Part of Cognascents’ mission is to actively engage in the advancement of our industry and profession. Sharing best practices and data analysis regarding our areas of expertise is an effective channel to give back to the community that supports us. For more information regarding any one of the below white papers, please send an inquiry.
In 2011, the Center for Chemical Process Safety initiated work on Vision 20/20. The goal of Vision 20/20 is to demonstrate what perfect process safety will look like when it is championed by industry; driven by five tenets of culture, standards, competency, management systems, and lessons learned; and enhanced by community passion and four global societal themes. The five tenets serve as a framework of what constitutes high-integrity, effective, and successful process safety management. The four global societal themes represent critical supporting efforts to the overarching five tenets.
One of the four global societal themes is meticulous verification. Meticulous verification provides the perpetual assurance of integrity for an organization’s dynamic process safety management program. Meticulous verification specifically calls for collaboration between companies and third-party entities to ensure comprehensive and ongoing assessment of process safety management’s effectiveness.
Based on the authors’ experiences as HAZOP and LOPA facilitators, meticulous verification serves as the mission critical Vision 20/20 element for long-term sustainability. A HAZOP is a nexus of process safety information and process safety management systems’ effectiveness and serves as a bellwether of an organization’s overall PSM integrity. The integrity of a management system is only as strong as the discipline of its keepers to do the right thing irrespective of the consequences. This discipline is tested over and over again every day in HAZOP, as the HAZOP team is relied upon to verify information for accuracy and applicability regarding a wide range of technical subject matter.
In this paper, the authors provide a detailed map of HAZOP and LOPA meticulous verification tasks and interactions. Specific examples of MV vulnerabilities and safeguards are provided to enhance the effectiveness of PHA teams. These vulnerabilities and safeguards address issues such as operating procedures and operator response, enabling and conditional modifiers, management of change, mechanical integrity and testing of safeguards and IPLs.
The target audience for this paper is anyone whose responsibilities include (1) leading within an organization required to comply with OSHA 1910.119, (2) establishing effective HAZOP and LOPA guidance documents, (3) developing high-integrity meticulous verification protocols and checklists, and (4) performing meticulous verification tasks such as technical assurance reviews.
AIChE, CCPS, Hazard and Operability Study (HAZOP), hazard identification, Independent Protection Layer (IPL), Layer of Protection Analysis (LOPA), meticulous verification (MV), Process Hazard Analysis (PHA), Process Safety Information (PSI), IPL integrity, Process Safety Management (PSM), Vision 20/20.
Process hazards analyses, such as Hazard and Operability studies (HAZOPs) and Layer of Protection Analyses (LOPAs), are structured, team-based exercises focused on hazard identification, risk assessment, and risk management. In order to manage the complexity associated with these analyses, recognized and generally accepted rules are imposed to manage and limit the review of hazard scenarios involving simultaneous failures. One of these rules has been dubbed “double jeopardy”.
Based on the authors experience via direct observation and review of PHA documentation, PHA teams continue to struggle to understand double jeopardy and how to effectively address simultaneous failures when applying PHA methodologies, such as HAZOP and LOPA. In addition, more widely accepted emergence and use of enabling conditions and conditional modifiers when developing hazard scenarios has blurred the legacy definition of double jeopardy.
In this paper, the authors provide an overview of double jeopardy along with specific PHA examples regarding credible as well as inappropriate applications of double jeopardy. They also present tools and recommendations to enhance PHA teams’ performances regarding the application of double jeopardy. More specifically, they address issues regarding latent failures (revealed vs. unrevealed conditions), concurrent incidence of failures, and independence of initiating events.
The target audience for this paper is anyone whose responsibilities include (1) leading within an organization that uses PHAs, (2) establishing PHA guidance documents, (3) applying PHA methodologies, and (4) reviewing PHA outputs and reports.
Will It Really Make that Much of a Difference? Broad Effects of Operational Changes on Relief System Design
Throughout the life of an operating facility, changes to the process are inevitable and potentially affect the systems that keep personnel and equipment safe. The Management of Change (MOC) process is intended to evaluate proposed changes prior to implementation to assess and address any risks that might be introduced as a result of this change. The MOC process typically includes a process hazards analysis (e.g. Hazard and Operability Study, Layer of Protection Analysis), which evaluates safeguards and independent protection layers (IPLs) for the proposed changes.
Of the many IPLs, pressure relief devices are often overlooked and a re-evaluation of the relief system design basis is sometimes not performed. The authors have observed that personnel do not always recognize the operational change may affect the relief system.
In this paper, the authors explore what types of changes should trigger a relief system design review, exploring why minor modifications may have major ramifications. They also provide specific examples of the most common changes that demonstrate how the relief system design can be affected.
