1

WASHEQ 2015

Ella Agbettor

SHEQ Foundation

Process Safety Engineering

Mitigating Risks

EVERYONE is responsible for safety

From the lab technician to the cleaner to the managing director

• Nobody wants to be involved with a major accident

• Nobody wants to see their fellow coworkers injured or killed as a result of their work

• Nobody wants to see their jobs or business destroyed

EVERYONE IS RESPONSIBLE FOR SAFETY

2

TWO ASPECTS OF SAFETY

There are two aspects of safety

• Process Safety

• Personal Safety

Personal Safety:

Incidents that have the potential to injure

one person and generally occur due to

individual work habits.

Occupational incidents – slips/trips/falls,

struck-by incidents, physical strains,

electrocution.

Generally OHS are avoided by wearing

PPEs & following procedures.

An effective personal safety

management system DOES NOT

prevent major accidents events!

Process Safety:

Process safety hazards can give rise to major

accidents involving the release of potentially

flammable, reactive, explosive or toxic materials,

the release of energy (such as fires and explosions),

or both. These are events that have the potential to

lead to multiple fatalities and/or major

environmental damage. Process safety management

ensures there are Adequate Barriers to MAE’s.

PROCESS SAFETY VS PERSONAL SAFETY

4

Increasing Likelihood of Event

In

cre

asin

g C

on

se

qu

en

ce

s of E

ve

nt

Occupational Health

& Safety Risks

Major Accident

Hazard Risks

Potentia

l

Losses increasin

g

Possib

le E

scala

tion

Increasing Likelihood of Event

In

cre

asin

g C

on

se

qu

en

ce

s of E

ve

nt

Occupational Health

& Safety Risks

Major Accident

Hazard Risks

Potentia

l

Losses increasin

g

Possib

le E

scala

tion

PROCESS SAFETY PERSONAL SAFETY

INCIDENTS THAT DEFINE PROCESS SAFETY

5

PSM REGULATION FROM THE UK AND USA

6

Employee Participation

Training

Process Hazard Analysis

Mechanical Integrity

Process Safety Information

Operating Procedures

Hot Work Permit

Management Of Change

Pre Start-up Review

Emergency Planning &

Response

Incident Investigation

Contractors

Compliance Audits

Trade Secrets

OSHA 1910.119 (USA)

Platform Description

Reservoir Description

Management System

Policy

Organisation

Processes

Risk Assessment

Permit To Work

Management of Change

Performance Measurement

Audit & Review

Major Hazard Identification

Major Hazard Risk Assessment

Demonstration Of:

Prevention

Control

Mitigation

Evacuation Rescue & Recovery

Safety Case

SAFETY CASE (UK)

Policy

Organisation

Processes

Risk Assessment

Permit To Work

Management of Change

Performance Measurement

Audit & Review

Major Hazard Identification

Major Hazard Risk Assessment

Safety & Environment

Demonstration Of:

Prevention

Control

Mitigation

Emergency Response Plans

Onsite & Offsite

Safety Report

SEVESO II (COMAH) UK

Does this look familiar? How do these compare? Differences?

RISK MANAGEMENT PROCESS – SUMMARY

Risk Potential Matrix

New/ Major Facilities

Brownfield / Sites

Workgroup Non-Routine Activity

Routine Activity by

Individuals and Workgroups

Task Risk Assessment -Qualitative

Health Risk Assessment

Safety Cases, Hazard Registers, Site

Standards, Procedures, PTW

HSE Bulletins, Toolbox meetings

Risk Management Process

HAZARD IDENTIFICATION [HAZOP][HAZID][LAYOUT REVIEW] [BOWTIE][ FMEA]

[HRA]

HAZARD ASSESSMENT [[FRA][EETRA][QRA][ALARP][DO][LOPA]

HAZARD MITIGATION [F&G][[IGNCONTROL][AFP][PFP][BLOWDOWN][FLARE]

[DOP]

Legislation & Regulations

International Codes & Standards,

Industry Standards, Company Standards

Sources of Information

Inspection checklists,

Induction handbooks,

Incident Report feedback,

Job Start meetings

QUANTITATIVE

QUALITATIVE

PROCESS SAFETY IMPLEMENTATION

7

Provide rapid and reliable indication of the occurrence of a hazardous event involving fire and/or

loss of containment of flammable or toxic inventories to :

