770 likes | 938 Views
This project is funded by the European Union Projekat finansira Evropska Unija. PREVENTION AND EMERGENCY RESPONSE MEASURES Antony Thanos Ph.D. Chem. Eng. antony.thanos@gmail.com. Project implemented by Human Dynamics Consortium Projekat realizuje Human Dynamics Konzorcijum.
E N D
This project is funded by the European Union Projekat finansira Evropska Unija PREVENTION AND EMERGENCY RESPONSE MEASURES Antony ThanosPh.D. Chem. Eng.antony.thanos@gmail.com Project implemented by Human Dynamics Consortium Projekat realizuje Human Dynamics Konzorcijum
Information requirements • Information expected on : • Basic parameters and standards for design • Safety equipment main characteristics • Efficiency of safety measures • Control and monitor of measures • Training related to safety measures
Information requirements(cont.) • Information not to be providedwhen not contributing to report andbeing available else where, e.g. hydraulic calculations of pressure drop in fire-fight network (available anyway in fire-protection study) • Safety Report should not be a collection of certificates (pressure testing, etc.). Relevant documents should be checked during inspections
Safety measures • Measures for safety of installation, referred also as : • Safety Barriers • Lines of Defence • Layers of Protection • Safety measures : • prevent the expression of an initial event • prevent the escalation of an initial event to top event • contribute to mitigation of top event
Safety measures (cont.) • Basic categories (on target basis) : • Hardware, related with equipment, examples : • valves • instruments • fireproofing • fence • Behavioural, examples : • restrictions to personnel for entry in areas • regulations on work permit • instruction for evacuation
Safety measures (cont.) • Basic categories (on action type basis) : • Passive : • function is permanent (no activation required) • the state of process does not matter • examples : • safety dikes/bunds • fireproofing of equipment/structures • safety distances between equipment
Safety measures (cont.) • Basic categories (on action type basis) : (cont.) • Active : • function of measure requires activation • by process (pressure forces balance spring to move, in case of Pressure Safety Valves) • by human (hand operated isolation valves) • examples : • excess flow valves (high flow forces mechanism to move for operation) • fire-fight hoses (operation by human requires, network must be under pressure)
Safety measures (cont.) • Basic categories (on action type basis) : (cont.) • Active : (cont.) • function not guarantied 100%, as measures can fail, examples : • pressure safety valve does not open, or fails to close • fire-fight pump fail to start, no pressurisation of network • debris in line lead to excess flow valve failure to close (debris stuck on valve seat) • Instrument fails to measure pressure value, due to impulse line clogging
Layers of protection framework • Onion-shape, the failure of each internal layer requires the operation of the next external one
Process design • Basic elements of design, examples : • Raw materials hazardous properties • Intermediates hazardous properties • Process conditions (pressure, temperature, exotherm) • Design codes/standards
LI PRV LC FI LT FCV • Basic Process Control System • Monitoring / Automatic Regulation of process conditions (pressure, temperature etc.) within normal region
Basic Process Control System (cont.) • Important issues : • Establishment of proper power supply to instruments by secure source (batteries rack), monitoring not lost • Fail-safe mode for actuated valves in loss of actuation medium • Easy for pneumatic/hydraulic valves, fail safe action by spring action, in case of loss of pressure of air or hydraulic fluid, by fully closing/opening of valve) • Hard for motorised valves, if fail-safe requires move to either full close, or full open position. Typically motorised valves fail as-is
LI LAH LAL PRV LC FI LT FCV • Alarms and Human Intervention • Alarms from operating conditions going out of normal range, operator action (closure of FCV by operator in example) required to force operating condition (level in example) back to normal
Sensor Logic Solver Final element Comparison with limit Sensing of process parameter (transmitter or switch) Final control element (for example actuated valve) • Emergency Shut Down (ESD), Interlocks, Safety Instrumented Systems (SIS) • Emergency Shut Down : Procedure for moving the plant in safe condition via shutting down process • Automatically actuated by interlocks (“protection” system, Safety Instrumented System) • Basic elements of SIS
LAHH LSHH I1 • Emergency Shut Down (ESD), Interlocks, Safety Instrumented Systems (SIS) (cont.) Logic solver Sensor LI Final element LAH LAL PRV LC FI LT ESD valve FCV LCV SIS limits
