Practical Hazops, Trips and Alarms vi Contents Other titles in the series Practical Data Acquisition for Instrumentation and Control Systems (John Park, Steve Mackay) Practical Data Communications for Instrumentation and Control (Steve Mackay, Edwin Wright, John Park) Practical Digital Signal Processing for Engineers and Technicians (Edmund Lai) Practical Electrical Network Automation and Communication Systems (Cobus Strauss) Practical Embedded Controllers (John Park) Practical Fiber Optics (David Bailey, Edwin Wright) Practical Industrial Data Networks: Design, Installation and Troubleshooting (Steve Mackay, Edwin Wright, John Park, Deon Reynders) Practical Industrial Safety, Risk Assessment and Shutdown Systems for Instrumentation and Control (Dave Macdonald) Practical Modern SCADA Protocols: DNP3, 60870.5 and Related Systems (Gordon Clarke, Deon Reynders) Practical Radio Engineering and Telemetry for Industry (David Bailey) Practical SCADA for Industry (David Bailey, Edwin Wright) Practical TCP/IP and Ethernet Networking (Deon Reynders, Edwin Wright) Practical Variable Speed Drives and Power Electronics (Malcolm Barnes) Practical Centrifugal Pumps (Paresh Girdhar and Octo Moniz) Practical Electrical Equipment and Installations in Hazardous Areas (Geoffrey Bottrill and G. Vijayaraghavan) Practical E-Manufacturing and Supply Chain Management (Gerhard Greef and Ranjan Ghoshal) Practical Grounding, Bonding, Shielding and Surge Protection (G. Vijayaraghavan, Mark Brown and Malcolm Barnes) Practical Industrial Data Communications: Best Practice Techniques (Deon Reynders, Steve Mackay and Edwin Wright) Practical Machinery Safety (David Macdonald) Practical Machinery Vibration Analysis and Predictive Maintenance (Cornelius Scheffer and Paresh Girdhar) Practical Power Distribution for Industry (Jan de Kock and Cobus Strauss) Practical Process Control for Engineers and Technicians (Wolfgang Altmann) Practical Telecommunications and Wireless Communications (Edwin Wright and Deon Reynders) Practical Troubleshooting Electrical Equipment (Mark Brown, Jawahar Rawtani and Dinesh Patil) vi Contents Practical Hazops, Trips and Alarms David Macdonald, BSc (Hons) Inst. Eng., Senior Engineer, IDC Technologies, Cape Town, South Africa Series editor: Steve Mackay AMSTERDAM • BOSTON • HEIDELBERG • LONDON NEW YORK • OXFORD • PARIS • SAN DIEGO SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO Newnes is an imprint of Elsevier vi Contents Newnes An imprint of Elsevier Linacre House, Jordan Hill, Oxford OX2 8DP 200 Wheeler Road, Burlington, MA 01803 First published 2004 Copyright © 2004, IDC Technologies. All rights reserved No part of this publication may be reproduced in any material form (including photocopying or storing in any medium by electronic means and whether or not transiently or incidentally to some other use of this publication) without the written permission of the copyright holder except in accordance with the provisions of the Copyright, Designs and Patents Act 1988 or under the terms of a licence issued by the Copyright Licensing Agency Ltd, 90 Tottenham Court Road, London, England W1T 4LP. Applications for the copyright holder’s written permission to reproduce any part of this publication should be addressed to the publisher Permissions may be sought directly from Elsevier’s Science and Technology Rights Department in Oxford, UK: phone (+44) (0) 1865 843830; fax: (+44) (0) 1865 853333; e-mail: [email protected]. You may also complete your request on-line via the Elsevier homepage (http://www.elsevier.com), by selecting ‘Customer Support’ and then ‘Obtaining Permissions’ British Library Cataloguing in Publication Data Macdonald, D. M Practical hazops, trips and alarms – (Practical Professional) 1. Machinery – Safety appliances 2. Machinery – Monitoring I. Title 621.3'0289 Library of Congress Cataloguing in Publication Data A catalogue record for this book is available from the Library of Congress ISBN 0 7506 6274 3 For information on all Newnes Publications visit our website at www.newnespress.com Typeset and edited by Integra Software Services Pvt. Ltd, Pondicherry, India www.integra-india.com Printed and bound in The Netherlands Working together to grow libraries in developing countries www.elsevier.com | www.bookaid.org | www.sabre.org vi Contents Contents Preface................................................................................................................viii 1 Introduction to hazard studies...............................................................................1 1.1 Scope and objectives of this chapter.......................................................1 1.2 Introduction to hazards and risk management.........................................1 1.3 Risk assessment....................................................................................10 1.4 Concepts of Alarp and tolerable risk.......................................................15 1.5 Regulatory frameworks and examples from EU and USA......................21 1.6 Methods of identifying hazards...............................................................26 2 Hazard studies at levels 1 and 2 .........................................................................31 2.1 Introduction.............................................................................................31 2.2 Methodologies for hazard study 1...........................................................37 2.3 Process hazard study 2..........................................................................40 2.4 Practical example of hazard 2 application ..............................................53 2.5 Case study.............................................................................................62 2.6 Conclusion on hazard studies 1 and 2....................................................62 3. Risk reduction measures using alarms and trips.................................................65 3.1 Risk reduction measures........................................................................65 3.2 Terminologies and standards for safety systems....................................66 3.3 Equipment under control ........................................................................67 3.4 Protection layers.....................................................................................72 