PROcess Safety TASK

Toxic Gas Effects – QRA

Toxic Gas Effects analysis involves the study and assessment of the adverse effects of toxic substances on living organisms, ecosystems, or the environment.

There are several benefits to the assessment of toxic gas effects such as;

Occupational Health and Safety: This is to ensure the safety of workers. Especially, where employees may be exposed to hazardous gases.
Emergency Response: Quantifying toxic gases during emergency situations, such as chemical spills, or accidental leaks will help emergency responders take appropriate measures to protect on-site personnel and facilities.
Health Risk Assessment (HRA): Evaluate the potential health risks associated with exposure to specific toxic gases. This includes assessing the cumulative impact of multiple gases and determining the level of risk for individuals and populations.

Safety Consideration

Many useful measures are available to use as benchmarks for predicting the consequence of whether that exposure will result in injury or death.

Emergency Response Planning Guideline for Air Contaminants (ERPGs) issued by the American Industrial Hygiene Association (AIHA);
Immediately Dangerous to Life or Health (IDLH) level established by the National Institute for Occupational Safety and Health (NIOSH);
Threshold Limit Values (TLVs) established by the American Conference of Governmental Industrial Hygienists (ACGIH) including Short-Term Exposure Limits (STELs), Time-Weight Average (TWA), and Celling (C)
Permissible Exposure Limits (PELs) issued by the Occupational Safety and Health Administration (OSHA).

Level	Short Definition
ERPG-1	Max Conc. for 1 hr that causes mild adverse health effects.
ERPG-2	Max Conc. for 1 hr that causes irreversible or serious health effects.
ERPG-3	Max Conc. for 1 hr that causes life-threatening.
IDLH	Concentration that causes death or permanent adverse health effects.
TLV-STEL	Max Conc. for 15 min exposure without suffering
TLV-TWA	Average Conc. for continued exposure (40 hr/wk) without suffering
TLV-C	Conc. that should not be exceeded at any time.

Permissible Exposure Limit (PEL) provides three (3) levels, similar idea with the Threshold Limit Value (TLV), both standards provide TWA, STEL, and Celling value where the PELs are developed by OSHA but the TLV is developed by ACGIH.

Lethal Concentration (LC)

Lethal Concentration (LC) refers to the concentration of a substance at which a specific effect. It is a term commonly used in toxicology to describe the concentration of a substance that is lethal to a given percentage of test organisms.

LC 1%	The level concentration at which 1% of test organisms die.
LC 50%	The level concentration at which 50% of test organisms die.
LC 90%	The level concentration at which 90% of test organisms die.
LC 99%	The level concentration at which 99% of test organisms die.

Application

Example design criteria for designing Restricted Area and Impacted Area.

Equipment	Scenario	Criteria
Flare	Un-ignited toxic gas release, cloud dispersion from gas/two-phase or liquid accidentally releases	LC 1%
Flare	Emergency operation (ignited)	TLV-TWA
Flare	Flame out	LC 1%
Cold vent	Emergency operation	TLV-STEL
Blow out	Un-ignited release	LC 1%

Design criteria of Restricted Area

Equipment	Scenario	Criteria
Flare	Un-ignited toxic gas release, cloud dispersion from gas/two-phase or liquid accidentally releases	IDLH
Flare	Flameout	IDLH
Cold Vent	Emergency operation	IDLH
Blow out	Un-ignited release	IDLH

Design criteria of Impacted Area

Probability of Fatalities

The most common method to calculate the probability of fatalities can be represented by the probit function since the probit function (logarithm of dose) provides a much straighter line that is close to the typical dose-response curve. Below is the basic equation of the probit function

And below is the conversion table from probit variable to probability or percentage.

The probit functions are available for a variety of exposures, including exposures to toxic materials, heat, pressure, sound, and etc. Below is the probit function to estimate fatalities level for lethal toxicity.