Safety Instrumented Function (SIS) (cont.) • Automation sequence implemented by SIS is called Safety Instrumented Function (SIF) • Demand Mode SIF. In failure of SIF, hazard exists only in failure of Basic Process Control System. • Low probability of requirement to operate • Example, airbar : Operation via measurement of deceleration and activation of pyrotechnic devise inflating bag. Fail of airbag to operate has consequence only of car is out of control and crashes • Failure rate expressed as probability of failure on demand (PFD)
Safety Instrumented Function (SIS) (cont.) • Continuous Mode SIF. Interfered to some basic control • High probability of requirement to operate • Example, car breaks : almost continuous operation • Typical industrial example, burner management system in furnaces • Failure rate expressed as probability of failure per hour (PFH) or failure per year (PFY)
Safety Integrity Level (SIL) • District Level (1-4) for integrity of SIFs • In process industries up to SIL3 expected, higher in nuclear, aviation • Demand mode • PFD Risk Reduction Factor (RFF) • SIL1 10-2-10-1 10-100 • SIL2 10-3-10-2 100-1.000 • SIL3 10-4-10-3 1.000-10.000 • SIL4 10-5-10-4 10.000-100.000 • PDF=1/RFF
Safety Integrity Level (SIL) • Continuous mode • PFH • SIL1 10-6-10-5 • SIL2 10-7-10-6 • SIL3 10-8-10-7 • SIL4 10-9-10-8
Safety Integrity Level (SIL) • Typical steps for definition of required SIL • Calculation of existing risk (no SIF existing), Rinit • Comparison with risk level required, Rreq • Calculation of RFF, PFD for necessary SIF • Attribution of required SIL for SIF
LOPA and SIL • Layer Of Protection Analysis (LOPA) : methodology for evaluation on existing layers of protection and required risk reduction • Limited to single cause-consequence pairs • Similar to HAZOP, supplemented by additional columns for attribution of risk calculations. Necessary estimation of among others : • initial event probability • probability of failure of available safeguards, such as: • basic process control system, independent alarms (operator intervention in not fast processes) • physical protection systems
LOPA and SIL (cont.) • Necessary data failure rates, based on existing instruments/control valves in establishment • Necessary SIL must be verified by proposed SIF • PFD for SIF takes into account all SIF elements • Generic data on failure rates, for basic control system elements or existing SIF element might overestimate failure rate, especially for rather recent installations • Specialized data required on specific elements
LOPA and SIL (cont.) • Potentially, requirement for redundant SIF elements : Sensors / Logic solvers /Final elements • Specific redundancies required for SIF elements, for specific SIL levels, taking into account SFF (Safe Failure Fraction : fraction of element failures that are safe -not leading to hazardous situations- or diagnosed/detected) • Proof Test Period • Maximum period for verification of SIF function by testing • Affects detected and undetected dangerous failures of SIF and consequently SIF PFD value and SIL in combination with SIF configuration (XooY, e.g. 2oo3)
LI LAH LAL PRV LAHH LC FI LSHH LT ESD valve FCV LCV • Physical protection • Last barrier for avoiding Loss of Containment, relief devices (e.g. Pressure Safety/Relief valves, Rupture Disks)
Post release physical protection • Usually refers to safety dikes/bunds, minimising extent of area for released substance • Emergency response • Internal (1st level) • External (2nd level)
COMMENTS OF SPECIFIC SAFETY MEASURES FOLLOW
Prevention measures • Design basis/standards • List of standards expected to be available in new establishments, as typical part of construction Contracts • Potentially not available in very old small installations
Prevention measures (cont.) • Layout, separation distances between sections, activities, as per standards, legislation : • Segregation of storage and process areas (Domino effects minimisation) • Segregation of incompatible materials (for example, oxidisers with flammables) • Buildings with high occupancy (administration, maintenance) at distance from storage, process (minimisation of effects to personnel) • Buildings in process areas (e.g. control rooms) with special specification (blast proof, high fireproofing, special ventilation)
Prevention measures (cont.) • Layout and traffic control : • Road network design • main roads away from high hazard areas • establishment of alternative routes to all areas • access to site via alternative gate ways (essential for escape actions) • Collision control measures • Permanent protection sidebars in roads in vicinity to above ground pipelines, tanks
Prevention measures (cont.) • Layout and traffic control (cont.) : • Traffic control • Controlled entry to site • Road signals • Movable bars for entry to safety dikes • Vehicle velocity restrictions
Zone 1 Zone 1 LPG Road tanker station LPG cylinder filling station LPG tanks • Prevention measures(cont.) • Area classification (ATEX Directives) • In existing establishments, detailed information expected to be available : Maps with ATEX zones, equipment type per ATEX zone (Ex d, Ex ia etc.)
