PROCESS HAZARDS IDENTIFICATION AND

RISK ASSESSMENT
Golam Sarwar, D.Sc. (Tech.)
University lecturer
A!; School of Chemical Engineering
Process hazard identification and risk assessment
Allows you to:
• Identify the hazards and reduce the risk well in advance of
an accident
• Determine the events that can produce an accident, the
probability of those events and the consequences
• Determine locations of potential safety problems
• Identify corrective measures to improve safety
• Emergency actions to be taken if safety controls fail

You need to: Identify hazard-> Evaluate risks-> Reduce & Control risks
Hazard
• A hazard is defined as a physical or chemical characteristic that has
the potential for producing an accident/harm such as human injury,
damage to property and the environment.
• Hazards are characteristic of the materials, chemistry and process
variable
examples:
• Mechanical hazards: worker injuries from tripping, falling or moving
equipment
• Chemical hazards: fire and explosion hazards, reactivity hazards, and toxic
hazards
• Phosgene -toxic by inhalation
• Acetone -flammable
• HP steam -potential energy due to pressure, high TO
Risk
Is the probability of a hazard resulting in an accident. The risk is the
likelihood of a certain loss, in other words a combination of probability
of occurrence (P) and its consequences (C). Risk=P*C
Thus, the risk depends on both the possibility of injury and the severity
of the damage.
Examples:
• risk of getting an occupational disease
• the risk of being under the car
• the risk of losing the claim (debt risk)

The risk can be described with the likelihood or expectation of a

particular case.
Hazards identification requirements
• Use one or more established methodologies appropriate to the
complexity of the chemical process
• Selection of the best method requires experience
• Performed by a team with expertise in engineering and chemical
plant/process operations
• Includes personnel with experience and knowledge specific to the
process being evaluated and the hazard analysis method being used
Hazards identification address to:
• Equipment in the process
• Hazards of the process
• Identification of previous incidents with likely potential for catastrophic
consequences
• Engineering and administrative controls applicable to the hazards
• Consequences of failure of engineering and administrative controls
• Facility lay out
• Human factors
• Consequences of deviation and steps to avoid deviation
• The need to promptly resolve hazard findings and recommendations
Hazard identification methods
Many methods are available. Few popular approaches are considered
bellow:
• What-If
• Checklist
• What-If/Checklist
• Failure Mode and Effects Analysis (FMEA)
• Fault Tree Analysis (FTA)
• Hazard Surveys
• Safety Review
• Hazard and Operability Study (HAZOP)
What-If
What-If Hazard Analysis is widely used qualitative method for identifying
and analyzing hazards, hazard scenarios and existing and needed
controls.

Widely used in many industries including chemical and petrochemical,

energy, manufacturing, high-tech, food processing, transportation,
healthcare etc...