Substance	a	b	n
Ammonia	-35.9	1.85	2
Benzene	-109.78	5.3	2
Carbon Monoxide	-37.98	3.7	1
Chlorine	-8.29	0.92	2
Sulfur Dioxide	-15.67	2.10	1

Thermal Effects – QRA

การศึกษาผลลัพธ์ของผลกระทบจากความร้อนในระหว่างการศึกษาความเสี่ยงเชิงปริมาณ Quantitiative Risk Assessment (QRA) หรือ ในการออกแบบต่างๆ ก่อให้เกิดประโยชน์ต่างๆ เช่น การปรับแต่งการออกแบบ การพิจารณาด้านความปลอดภัยสำหรับผู้ปฏิบัติงาน การเลือกวัสดุทนไฟ หรือการประเมินผลกระทบต่อสิ่งแวดล้อม เป็นต้น

รวมถึงถ้าผู้ออกแบบเข้าใจผลกระทบจากความร้อน เช่นการเพิ่มขึ้นของความร้อนส่งผลอย่างไรต่อการทำงานของเครื่องจักร เช่น Fire Water Pump, Transmitter, หรืออื่นๆ ก็เป็นสิ่งสำคัญสำหรับการรับรองความปลอดภัยของระบบและอุปกรณ์ที่เชื่อมโยงกัน

ซึ่งในบทความนี้จะจำกัดอยู่ที่ฝั่งตัวรับ Receptor ที่ไม่ว่าจะเป็นตัวบุคคลหรืออุปกรณ์ต่างๆที่มีโอกาสได้รับผลกระทบจากความร้อน

Safety Considerations

ในแง่ผลกระทบความร้อนที่กระทำต่อผู้ปฏิบัติงานที่หน้างาน ทาง International Standard ได้ให้แนวทางการพิจารณาไว้ดังนี้

โดยทาง API 521: Pressure-relieving and Depressuring system ได้ให้แนวทางผลกระทบในแง่ความเข้มของความร้อนต่อระยะเวลาที่ก่อให้เกิดความเจ็บแสบของผู้ปฏิบัติงานที่หน้างานไว้ตามตารางข้างล่าง

Radiation intensity (Btu/hr/ft²)	Radiation intensity kW/m²	Time to pain threshold
500	1.74	60
740	2.33	40
920	2.90	30
1500	4.73	16
2200	6.94	9
3000	9.46	6
3700	11.67	4
6300	19.87	2

Permissible Design Level (k) kW/m² (Btu/h.ft²)	Conditions
9.46 (3,000)	Maximum radiant heat intensity at any location where urgent emergency action by personnel is required. When personnel enter or work in an area with the potential for radiant heat intensity greater than 6.31 kW/m2, radiation shield and/or special protection apparel should be considered.
6.31 (2,000)	Maximum radiant heat intensity in area where emergency actions lasting up to 30s can be required by personnel without shielding.
4.73 (1,500)	Maximum radiant heat intensity in area where emergency actions lasting up to 2 – 3 mins can be required by personnel without shielding.
1.58 (500)	Maximum radiant heat intensity at any location where personnel can be continuously exposed.

Recommended Design Thermal Radiation for Personnel

ข้อมูลทั้งหมดข้างต้นถือว่าพนักงานสวมใส่เสื้อผ้าที่เหมาะสม เช่น หมวก Safety เสื้อแขนยาวที่ติดกระดุมที่ข้อมือ ถุงมือทำงาน กางเกงขายาว และรองเท้าทำงาน

นอกจากนี้ ตารางข้างต้นแนะนำเกณฑ์ทางความร้อน โดยไม่รวมรังสีจากดวงอาทิตย์ เพื่อกำหนดเขตห้ามเข้า Restricted Area หรือกำหนดความสูงของปล่องความร้อน

และผลกระทบของรังสีความร้อนต่ออุปกรณ์ เครื่องจักร แสดงไว้ในตารางด้านล่าง

Radiation Intensity (kW/m2)	Observed Effect
37.5	Sufficient to cause damage to process equipment
25	Minimum energy required to ignited wood indefinitelu long exposure
12.5	Minimum energy required for pilot ignition of wood, meting of plastic tubing
9.5	Pain threshold reached after 8 sec, second degree burns after 20 sec.
4	Sufficient to cause pain to personnel if unable to reach cover within 20 sec, however blistering of the skin is likely.
1.6	Will cause no discomfort for long exposure

Probability of Fatalities

วิธีที่พบบ่อยที่สุดในการคำนวณความน่าจะเป็นของการเสียชีวิต Probability of Fatality สามารถแสดงโดยฟังก์ชัน probit เนื่องจากฟังก์ชัน probit ที่แสดงในรูป Logarithm นั้น ให้ผลลัพท์คล้ายพฤติกรรมความเป็นจริง ที่ว่า “ยิ่งได้รับมาก รับนาน โอกาสการเสียชีวิตก็มีโอกาสที่สูง”