• Emergency Shutdown (ESD 1) of affected Fire Zone

( on confirmed gas detection or fire detection )

• Initiate Alarms

• Trigger emergency isolation and

depressurisation of hydrocarbon inventories

• Initiate fire water deluge system

(fire, sometimes toxic or flammable gas)

• Initiate CO2 or INERGEN or FMC 200 fixed fire

extinguishing systems

• Trip power generation and electrical equipment

• Increase ventilation in enclosures

• Close dampers in HVAC air intakes

HAZARD MITIGATION – FIRE & GAS DETECTION 1

8

HAZARD MITIGATION – FIRE & GAS DETECTION 2

9

Types of detectors

• Smoke Detectors (Optical/ Ionisation)

• Heat Detectors ( FT/ RoR)

• Flame Detectors (UV/ UVIR/ IR/IR2/IR3)

• Hydrocarbon Gas Leak Detectors ( Line of sight , ultrasonic)

• Toxic Gas Detectors

• Open Path Gas leak Detectors

• VESDA

The use of fire and gas mapping to ensure coverage is adequate

HAZARD MITIGATION – FIRE PROTECTION 1

10

Active fire protection objectives are achieved by

reduction of the fire effects through:

•cooling of the hydrocarbon equipment

•shielding against radiation

•fire suppression

Active fire protection is activated:

•By Fire and Gas detection logic (automatically)

•manually (local and remote)

Active fire protection ( fire pumps, ringmain, deluge

valves and nozzles). Type of protection depends on

required duty – this may be to extinguish the fire,

control the fire or provide exposure protection.

Types include:

•water deluge

• foam

•water mist / steam

•dry powder

•inert gas (Inergen), CO2

1 200

1 000

800

600

400

200

010

°C

minutes20 30 40 50 60

Standard Fire CurvesTemperature vs. Time

Jet fire

Hydrocarbon fire

Cellulosic fire

Fire Barriers / Partitions between areas e.g. Process /

Non Process :

• Coatings on Bulkheads - For A / H / JF ( with wire

mesh )

• Prefabricated GRP Panels - For A / H / JF

• Prefabricated Panels with insulation - For A / H /

Not JF

Critical Structural Members / Risers / Flare Structure /

Supports

Intumescent or Cementious coatings - For H / JF ( with

wire mesh)

Risers / ESDV's / Equipment / Panels

GRP Cast Sections for risers and boxes for ESDV

Intumescent half shells

Penetrations :

Seals suitable

for For A / H / JF

Passive fire protection -Fireproofing to prevent failure of

structures and equipments. Coating applied to the wall of

vessel (mineral or organic-based).

Resist to flames and slow down heat transfer to the wall ( fire

walls, chartek, blast wall, fire blankets)

Design for blast – possible explosion overpressure

The duration of the required stability and integrity

A = 60 minutes

H = 120 minutes

J = J-class is not a standard fire rating. SEV specification

retains H capabilities of 120 minutes

HAZARD MITIGATION – FIRE PROTECTION 2

11

J 45/ H60, 0.3

bar Blast wall

HAZARD MITIGATION – EMERGENCY SHUTDOWN 1

12

In the event of a process upset that can lead to loss of containment or hydrocarbon leak we need to

shutdown the process unit and sometimes the platform immediately so the event does not escalate to other

areas of the Platform.

ESD0 Total Black-Out

ESD1-1 Emergency Shut-

Down Fire Zone 1

SD2-1.1 Functional Unit Shut

Down Unit 1.1

SD3-1.1.1 Individual Shut-Down

Equipment 1.1.1

SD3-1.1.k Individual Shut-Down

Equipment 1.1.k...

SD2-1.j... Functional Unit Shut

Down Unit 1.j...

SD3-1.j.1 Individual Shut-Down

Equipment 1.j.1

SD3-1.j.k... Individual Shut-Down

Equipment 1.j.k...

ESD1-i... Emergency Shut-

Down Fire Zone 2...

SD2-i.1 Functional Unit Shut

Down Unit i.1

SD3-i.1.1 Individual Shut-Down

Equipment i.1.1

SD3-i.1.k... Individual Shut-Down

Equipment i.1.k...

SD2-i.j Functional Unit Shut

Down Unit i.j...

SD3-i.j.1 Individual Shut-Down

Equipment i.j.1

SD3-i.j.k... Individual Shut-Down

Equipment i.j.k...