In a What-If hazard analysis, brainstorming techniques, in the form of

What-If questions are used to identify possible deviations and
weaknesses in design. Once identified, these concerns and their
potential consequences are evaluated for risk.
What-If?
• Experienced personnel brainstorming based on the question,
"What if…?”
• Each question represents a potential failure in the facility or
miss-operation of the facility
• The response of the process and/or operators is evaluated to
determine if a potential hazard can occur
• The existing safeguards is checked against the probability
and severity of the scenario to determine whether
modifications to the system should be recommended
• Often used when analysing the changes made
• Focus on cosequence and (avoid the consequence) rather
than focus on actual cause
What-If – steps
1. Divide the process into sub-processes
2. Identify a list of questions for a sub-process
3. Select a question
4. Identify hazards, consequences, severity, likelihood, and
recommendations
5. Repeat Step 2 through 4 until complete
What-If question areas
• Equipment component failures:
- What if … a valve leaks?
• Human error
- What if … operator fails to restart pump?
• Deviations from process parameters (T, p, t, flow rate etc.)
- What if …process parameters increase/decrease
• External events
- What if … a hard freeze persists?
What-If summary
• Perhaps the most commonly used method
• One of the least structured methods
• Can be used in a wide range of circumstances
• Success highly dependent on experience of the team
• Useful at any stage in the facility life cycle
• Useful when focusing on change review
What-If: example your car
What if.. Consequence Safeguards Recomendations
The brakes on your car
stop working?
What-If: example your car
What if.. Consequence Safeguards Recomendations
The brakes on your car You will not be able to
stop working? break and the car will
crash
What-If: example your car
What if.. Consequence Safeguards Recomendations
The brakes on your car You will not be able to • Use the parking (hand)
stop working? break and the car will brake
crash • Yearly maintenance of
the brakes
What-If: example your car
What if.. Consequence Safeguards Recomendations
The brakes on your car You will not be able to • Use the parking (hand) Always check that the
stop working? break and the car will brake brakes are working before
crash • Yearly maintenance of starting the car
the brakes
Process hazards checklist
• A list of items and possible problems in the process that must be
checked
• Questions are usually answered Yes/No; or
Items are checked as completed/does not apply/study required
• Used to identify common hazards with established practices and
standards
• Checklists are effective in identifying hazards due to process design,
plant layout, storage of chemicals, electrical systems and so forth.
• Can be used during the design of a process or prior to process
operation to identify hazards
Checklist question categories
• Causes of accidents
- equipment failure
- deviations from process parameters
- human error
- external events
• Plant facility functions
- alarms, construction materials, control systems,
documentation and training, instrumentation, electrical, piping,
venting, pumps, vessels, etc.
 Checklist questions
• Causes of accidents
- Is process equipment properly identified and supported?
- Is the process runs with optimum conditions?
- Are the operating and safety procedures complete?
- Is the facility designed to withstand natural disaster (hurricane winds,
flood)?

• Facility functions
- Is it possible to distinguish between different alarms?
- Is pressure relief provided?
- Is the vessel free from external corrosion?
- Are sources of ignition controlled?
Process Safety Checklists
ITEMS Completed Does not Further
apply study
required
General Layout:
• Area properly drained?
• Fire walls, dikes and special guardrail needed?
• Emergency accesses and exids?
• Access for emergency vehicles?
• ……
Buildings:
• Adequate ladders, stairways and escape-ways?
• Fire doors required?
• Ventilation adequate?
• …..
Equipment:
• Designs are correct for max.operating pressure?
• Corrosion allowance considered?
• Special isolation for hazardous equipment?
• ……
Process Safety Checklists
ITEMS Completed Does not Further
apply study
required
Process:
• Consequences of exposure to adjacent operations considered
• Special fume or dust hoods required?
• Provisions for protection from explosions?
• Hazardous reactions possible due to mistakes or contamination?
• ……
Piping:
• Safety showers and eye baths required?
• Piping specifications followed?
• Vent lines directed safely?
• …..
Venting:
• Relief valves or rupture disks required
• Vents properly designed? (size, direction, configuration?)
• Relief vales protected from plugging by rupture disks?
• ……
Checklist – summary
• The simplest of hazard analyses
• Easy-to-use; level of detail is adjustable
• Provides quick results; communicates information well
• NOT helpful in identifying new or unrecognized hazards
• Prepared by experienced engineers
• Its application requires knowledge of the system/facility and its
standard operating procedures
• Should be audited and updated regularly
What-If/Checklist
• A combination of the What-If and Checklist methodologies
• Combines the brainstorming of What-If method with the structured
features of Checklist method
• Begin by answering a series of previously-prepared ‘What-if’
questions/items
• During the exercise, brainstorming produces additional questions to
complete the analysis of the process under study
• Encourages creative thinking (What-If) while providing structure
(Checklist)
• Weaknesses of single methods are eliminated and strengths
preserved. When presented with a checklist, it is typical that creative
thinking is missing
FMEA – Failure Modes, Effects Analysis
A structural approach to:
• Determine the consequences of component, module or subsystem failures
• Determine failure mode and potential cause of failure
• Determine effects of the failure on the subsystem or system
• It is also common to rate the failure rate for each failure mode identified
• The potential impact/consequences for each failure must be identified
along with its effects on other equipment, components within the rest of
the system
• It is then necessary to record preventative measures that are in place or
may be introduced to correct the failure, reduce its failure rate or provide
some adequate form of detection.
Consists of a spreadsheet where each failure mode, possible causes,
probability of occurrence, consequences, and proposed safeguards are
noted.
FMEA – Failure mode keywords
• Rupture • Loss of function
• Crack • High pressure
• Leak • Low pressure
• Plugged • High temperature
• Failure to open • Low temperature
• Failure to close • Overfilling
• Failure to stop • Hose bypass
• Failure to start • Instrument bypassed
• Failure to continue
FMEA on a Heat Exchanger
Failure Mode Causes of Failure Failure Predicted Impact
effect/Symptoms frequency/rate

