Chapter 1:

Introduction to Plant & Safety

Engineering
 Learning Outcomes

• Importance of Plant and Safety Engineering

• Analyze Disaster in safety and health area
• Accidents / Injuries / Losses
• Acceptable risk
• Inherent Safety
• Engineering Ethics

2
 Why SAFETY is important ???
• We are living in the society with high value on human life and welfare.

• Each person has a different degree of regard for others and uses different
standards for right or wrong.

• To minimize these differences, society formalizes standards of conduct

among people.

• Complex processes require more advance safety technology. Growth of an

industry is also dependent on technological advances.

• Since 1950 significant technological advances and safety analysis

techniques have been made in chemical process safety :
- dispersion models representing spread of toxic vapor through a
plant after a release
- hazard identification or quantification technique 3
4
Occupational Accidents by Sector until April 2017
(Investigated)
Ref : DOSH Malaysia
Occupational Accident by State until April 2017
(Investigated)
Ref : DOSH Malaysia
 What is Process Safety ???
• To ensure safe process and operation throughout the life of a
plant.
• By identifying all potential hazards or incident scenarios and
minimizing all risks using loss prevention techniques such as
follows :
- technological advances using better design/control
- inherent safety concept in design
- hazard identification methods
Notes
Any potential hazards need to be identified as early as possible so7
that action can be taken to correct or mitigate the situation.
To know is to survive and to ignore
fundamentals is to court disaster

H.H. Fawcett and W.S. Wood, Safety and Accident Prevention

in chemical operation, New York, Wiley, 1984.
 Accident / injuries / losses
• Accident
Happening or event that is not expected, foreseen or intended that
causes injury, loss or damage. Evokes through undesirable effects or
consequences.

• Incident:
Refer to any unplanned event or event sequence, whether it results in
loss, injury, illness, disease or none of these. It does not carry the
connotation that the event or event sequence cannot be prevented, which
always applied in the term of Accident.

• Losses
Losses from incident may vary forms such as injury, illness, disease, death,
damage of property, equipment, materials and the environment and the
cost of repair or replacement. It also can include in loss of time, sales,
production.
9
10
 Important terminologies
• SAFETY OR LOSS PREVENTION
• The prevention of accident through the use of appropriate
technologies to identify the hazards of a chemical plant
and eliminate them before accident occurs

• HAZARD
• A chemical or physical condition that has the potential
to cause damage to people, property or the environment

• RISK
• A measure of human injury, environmental damage or
economic loss in terms of both the incident likelihood
and the magnitude of the loss or injury
 Hazard or Harm: A Review
The Institution of Chemical Engineers (IChemE, 1985) has
defined hazard as a physical situation with a potential for
human injury, damage to property, damage to the environment
or some combination of these.
•

12
 Definition of Risk

Risk = Severity x Likelihood

• Extent of Damage • Likelihood of failure

• Probability of Fatality
• Monetory Losses

13
 Risk is expressed in as Rating
• Rating is typically
• simple to use and understand
• Not require extensive knowledge to use
• Have consistent likelihood ranges that cover the full
spectrum of potential scenarios
• In applying risk assessment
• Clear guidance on applicability is provided
• Detailed descriptions of the consequences of concern for
each consequence range should be described
• Have clearly defined tolerable and intolerable risk levels
• Following risk assessment
• Scenarios that are at an intolerable risk level can be
mitigated to a tolerable risk level on the matrix
• Clear guidance on what action is necessary to mitigate
scenarios with intolerable risk levels are provided
14
Example of a Consequence Range

15
Example of Likelihood Ranges

17
Risk matrix

18
In Memories…………

19
 Accident
• Accidents have DIRECT, INDIRECT and ROOT CAUSES

Direct cause :
Attribute to equipment failure or unsafe operating conditions

Indirect cause :
Not as readily apparent and can generally be tied to some human failure

Root cause :
Result of poor management safety policies, procedures or decisions

Most accidents follow a THREE STEP sequences:

Initiation (Starting of the event)

Propagation (the event/expand the event)
20

Termination (stop the accident/diminish it in size)
•Bhopal, India 1984
Contaminated methyl isocynate (MIC) caused
runaway reaction.