The target audience for this paper is anyone whose responsibilities include (1) pressure relief analysis, (2) process safety management, (3) management of an operating facility, (4) process engineering, and (5) process safety information management.
Evergreen, flare system analysis, Hazard and Operability Study (HAZOP), Independent Protection Layer (IPL), Management of Change (MOC), overpressure analysis, pressure relief analysis and design, Process Hazard Analysis (PHA), process modes of operation, Process Safety Information (PSI), relief device design basis, relief rate calculation and sizing, safeguard.
Process hazards analyses are structured, team-based exercises focused on hazard identification, risk assessment, and risk management. A competent facilitator serves a multi-disciplined team in applying the appropriate PHA methodology to identify, assess, and safeguard vulnerabilities. PHAs help a business define its overall risk profile and subsequently its overall strategy.
The various generally-accepted PHA methodologies are fairly well-defined by industry and company-specific guidance documents. PHA methodologies are processes that have evolved in response to societal norms, organizational culture shifts, and ever-changing regulatory requirements. Unlike PHA methodologies, which are typically bound by rule-sets and scope definition, multi-disciplined teams made up of diverse individuals are typically unbound when it comes to behavioral norms and personality types. Hence, as with any process, it is not the documented protocols that define the effectiveness of a process. It is the people leading, establishing, applying, and using the outputs of a process that determine its effectiveness. Hence, a PHA methodology is only as effective as the team involved.
Many factors influence team performance, no matter the task. Communication is often touted as the most critical factor for effective team performance. Hence, team communication is critical for effective application of a PHA methodology. But what is communication? More importantly, what is effective communication? Can a team’s ability to communicate be assessed prior to attempting to apply a PHA methodology? If so, what safeguards can be put in place tonprotect against communication vulnerabilities at both the individual and team levels?
In this paper, the authors posit a team’s communication capacity and potential can be assessed prior to starting a PHA. Specifically, the authors provide insight through case study and idea synthesis of potential individual and team communication vulnerabilities and safeguards. They also present tools and recommendations to enhance team communication and subsequently PHA quality, which bear directly on operational, organizational, and commercial integrity.
The target audience for this paper is anyone whose responsibilities include (1) leading within an organization that uses PHAs, (2) establishing PHA guidance documents, (3) applying PHA methodologies, and (4) reviewing PHA outputs and reports; however, anyone who works on a team will benefit from this paper’s content.
Hazard and Operability Study (HAZOP), hazard identification, Insights Discovery®, Layer of Protection Analysis (LOPA), Process Hazard Analysis (PHA), Process Safety Management (PSM), risk assessment, risk management, team communication, team effectiveness.
Independent Protection Layers (IPLs) are critical pieces of armor designed to protect against process upsets that may harm people, the environment, and/or commercial interests. IPLs play a key role in any Process Safety Management (PSM) program. They are often used to close the risk gap between elimination/mitigation measures and associated hazard scenario causes and consequences; hence, regulations exist that require companies to demonstrate IPL integrity and adequacy.
When conducting a Process Hazard Analysis (PHA) using the Layer of Protection Analysis (LOPA) methodology, IPLs are used to close the risk gap between elimination/mitigation measures for a given hazard scenario and its cause, consequence, and conditional modifiers. In order for an IPL to be “available”, it must meet certain criteria defined by industry standards and company-specific guidance documents.
Demonstrating IPL effectiveness, or adequacy, involves multiple pieces of information that are not always linked together and kept “evergreen”. In addition, the various data repositories and tasks required to maintain the integrity of an IPL are “owned” by several functional roles. Required data for IPL adequacy include the following: IPL design information, IPL integrity level analyses, maintenance and function testing data, and process safety time and IPL response time analyses.
Companies do not approach IPL integrity the same way. For example, companies perform IPL function testing and maintenance using different criteria; some employ a standard function testing methodology of confirmation that the IPL acts within the designated time window per regulatory requirements, while other companies actually measure the specific time it takes an IPL to respond to get to its process safe condition. Either of these approaches provides compliance as to whether the IPL will act adequately given a process upset; however, vulnerabilities may exist depending on the approach employed.
The author posits that use of an evergreen IPL lifecycle reduces potential vulnerabilities in the design and function of an IPL. In this paper, the author presents the advantages and disadvantages of using an evergreen lifecycle approach to establish and maintain the integrity and “availability” of IPLs. The author also provides recommendations to enhance the robustness of maintaining IPL adequacy throughout the lifecycle of the protection layer. Specifically, the author provides examples of IPL integrity successes through the use of an evergreen lifecycle methodology, enhanced operational insight, and potential pitfalls when not employing a holistic IPL lifecycle approach in maintaining IPL integrity and adequacy.
