INHERENTLY SAFE DESIGN

PROCESS RISK MANAGEMENT METHODS USED DURING THE DESIGN PHASE CAN BE PUT INTO 4 CATEGORIES:
Inherent Passive Active Procedural

TARGET IS A FAIL-SAFE INSTALLATION

INHERENT SAFETY DESIGN

Inherent Eliminating the hazard by using materials and process conditions which are non-hazardous.
Minimize Reduce quantities of hazardous substances Substitute Use less hazardous substances Moderate Use less hazardous process conditions, less hazardous forms of materials, or configure facilities to minimize impact from hazardous material releases or uncontrolled energy release Simplify Configure facilities to simplify operation

PASSIVE SAFE DESIGN

Passive Minimizing the hazard by process and equipment design features which reduce either the frequency or consequence of the hazard without the active functioning of any device.
Location of facilities separation of ignition sources and fuels from other facilities Design equipment for design pressure in excess of the adiabatic pressure from a reaction.

ACTIVE SAFE DESIGN

Active Using facilities to detect and correct process conditions:
controls safety interlocks monitoring systems for hazards that develop over a long term and emergency shutdown systems to detect and correct process deviations.

PROCEDURAL SAFE DESIGN

Procedural Prevention or minimization of incident impacts using: Safe operating procedures and operator training Administrative safety checks Management of Change Planned emergency response

Risk Assessment Tools

Risk Matrix PHA= Preliminary Hazard Analysis FTA=Fault Tree Analysis FME(C)A=Failure Mode Effects (Criticality) Analysis HAZOP=Hazard Operability Analysis HACCP=Hazard Analysis and Critical Control Point
Robert C. Menson, PhD 6

Elements of the Risk Management Process

Assessment

Risk Analysis

Risk Control Post-Production Information

Management

Risk Evaluation

Robert C. Menson, PhD

Hazard Operability Analysis (HAZOP)

Hazard Operability Analysis (HAZOP)

A theory that assumes that risk events are caused by deviations from the design or operating intentions Identify potential deviations from normal use How to perform? A systematic brainstorming technique for identifying hazards using so-called guide-words applied to relevant parameters: No, More, Other Than, None

So again, what is HAZOP?

Technique for identifying and analyzing the hazards and operational concerns of a system. Central activity a methodical investigation of a system description (design representation).

I.6: Hazard Operability Analysis (HAZOP)

Concept Focus team discussions by applying deviations to specific nodes Deviations are generated by applying Guidewords to process parameters Examine the process by discussing causes of each deviation Identify consequences Evaluate risk and safeguards Make recommendations, if necessary Include all parts of the process

Source: Hazard and Operability Studies in Solid Dosage Manufacture. Nail L. Maxson. (200

I.6: Hazard Operability Analysis (HAZOP)

Potential Areas of Use(s)
Manufacturing processes Equipment and facilities Evaluating process safety hazards Primarily as starter of a HACCP Operator error (use error)
ICH Q9

I.6: Hazard Operability Analysis (HAZOP)

Guidewords NONOT NONE MORE LESS AS WELL AS PARTIALLY Explanation Remarks The total absence of the No part of the function is active, but also function nothing else happens Quantitative increase or Quantitative decrease Qualitative increase or Qualitative decrease This applies to quantities & properties such as flow, temperature, and also for functions such as heating and reacting. All desired functions & operations are achieved. Additionally, something else happens. Only a few functions are achieved, some not.

REVERSE

The logical reverse of the desired function

This applies mainly to functions, e.g., reverse flow or reversible chemical reaction. It can also be applied to materials, e.g., poison instead of antidote, or D- instead of L- optical isomer.
The original function is not performed. Something totally different happens.
Nail L. Maxson. (2004).

OTHER

Total exchange

I.6: Hazard Operability Analysis (HAZOP)

Deviation
High temperature in blender

EXAMPLE

Causes
Steam heating control malfunction

Consequences
Feed material #1 reaches decomposition temperature Violent reaction with toxic gas generation Personnel exposure/ injury Equipment damage

Safeguards
Diverse high temp. interlock on blender

Recommend
Test interlock on quarterly basis

Blender vented

Add steam heating control to monthly PM

Nail L. Maxson. (2004).

Hazard Operability Analysis (HAZOP)

Experiences Ease of applicability of the model?
Simplifies decision making Allows uniformity of analysis across sites Process steps guided (guide words, if available)

Limitations of the model

Applies to specific situations only May need to use other models for quantifying risk Not a structured approach Not designed for quantifiable risk assessment Complex output

Study process itself in a nutshell

Introductions Presentation of design notation Examine design methodically one unit at a time Is it possible to deviate from design intent here? NO NO YES

Examine both consequences and causes of the possible deviation

Document results Define follow-up work Time up? YES Agree on documentation Sign off

Three Hazop Questions:

"What could go wrong?" "How would we know it?" "What could we do about it?"

HAZOP meeting process