fuzzy logic for process safety analysis

iging,ginee

Risk assessmentUncertaintyBow-tie model

ertay oassdatted

re largehandleng nacrimi

res per

2005). The keypoint of those analyses is a potential accident scenario,in majority determined by the bow-tie model, which is a fault tree(FT) and an event tree (ET) combined conception.

results belonging to a rather certain set with a characteristic riskdistribution. Moreover, the single risk estimates are frequentlyquite conservative as a result of accumulation of various assump-tions which are based on the principle to be on the safe side.These limitations contribute to the fact that results of PSA may notbe considered as exact, precise and creditable. They may provideincorrect process risk level inuencing safety assurance.

Therefore, it is important to look for the methods that mayreduce the level of uncertainty in the description of process hazard

* Corresponding author. Tel./fax: 48 42 6313745.E-mail addresses: [email protected] (A.S. Markowski), mannan@

tamu.edu (M.S. Mannan).1

Contents lists availab

Journal of Loss Prevention

journal homepage: www.

ARTICLE IN PRESS

Journal of Loss Prevention in the Process Industries xxx (2009) 18Tel.: 1 979 862 3985; fax: 1 979 458 1493.good judgment about the hazards posed by the activity of thatfacility. Such exercises called Process Safety Analyses (PSA) enabledecisions concerning the selection of appropriate technical andorganizational safety measures in order to manage the identiedrisk and to meet risk acceptance criteria as are required in someEuropean countries.

During the last few years researchers have developed measure-ment techniques andmathematicalmodels topredict theprocess risksafety of a plant or a processing unit (PHA, QRA, LOPA, etc.) (Mannan,

as well as assumptions used for the analytical models are based onuncertain and subjective nature of the information analyzed, e.g.frequency calculations depend on the quality of the failure ratesdata used. They are notoriously difcult to collect and inmany casesno sufcient information is available. They are an example ofobjective uncertainty. The other type of uncertainty encountered inPSA is related to the lack of knowledge and vagueness in inter-pretation of PSA models and it is called subjective uncertainty. Insuch a way, the risk point estimates represent only one of possibleFault tree analysisEvent tree analysis

1. Introduction

Process and chemical plants, whechemical substances are stored anddifferent types of hazards includihazards as well as terrorist andmanagement of such facilities requi0950-4230/$ see front matter 2008 Elsevier Ltd.doi:10.1016/j.jlp.2008.11.011

Please cite this article in press as: Adam S. Mathe Process Industries (2009), doi:10.1016/j.as exact values and the exact outcome data are received by an appropriate mathematical approach. In thefuzzy method, all variables are replaced by fuzzy numbers in the process of fuzzication and subse-quently using fuzzy arithmetic, fuzzy probability of the top event for fault tree, and fuzzy outcomeprobabilities for event tree are calculated. A single value for each of the outcome event result is obtainedwith the use of one of the defuzzication methods. A typical case study comprising a fault tree forrupture of the isobutane storage tank and the event tree for its consequences is performed anda comparison between the traditional approach and fuzzy method is made.

2008 Elsevier Ltd. All rights reserved.

amounts of dangerousd, may be subjected totural hazards, processnal acts. A successfultinent information and

The quality of those analyses is extremely important for majorhazard industry. These analytical tools are based on traditionalBoolean mathematical models where the classical two-valued logicis applied and all variables are assumed to have sharply denedboundaries. As a result, a single-valued or point estimate of risk isreceived.

However, the variability of failure rates and other physical dataProcess safety analysisFuzzy logicsuch as fault and event tree methods which can be further used in the bow-tie approach for accidentscenario risk assessment. In the traditional fault and event tree analyses, the input variables are treatedKeywords:This paper explores the application of fuzzy sets theory for basic tools used in process safety analysisFuzzy logic for process safety analysis

Adam S. Markowski a,*, M. Sam Mannan b,1, Agata Ba Process Safety and Ecological Division, Faculty of Process and Environmental EngineerbMary Kay OConnor Process Safety Center, Artie McFerrin Department of Chemical En

a r t i c l e i n f o

Article history:Received 19 May 2008Received in revised form22 October 2008Accepted 21 November 2008

a b s t r a c t

Fuzzy logic deals with uncknowledge uncertainty maanalysis in safety and riskuncertainties in availableproducing an underestimaAll rights reserved.

rkowski, M. SamMannan et ajlp.2008.11.011oszewska a

Technical University of Lodz, 90-924 Lodz, ul. Wolczanska 213, Polandring, Texas A&M University System, 3122 TAMU, College Station, TX 77843-3122, USA

inty and imprecision, and is an efcient tool for solving problems whereccur. Such situations frequently arise in a quantitative fault and event treeessment of different processes. The lack of detailed data on failure rates,a, imprecision and vagueness may lead to uncertainty in results, thusor overestimated process risk level.

