Risk Analysis

Dr. I. M. MishraPt. G. B. Pant Chair Professor of Environmental Pollution

Abatement, Professor of Chemical Engineering and Dean Saharanpur Campus

Indian Institute of Technology, RoorkeeE-mail:- imishfch@iitr.ernet.in

Some Important Definitions Risk

A measure of the potential for loss in terms of both the likelihood (events/year) of the incident and the consequences (effects/event) of the incident

Mathematically Risk = Σ probability of event × consequence of event

Risk Analysis The development of a quantitative estimate of risk based on

engineering evaluation & mathematical techniques for combining estimates of incident likelihood and consequences

Some Important Definitions Risk Assessment

The process by which the results of a risk analysis (i.e., risk estimates) are used to make decisions, either through relative ranking or through comparison with risk targets

Risk Management The planning, organizing, leading and controlling of an

organization’s assets and activities in ways, which minimize the adverse operational and financial effects of accidental losses upon the organization

Risk Analysis?

It is an important part and precursor of risk assessment and management

A full analysis involves the estimation of the frequency and consequences of a range of hazards scenarios and the damages expected.

Damages include injury and loss of life, damage to the environment and equipment, loss of work, and finally also economic loss to the plant

Why Risk Analysis?

Chemicals have become a part of our life

Chemicals have their own inherent properties and hazards and so do the processes by which they are manufactured

Risks posed by these highlighted by Flixborough (1974), Bhopal (1984), Piper Alpha(1998) & Other Accidents

Government regulations and public awareness Source: www.hse-databases.co.uk

Fig. 2 Incident of Bucheon LPG Filling station

Fig.1. Bucheon LPG filling station

History of Risk & Risk Analysis

In 1654 , a French duke asked the famous mathematician Pascal to solve a problem of how to divide the stakes of an unfinished game of dice when one of the players was ahead.

Developed with focus on financial matters and gambling

Realisation with industrial revolution of risks posed due to technology used in industry

Early emphasis on nuclear industry but importance realized by Chemical industry due to accidents like Flixborough, Bhopal, VIizag, Jaipur etc.

Risk Management Procedure

D ata In p u t

Id en tify

Es tim ateL ikeliho o d

D eterm ineC o ns eq uenc es

R is k M a trix

A ccep tab le

O p e ra te

R e d u c eM itiga teT ra n sfe r

Y es

N o

Sources of Data Input Chemical Usage, Contractor Activity, EH&S Policies,

Equipment Reliability, External Events, Facility & Process Descriptions, Historical Accident, Human Reliability

Manuals for Policies & Procedures, Engineering Design, Safety, Maintenance and data from Material Usage, Meteorological, Population etc

General Steps in Risk AnalysisThe general steps in any hazard identification

technique are

1. Assembling a team

2. Collection of data

3. Deciding on level of detail

4. Applying the technique

5. Documenting the results

Methods For Risk Analysis Risk analysis can be carried out by a number of methods

Cause-Consequence Analysis, Checklist, Event Tree Analysis Failure Modes, Effects and Criticality Analysis (FMECA) Fault Tree Analysis (FTA), Hazard & Operability Analysis (HAZOP), Bow Ties, Petri nets

Method usage depends on level of detail and resources available

The methods can be classified in to the following categories:

1. Qualitative

2. Quantitative

These can further be divided into:

1. Deterministic

2. Probabilistic

Classification of Methods

The deterministic methods take into consideration the products, the equipment and the quantification of consequences for various targets such as people, environment and equipment.

The probabilistic methods are based on the probability or frequency of hazardous situation apparitions or on the occurrence of potential accident.

The probabilistic methods are mainly focused on failure probability of equipment or their components.

Methods for Risk Analysis

Some Qualitative Methods

Preliminary Risk Analysis In this technique, the possible undesirable events are identified

first and then analyzed separately. For each undesirable events or hazards, possible improvements,

or preventive measures are then formulated. The result from this methodology provides a basis for

determining which categories of hazard should be looked into more closely and which analysis methods are most suitable.

With the aid of a frequency / consequence diagram, the identified hazards can then be ranked according to risk, allowing measures to be prioritized to prevent accidents

Some Qualitative MethodsHazard And Operability Study

This technique is usually performed using a set of guidewords: NO / NOT, MORE / LESS OF, AS WELL AS, PART OF REVERSE, AND OTHER THAN.