The target audience for this paper includes project managers, project or process engineers, EH&S managers, PSM coordinators, and operators; however, anyone involved with small or large capital projects may also benefit from this paper’s content.
Independent Protection Layer (IPL), Process Safety Management (PSM), Layer of Protection Analysis (LOPA), Process and Instrumentation Drawing (P&ID), Process Hazard Analysis (PHA), Process Safety Lifecycle, Safety Integrity Level (SIL).
In the pursuit of competitive sustainability amidst dynamic environments, individuals and organizations spend significant time monitoring and modifying behaviors to improve their overall performances. Furthermore, many organizations have identified the role of leadership in establishing, sustaining, and changing cultures in order to encourage optimal behaviors. Finally, many individuals have received formal leadership training designed to achieve and maintain high performance cultures. Despite all of the above, technical excellence remains a “Holy Grail” for some entities.
The author posits that technical excellence remains elusive for some entities due to a lack of focus on and understanding of the real drivers of excellence. The author asserts that technical excellence is not a value that individuals and organizations can espouse in a personal or corporate mission statement. Technical excellence is a condition and result of an individual’s or organization’s core, leadership model, culture, and behavior set. In order to achieve technical excellence, individuals and organizations must (1) nurture and safeguard their cores through “personal feedback loops”; (2) center and elevate their leadership mindsets; (3) serve and build caring and competitive cultures; and (4) demonstrate and inspire ethical and disciplined behaviors.
In this paper, the author details an effective leadership cycle for achieving technical excellence on personal and organizational levels. More specifically, the author provides (1) data supporting the leadership cycle; (2) guidelines for identifying, developing, and sustaining leaders; and (3) leadership metrics.
The target audience for this paper is anyone interested in pursuing technical, process safety, business, and personal excellence.
Leadership, culture, excellence, metrics, competitive sustainability.
Prior to moving from define phase to execution phase on a given project, the typical project protocol is to perform a critical process and instrumentation drawing (P&ID) review as a transition from “issued for information or preliminary design” to “issued for design or HAZOP”.
The objectives of a critical P&ID review are to (1) identify commercially-positive design changes early in the project lifecycle to reduce downstream implementation costs, (2) identify operational concerns to ensure optimal resolution and long-term operational effectiveness, and (3) identify safety vulnerabilities for early application of inherently safer design (ISD) principles where possible and early identification of safety integrity levels (SIL) for required safety instrumented systems (SIS).
Companies perform critical P&ID reviews using various evaluation methods, including P&ID symbology/element checklists, process hazard analysis (e.g. Checklist, HAZID, and HAZOP), and “cold-eyes” review. Each of these approaches provides structure to a critical P&ID review; however, each also provides opportunities for commercial, operability, and safety vulnerabilities to remain in the design when applied independently.
The authors posit use of a hybrid HAZOP/LOPA process hazard analysis methodology to conduct critical P&ID reviews (1) results in a more rigorous evaluation and (2) reduces the likelihood for commercial, operability, and safety vulnerabilities to persist into the design/execution phase of projects. In this paper, the authors present the advantages and disadvantages of using a hybrid HAZOP/LOPA approach for critical P&ID reviews. They also provide recommendations to enhance the effectiveness of the HAZOP/LOPA methodology when applied to critical P&ID reviews. Specifically, the authors provide examples of commercial benefits realized, enhanced operational insight, ISD successes, and application pitfalls when applying a hybrid HAZOP/LOPA PHA methodology to a critical P&ID review.
The target audience for this paper includes project managers, project engineers, EH&S managers, PSM coordinators, and operators; however, anyone involved with small or large capital projects may also benefit from this paper’s content.
Process Safety Management (PSM), HAZOP, LOPA, Process and Instrumentation Drawing (P&ID), Process Hazard Analysis (PHA), Inherently Safer Design (ISD).
The recent process safety performance of the energy industry has led to scrutiny of industry and company-specific process safety standards, guidelines, and best practices. Several elements of process safety focus directly on the knowledge-base and experience of a facility’s workforce. Plant engineers are required to participate in and lead various elements of a facility’s process safety management program (e.g. management of change reviews, process hazards analyses, and mechanical integrity program implementation). Although plant engineers have an undergraduate degree in their technical field of choice, few have any formal training or recognized credential in the field of process safety. Furthermore, few companies have implemented a formal competency assessment and technical authorization program. Without such training and competency verification requirements, the author contend that a greater likelihood exists for human error in the administration of a facility’s process safety program.