Tube rupture Corrosion from H/C at higher Frequent – has Critical – could
fluids (shell side) pressure than happened 2 x in 10 cause a major fire
cooling water years

• Rank items by risk (frequency * impact)

• Identify safeguards for high risk items
FMEA – Failure modes effects analysis
• FMEA is a structured and reliable method for identifying the ways a
product, equipment or process can fail
• Estimates the risk associated with specific causes
• Prioritizes the actions that are needed to reduce risk
• A team approach is necessary
• Can be very time-consuming (and expensive) and does not readily
identify areas of multiple fault that could occur.
• It may not identify areas of human error in the process.
Fault tree analysis (FTA)
• Analyzing hazardous events after they have been identified
• A graphical representation between certain possible events and an
undesired consequence and helps to estimate the likelihood of an accident
• The analysis also helps to investigate the impact of alternative preventive
measures.
• The first stage is to select the hazard or top event that is to be analyzed
• The fault tree is structured so that the hazard appears at the top. It is then
necessary to work downwards, firstly by identifying causes that directly
contribute to this hazard.
• When all the causes and sub-causes have been identified, the next stage is
to construct the fault tree
• Intermediate events related to the top event are combined by using logical
operations such as AND gate and OR gate.
Symbols used in fault trees
Symbols Designation Function

EVENT / CAUSE Causes or events that can be

developed further
BASIC EVENT/CAUSE Basic fault event that requires no
further development
UNDEVELOPED EVENT/CAUSE Causes are not developed due to
lack of information or significance.
AND gate Output event occurs when all the
input events occur
Where coincident events are
necessary before the system fails
OR gate Output event occurs when any of
the input events occurs
Where the failure of any input by
itself, could cause failure of the
system.
EXAMPLE:
Example: Simple circuit diagram (Harms Ringdahl, 1995)

LAMP

POWER
UNIT

+ BATTERY

-
FUSE SWITCH
Fault tree for the above circuit (top event- lamp not working)
Lam p does not
lig h t

N o c u rre n t
t h r o u g h t h e la m p

F a u lt y N o p o w e r s u p p ly
Lam p to th e la m p

N o p o w e r fe e d B r o k e n c ir c u it

B ro k e n D e f e c t iv e D e fe c tiv e
N o Pow er N o P ow er
C irc u it s w it c h fu s e
fro m b a tte ry fro m u n it
Fault tree analysis
• Provides a logical, quantitative representation of causes,
consequences and event combinations
• For comprehensive systems/processes, require the use of software
• Requires training
Hazards surveys
• Suitable for identifying hazards for equipment design, layout,
storage etc.
• An inventory of hazardous materials in a facility
• As detailed as the Dow Fire and Explosion Index, which is
popular form of hazard survey:
- for explosives and flammables
- approach using rating form
Safety reviews
Used to identify safety problems in laboratory and process areas and
develop solutions. There are two types of safety reviews: the inforamal
and formal.
Informal safety review used for:
• Small changes to existing processes, and
• Small, bench scale or laboratory processes
2-3 experienced people involves in dialogue where ideas are exchanged
and safety improvements developed.
The reviewers examine the process equipment and operating
procedures and offer suggestions to process safety improvement
before the operation (additional reading Book: Daniel A. Crowl)
HAZOP (Hazard and Operability Study)
• Hazard and Operability Studies (HAZOP) have been used for many years as
a formal means for the review of chemical process designs and plant
• A systematic technique to IDENTIFY potential HAZARDS and Operating
problems in chemical process facility
• The procedure apply a number of “guide-words” to generate deviations
from the operating conditions which can lead to hazardous or operability
problems
• In the process industry, these deviations concern process parameters such
as flow, temperature, pressure etc.
• HAZOP is a team approach, involving a team of people representing all
different functions in a plant.
• They identify all the deviations by ‘brain-storming’ to a set of guide words
which are applied to all parts of the process.
HAZOP study - objectives
Safety Issues:
• To identify scenarios that would lead to the release of hazardous or flammable
material into the atmosphere, thus exposing workers to injury
• To check the safety of the design
• To improve the safety of an existing or modified facility
• To asses and compare the safety and reliability of design alternatives