le at ScienceDirect

in the Process Industries

elsevier .com/locate/ j lpl., Fuzzy logic for process safety analysis, Journal of Loss Prevention in

Modeling Parameter

f alland all

Wrong interaction betweendifferent contributors andvariables in accident scenariomodels

Imprecision or vagueness incharacteristic properties ofcontributors and variables

ticationsequencesactions

Complexity phenomena andinadequacy and imprecisionof the models for sourceterms, dispersion andphysical effects

Lack or inadequacy or vaguenessin values for model variables

ventumes

in:r ofcoresul

ntion in the Process Industries xxx (2009) 18

ARTICLE IN PRESSrisks. One of the promising methods for reduction of the uncer-tainties in safety and reliability assessment seems to be fuzzy logic(Zadeh, 1965), (Dubois & Prade, 1980). Fuzzy logic which is thecollective name for fuzzy set analysis and possibility theoryallows us to use imprecise and approximate data that are typicallymet in PSA.

The present paper gives some results on the application of thefuzzy logic in the classical PSA such as fault and event tree whichcan be further used in the bow-tie approach for accident scenariorisk assessment. The bow-ties enable identication of safetybarriers implemented to prevent top event (TE) from taking placeand/or to mitigate its effects. Preventive barriers mitigate topevents and protective ones mitigate their consequences. Severallevels of causes and effects can be described, depending on the levelof details that is expected. The bow-ties are therefore an inter-esting representation of defense-in-depth.

2. Uncertainty sources in risk analysis

Uncertainty is a term used in different ways in a number ofelds, including philosophy, economics, engineering and science. Interms of risk analysis it applies to imperfect prediction of futureaccident scenario risk related to unwanted release of dangeroussubstance encountered in chemical processes. Such a prediction

Table 1Sources of uncertainties in PSA.

Step of PSA Main goal Main tool Types of uncertainty

Completeness

Hazardanalysis

Identication andlogic structure ofrepresentative accidentscenario (RAS)

HAZOP, PHA,FT and ET

Inability to identify ocontributions to riskRAS as well errors inscreening of hazards

Consequenceassessment

Health, property andenvironmentalconsequences

Consequencemodels

Incorrectness in idenof all types of the conas well as of all interamong consequences

Frequency Frequency of RAS FTA and ETA(bow-tiemodel)

Wrong selection of esafety function and naccident outcome cas

Riskestimation

Risk indexes orrisk category

QRA andLOPA

Limited assumptionsconditions, in numbeoutcome cases and inin interpretation of r

A.S. Markowski et al. / Journal of Loss Preve2provides overlooked results usually in form of risk distribution thatreects the uncertainty in data andmodels used in the risk analysis.

There are two major concepts of uncertainty differentiated inPSA:

1. uncertainty due to physical variability, and2. uncertainty due to lack of knowledge.

Referring to the rst type of uncertainty (objective one) therandom behavior of some parameters should be mentioned, e.g.variability in weather conditions, in properties of various variables,experimental data variability for basic events (BEs) and safetyfunctions (SFs) frequency rates as well as variability in recordedobservations of operating parameters from one sample to the next.On the other hand, uncertainty due to lack of knowledge (subjec-tive uncertainty) is connected with vagueness, indeniteness orimprecision concerning the quality of PSA, especially in the acci-dent scenario identication phase of risk assessment and conse-quence modeling.

Knowledge uncertainty can be decreased in time (moreknowledge we gain), whereas the physical variability always exists.

Please cite this article in press as: Adam S. Markowski, M. SamMannan et athe Process Industries (2009), doi:10.1016/j.jlp.2008.11.011Unfortunately, we cannot eliminate it, we may only reduce such anuncertainty.

In terms of PSA, consisting of some separate steps of analysiswith different qualitativequantitative approaches in each step, it isconvenient to make the other classication of uncertainty asfollows (ANS and IEEE, 1983):

1. completeness uncertainty,2. modeling uncertainty,3. parameter uncertainty.

