coolant flow by correcting the problem in time. 4) The final safety function is invoked by the operator performing an emergency shutdown of the reactor.
Let us also assume that: • The hardware safety function fail 1% of the time they are placed in demand. This is a failure rate of 0.01 failure/demand. • Assume that the operator will notice the high reactor temperature 3 out of 4 times and that 3 out of 4 times the operator will be successful at reestablishing the coolant flow. • Both of these cases represent a failure rate of 1 time out of 4, or 0.25 failure/demand. • Finally, it is estimated that the operator successfully shuts down the system 9 out of 10 times. This is a failure rate of 0.10 failure/demand.
Fault Tree • Method for identifying ways in which hazards can lead to accidents. • Identified top event and works backward toward the various scenarios that can cause the accident.
Top event: flat tire • Cause can classified into: i) Basic event – cannot be defined further ii) Intermediate event – can be defined further • Circle denotes basic event • Rectangular denotes intermediate event
Example 11-5 Consider Example 11-2. Draw a fault tree for this system.
Solution • The top event is written at the top of the fault tree and is indicated as the top event (see Figure 11-14). • Two events must occur for overpressuring: failure of the alarm indicator and failure of the emergency shutdown system. • These events must occur together so they must be connected by an AND function. • The alarm indicator can fail by a failure of either pressure switch 1 or the alarm indicator light. These must be connected by OR functions. • The emergency shutdown system can fail by a failure of either pressure switch 2 or the solenoid valve. These must also be connected by an OR function.
Risk • Usually describe graphically as shown in Fig 11-15. Figure 11-15 General description of risk.
Actual risk of a process or plant is determined using 1. Quantitative risk analysis (QRA) 2. Layer of protection analysis (LOPA)
Layer of Protection Analysis (LOPA) • LOPA is a semi-quantitative tool for analyzing and assessing risk. • To characterize the consequences and estimate the frequencies. • In order to lower the frequency of the undesired consequences, various layers of protection are added to a process. • Figure 11-16 shows the concept of layers of protection. • The primary purpose of LOPA is to determine whether there are sufficient layers of protection against a specific accident scenario.