Operability Issues:
• To check operating and safety procedures
• To verify that safety instrumentation is working optimally
• To facilitate safe start-up
• To minimize last minute modifications
• To ensure trouble-free long-term operation
The procedure is as follows:
• The process/plant is divided into suitable parts or sub-process, which
are then analyzed one at a time
• For each sub-process each parameter (flow, temperature, pressure,
volume, viscosity etc.) that has an influence on it, is noted.
• Guide-words are applied to each parameter in each sub-process. The
intention is to start creative discussion of deviations and possible
consequences
• For each significant deviation, possible causes are identified
• When deviation arise that results in hazards, action are generated
that require design engineers to review and suggest solutions to
remove the hazard or to reduce its risk to an acceptable level
Example: HAZOP Procedure
A guide word (High) is combined with a process parameter (Level) to identify:

1
Imaginary
deviation
High level

2 3

Possible causes Consequences

The pump not started Tank over floods to drain
- Electricity off
- Problem in control/alarm system

4
Action required
- Level upper limit alam
- Dick around the tank
HAZOP guide-words
Guide-word Meaning Example

No or (not, none) None of the design intent is achieved No flow to the reactor

More or (more of, higher) Quantitative increase in a parameter More flow to the reactor

Less or (less of, lower) Quantitative decrease in a parameter Less flow to the reactor

As well as (more than) An additional activity occurs, a qualitative
increase in the intent
Part of Only some of the design intention is
achieved, a qualitative decrease in intent
Reverse Logical opposite of the design intention
• Other valves closed at the same time
(logic fault /human error)
• Cooling water in the reactor
Part of the reactants to the reactor
Reverse flow into the reactor

Other than (Other) Complete substitution – another activity Liquids in the gas piping
takes place
HAZOP Parameters
• Flow • Phase
• Pressure • Corrosion
• Temperature • Speed
• Mixing • Particle size
• Stirring • Measure
• Transfer • Control
• Level • pH
• Viscosity • Sequence
• Reaction • Signal
• Composition • Start/stop
• Heating/Cooling • Operate
• Addition • Service
• Separation • Communication
• Time • Absorb
HAZOP study team
• Independent leader (e.g., not from plant studied)
- Preferred but not essential
• Project engineer
- Provide engineering input
• Chemist
- Provide details of process chemistry and process hazards
• Plant operations representative
- Plant engineer or manager
- Shift operating engineer or supervisor
• Engineers (from various discipline)
- Process engineer
- Instrument/ electrical engineer
- Mechanical/ maintenance engineer
• HAZOP secretary
- One of the above
HAZOP required informations/documents
• PI- diagrams
• Process flow diagrams (PFD) with description
• Material and energy balances
• Equipment data sheets
• Material hazard data sheets
• Layouts
• Hazardous area Layouts
• Instructions and manuals
• Plant location and the environmet
HAZOP example: Shell & Tube Heatexchanger
Intent: CW flow; Process parameter: Cooling

FC

Process fluid
TC

Cooling water (CW)

HAZOP study
Guide Deviation Causes Consequences Action
Word
NONE No CW flow

MORE More CW flow Failure of inlet CW Process fluid out-let T • Install TI before and after
valve to close decrease process fluid line
• Install Low T alarm