Vapor released through pressure relief system but

scrubber and flare system not working. 25 tons of
MIC vapor released.

Toxic cloud spread nearby town killing 2500

civilian, injured more than 20,000. No plant
workers were injured or killed. No plant equipment
was damaged

21
• Flixborough, England 1974

Plant was designed to produce caprolactam, raw material

for the production of nylon.

Failure of temporary bypass pipe replacing reactor no 5

(from 6 reactors) released 30 tons of cyclohexane, form
vapor clouds, killing 28 people, injured 36.

The feed pipes connecting the reactors were 28-in

diameter, because only 20-in pipe stock was available at
the plant, connections to reactor 4 and reactor 6 were
made using flexible bellows-type piping.

It is hypothesized that the bypass pipe-section ruptures

because of inadequate support, cyclohexane clouds was
ignited by an unknown source.
22
 Assignment – Case Study

1.Bright Sparkles, Sungai Buloh.

2.Chernobyl Accident
In life, there is always some
risks…
 There is no such thing as zero risk

 All activities involve some risks

 The issue is at level should we tolerate these risks5

 Tolerable Risk
• Risk cannot be eliminated entirely.
• Every chemical process has a certain amount of risk
associated with it.
• At some point in the design stage someone needs to
decide if the risks are “tolerable".
• Each country has it owns tolerability criteria.
• One tolerability criteria in the UK is "as low as
reasonable practicable" (ALARP) concept formalized in
1974 by United Kingdom Health and Safety at Work Act.
Page
26
Risk Category
• Individual risk (IR) is the frequency at which a given individual may
be expected to sustain a given level of harm from specified hazard.
• Occupational risk is a risk that may happen at the work place. Can be
described in term of FAR. It has been suggested that IR ~ 2.2 x 10-5
FAR.
• Societal risk is frequencies with which specified numbers of people in
a given population sustain a specified level of harm from specified
hazards.
• It is common to plot the frequency of events resulting in a specified
consequence magnitude being exceeded (F) versus the number of
fatalities (N), known as FN curves.

27
 Tolerability Criteria
• This framework is represented as a three-tier system as
shown in figure. It consists of several elements :
(1) Upper-bound on individual (and possibly, societal) risk
levels, beyond which risks unacceptable.
(2) Lower-bound on individual (and possibly, societal) risk
levels, below which risks are deemed not to warrant
regulatory concern.
(3) intermediate region between (1) and (2) above, where
further individual and societal risk reductions are required to
achieve a level deemed "as low as reasonably practicable
(ALARP)". Page
28
 ALARP Criteria
INTOLERABLE LEVEL
(Risk cannot be justified
on any ground)

TOLERABLE only if risk reduction

is impracticable or if its cost is
THE ALARP REGION (Risk is grossly disproportionate to the
undertaken if benefited is improvement gained
desired)
TOLERABLE if cost of reduction
would exceed the improvement
gained

BROADLY
ACCEPTABLE
REGION
Page
29
Inherent Safety
To make the concept more understandable, the
following four words have been recommended to
describe inherent safety:

• Minimize
- intensification
• Substitute
- substitution
• Moderate
- attenuation and limitation of effects
• Simplify
- simplification and error tolerance
Minimize
(reducing the hazard by using smaller quantities of hazardous
substances)

• Example :

• Change from larger batch reactor to smaller continuous

reactor

• Reduce storage inventory of raw materials

• Improve control to reduce inventory of hazardous

intermediate chemicals

• Reduce process hold-up

Substitute
(adopting alternative concept; using safer materials)

• Example :
• Use welded pipe instead of flanged pipe.

• Use solvent that are less toxic.

• Use mechanical gauges instead of mercury.

• Use chemicals with higher flash point, boiling points,

and other less hazardous properties.