The completeness uncertainty refers to the questionwhether allsignicant phenomena and all relationships have been considered.This uncertainty is difcult to quantify but this type is a majorcontributor in a hazard identication. Modeling uncertainty refersto inadequacies and deciencies in formulation of accident scenariostructure and other models used to assess accident scenario prob-abilities and its severity of the consequences, e.g. modeling ofisobutane vapor cloud dispersion. Availability of these models mayenable the interpretation of different degrees of belief in eachmodel. This is a major type of uncertainty in consequence assess-ment. This is a subjective type of uncertainty or lack of knowledgeelicited from experts, which is often incomplete, imprecise andfragmentary. The imprecision and inaccuracies in the parameters

s,ber of

Wrong analysis of FT and ETleading to inadequate MinimalCut Set (MCS)

Lack of real time data forequipment failure rates andhuman errors

externalaccidentrectnessts

Inadequacy in selection ofappropriate risk measures as wellas of risk acceptance criteria

Lack of real time data onweather conditions, ignitionsources and populationwhich are used as an input to PSA are called parameter uncer-tainties. Such uncertainties are inherent because the available dataare usually incomplete and the inference process needs to be basedon incomplete knowledge. However, there is an opinion thatparameter uncertainty is the easiest to quantify. This type may existin each step of PSA. It is not easy to separate all these types. Anotherproblem is related to the propagation of these types of

Safe state

Classical set

Precislydeterminedboundary

Fuzzyboundary

Safe state

Fuzzy set

Unsafe

state

Unsafe

state

Statepartially belongs

to the set

Statefully belongs

to the set

Fig. 1. Classical set and fuzzy set for safe and unsafe state (Gentile, 2004).

l., Fuzzy logic for process safety analysis, Journal of Loss Prevention in

rocess HazardAnalysis (PHA)

OW TIE MODEL

Structure of ET

Selectionof fuzzy setsfor SF in ET

uzzy probabilityilure sets definition MCSET

fPSF

-tie

ention in the Process Industries xxx (2009) 18 3

ARTICLE IN PRESS1. whether all signicant contributors to the risk have beenanalyzed,

2. the realism of the mathematical models used to predict failurecharacteristics and accident consequences phenomena, anduncertainties through each step of risk analysis and combination ofdifferent uncertainties in order to provide an overall estimate of theuncertainty on risk. Table 1 gives a summary of the sources ofuncertainties in PSA.

3. General methods to deal with uncertainty in PSA

The accuracy of the absolute risk results in PSA depends on thefollowing:

P

Structure of FT

B

Selectionof fuzzy setsfor BE in FT

Fof faMCSFT

fPTE

fPBE

Traditional partof the analysis

Fuzzy partof the analysis

Fig. 2. Fuzzy bow

A.S. Markowski et al. / Journal of Loss Prev3. the uncertainty associated with the variation of input data,especially failure data for equipment and humans and imper-fect other information.

The achievable accuracy of absolute risk results is very depen-dant on the type of hazards being analyzed. In studies, wheredominant risk contributors were supported by historical data,uncertainty can be reduced to a few percent (Mannan, 2005).However, many authors of published studies on risk analysis andother expert practitioners have recognized that uncertainties canbe greater than 12 orders of magnitude in studies whosecontributors are rare, catastrophic events. It stresses the impor-tance of uncertainty analysis.

There are many different approaches to uncertainty analysis:classical statistic, probabilistic, sensitivity analysis and possibilityapproach presented by Dubois (2006); Dubois and Prade (1988);Pate-Cornell (1996); Quiech and Cameron (1994); and Siler andBuckley (2005). It should be noted that there is no generallyaccepted mathematical procedure for uncertainty analysis inprocess risk analysis.

In science, it is traditional to deal with uncertainty through theuse of probability theory. This approach is frequently used forvariable uncertainty connected with stochastic variability ofdifferent parameters or measurable quantity used for different PSAmethods. It does not work with knowledge uncertainty especiallyencountered in the frequency analysis (FTA and ETA) and

Please cite this article in press as: Adam S. Markowski, M. SamMannan et athe Process Industries (2009), doi:10.1016/j.jlp.2008.11.011consequence assessment. Knowledge uncertainty is generally moredifcult to handle than physical variability.

One of the current uncertainty theories devoted to the handlingof incomplete information more precise and the simplest frommathematical point of view, is the possibility theory (Dubois, 2006;Dubois & Prade, 1988; Pate-Cornell, 1996; Quiech & Cameron, 1994;Siler & Buckley, 2005). This theory, which emerged from the fuzzysets developed by Zadeh (1965), considers information ona particular linguistic variable with possibility being a matter ofdegree from 0 to 1. As a result of fuzzy sets arithmetics applied toa certain step in the PSA, the output variable (e.g. risk representingsafety assurance level) is represented by a certain fuzzy set whichallows to answer the question of safety: how safe is the plant?.This is a completely opposite approach to the typical risk evaluationmethod where the received risk level answers only to the question:

fPSFfPOE

model analysis.is the plant safe? Answers no or yes are unrealistic, e.g.because of the presence of inherent risk in each chemical plant.Therefore, we feel that the safety assessment is a fuzzy issue andsubsequently the fuzzy sets theory can be effectively included intoprocess risk analysis to substantially reduce knowledge uncertainty(Gentile, 2004).