From these guidewords, scenarios that may result in a hazard or an operational problem are identified

The consequences of the hazard and measures to reduce the frequency with which the hazard will occur are then discussed.

This technique had gained wide acceptance in process industries

Deviation Possible Causes

Potentialconsequences

Existing systems

Recommendations

No temp N A NIL NIL NIL

Less Temp Inlet gas temp low Operability Temp indications available NIL

More Temp Inlet gas temp high

Equipment damage

Temp indications available NIL

As well as Temp NIL NIL NIL NIL

Part of Temp NIL NIL NIL NIL

Other than Temp NIL NIL NIL NIL

Reverse Temp N A N A NIL NIL

Example of HAZOP applied to a Hot Air Filter system

Some Qualitative MethodsFailure Modes and Effects Analysis (FMEA) This method was developed in the 1950s by reliability

engineers to determine problems that could arise from malfunctions of military system.

Failure mode and effects analysis is a procedure by which each potential failure mode in a system is analyzed to determine its effect on the system and to classify it according to its severity.

When the FMEA is extended by a criticality analysis, the technique is then called failure mode and effects criticality analysis (FMECA)

Failure mode

Causes Effects Detection method

Safety provisions

Severity class

Comments

Valve Fails open

InternalmalfunctOperatorerror

Toxic release

Pressureindicators

PRV II Prevent operator error

Valve fails closed

InternalmalfunctOperatorerror

Flow stopped

Pressure indicators

None IV Check for overPressure

A Typical FMEA Sheet

Some Qualitative Methods Checklists

A list of possible problems and areas to be checked and reminds the reviewer of potential problem areas

Easy to apply and assessment can be performed by inexperienced practitioners

Assessment will only be as complete as the list used and difficulties faced in novel process

Simple Checklist for long drive in a car

1. Check oil2. Check tire air pressure3. Check radiator fluid4. Check air filter5. Check head and tail lights6. Check exhaust7. Check petrol

Pros and Cons of Qualitative Techniques The three techniques outlined above require only the

employment of "hardware familiar" personnel

FMEA tends to be more labor intensive, as the failure of each individual component in the system has to be considered

A point to note is that these qualitative techniques can be used

in the design as well as operational stage of a system

Some Quantitative TechniquesFault Tree Analysis A fault tree is a logical diagram which shows the relation

between system failure, i.e. a specific undesirable event in the system, and failures of the components of the system

It is a technique based on deductive logic. An undesirable event is first defined and causal relationships of the failures leading to that event are then identified

Symbols used in FTAPrimary Event Block Classic FTA Symbol Description

Basic Event A basic initiating fault (or failure event).

External Event (House Event)

An event that is normally expected to occur. In general, these events can be set to occur or not occur, i.e. they have a fixed probability of 0 or 1.

Undeveloped Event An event which is no further developed. It is a basic event that does not need further resolution.

Conditioning Event A specific condition or restriction that can apply to any gate.

Symbols used in FTA

Name of Gate Classic FTA Symbol Description

AND The output event occurs if all input events occur.

OR The output event occurs if at least one of the input events occurs.

Inhibit The input event occurs if all input events occur and an additional conditional event occurs.

Priority AND The output event occurs if all input events occur in a specific sequence.

XOR The output event occurs if exactly one input event occurs.

A Chemical Reactor with an Alarm and an Inlet Feed Solenoid

Simple FTA for Reactor Overpressure

Reactor with High Temperature Alarm and Temperature Controller

Event Tree for a Loss of coolant Accident for the Reactor

The Computational Sequence Across a Safety function in an Event Tree

Event Tree for the Reactor. This Includes High Temperature Shut Down System

Some Quantitative Techniques Event Tree Analysis Event tree analysis - consists of an analysis of possible causes

starting at a system level and working down through the system, sub-system, equipment and component, identifying all possible causes. (What faults might we expect? How may they be arrived at?)