ตารางข้างล่างคือ ตารางแปลงค่าคำนวณ Y ที่ได้ออกมาเป็น โอกาสการเสียชีวิต Probability of Fatalities

ฟังก์ชัน probit มีให้ใช้สำหรับการสัมผัสกับอันตรายหลายๆ ประเภท เช่น การสัมผัสกับสารพิษ ความร้อน ความดัน เสียง และอื่นๆ ด้านล่างนี้เป็นฟังก์ชัน probit เพื่อประเมินระดับการเสียชีวิตจากปริมาณความร้อนที่กำหนดจาก Pool Fire และไฟลุกไหม้ทันที, Mudan (1984).

Example

Determine the thermal flux necessary to cause 50% fatalities for 10 second for exposure.

For t = 10 sec, I = 60.5 kW

Thermal Radiation Analysis

การแผ่รังสีความร้อนจากเหตุการณ์ไฟไหม้และผลกระทบจากความร้อนนั้น ความร้อนส่วนใหญ่มาจากการแผ่รังสีความร้อนซึ่งสามารถคำนวณได้ตาม Stefan-Boltzmann equation

อย่างไรก็ตาม สมการนี้ไม่สามารถนำไปใช้ในสภาพจริงได้ เนื่องจากอุณหภูมิของเปลวไฟแตกต่างกันทั่วทั้งเปลวไฟ มันไม่ใช่ค่าคงที่ เนื่องจากมีปัจจัยอื่นๆที่ส่งผลต่อการแผ่รังสีความร้อน เช่น ความเป็นเขม่า

ดังนั้นในการหาการถ่ายเทความร้อนและผลกระทบของมัน มักจะใช้แบบจำลองอยู่ 2 แบบ

Point Source Model
Solid Flame Model

Point Source Model

โมเดล point source ไม่ได้พิจารณาถึงรูปร่างของเปลวไฟ แต่สมมติว่าความร้อนเกิดจากจุดกำเนิดในรูปทรงกลม โดยทั่วไปแล้วสมการนี้จะแสดงผลลัพธ์แบบ conservative

สมการโมเดล point sources ที่นิยมใช้คือ API Method, Brzustowski และ สมการ Sommer

Solid Flame Model

การออกแบบโมเดลเปลวไฟแบบของแข็ง ได้ตั้งสมมติว่าเปลวไฟมีรูปร่างเป็นของแข็งที่ปล่อยความร้อนออกมาเฉพาะจากพื้นผิวเท่านั้น รูปร่างของเปลวไฟจะถูกนำมาพิจารณา อัตราการถ่ายเทของความร้อนจะถูกคำนวณเป็นฟังก์ชันของ พลังงานการปล่อยจากพื้นผิว Surface Emitting Power (SEP), ปัจจัยรูปร่าง, และการส่งผ่านของบรรยากาศ Atmospheric Transmissivity

API Method

วิธีการ API อ้างอิงจากการถ่ายเทของความร้อนจากแหล่งความร้อนแบบ Point Source และการแผ่รังสีความร้อนที่อนุญาตที่จุดรับ Allowable heat radiation วิธีนี้พัฒนาโดยวิธีของ Hajek และ Ludwig เพื่อกำหนดการแผ่รังสีของเปลวไฟไปยังจุดที่สนใจ มันเป็นแบบจำลองแหล่งจุดที่ใช้ได้กับเปลวไฟแบบ Jet Fire ทั้งแบบ laminar flow และ turbulent flow

สมมติฐานหลักของวิธี API คือเปลวไฟจะถูกพิจารณาเป็นแหล่งจุดเดียวที่ตั้งอยู่ที่ศูนย์กลางของเปลวไฟซึ่งแผ่รังสีออกไปในทุกทิศทางจากศูนย์กลาง และอัตราส่วนของความเข้มของความร้อนที่ส่งผ่าน (Fraction of heat intensity transmitted) ถูกสมมติว่าเป็น 1.0

ตามที่อธิบายข้างต้น หนึ่งในปัจจัยที่มีผลต่อการถ่ายเทของความร้อนคือระยะทาง ที่หลายๆ โมเดลให้ความสำคัญ สำหรับโมเดล API ได้จัดเตรียมแผนภูมิอ้างอิงเพื่อกำหนดความสูงของเปลวไฟรวมถึงการยกตัวขึ้นดังนี้