IE2

BE2

OE2TEBE3

BE4

OE3

IE1

BE1

OE1

OE

YES

YESNO

NO

D

B

C

A SF1 SF2...

...

...

BEi IEj

...

OEm

BE IE TE SF

CAUS

ES

CONS

EQUE

NCES

[FAULT TREE] [EVENT TREE]

AND/OR

Fig. 3. General idea of bow-tie model.


eg

ree o

f m

em

bersh

ip

1

0,5

Fuzzy number M

A.S. Markowski et al. / Journal of Loss Preventio4

ARTICLE IN PRESS4. Fundamentals of fuzzy logic for process safety

4.1. Fuzzy logic basic

Fuzzy logic is a general name of fuzzy set analysis andpossibility theory which can work with uncertainty and impre-cision and is an efcient tool for applications where no sharpboundaries (or problem denitions) are possible.

Fuzzy set A, dened as a collection of objects called universal setX, represents a class of objects with a continuum of grades ofmembership. Such a set is characterized by the membershipfunction, mA(x) which assigns to each object a grade of membershipranging between zero (nonmembership) and one (total member-ship). In that way a fuzzy set is the set of pair:A fx;mAx; xXg,where mA : X/0;1 is the membership function describing thedegree of belonging to x in the set A. Fig. 1 illustrates the differencesbetween a classical set and a fuzzy set for safe state. Classicalfuzzy set with its crisp, precisely determined boundary sharplydissevers safe state from unsafe one. In contrary, fuzzy set showssmooth change from safe to unsafe state.

The characteristic function, mA(x), in safety and reliability anal-ysis, is dened by the typical convex functions of triangular, trap-ezoidal and gaussian type. The selection of a membership functionshape depends on the characteristics of variables. In majority casesthe shape of the membership function does not affect essentiallythe nal result. In this paper trapezoidal membership function isapplied and according to our experience it reects the best thefailure rates data.

Fuzzy sets for each linguistic variable are dened on the

D

0mm mn n

Fig. 4. Notation for fuzzy number description.universe of discourse. The number of the sets, called granulation,must fulll the principle of some degree of overlap between themto ensure a smooth transition between one set to the other. Typi-cally, for safety and reliability issues a probability of failure, severityof consequences and risk index are taken into account.

The fuzzy sets undergo similar mathematical operations as areused in the classical set theory, i.e. intersection, union and

Once a fault tree structure has been established, subsequently

10-6

Impos

-sible

10-5

Very

Low

10-4

Low

10-3

Moderate

10-2

Fairly

High

10-1

High

100

Very

High

0

0.5

1

Deg

ree o

f

mem

bers

hip

Fig. 5. Normalized fuzzy scale.

Please cite this article in press as: Adam S. Markowski, M. SamMannan et athe Process Industries (2009), doi:10.1016/j.jlp.2008.11.011a quantitative analysis is carried out. For this purpose frequency orfailure probability data for basic events (BEs) are required.However, these data are rather scarce and difcult to receive.

A quantitative evaluation is largely based on the determinationof the minimum cut sets (MCSs). This is a sequence of eventsleading to the top event (TE). Assuming the independence of BEs,the overall MCSFT can be expressed as follows:

MCSFT Xnn1

Yii1

BEi;Yjj1

BEj;.;Ykk1

BEk!

n

(1)

The event tree of the bow-tie model starts from the top eventprovided by the fault tree and examine a possible sequence ofcomplement. The foundations of fuzzy logic systems design arealready well established (Dubois & Prade, 1980).

The use of fuzzy logic (FL) in different aspects of safety andreliability analysis has been discussed in a number of papers(Bowles & Pelaez, 1995; Gentile, Rogers, & Mannan, 2003; Geymar& Ebecken,1995; Karwowski &Mital, 1986; Kenatrangul, 1991; Kim,Ju, & Gens, 1996; Markowski, 2006; Misra &Weber, 1990; Quiech &Cameron, 1994; Singer, 1990; Solzano & Cozzani, 2006). There is nopaper on fuzzy bow-tie although there were some works ona separate use of the fuzzy sets in a fault tree (Geymar & Ebecken,1995; Kim et al., 1996; Singer, 1990) and an event tree (Kenatrangul,1991; Markowski, 2006).