HAZARD MITIGATION – OVERPRESSURE

13

Most of the plant is pressurised so what happens during an over pressure event. Design of relief disposal dependent on relief

requirements (e.g. fire, overpressure by gas , overfilling by liquid, reaction runaway).

Relief devices are installed and during an overpressure event they open and allow the gas to go to the flare

thus preventing over pressure of equipment. Process engineers have to size these devices for the

equipment they are protecting.

A flare or vent system consists of:

• Relieving devices in the Process systems

(PSV, BDV, Bursting discs,…)

•Headers for collection of relieved effluents

•Knock out (KO) Drum to segregate gas and

liquid phases

•Sealing devices to prevent air ingress (purge

gas, seals) or Designed to

•sustain internal explosion (15 barg as a

result of internal generic study)

•Disposal devices for the gas and liquid

(Flare tip, liquid burners, burn pit,…)

Function Of Drainage Systems

SAFETY

• Minimise uncontrolled spillage

• Minimise the risk of ignition (evacuation of flammable liquids away from ignition sources)

• Prevent escalation of a fire across the installation (containment and evacuation of flammable liquids)

ENVIRONMENT

• Minimise direct discharge of polluted streams by channelling to appropriate treatment units

Key Features For Safety Of Drainage

• Architecture of network to prevent cross-contamination

• Gas seals and fire breaks to prevent migration

Closed Drains Are Connected To:

• Hydrocarbon equipment under PRESSURE

• Equipment handling TOXIC fluids (intentional release to atmosphere not acceptable)

Open drains are ATMOSPHERIC systems

HAZARD MITIGATION – DRAINAGE

14

HAZARD MITIGATION – IGNITION CONTROL 1

15

Due to the flammable nature of oil and gas ignition control is very important because if there

is no ignition source there will be no explosion or fires.

Precautions:

> Avoiding flammable substances (replacement technologies)

> Inerting (addition of nitrogen, carbon dioxide etc.)

> Limitation of the concentration by means of ventilation

Ignition sources identification:

Apparatus which, separately or jointly, are intended for the

generation, conversion of energy capable of causing an

explosion through their own potential sources of ignition

Measures to limit the effect of explosions to a safe degree:

> Explosion pressure resistant construction

> Explosion relief devices

> Explosion suppression by means of extinguishers, deluge, etc

Hazardous Area Classification

Zone 0.

In which ignitable concentrations of flammable gases or vapours are present continuously, or in

which ignitable concentrations of flammable gases or vapours are present for long periods of

time.

• Zone 1.

In which ignitable concentrations of flammable gases or vapours are likely to exist under

normal operating conditions. (for a full definition refer to API RP 505).

• Zone 2.

In which ignitable concentrations of flammable gases or vapours are not likely to occur in

normal operation, and if they do occur will exist only for a short period (for a full definition

refer to API RP 505).

Reduce to an acceptable level the probability of coincidence of a flammable atmosphere and

an ignition source, by means of:

• Segregation of hydrocarbon sources and ignition sources,

•Selection of equipment with the potential to cause ignition:

HAZARD MITIGATION – HAZ. AREA CLASSIF.

16

HVAC unit usually is placed between the

helideck and the roof of the quarters for

offshore units.

The living quarters and electrical switch

rooms also requires a ventilation system , in

the event of a gas release or fire the HVAC

damper shut off preventing gas ingress.

Note normally you will have fire and gas

detectors at HVAC inlets to detect gas and

shutdown damper especially if HVAC inlet is

in close proximity to the process area.

HAZARD MITIGATION – HVAC & VENTILATION 1

17

TECHNICAL INTEGRITY

18

8 Dimensions of Integrity Monitoring

Shutdown Systems

Risk Control Dimensions Hydrocarbon

Leak

Safe

Operation

Major

Accident

H

A

Z

A

R

D

S

Prevention Barrier

• Mech

Integrity

• Ignition

Control

• Fire & Blast

walls location

Plant

Design

A

Plant

Design

A

• Thickness

m’ment

• PM checks

Equip. online

•Condition

monitoring

Inspection

and

Maintenance

B

Inspection &

Maintenance

B

• Defined &

understood

scope of

work

• Hazards

identified,

risk assessed

& Controls

in place

• Work

authorised

Permit to

work

C

Permit to

Work

C

• Risk

assessment

for potential

impacts

• Authorised

management of

change

• Case to

operate

Plant change

management

D

Plant Change

Management

D

• Standard’sd

Operating

Procedures

• Periodical

review done

• Temporary

procedures

for changed

situations risk

assessed.