ค่าแกน X จะได้จากการคำนวณความร้อนของสาร ลากขึ้นไปตัดเส้นตรงแล้วหักไปตัดแกน Y จะได้ค่าความสูงของเปลวไฟ ในหน่วย เมตร

และเมื่อพิจารณาผลกระทบของลมจากสิ่งแวดล้อมภายนอกต่อความเร็วของการไหลที่ออกจากรูหรือท่อ จะทำการเบี้ยวของเปลวไฟ กราฟต่อไปนี้จะถูกใช้

Example-1

Design the flare exclusion zone 6.3 kW/m² of the elevated flare stack height 33.3-meter, fraction of heat radiated 0.3, the maximum capacity at 34,056 m³/h and the heat radiation at flame is 6.3×10⁵ kW through the flare inside diameter 0.468 meter against the design wind velocity is 8.9 m/s. The material is hydrocarbon vapour, the average relative molecular mass of vapour is 46.1 and the flow temperature is 422 K.

Brzustowski and Sommer

The equation for the calculation of the heat flux at a given distance is the same as the API method above. Both methods are based on the single-point source. But Brzustowski and Sommer method is more preciously consider in the location of flame center shall upon the diffusion of a turbulent jet to the lean explosive concentration unit one.

The lower explosive limits of mixtures can be calculated using Le Chatelier’s rule as follows.

Then additional factors that need to be calculated for assessing the wind effects to flame geometry are the lower explosion limit concentration parameter and jet trust and wind trust parameter. Hence, the actual location of flame center can be determined via the below graph.

And lastly, Brzustowski and Sommer recommend the use of fraction of heat intensity transmitted (Tau) to correct the radiation impact. This is because of the environmental also can also absorb the heat about 10% to 20% over distance of 150 meter.

Fraction Heat Radiated (F) Factor

The F Factor or fraction of combustion heat radiated from a flame is the most important single parameter in the calculations of thermal radiation calculation.

Flare Design

ในการออกแบบปล่องเผาไหม้ หรือ Flare สามารถออกแบบได้ตาม International Standard ดังนี้

API STD 521, Pressure-relieving and Depressuring Systems ที่จะแสดงถึงวิธีการออกแบบความสูงที่ต้องการของหอเผาไหม Flare ด้วยสมการต่างๆที่กล่าวข้างบน
API STD 537, Flare Details for General Refinery and Petrochemical Services ที่จะอธิบายส่วนประกอบต่างๆของหอเผาไหม้ พร้อมทั้งระบบที่ควรจะมีเพื่อป้องกันอันตรายที่อาจจะเกิดขึ้น

Event Tree Analysis (ETA) – QRA

Event Tree Analysis (ETA) is a graphical tool used in Quantitative Risk Assessment (QRA) and decision analysis to evaluate the possible outcomes of a series of events. The overviews of how Event Tree Analysis (ETA) are as follows.

Identification of Initiating Event: The analysis starts with the identification of the initiating event (IE), which is the initial incident or condition that triggers the analysis such as LPG cylinder failure and LPG gas leakage.
Branching Events: From the initial event, the analyst develops a tree-like structure, with branches representing different possible outcomes or scenarios. Each branch represents a Possible Event (PE) or decision that may follow the initial event such as detected by the gas detector.
Probabilities: Along each branch, probabilities are assigned to different events or decisions
Endpoint: The analysis culminates in endpoints, which are the final outcomes or consequence outcomes of the event.

Example

A Diesel Oil (DO) tanker pumps excessive DO material to a storage tank than the available capacity due to the malfunction of level monitoring resulting in overfilling and releasing material to the working area via the venting system. This can lead to pool fire if ignited.

Based on the record, the frequency of refilling the DO is once per month, and due to the orientation training provided to the driver before performing the activities, the potential of human error to omit the liquid level during filling is 0.02. The potential that the driver will not detect a high-level alarm is 0.4. The potential of liquid pool fire is estimated at 0.01. The calculation of all the outcomes is as follows.

Compare between ETA and FTA

Event Tree Analysis (ETA) is often used in conjunction with Fault Tree Analysis (FTA), another technique in risk assessment. While FTA starts with an undesired event and traces back to its root causes, ETA starts with an initiating event and explores the possible outcomes and consequences.