3.5 The role of alarms in safety....................................................................78 3.6 Alarm types and do they qualify as safeguards?....................................81 3.7 Identification and design of safety-related alarms...................................82 3.8 Key design principles for alarms.............................................................87 3.9 SIS, principles of separation...................................................................90 3.10 Simple and complex shutdown sequences, examples............................92 3.11 Conclusions: the role of Hazops in defining alarms and trips..................95 4 Hazop method ....................................................................................................97 4.1 Introduction.............................................................................................97 4.2 Introduction to Hazop.............................................................................98 4.3 Overview of Hazop method....................................................................99 4.4 Points to note on the examination procedure ...................................... 116 vi Contents 4.5 Practical exercise: continuous process example..................................120 4.6 Hazop for batch processes and sequential operations.........................120 4.7 Hazops for other disciplines.................................................................124 4.8 Conclusions.........................................................................................129 5 Planning and leadership of Hazops ................................................................ 130 5.1 Introduction......................................................................................... 130 5.2 Organizing the Hazop......................................................................... 130 5.3 The team leader and the team............................................................ 132 5.4 Practical exercise: hybrid batch process example............................... 141 6 Specifying safety instrumented systems ......................................................... 143 6.1 Introduction..........................................................................................143 6.2 Risk reduction by instrumented protection...........................................144 6.3 What affects the safety integrity of an instrument trip? ........................149 6.4 Overview of IEC 61508........................................................................150 6.5 Determining the safety integrity............................................................156 6.6 Design essentials to meet SIL targets..................................................159 6.7 Specifying the SIS requirements..........................................................168 6.8 Documenting the SRS.........................................................................174 6.9 Conclusions.........................................................................................179 7 Hazard analysis methods .................................................................................180 7.1 Introduction..........................................................................................180 7.2 Outline of methods...............................................................................181 7.3 Fault tree analysis................................................................................185 7.4 Practical exercise in FTA.....................................................................192 7.5 Conclusions.........................................................................................192 8 Factors in the choice of protection system .......................................................193 8.1 Introduction and objectives..................................................................193 8.2 Equipment selection.............................................................................197 8.3 Key points about sensors and actuators..............................................206 8.4 Guidelines for the application of field devices in the SIS......................209 8.5 IEC 61508 requirements for field devices............................................216 8.6 Technology issues...............................................................................216 8.7 Guidelines for final elements................................................................218 8.8 Summary of technology and applications.............................................224 8.9 Summary of SIL vs cost.......................................................................224 9 Exercise in specifying an SIS from the Hazop .................................................226 9.1 Introduction..........................................................................................226 9.2 Process description..............................................................................226 9.3 Safety requirements specifications ......................................................231 9.4 Conclusion...........................................................................................236 Contents vii Appendix A: References used in the manual................................................................237 Appendix B: Some websites for safety systems information.........................................239 Appendix C: Notes on national regulations relevant to hazard study and safety management.............................................................................................242 Appendix D: Software tools for hazard studies.............................................................247 Appendix E: EPA case study of phenol resin hazards..................................................248 Appendix F: Expanded guideword table for continuous processes...............................249 Appendix G: Methods of reporting................................................................................251 Appendix H: Design and calibration of a risk graph......................................................253 Appendix I: Data capture sheet ....................................................................................257 Appendix J: Glossary of terms used in hazard studies and safety-related