LESS Less cooling • Pipe blockage Temperature of process • High T alarm

water flow • Pipe leakage fluid remains constants • Installation of flow meter
or too low

Corrosion Corrosion of Hardness of cooling Less cooling and crack of • Proper maintenance
tube water tube
HAZOP study
Guide Deviation Causes Consequences Action
Word
NONE No CW flow • Pipe blocked
• Inlet CW valve
fails to open
MORE More CW flow Failure of inlet CW Process fluid out-let T • Install TI before and after
valve to close decrease process fluid line
• Install Low T alarm

LESS Less cooling • Pipe blockage Temperature of process • High T alarm

water flow • Pipe leakage fluid remains constants • Installation of flow meter
or too low

Corrosion Corrosion of Hardness of cooling Less cooling and crack of • Proper maintenance
tube water tube
HAZOP study
Guide Deviation Causes Consequences Action
Word
NONE No CW flow • Pipe blocked Process fluid T is not
• Inlet CW valve decreasing
fails to open
MORE More CW flow Failure of inlet CW Process fluid out-let T • Install TI before and after
valve to close decrease process fluid line
• Install Low T alarm

LESS Less cooling • Pipe blockage Temperature of process • High T alarm

water flow • Pipe leakage fluid remains constants • Installation of flow meter
or too low

Corrosion Corrosion of Hardness of cooling Less cooling and crack of • Proper maintenance
tube water tube
HAZOP study
Guide Deviation Causes Consequences Action
Word
NONE No CW flow • Pipe blocked Process fluid T is not • Install TI before and after the
• Inlet CW valve decreasing process fluid line
fails to open • Install High T alarm

MORE More CW flow Failure of inlet CW Process fluid out-let T • Install TI before and after
valve to close decrease process fluid line
• Install Low T alarm

LESS Less cooling • Pipe blockage Temperature of process • High T alarm

water flow • Pipe leakage fluid remains constants • Installation of flow meter
or too low

Corrosion Corrosion of Hardness of cooling Less cooling and crack of • Proper maintenance
tube water tube
HAZOP Example
• Consider the simple process diagram below. It represents a process
where components A and B react with each other to form a new
product C. If there is more B than A there may be an explosion.
B

reactor V4
V3
B
A
V2
V1
V5

A < B = Explosion C-prod.

Guide Word Deviation Possible Causes Consequences Proposed Measures

NO, NOT No A -Tank containing A is empty. Not enough A = Explosion -Indicator for low level.
-V1 or V2 closed. -Monitoring of flow
-Pump does not work.
-Pipe broken

MORE Too much A -Pump too high capacity C contaminated by A. Tank -Indicator for high level.
-Opening of V1 or V2 is too large. overfilled. -Monitoring of flow

LESS Not enough A V1,V2 or pipe are partially blocked. Pump Not enough A = Explosion See above
gives low flow or runs for too short a time.

AS WELL AS Other substance V3 open – air sucked in Not enough A = Explosion Flow monitoring based on
weight

REVERSE Liquid pumped Wrong connector to motor Not enough A = Explosion Flow monitoring
backwards A is contaminated

OTHER THAN A boils in pump Temperature too high Not enough A = Explosion Temperature (and flow)
monitoring.
HAZOP CLASS EXERCISE
A semi-batch reactor is first filled with the amount of chlorobenzene, which is initiated by nitrating with nitric acid. Nitric acid is
slowly added into the reactor, so that the cooling need is sufficient. The reaction is strongly exothermic.

Temperature control (TC) changes the flow of cooling water. If that is not enough, it will change the amount of HNO3 feed at
flow control (FC).

Perform HAZOP study of the semi-batch nitration process. Use only the process parameters such as: HNO3-flow, cooling, and
mixing. Guide-words: None/less, more, reverse.
 Process Guide-word Deviation Consequences Causes Actions (ehdotukset)
parameters

Flow -HNO3

Cooling
Cooling Water
(CW)

Mixing

- - - -