Reliability Block Diagram (RBD) – System Reliability Analysis

A Reliability Block Diagram (RBD) is a graphical representation used in reliability engineering and system analysis to model the reliability of complex systems.

The basic symbols used in a Reliability Block Diagram include:

Block: Representing the components or subsystems.
Series Connection (AND gate): Shown as a line connecting blocks in series. The system fails if any of the connected components fail.
Parallel Connection (OR gate): Shown as lines converging to a point. The fails if all the connected components fail.

Example

Determine the pump set reliability where the centrifugal pump reliability is 0.85 and the electrical motor is 0.85.

Determine the reliability of the pumping operation where the operating mode is 2×100% (1 run and 1 stand-by)

Challenging of RBD

Simplification Assumption: RBDs often rely on simplifying assumptions, such as assuming components are statistically independent or that failure rates remain constant over time.
Limited to Static Systems: RBDs are most suitable for static systems where the reliability of components remains constant over time. They may not be as effective for dynamic systems with changing conditions or where the reliability of components is influenced by external factors. That means RBD is not able to capture the time-dependent behavior of components, such as wear and aging.
Complexity for Large System: As the size of the system increases, creating and analyzing an RBD can become complex.
Limited in Representing Common-Cause Failures: RBDs may not be the most suitable tool for representing and analyzing common-cause failures, where multiple components fail simultaneously due to a shared cause.

Reliability Data

Standard failure data is available from such as:

OREDA – Offshore Reliability Data
RAC – Reliability Analysis Centre
Process Equipment Reliability Data AICH

Reliability Formula

The below table expresses the reliability formula.

Code & Standard

IEC-61078: Analysis Techniques for dependability – Reliablity Block Diagram and boolean methods.

Probability Failure on Demand (PFD) – SIL Verification

The term Probability of Failure on Demand (PFD) is commonly used in the context of Safety Instrumented System (SIS). It is a measure of the reliability of a Safety Instrumented Function (SIF) and represents the likelihood that the system will fail to perform its intended safety function when demanded.

The PFD is expressed as a probability ranging from 0 to 1, where a lower value indicates higher reliability. A PFD of 0 means the system is perfectly reliable, while a PFD of 1 signifies complete failure.

To calculate the PFD, it is mandatory to consider the failure rates of individual components within the Safety Instrumented System. This includes sensors, logic solvers, and final elements (e.g. valves or actuators). The PFD is determined based on the architecture of the safety system and the redundancy implemented to achieve the required level of reliability.

Anyhow, the PFD is just one metric in the overall assessment of safety instrumented systems. Other factors, such as architecture constraints, and systematic capability.

The calculation of the Probability of Failure on Demand (PFD) is guided by industry standards and codes related to function safety such as IEC 61508, IEC 61511, and ANSI/ISA-TR84.00.02

SIL requirements according to ISA-TR84.00.02 and IEC/EN 61508

SIL according to ISA-TR84.00.02

SIL	Demand mode of operation (probability of failure on demand average)
3	< 10^-3 to > 10^-4
2	< 10^-2 to > 10^-3
1	< 10^-1 to > 10^-2

SIL according to IEC/EN 61508

SIL	Low Demand (Average probability of failure on demand)	High Demand or Continuous Mode of operation (Probability of dangerous failure per hour)
4	<10^-4 to >10^-5	< 10^-8 to > 10^-9
3	<10^-3 to >10^-4	< 10^-7 to > 10^-8
2	<10^-2 to >10^-3	< 10^-6 to > 10^-7
1	<10^-1 to >10^-2	< 10^-5 to > 10^-6

Probability of Failure on Demand average (PFDavg) ISA-TR84.00.02

The simplified equation without the terms for multiple failures during repair, common cause, and systematic errors are as follows.

When considering the common-cause failure and MTTR are as follows.

Probability of Failure on Demand average (PFDavg) IEC 61508

Failure Rate – System Reliability Analysis

In functional safety engineering, the failure rate is a key parameter in determining the probability of a system failing to perform its safety functions when needed.

In the context of reliability engineering, it is also aimed to understand and manage the reliability of a system and components, ensuring that they perform their intended functions without failure over a specific time period. Hence, the failure rate is a crucial metric in assessing and predicting the reliability of a system.