Prevention measures(cont.) • Area classification (ATEX) (cont.) • In new establishments, during Seveso Report submission stage, no detailed information expected to be available (usually defined during detailed design stage) • No details required to be provided in Seveso Report. Design basis for area classification and selection of equipment, ignition control to be considered as adequate • Explosion protection document (as per ATEX Directives) to document details on topic, during inspections
Prevention measures (cont.) • Area classification (ATEX) (cont.) • VERY IMPORTANT !!!! ATEX Directives implementation not intended to protect plant against Seveso accidents. ATEX Zones defined usually for limited release flow rates, not for catastrophic failures • Nevertheless, ATEX implementation considered as essential on risk control for both : • releases at “normal” operation • initial stage of accident development
Prevention measures (cont.) • Procedures • Equipment inspection (vessel/tanks, rotating equipment etc.) • Maintenance • Work permit regime • Predictive/preventive maintenance
Alert systems for emergency situations • Automatic systems via field detectors (gas, heat flame) in field • Manual operated systems (alert buttons in field) • Alarms provided locally (visual, optical alarm) and remotely (signal to dedicated panels in control room) • Essential for activating internal emergency plans • Central alarm system/panel for annunciation of emergency situation to all personnel, direct neighbours (siren, one/multiple type sounds)
Alert systems for emergency situations (cont.) • Essential provisions for alert systems • secured power supply (feed by UPS/generator) to detector/alert system via secured line), so that detectors remain live even in power failure in plant • addressable detectors, ring type topology (maintenance in section or signal line single failure does not deactivate other detectors)
Alert systems for emergency situations (cont.) • Detectors types : • Hand held : • Maintenance works (work permit requirement • Occupational health monitoring • Emergency response cases • Fixed detectors (field devices) • Detection concept categories : • Fire/Heat detectors • Gas detectors
Alert systems for emergency situations (cont.) • Fire/heat detectors : • Smoke (photo-electronics, ionisation) detectors (indoors applications) • Rate of Rise (ROR) temperature detectors (indoors, suitable for “dirty” air areas, comparison of two thermocouple/thermistors) • Temperature detectors (indoors applications, eutectic alloy principle (in 45-60 °C range) • Linear type (metal cord couple or optic fibre, with sensitive to heat polymer), example applications : • floating roof rim seal area • transformers
Alert systems for emergency situations (cont.) • Fire/heat detectors : • Optical flame detectors • detection in cone shape area • UV spectra • best for hydrogen fire, not for smoky fires • susceptible to false alarms from arcs • usually used indoors, • IR/multi spectra (best for hydrocarbons fires, even for hydrogen with special filters) • Visual flame imaging (special CCD cameras)
Alert systems for emergency situations (cont.) • Gas Detectors (point) : • Catalytic sensor (pellistor), half bridge with one element in catalytic material • typical for fixed detectors for combustible gas concentration • limitation to 10% O2 concentration and for concentration above UFL) • Catalyst poisoning issues
Alert systems for emergency situations (cont.) • Gas Detectors (point) : • IR absorption sensors • Absorbance required in IR (not for hydrogen) usually for hydrocarbons • Immune to poisons • Fail-safe • Thermal conductivity sensor (for specific gases as hydrogen methane, sampling line to detector required as also reference gas) • Semiconductor, MOS (for flammables, based on variation of conductivity on surface absorption of gas)
Alert systems for emergency situations (cont.) • Gas Detectors (point) : (cont.) • Electrochemical sensors (typical for toxic gases) • Flame ionisation detector (needs hydrogen supply for flame and sampling light to detector), suitable for flammables • Photoionisation (UV radiation spectrum), for small leak identification via portable instrument • Paramagnetic (for Oxygen)
Alert systems for emergency situations (cont.) • Gas Detectors (path) : • Monitoring specific path between source of radiation source and detector (up to 100 m for hydrocarbons) • Typically IR absorption concept • IR cloud imaging (up to 2 km), requires temperature difference between release and background
Alert systems for emergency situations (cont.) • Acoustic leak detectors • Gas releases create high frequency sound (ultrasound) • Performance usually set for release 0.1 kg/sec • Identification in area basis (radius up to 40 m) • Suitable for both flammables, toxic releases, not selective gas application • Potential false signals from not continuous background noise (e.g. opening of steam trap.) • Signal filtering required • In low pressure releases (<10 bar), detector required to be closer to source
Alert systems for emergency situations (cont.) • Gas detectors issues • IMPORTANT !!!, interference of other gases with gas detector signal, risk of inaccurate signal • In case of different types of flammables (e.g. hydrogen and hydrocarbons) special type of dedicated detectors for each type may be required • Poisoning by other gases (e.g. chlorine, sulfur compounds) • Typically, pre-alarms and main alarm provided by detectors (for example at 10% and 25% of LEL for flammables)
Alert systems for emergency situations (cont.) • Very important features for flame/heat/gas detectors • Installation requirements • At high/lowelevation, depending on gas dispersion type (neutral/heavy gas cases) indoors detectors), ventilation type • Coverage (hard to define for point detectors, no special information in standards) • Proper classification of detectors per ATEX requirements • Fail-safe operation not always evident
Alert systems for emergency situations (cont.) • Very important features for flame/heat/gas detectors (cont.) • Diagnostics/self check required, examples : • clear path for optical methods • functioning detector • Functioning electronics • Maintenance/calibration periods
Fire-fight systems • Safety report must not include primary calculations for fire-fight systems, such as : • water network hydraulic calculations, • capacity requirement calculations • The former are expected to be provided in fire protection studies • Safety report must provide data on : • System elements characteristics and performance • Activation method of sections of fire-fight systems (fire fight panels, local buttons etc.)
Fire-fight systems (cont.) • Water supply source : • location, • capacity (volume) • availability (hours) based on worst case demand from fire protection study • refill rate (if connected with external sources, e.g. tap water network) • Fire Department twins connection points (fire brigade vehicles, third party water tankers) to fire network (location, number and type of connections, network sections served)
Fire-fight systems (cont.) • Fire-fight water pumps : • location, number/ type • electric (power supply source) /diesel (capacity of available fuel) • main /jockey (if applicable) • capacity of pumps (flow, DH) • mode of operation start • local-manual (start button in pump house) • remote- manual (start button in remote places defined, such as close for fire cabinets) • automated (pressure switch in network or other)