4.2. Development of fuzzy bow-tie model for PSA

Process Safety Analysis (PSA) is an organized and systematicmethod to identify and analyze the signicance of potential hazardsassociated with the processing or handling of highly hazardouschemicals. The most important element of PSA concerning theidentication of accident scenario is best determined by bow-tiemodel. It provides the mechanism of the scenario and allows thecalculation of accident scenario probability. However, due toa number of uncertainties in that process, the nal result isimprecise and ambiguous. These issues are taken into account byfuzzy sets theory. The application of this theory to bow-tie acci-dent model is presented in Fig. 2.

This model consist of two parts:

- traditional part, which is focused on the identication of thebow-tie model,

- fuzzy part connected with calculation of probability ofoutcome event (fPOE).

In the rst part the identication of representative accidentscenarios (RAS) takes place where different PHA methods (PrHA,HAZOP, etc.) and fault tree (FT) and event tree (ET) analyses areused. Having the structure of RAS, the minimum cut sets of FT(MCSFT) and ET (MCSET) can be obtained by Boolean algebra withthe use of VeselyFussells approximation (Fussell & Veseley,1972).

The basic for accident scenario logic is presented in Fig. 3.The left side of the bow-tie model (fault tree) identies the

possible various parallel and sequential combination of faults,failures and errors (causes) that will result in the occurrence ofpredened accident scenario connected with the release of thehazardous substance and/or energy (top event TE). The right sideof the bow-tie model (event tree) is used to develop the possibleconsequences of a top event in relation to safety function realizedmostly by mitigation safeguards.

n in the Process Industries xxx (2009) 18outcome events (consequences) as a result of activity of safety


functions (SFs). The result at the end of each chain of events is thendetermined by overall minimum cut sets MCSET presented byEq. (2).

MCSET TE$Ymm1

SFm (2)

Eqs. (1) and (2) can be used quantitatively only if the probabilityof failure of BEs and SFs are known. Literature and data basesprovide a number of reliability data thatmay be used for calculationof certain point estimates (Exida, 2005; Oreda, 1997).

The second part of the analysis takes into account fuzzy setstheory. It concerns a quantication of probability of each RAS as

well as a severity of the consequences assessment according toMCSFT and MCSET equations. As a result fuzzy probability of theoutput event is obtained.

This approach follows the assumptions:

1. Probabilities of failures for BEs and SFs are expressed in wordsby linguistic terms, such as: Impossible (I), Very Low (VL), Low(L), Moderate (M), Fairly High (FH), High (H) and Very High(VH). For example term I expresses extremely low probabilityof failure and opposite term VH represents very probableevent.

2. Each linguistic term is associated with a specic fuzzy numberof L-R type, which is given by Eq. (3).

Table 2Fuzzy probability numbers for the events in the bow-tie model.

Events failure Basic events (BE) Safety functions (SF)

A (LIAH) B (PI) C (HE) D (SV) E (DS) Failure to controlimmediate ignition (II)

Failure to controllate ignition (LI)

Linguistic term selectedby expert

H H FH FH FH H VH

Data for design of the trapezoid membership functionsLeft boundary value m 0.25$100 0.25$100 0.25$101 0.25$101 0.25$101 0.25$100 1Left top value n 0.75$100 0.75$100 0.75$101 0.75$101 0.75$101 0.75$100 1Mean value m 101 101 102 102 102 101 1Right top value n 0.25$101 0.25$101 0.25$102 0.25$102 0.25$102 0.25$101 0.25Right boundary value m 0.75$101 0.75$101 0.75$102 0.75$102 0.75$102 0.75$101 0.75

PI

To effluentdisposal system (DS)

e s

Nitrogen

A.S. Markowski et al. / Journal of Loss Prevention in the Process Industries xxx (2009) 18 5

ARTICLE IN PRESSSV SV

TI

IsobutanSample line

sphere

T=35CP=3,27V=300

Fig. 6. Isobutane

Please cite this article in press as: Adam S. Markowski, M. SamMannan et athe Process Industries (2009), doi:10.1016/j.jlp.2008.11.011LIAH

PRCAL

torageTo sump

To process

barm3

storage tank.