Assessment methods which allow quantifying the probability of an accident and the risk associated with plant operation based on the graphic description of accident sequences employ the fault tree or event tree analysis (FTA or ETA) techniques

C o n tin u e O p e ra tio n

S h u t D o w n

S h u t D o w n

R u n aw ay

S a fe ty F u n c tio n s : H igh Tem p O p e ra to r R es ta rts O p e ra to r S h u ts R es u lt A le rts C o o lin g D o w n R eac to r

N o

Y es

L o ss o f co o lin g

Example of ETA Applied With Loss Of Cooling in a Polymerisation Reactor as an Initiating Event

Some Quantitative TechniquesCause Consequence Analysis Cause-consequence analysis (CCA) is a blend of fault tree and

event tree analysis. This technique combines cause analysis (described by fault trees) and consequence analysis (described by event trees), and hence deductive and inductive analysis is used.

The purpose of CCA is to identify chains of events that can result in undesirable consequences. With the probabilities of the various events in the CCA diagram, the probabilities of the various consequences can be calculated, thus establishing the risk level of the system

C o ns e q u e nc e C o ns e q u e nc e

Initia ting e v e nt

F a u lt T re e

Y e s N o

E v e nt T re e S id e

Typical Cause Consequence Analysis

Some Quantitative TechniquesManagement Oversight Risk Tree MORT is a diagram which arranges safety program elements

in an orderly and logical manner.

Its analysis is carried out by means of fault tree, where the top event is "Damage, destruction, other costs, lost production or reduced credibility of the enterprise in the eyes of society".

The tree gives an overview of the causes of the top event from management oversights and omissions or from assumed risks or both

Some Quantitative TechniquesSafety Management Organization Review Technique This technique is structured by means of analysis levels with

associated checklists.

The SMORT analysis includes data collection based on the checklists and their associated questions, in addition to evaluation of results.

The information can be collected from interviews, studies of documents and investigations. This technique can be used to perform detailed investigation of accidents and near misses. It also servs well as a method for safety audits and planning of safety measures

Some Quantitative TechniquesPetri Nets A graphical methodology based on ARTIFEX software

package. A circle represents a place and a rectangle represents a

transition A Petri Net is composed of four parts, A set of places, A set of

transitions, An input function, An output function Either bottom-up or top-down Other techniques like GO, Diagraph modeling, Markov

modeling

N o rm a l O p e ra tio n s

Tran s itio n s

R ed u cedo p e ra tio n s

A Petri Net Diagram

Pros and Cons of Quantitative Methods These methods are mainly used to find cut-sets leading to the

undesired events.

Event tree and fault tree have been widely used to quantify the probabilities of occurrence of accidents and other undesired events leading to the loss of life or economic losses in probabilistic risk assessment.

However, the usage of fault tree and event tree are confined to static, logic modeling of accident scenarios. In giving the same treatment to hardware failures and human errors in fault tree and event tree analysis, the conditions affecting human behavior can not be modeled explicitly

Qualitative Vs Quantitative Qualitative methodologies though lacking the ability to

account the dependencies between events are effective in identifying potential hazards and failures within the system.

The Quantitative techniques addressed this deficiency by taking into consideration the dependencies between each event. The probabilities of occurrence of the undesired event can also be quantified with the

availability of operational data.

Human Reliability AnalysisHuman Hazards Identification ( Task Analysis)

Identify hazards occurring due to human error while performing standard procedures

The task is a set of operations/actions required to achieve a set goal and assesses what people might do while performing the operations

Questions such as “What actions do the operators perform ?”, “How do operators respond to different cues in the environment ?”

Main limitation being that it is only applicable to human interaction with the process

Human Reliability Analysis Hierarchical Task Analysis

Same methodology as task analysis, but a hierarchy is placed on the order of the tasks to be investigated

Methodology produces either a tree structure, with the most complex task on the top and the simplest on the bottom, or a list of steps that are required to be performed in order to produce the required goal

The technique provides an easily understandable breakdown of the tasks and order of which they are to be performed

Other techniques such as Human Interaction with Machine (HIM) , Human Error Analysis (HEA)

Likelihood Calculation Incident History

Industry Experience

Site Experience

Equipment Vendor Experience

Specialty Consulting Firm Experience

Component Failure Rate Data, Handbooks

Non-electronic Parts Reliability Data

Use of Risk Analysis Data Avoidance

Discontinue the practice that creates the risk

Mitigation Implement strategies to reduce the impact

Transfer Purchase financial relief (Insurance)