systems......259 Practical exercises........................................................................................................264 Exercise 1..........................................................................................................264 Exercise 2..........................................................................................................266 Exercise 3..........................................................................................................268 Exercise 4..........................................................................................................275 Exercise 5..........................................................................................................280 Exercise 6..........................................................................................................286 Exercise 7..........................................................................................................288 Exercise 8..........................................................................................................294 Exercise 9..........................................................................................................302 Answers to practical exercises .....................................................................................306 Exercise 1..........................................................................................................306 Exercise 2..........................................................................................................308 Exercise 3..........................................................................................................309 Exercise 4..........................................................................................................314 Exercise 5..........................................................................................................320 Exercise 6..........................................................................................................323 Index.............................................................................................................................325 Preface Introduction to the book This introduction maps out the reasons why this book has been prepared and introduces the ideas behind it. This section also provides a guide to the contents and uses of the manual. What is the book about? This book is about some of the critical activities involved in making sure that a manufacturing process is: • Safe for people to work with • Safe against damage to the environment • Secure against failures that could result in major asset losses in the business. It concentrates on the application of hazard study methods and the actions that follow from them for providing protection against hazards. The book seeks to provide training in three basic steps that form part of the overall risk management framework for industries such as chemicals, oil and gas, pharmaceuticals and food processing. The steps can be seen in Figure P.1. Information on the process Identify hazards Hazard studies Hazard analysis and Evaluate risks risk assessment Specify risk reduction measures Trips and alarms Figure P.1 Scope of the book Preface ix • Hazards of a process plant or an activity are identified through the systematic application of hazard studies based on the best possible information available. • Hazards may create risks to people, environments and property. The risks may or may not be acceptable. This requires evaluation through the techniques of risk assessment and hazard analysis. • Whenever risks are found to be unacceptable, solutions have to be found either by fundamental design changes or by providing protection measures. Protection measures may be mechanical or organizational or they may be provided by safety-related control systems employing alarm devices or automatic controls. For simplicity in this book we call them trips and alarms. For protection measures to succeed they must be based on three key factors: 1. There must be correct and up-to-date knowledge of the hazardous situations that are to be controlled including knowledge of the possible causes. 2. There must be a clearly defined course of action to be taken in response to the approach to a hazardous event. 3. The protection systems must be appropriate for the problem and be correctly designed and maintained. Appropriate implies that the protection systems must be practical to use, will carry out the correct actions to restore safe conditions and will be engineered to a level of reliability sufficient to match the degree of risk reduction demanded by the hazardous event. Furthermore, the protection systems must not impede productivity or impact negatively on production volumes through its complexity nor create unacceptable production losses through unreliable operations. These points appear to be simple and obvious. However, there is a lot of evidence to show that it is not unusual for risk reduction measures to be out of touch with the original problem they were intended to deal with. For example, Figure P.2 shows the results of a survey of control and safety system failures by the United Kingdom Health and Safety Executive (HSE), the body responsible for administration and control of occupational and home safety in the UK. The survey classified the causes of 34 accidents involving failures of control systems, which were supposed to protect against such incidents. HSE summary of findings The Summary of the problems of failed safety systems found by HSE included some interesting paragraphs. Analysis of incidents showed: • The majority of incidents could have been anticipated if a systematic risk-based approach had been used throughout the life of the system. • Safety principles are independent of the technology. • Situations often missed through lack of systematic approach. Quoting from the report: The analysis of the incidents shows that the majority were not caused by some subtle failure mode of the control system, but by defects which could have been anticipated if a systematic risk-based approach had been used throughout the life of the system. It is also clear that despite differences in the underlying technology of control systems, the safety principles needed to prevent failure remain the same.