Hence, in the context of both functional safety engineering and reliability engineering, the failure rate refers to the frequency at which a system, component, or device fails during specific period of operation. It is often expressed as the number of failures per unit of time, such as failures per hour or failures per million hours of operation (FIT).

Example-1

Determine the failure of a new installation proximity switch in the green field project over the first operation month. Below is the record data.

Failure Rate Characteristics

The “bath curve” is a concept often used in reliability engineering to describe the failure rate characteristics of a product or system over its lifecycle where the bath curve consists of three distinct phases:

Infant Mortality Phase (Early Life Failure): In the initial phase, there is a higher likelihood of failures. Failures during these periods are often due to manufacturing defects, design flaws, improper installation, and commissioning.
Normal Life Phase: Following the infant mortality phase, there is a period where the failure rate remains relatively constant. This is often referred to as the “Normal life”.
Wear-Out Phase: As the product approaches the end of its expected life, there is an increase in the failure rate. This is because components may degrade, or wear out.

Relation of Failure Rate and Reliability

Type of Failure

Failures are separated into two significant categories which are Safe and Dangerous.

Safe Failure refers to the failures that lead the system into a safe state, preventing or mitigating the risk of a hazardous event.

Dangerous Failure refers to the failures that could potentially lead to a hazardous condition if the system does not respond appropriately.

Example-3

Below is the example failure mode of a transmitter with provision low-trip function.

Instrument Failure Mode	SIF Failure Mode
Frozen output	Fail-Danger
Output to upper limit	Fail-Danger
Output to lower limit	Fail-Safe
Diagnostic failure	Annunciation

Safe Failure Fraction (SFF)

The Safe Failure Fraction (SFF) is a measure of the fraction of a system’s failures that result in a safe state or do not lead to dangerous or hazardous conditions. The Safe Failure Fraction is expressed as the following formula.

Failure Mode and Effect Analysis (FMEA)

Failure Mode and Effect Analysis or FMEA is a systematic method used in some industries such as manufacturing, automation, aerospace, etc to evaluate and prioritize the potential of failure modes in a process, product, or system and their potential impact on performance.

The primary goal of FMEA is to identify and address potential problems before they occur, with the ultimate aim of improving reliability and preventing failures.

The FMEA workflow

Identifying Components and Functions: List all components or processes involved in the system, and identify their functions.
Identifying Failure Mode: For each component or process, identify potential failure modes (Ways in which the component or process could fail to perform its intended function)
Identify the Potential Cause: The team brainstorms and lists the potential cause or scenario associated with the equipment, system, or process.
Identify the Potential Effect: The team identifies the potential effect of each identified cause. The potential effect may be within or over the equipment/system.
Determine the recommendation: The team evaluates the gap or the further recommendation that be implemented.

FMEA Study Worksheet

Example of equipment where FMEA is commonly used

Automotive industry:

Engine system
Transmission system
Braking system
Electronic Control Unit (ECU)

Aerospace Industry

Aircraft engines
Flight control system
Hydraulic system

Railway System

Locomotive
Signaling system
Brake system

Electronics and Telecommunication

Telecommunication network
Printed Circuit Boards (PCBs)
Electronic Control System
Power supply

FMEA Standards

MIL-STD 1629: Procedures for performing a failure mode and effect analysis

IEC 60812: Procedure for failure mode and effect analysis (FMEA)

SAE ARP 5580: Recommended failure modes and effects analysis (FMEA) practices for non-automobile applications

FMEA Extensions to FMECA and FMEDA

FMECA or Failure Mode, Effects, and Criticality Analysis: FMECA extends the traditional FMEA by incorporating criticality analysis. Criticality refers to the assessment of the consequences of a failure, taking into account the probability of occurrence and the ability to detect the failure before it leads to severe consequences.

FMEDA or Failure Mode, Effects, and Diagnostic Analysis: FMEDA is a specialized form of analysis commonly used in the context of safety-critical systems. It includes an evaluation of the diagnostic ability of any automatic online diagnostic or manual proof test.

Failure Mode, Effects, and Criticality Analysis (FMECA)

Additional working steps from the FMEA need to be done.