This paper provides a safe operating window for engineers of all experience levels on process safety protocols and pitfalls. The advice and information shared in this paper are direct learnings from assignments as a plant engineer, technical consultant, and business owner. The content is divided into the following four categories:
|1. The Obvious – information, knowledge, and responsibilities conveyed through schooling
and company’s technical onboarding process.
2. The Potentially Obvious – information, knowledge, and responsibilities conveyed through
training from entry-level to mid-level engineer.
3. The Potentially Obscure – information, knowledge, and responsibilities conveyed through
training from mid-level to senior-level engineer.
4. The Obscure – information, knowledge, and responsibilities conveyed through advanced/
expert training, application, and experience.
The target audience for this paper includes plant managers, business unit managers, project managers, plant engineers, EH&S managers, PSM coordinators, and operators; however, anyone involved with plant operations and/or service delivery to the energy industry may benefit from this paper.
Process Safety Management (PSM), Management of Change (MOC), Process Hazards Analysis (PHA), Human Factors (HF), Mechanical Integrity (MI).
Pressure relief analysis and design basis integrity are paramount to the safe operation of any facility handling a highly hazardous chemical or operating a process system under potentially hazardous conditions. As one of the process safety information elements of the OSHA 1910.119 Process Safety Management mandate, facilities handling highly hazardous chemicals must establish and maintain their overpressure protection design basis. “Relief Systems” and “Blowdown Drums and Vent Stacks” are also on OSHA’s National Emphasis Program Static List of Inspection Priority Items, which was implemented in June, 2007.
Data from numerous pressure relief analysis efforts provide evidence that deficiencies continue to exist in overpressure protection systems, including pressure relief devices and effluent handling systems. One of the primary reasons for these deficiencies is the shortage of technical personnel with sufficient experience to identify when the pressure relief analysis design basis must be reviewed and perhaps modified as changes to the process are made. The authors contend that comprehensive integration of pressure relief analysis expertise with a facility’s management of change (MOC) program is necessary to establish and preserve overpressure protection integrity.
This paper shows how to achieve accelerated MOC program improvement when modifying existing processes and equipment by including key questions regarding pressure relief design aspects of the change under review. The focus is on developing an assessment checklist for the project design team. Responses to the checklist provide guidance regarding potential involvement of a pressure relief analysis subject matter expert as an integral element of the proposed modification.
A large number of capital design projects are in progress right now in both the upstream and downstream industries. All projections indicate that this number will increase in the coming years. In alignment with regulatory compliance and/or company-specific protocol, a Process Hazard Analysis (PHA) prior to start-up of all new capital design projects is required. Typically, a high-level PHA is performed at the beginning of a capital design project and then a detailed PHA near the end of the project, when a hopefully final issued-for-construction (IFC) design has been completed. It has been the experience, though, that designs are rarely finalized in time or this detailed PHA. This leads to several additional critical problems:
|1. The PHA turns into a design review.
2. The PHA team gets frustrated because it is too late to propose significant changes to the
design regardless of their bearing on safety.
3. All parties involved feel vulnerable since changes are always made after the final PHA with
only management-of-change (MOC) and pre-startup safety reviews (PSSRs) to catch the
truly final design for process hazards.
4. Due to the shortage of qualified process safety professionals, the persons in charge may
not know when to slow down or stop the process altogether to ensure that a quality,
comprehensive PHA is achieved.
This paper outlines an alternative approach to performing PHAs for capital design projects. This five-phase approach is detailed with respect to PHA activity, participants, timing, inputs, deliverables, and impact on inherently safer design.
The target audience for this paper includes PHA facilitators, project managers, project engineers, EH&S managers, PSM coordinators, and operators. However, anyone involved with capital design projects may benefit from this paper.
Process Hazard Analysis (PHA), Process Safety Management (PSM), Inherently safer design, HAZOP, LOPA
Integrating Layer of Protection Analysis (LOPA) with Hazard and Operability Analysis (HAZOP) has many advantages over performing these studies separately. The merits include: fewer actions from the combined effort compared to performing only a HAZOP; team continuity resulting from the combined effort as opposed to two separate teams having possibly differing points of view; and, ultimately, a time and cost savings realized by the combination. This integration defines the risk associated with a given scenario, enabling better decisions which impact business assurance.
By using the Center for Chemical Process Safety (CCPS) guidelines to define the independent protection layers upfront, the gray areas can often be reduced or eliminated; thereby enabling a more thorough LOPA. Examples include taking credit if a unit has two independent operators (outside and inside) responding to critical alarms, or taking credit for centralized control rooms which may allow immediate operator interaction and response.
This article shows how the guidelines have been used successfully in joint HAZOP/LOPA studies, and describes an initial preparation protocol that can ensure high-quality results.