Failure of BPCS

te

OverfillingFailure of LIAH

Human error

Pool fireYES

A

C

Basic event (BE)

Intermediate event (IE) Top event (TE)

Safety function (SF)

Outcome event (OE)

OE1

ode

A.S. Markowski et al. / Journal of Loss Prevention in the Process Industries xxx (2009) 186

ARTICLE IN PRESSmMx

0; x mxmn m ; m x n

1; n x nm xm n; n x m0; m x

9>>>>>>>>>>>=>>>>>>>>>>>;

8>>>>>>>>>>>>>>>>>>>>>:

(3)

The fuzzy number is symbolically written: M x;m ;n ;n;m,

Failure of PI

Failure of layerof protection

Failure of SV

Failure ofdisposal system

D

B

E

Fig. 7. The bow-tie mwhereas the graphical presentation of that number is given in Fig. 4(Dubois & Prade, 1980).

3. The universe of discourse is XC106;100D as it is most suitablefor the range of the probabilities of failure rates encountered inthe industry. Within the universe of discourse X fuzzy numbersscale is formulated as is shown in Fig. 5.

4. The selection of an appropriate linguistic term that representsthe value of failure probability rate, from normalized fuzzyscale for each BE and SF involved, is undertaken by an expert. Inthe example of isobutane storage tank for all basic events andsafety functions determined in bow-tie model, fuzzylinguistic terms were selected, for instance for Human Error term FH (see Table 2 below).

Table 3Fuzzy probability result numbers.

Top event, TE fPTE PTEdeff

m n m n m

TE Rupture oftank

1.00E03 2.40E03 4.20E03 6.60E03 9.50E03 4.40E03

Outcomeevent, OE

fPOE POEdeff

m n m n m

OE1 PF 0.00 1.59E04 3.87E04 7.38E04 1.30E03 4.37E04OE2 VCE/FF 2.40E06 1.20E05 3.87E05 9.23E05 1.91E04 4.98E05OE3 Dispersion 2.60E07 1.33E06 4.20E06 1.02E05 2.13E05 5.53E06

Please cite this article in press as: Adam S. Markowski, M. SamMannan et athe Process Industries (2009), doi:10.1016/j.jlp.2008.11.0115. The calculations of fuzzy probability of outcome events (fPOE) usearithmetical operations on fuzzy numbers (Dubois & Prade,1980).

Final calculation of fuzzy probability of outcome event (fPOE)follows an appropriate equation for minimum cut set (MCS) forparticular structure of the bow-tie model representing an acci-dent scenario (see Eq. 4 and 5).

fPTE Xnn1

Yii1

fPBEi;Yjj1

fPBEj;.;Ykk1

fPBEk!

n

fPBE11/1fPBEi14/4fPBE11/1fPBEkn (4)

Vapour cloudexplosion/ Flash fire

Imm

edi

aig

nitio

n

Late

igni

tion

Rupture of tank

Dispersion

NO

YES

NO

OE2

OE3

l for rupture of tank.fPOE fPTE1Ymm1

fPSF$Pn1 Pm

fPTE1fPSF1$Pn1 P11/1fPSFm$Pn1 Pm

(5)

5. Bow-tie case study

Fig. 6 shows a typical isobutane storage tank which was selectedfor this study.

Process Hazard Analysis (PHA) identied 10 different repre-sentative accident scenarios (RAS), among them rupture of the

De

gre

e o

f

me

mb

ers

hip

1

0,5

0

fPTE

10-3 10-2

traditional value

crisp value

Fig. 8. Fuzzy probability of top event (TE).


fPTE fPA1fPD4fPB1fPD4fPC1fPD4fPA

Probability of outcome event 2 (VCE/FF)

For example, in the one of major hazards VCE/FF (2nd outcomeevent), the crisp value P 4.98E05 indicates that the

Deg

ree

o

f

mem

bersh

ip

1

0,5

fPOE1 fPOE2 fPOE3

10-3 10-410-4 10-510-5 10-610-7

traditional value value

outc

A.S. Markowski et al. / Journal of Loss Prevention in the Process Industries xxx (2009) 18 7

ARTICLE IN PRESSfPOE2 fPTE1fPII$1 P1fPLI$P (8)Probability of outcome event 3 (dispersion)

fPOE3 fPTE1fPII$1 PfPLI$1 P (9)

5.3. Results1fPE4fPB1fPE4fPC1fPE (6)

Probability of outcome event 1 (pool re)

fPOE1 fPTE1fPII$P (7)tank due to overlling. Based on the outputs from PHA, the bow-tie model was constructed as is presented in Fig. 7.

In the bow-tie model of the isobutane storage tank is shownthat both overlling and failure of layer of protection cause therupture of the tank. If there is no ignition, ammable isobutanecloud will disperse, otherwise pool re (PF) or vapor cloud explo-sion (VCE)/ash re (FF) may appear. The major hazard due to PFand the VCE/FF will be concerned in further study.