Operational

Procedures

E

Operations

Proedures

E

• Role specific

competency

criteria for

process safety

• Periodic inputs

for updating

• Periodic

assessment

Staff

Competence

F

Staff

Competence

F

• Fire & Gas

alarms

• Routine

monit’ng

of alarms / trips

• Defined

procedure

for

management

of inhibits /

overrides

Alarms &

Instruments

G

Alarms &

Instruments

G

• Periodic

testing of ESD /

trips and

emergency

systems

• Periodic Mock

drills of ERP

• Emergency

procedures

updated

Emergency

arrangements

H

Emergency

Arrangements

H

Mitigation Barrier

C

O

N

S

E

Q

U

E

N

C

E

S

• Each Barrier is important

• Concurrent failure in barriers can result in Near Miss or MAE

• Significant Failing in just one critical barrier sometimes is sufficient to cause incident

• Continuous monitoring & testing of Barriers is needed through suitable tools

Technical Integrity (TI) is all about management of SCE ( HAZARD MITIGATION

MEASURES)

ESTABLISH DESIGN INTEGRITY

19

Technical Integrity Management

Hazid Hazop

Studies

PERFORMANCE

STANDARDS

SMS and

Procedures

Operations Safety Case

Work

Orders

Risk Based

Inspection /

Reliability

Centred

Maintenance

Major Health Hazards and

Major Accident Events

Hazard

Register

All HSE

Hazards

Formal Safety

Studies

SAPIntegrity

ReportsMAXIM

O

Project Phase Establish Integrity by identifying MAE, SCE ( Safety Critical Elements) producing Performance Standards(PS) all contributing to the establishment of Technical Integrity (TI).

In the operation phase, safeguard integrity by maintaining equipment, reviewing, verifying and assuring integrity using

performance standards, corrective action should be closed out appropriately all leading to maintaining TI.

MAJOR ACCIDENT EVENTS

(MAE)

Establish Design Integrity and Safeguard it during Operations

INHERENT SAFETY

20

THE BASICS •Fewer hazards •Fewer causes •Reduced severity •Fewer consequences

1 . Minimise – use smaller

quantities of hazardous substances

2 . Substitute – replace a material with a less hazardous

substance

3 . Moderate – use a less hazardous

condition, a less hazardous form of a material, or facilities that minimise the impact of a hazardous material or energy

4 . Simplify – design facilities that eliminate unnecessary complexity

and make operating errors less likely and that are more forgiving of errors which are made

barg barg

Gas Hot Oil

Gas Hot Water

But are design should be Inherently Safe in the first place

INHERENT SAFETY RISK REDUCTION MEASURES

21

Physical protection

– Safety valves to flare

– Rupture disks to flare

– Vacuum breakers

– Blowdown systems

Reduction of Leak

Frequencies

– Enhanced inspection plan (mechanical integrity)

– Full containment design

– Corrosion allowance

– Corrosion risk management

– Safety Critical Procedures (with high reliability level in execution)

Process Design

– Alternative chemical process (chemicals used, …)

– Reduction of operating pressure

– Reduction of operating temperature

– Reduction of area congestion

– Selection of construction materials

– Some critical cooling systems

Automatic action SIS

– Interlocks independent from DCS

• PCV to flare

• Heat cutout interlock

• Feed cutout interlock

– UPS systems

– Emergency power generator

– HIPPS

Limitation of Released Quantity

– Reduction of product inventory

– Remote operated isolation valves (ESD system)

– Blowdown system

– Flow orifices

– Excess flow valves

Mitigating & Protective measures

– Diking

– Water curtains

– AFP (Sprinkler/deluge systems)

– Foam application systems

– Restricting flow orifices

– Excess flow valves

– PFP(Blast/fire resisting structures blast/fire walls, reinforced control rooms)

– Control of ignition sources

– Emergency shutdown systems

– Containment systems (containment inside building)

– Flange protection

– Devices influencing the direction of leaks.

– Explosion suppression systems

– Inhibitor or killing agent injection systems

– Detection systems (gas, liquid, smoke, fire,...) with operator intervention