Assessing Severity (S): Evaluate the potential consequences or impact of each failure mode on the overall system. Assign a severity rating based on the potential harm or consequences.
Assessing Occurrence (O): Estimate the likelihood or frequency of each failure mode occurring. Assign an occurrence rating based on historical data, experience, or expert judgment.
Assessing Detection (D): Evaluate the likelihood or potential of detecting each failure mode before it causes harm or damage. Assign a detection rating based on the effectiveness of existing detection methods or systems.
Calculating Risk Priority Number (RPN): Multiply the severity, occurrence, and detection ratings to calculate a Risk Priority Number (RPN) for each failure mode. This helps prioritize which failure modes to address first.
Prioritizing Actions: Focus on addressing the high-risk failure modes with the highest RPN values. Develop and implement corrective actions to reduce the likelihood of occurrence, improve detection, or mitigate the severity of consequence.

FMECA Standards

BS 5760-5: Guide to failure modes, effects, and criticality analysis (FMEA and FMECA)

Failure Mode, Effects, and Diagnostic Analysis (FMEDA)

The results of detectability are emphasized in the column Detectability and Diagnostic Mode with a number 1 to designate that this failure is detectable and a number 0 if the failure is not detectable.

What-If Analysis

The What-If analysis technique is a brainstorming approach conducted by a group of experienced person and familiar with the subject process. However, What-If Analysis is not as inherently structured as HAZOP Analysis and FMEA analysis.

The What-If analysis technique is the same as the HAZOP technique which allows experts to use their experience more creatively. Both technique offers a different way for the question to be focused. The HAZOP used “HAZOP guidewords” such as “No”, “More”, etc mix with process parameters “Flow”, Temperature”, etc. This is called “Process Deviation”. But What-If techniques use “What-If” to question the participant.

This technique is creatively processed and it is more likely to uncover unique or unexpected hazards in processes. However, unless the team leader is highly skilled and the team members have appropriate experience, critical and important hazards may be overlooked.

What-If Analysis Workflow

Below is the What-If Analysis working flowchart.

Example of What-If Worksheet

What If	Hazard	Consequence	Safeguards	Recommendation
Piping leakage	Potential of fire, if ignited, and asset damages.	Potential of fire, if ignited and asset damages.	Hazard Area Classification, Gas Detector
Blockage of suction strainer	Loss of liquid flow through the pump	The potential of pump cavitation and damages	Differential pressure across the suction strainer
Pump trips	Loss of liquid flow supply to the column	The potential cause of low liquid level in the column	The standby pump

Challenges of What-If Analysis

Assumption Dependency: Results from What-If analysis heavily depend on the accuracy of the assumptions and input values. If these assumptions are flawed, the analysis may provide misleading results.

Complexity: In some cases, the models used for What-If analysis can be complex. requiring specialized knowledge and expertise to develop and interpret the results.

Limited Prediction: While What-If analysis is useful for exploring potential outcomes, it may not provide precise predictions, especially in complex and dynamic environments.

Overlook Unforeseen Factors: What-If analysis is based on known variables and assumptions. It may not account for unforeseen factors or external events that could significantly impact the outcomes.

Preliminary Hazard Analysis (PrHA)

Preliminary Hazard Analysis (PrHA) is typically conducted at the early stages of the project or system development when plant location and layout are being considered, often during the R&D stage, Feasibility Study (F/S), or conceptual design phase. This allows for the identification of potential hazards before they become more difficult and costly to address.

Preliminary Hazard Analysis (PrHA) is normally used on new facilities to get an overview but not a detailed view of process operation.

Workflow of the Preliminary Hazard Analysis

The workflow of PrHA is to prepare the study, subdivide the process, identify process hazards, list the credible causes, specify the consequence, assign the criticality ranking, and identify the recommendation.

Preliminary Hazard Analysis guidewords

Category	Guideword
Natural and Environment Hazards	Climate Extremes Lighting Earthquakes Erosion Subsidence
Chemical Hazards	Physical Acute toxicity limit Chronic toxicity limit Exposure limits Aquatic toxicity Odor threshold corrosivity/erosivity Reactivity Stability Flammability Explosivity
Process Hazards	Inventory Toxic Release Fire Explosion Fugitive emission Critical Equipment
Facility surrounding	Proximity to population Adjacent land use Proximity transport corridor Vulnerability fauna Visual impact
Acquire regulation	Air quality control Wastewater quality control Solid waste disposal Noise level limitation Sanitary Sewage Collection
Emergency operation	Power blackout Fire Fighting Equipment