5.1. Development of frequency data

The fuzzy probabilities for particular BEs and SFs were arbi-trarily selected by process engineer based on the normalized fuzzyscale and they are shown in Table 2.

5.2. Basic equations for calculations

Probability of top event (rupture of tank)

010-210-310-410-5 10-6

crisp

Fig. 9. Fuzzy probabilities ofThe calculations were carried out receiving fuzzy probabilities oftop event and outcome events, expressed by fuzzy numbers. Themapping of fuzzy number into a crisp value (nonfuzzy) was per-formed with the use of centroid method (Yen & Langari, 1999).

The nal results are presented in Table 3. Figs. 8 and 9 providegraphical illustrations and show the comparison between the crisp

Table 4Fuzzy probabilities of outcome events percentage contribution.

Outcome event,OE

Fuzzy method Traditional method

POEdeff Membership POE

OE1 PF 4.37E04 M 78% L 22% 3.87E04OE2 VCE/FF 4.98E05 L 86% VL 14% 3.87E05OE3 Dispersion 5.53E06 VL 100% I 0% 4.20E06

Please cite this article in press as: Adam S. Markowski, M. SamMannan et athe Process Industries (2009), doi:10.1016/j.jlp.2008.11.011OE2deff

probability belongs to two sets: LOW (L) with the membershipdegree of 86% and VERY LOW (VL) in 14%. The distance from 100%belongings to the particular set is clearly evident.

In comparison to the traditional method the following obser-vations can be made:

1. the crisp value is about 10% lower than traditional one,2. the contribution of each fuzzy set in outcome fuzzy probability

could be provided, whereas in traditional analysis suchcontribution is unknown.

Above statements conrm that the fuzzy method, which takesinto account the uncertainty of the input data, provide outcomefuzzy probabilities more precisely. The nal results are determinedmore realistically in comparison to the traditional bow-tiecalculation. It enables better assessment of the accident scenarios,proper calculation of the risk index and more appropriate selectionof safety measures required to meet risk acceptance criteria.

6. Conclusions

1. Process Safety Analysis (PSA), being a basis for decision-makingprocess in chemical industry is a very complex task, repre-senting a number of uncertainties connected with informationshortages which may lead to the important overlooking of thesafety assurance of plants.values of the outcome probabilities and their values representingsingle-point estimates obtained by the traditional approach.

The crisp defuzzied value allows to display the percentagecontribution of each outcome fuzzy probability number in fuzzy setrepresenting fuzzy probability range. The results are shown in Table4 whereas Fig. 10 illustrates the reading method used for thispurpose.

ome events (OE1, OE2, OE3).2. The bow-tie models consisting of the fault tree and event treefor a particular accident scenario are knowledge-acquisitionstructures and therefore they require special treatment of

10-6

I

10-5

VL

10-4

L

10-3

M

10-2

FH

10-1

H

100

VH

Deg

ree

ofm

emeb

ersh

ip

fPOE2

POE2deff

10.86

0.5

0.14

0

Fig. 10. Fuzzy probability of outcome event 2 on normalized fuzzy scale.


subjective uncertainty. The application of fuzzy sets mayimprove data acquisition process.

3. The calculation methodology for output events representingmajor hazards accident scenarios with the help of fuzzy setswas proposed and veried for a simple case study. The receiveddata conrm that the nal results are more realistically deter-mined and offer an advantage with respect to the traditionalsingle-point estimations.

4. The success of this method depends on quality of failure datacollection of process components as well as on the cooperationwith plant operation staff.

Abbreviations and symbols

Bow-tie analysis:ET: event treeFT: fault treeMCS: minimum cut set

Events, E:BE: basic eventIE: intermediate eventOE: outcome eventSF: safety functionTE: top event

Fuzzy number parameters:m: mean valuem: left boundary value

A.S. Markowski et al. / Journal of Loss Prevention in the Process Industries xxx (2009) 188

ARTICLE IN PRESSReferences

Bowles, J. B., & Pelaez, C. E. (1995). Application of fuzzy logic to reliability engi-neering. Proceedings of the IEEE, 83(3), 435449.

Dubois, D. (2006). Possibility theory and statistical reasoning. ComputationalStatistics & Data Analysis, 51, 4769.

Dubois, D., & Prade, H. (1980). Fuzzy sets and systems Theory and applications.Academic Press.

Dubois, D., & Prade, H. (1988). Possibility theory An approach to computerizedprocessing of uncertainty. New York: Plenum Press.