Acceptable risk and concept of ALARP

Risk MatrixNever Heard

on .. In industry

Heard on .. In industry

Incident occurred in

our company

Happens Several times

Happens Several times in a location

PEOPLE ASSETENVIORM

ENTREPUTATI

ONA B C D E

0

No health effect/ Injury

No damage No effect No Impact LOW

1

Slight Health effect/ injury

Slight Damage

Slight effectslight Impact

RISK

2

Minor Health effect/ injury

Minor Damage

Minor effect

Limited impact

3

Major Health effect/ injury

Localised Damaged

Localised effect

Considerable impact

MEDIUM RISK

4 1 to 3

fatalitiesMajor

Damagemajor effect

National impact

HIGH RISK

5Multiple Fatalities

Extensive Damage

Massive effect

international impact

LIKELYHOOD

CONSEQUENCES

SE

VE

RIT

Y

Codes & Standards for Risk Analysis American Institute of Chemical Engineers have Guidelines for

Chemical Process Quantitative Risk Analysis & Hazard Evaluation Procedures, OSHA has 29 CFR 1910.119, EPA Risk Management Plan (RMP)

India has its own BIS guidelines in BIS 18001, guidelines by labour ministry

Even in non chemical industries codes like Nuclear Regulatory Commission NUREG/CR-2815 , IEC 61508, SEMI S10 - Safety Guideline for Risk Assessment, S14 - Safety Guide for Fire Assessment & Mitigation for Semiconductor Manufacturing Equipment

Intelligent Systems : The Way Ahead! The estimated cost of process hazards reviews in the CPI

is about 1% of sales or about 10% of profits

An intelligent system can help

1. Reduce the time effort and expense involved in a PHA review

2. Make the review more thorough, detailed, and consistent,

3. Minimize human errors

4. Free the team to concentrate on the more complex aspects of the analysis which are unique and difficult to automate

An example is the HAZOP Expert a model-based, object-oriented, intelligent system for automating HAZOP analysis

Other well known software packages include HAZTEC, CARA BRAVO, CAFTAN, RISKMAN, QRAS

Conclusions Risk is a subjective concept varying according to context

In actual industry a number of variations are applied to methods of risk analysis and sometimes steps are completed simultaneously or given a miss according to need and resources present

Risk analysis can be qualitative as well as quantitative. Quantitative methods are being given more stress since they allow for a better comparison of risk levels and reduce subjectivity in decision making process

Conclusions Probabilistic risk analysis is perhaps the best

methodology available at present for application of low probability high impact systems like CPI

Intelligent systems hold the key to reduction in resource utilization and increasing accuracy of risk analysis and hence risk assessment

There is no possibility of eliminating all hazards completely and concept of allowable risk becomes important

Hazards and overall risk associated with technology is a crucial element for triggering regulatory action, public protest and a host of other problems, so it is of utmost importance to find the origins of risks, to strengthen safeguards and thus preserve the acceptability of hazardous facilities or activities. It constitutes a real need then, to provide a coherent strategy to maximise performance and minimize risk

END GAME

References Center for Chemical Process Safety (CCPS). Guidelines for Hazard Evaluation

Procedures, Second Edition with Worked Examples; Publication G18; American Institute of Chemical Engineers, New York (1992)

Lees, F. P. Loss Prevention In The Process Industries: Hazard Identification, Assessment And Control. (2001) (3rd Ed). UK: Butterworth- Heinemann

Crowl D, Louvar J. Chemical process safety fundamentals with applications. (1990). Prentice Hall

Bernstein PL . “Against the Gods: The Remarkable Story of Risk”. (1996). Wiley New York.

Nivolianitou Z.S. Comparison Of Techniques For Accident Scenario Analysis In Hazardous Systems. Journal of Loss Prevention in the Process Industries, (2004), v-17, pp- 467–475

References Wells G., Whetton C. Preliminary Safety Analysis. Journal of Loss

Prevention in the Process Industry, (1993), v-6, no 1, pp-47-60

Venkatasubramanian V., Zhao J. Viswanathan S . Intelligent Systems For Hazop Analysis Of Complex Process Plants. Computers and Chemical Engineering (2000),v-24, 2291–23

Cacciabue, P. C. Human Factors On Risks Analysis Of Complex Systems. Journal of Hazardous Materials (2000), v-71, 101–116.

Robert D. Choosing The Level Of Detail For Hazard Identification. Process Safety Progress (1995), v-14, no 3

Any Questions ?

Any Questions ?