Exida. (2005). Safety equipment reliability handbook (2nd ed.). USA: Exida.com L.L.C.Fussell, J. B., & Veseley, W. E. (1972). A new methodology for obtaining cut sets for

fault trees. Transactions of the American Nuclear Society, 15(1), 262263.Gentile, M. (2004). Development of a hierarchical fuzzy model for the evaluation of

inherent safety. Texas A&M University.Gentile, M., Rogers, W. J., & Mannan, M. S. (2003). Development of an inherent

safety index based on fuzzy logic. AIChE, 49(4), 959968.Geymar, J. A. B., & Ebecken, N. F. F. (1995). Fault tree: a knowledge engineering

approach. IEEE Transactions on Reliability, 44(1), 3745.Karwowski, W., & Mital, A. (1986). Potential application of fuzzy sets in industrial

safety engineering. Fuzzy Sets and Systems, 19, 105120.Kenatrangul, R. (1991). Event tree analysis by fuzzy probability. IEEE Transactions on

Reliability, 40(1), 120124.Kim, C. E., Ju, Y. J., & Gens, M. (1996). Multilevel fault tree analysis using fuzzy

numbers. Computers and Operations Research, 23, 695703.Mannan, M. S. (2005) (3rd ed.).Leess loss prevention for the process industries, Vols. I

III Burlington: Elsevier Butterworth-Heinemann.Markowski, A. S. (2006). Layer of protection analysis for the process industry. Polish

Academy of Science (PAN) Branch Lodz, ISBN 83-86-492-36-8.Misra, K. B., & Weber, G. G. (1990). Use of fuzzy set theory for level-1 studies in

probabilistic risk assessment. Fuzzy Sets and Systems, 37, 139160.ANS and IEEE (1983). PRA Procedures Guide: a guide to the performance of prob-

abilistic risk assessments for nuclear power plants, NUREG/CR-2300. U.S.Nuclear Regulatory Commission. Washington, D.C.

Oreda. (1997).Offshore reliabilitydata (3rd ed.). Norway: Sintef IndustrialManagement.Pate-Cornell, M. E. (1996). Uncertainties in risk analysis: six level of treatment.

Reliability Engineering and System Safety, 54, 95111.Quiech, J., & Cameron, J. T. (1994). Uncertainty representation and propagation in

quantied risk assessment using fuzzy sets. Journal of Loss Prevention in theProcess Industries, 7, 463473.

Siler, W., & Buckley, J. J. (2005). Fuzzy expert system and fuzzy reasoning. J. Wiley.Singer, D. (1990). A fuzzy set approach to fault tree and reliability analysis. Fuzzy

Sets and Systems, 34, 145155.Solzano, E., & Cozzani, V. (2006). A fuzzy set analysis to estimate loss intensity

following blast wave interaction with process equipment. Journal of LossPrevention in the Process Industries, 19, 343352.

Yen, J., & Langari, R. (1999). Fuzzy logic: intelligence, control and information. NewYork/Upper Saddle River: Prentice Hall PTR.

Zadeh, L. (1965). Fuzzy sets. Information and Control, 8, 338353.Please cite this article in press as: Adam S. Markowski, M. SamMannan et athe Process Industries (2009), doi:10.1016/j.jlp.2008.11.011m: right boundary valuen : left top valuen: right top value

Hazards:FF: ash reII: immediate ignitionLI: late ignitionPF: pool reVCE: vapor cloud explosion

Installation elements:DS: disposal systemHE: human errorLIAH: level indicating alarm highPI: pressure indicatorPRCAL: pressure recording controller with alarm lowSV: safety valveTI: temperature indicator

Linguistic terms:FH: fairly highH: highI: impossibleL: lowM: moderateVL: very lowVH: very high

PHA methods:ETA: event tree analysisFTA: fault tree analysisHAZOP: hazard and operability studyLOPA: layer of protection analysisQRA: quantitative risk analysisPHA: process hazard analysisPSA: process safety analysis

Probabilities:fPE: fuzzy probability of failure of E eventP: probability of failure of safety functionPE: probability of failure of E event for traditional approachPEdeff: probability of failure of E event after defuzzication

Subscripts:i,j,.k: number of basic events in minimal cut set in FTm: number of outcome events in ETn: number of minimal cut sets in FTl., Fuzzy logic for process safety analysis, Journal of Loss Prevention in

Fuzzy logic for process safety analysisIntroductionUncertainty sources in risk analysisGeneral methods to deal with uncertainty in PSAFundamentals of fuzzy logic for process safetyFuzzy logic basicDevelopment of fuzzy bow-tie model for PSA

Bow-tie case studyDevelopment of frequency dataBasic equations for calculationsResults

ConclusionsReferences

fuzzy logic for process safety analysis

Documents