• Use water as heat transfer fluid instead of hot oil

Moderate
(using a hazardous material under less hazardous condition)

• Example:

• Use vacuum to reduce boiling point

• Reduce process temperature and pressure
• Dissolve hazardous materials in safe solvent
• Place control rooms away from operation
• Operate at conditions where runaway reactions are not
possible
• Separate pump rooms from other rooms
• Barricade control rooms and tanks
Simplify
(reduces the opportunities for errors and mis-operation)

•Example:
• Keep piping systems neat and visually easy to follow
• Design control panels that are easy to comprehend
• Design plants for easy and safe maintenance
• Pick equipment with low failure rates
• Separate systems and controls into blocks that are
easy to comprehend and understand
• Label pipes for easy ‘walking the line”
• Label vessels and controls to enhance understanding
• Add fire and explosion resistant barricades
 Inherent Safety Concept
•Reduce the risk at early stage of design

35
 PROJECT PHASE
Safety issues must be embedded within all project life-cycle

Conceptual Process Project Design, engineering, Hand operation

development sanction construction over

Relationship of six-stage process study system to project life-

cycle

Stage 5 Stage 6
Stage 1 Stage 2 Stage 3 Stage 4
Pre- Post-
Process Detailed
Commis commis
Concept design Engineering Construction 36
sioning sioning
Many hazard identification technique can
be used at appropriate cycle
LOPA
Checklist HAZOP

RR
Method Used PHR

What-if
FMEA
FTA
ETA 37
 Hazard identification technique and project phase

Method used Project life cycle stage

0 1 2 3 4 5 6 7

Checklist X X X X X X X X

RR X X (X) (X)

What-If X X X X

FTA X X X (X) X

ETA X X X (X) X

FMEA (X) X X (X)

LOPA X X X

HAZOP (X) X X

PHR X (X)

38
Engineering Professional Ethics
Fundamental principles
• Engineers shall uphold and advance the integrity, honor and dignity of
engineering profession by :
- using knowledge & skill for enhancement of human welfare.
- honest and impartial and serving with fidelity to public, employers,
clients.
- striving to increase competence and prestige of engineering profession.

39
Fundamental canons (for engineers)
• Shall hold paramount safety, health and welfare of public in
performance of their professional duties.
• Shall perform services only in areas of their competence.
• Shall issue public statements only in an objective and truthful manner.
• Shall act in professional matters for each employer or client as faithful
agents or trustees, shall avoid conflicts of interest.
• Shall build their professional reputations on merits of their services.
• Shall act in such manner as to uphold and enhance the honor, integrity
and dignity of engineering profession.
• Shall continue their professional development throughout their careers
and shall provide opportunities for professional development of those
engineers under their supervision.
40
 Accident and Loss Statistics
• Accident and loss statistics are used to measure the effectiveness
of safety programs.

• Among statistical methods used to characterize accident and loss

performance :
- OSHA
(Occupational Safety and Health Administration, USA) incidence rate
- Fatal accident rate (FAR)
- Fatality rate or deaths per person per year

41
• These methods report number of accidents and/or fatalities for
fixed number of workers during specified period.
A: OSHA Incidence rate :
An incidence rate is the number of recordable injuries and
illnesse occurring among a given number of full-time workers
(usually 100 fulltime workers) over a given period of time
(usually one year).

To evaluate injury and illness experience over time or to

compare with that of a specific industry as a whole. Because
a specific number of workers and a specific period of time are
involved, these rates can help to identify problems in
workplace and/or progress that may have made in preventing
work related injuries and illnesses
42
Calculating Injury and Illness
Incidence Rates

For all of these indicators, smaller is better! 43

OSHA definition :

Occupational injury :
any injury such as cut, fracture, sprain, amputation etc as a result from work
accident or from exposure involving single incident in the work
environment.

Occupational Illness:
Any abnormal conditions or disorder, other than one resulting from an
occupational injury. Eg : acute or chronic illness

Lost workdays :
days which employee normally work but could not because of occupational
injury or illness. this day does not include the day of injury.

1 worker year = 50 work weeks/yr x 40 hrs/weeks = 2000 hrs & based on cases per 100
worker years = 200,000 hrs worker exposure to hazard 44
 Fatal Accident Rates (FAR) & Fatality Rate
Individual risks for workers are commonly expressed as a fatal
accident rate (FAR), which is the number of fatalities per 108 exposed
hours.

FARs are typically in the range 1-30, and are more convenient and
readily understandable than individual risks per year, which are
typically in the range 10-5 - 10-3.

The number of 108 exposed hours is roughly equivalent to the number

of hours at work in 1000 employees working lifetimes (50 years).
The FAR measure was developed to describe onshore occupational
risks, which only apply during working hours. Hence, in onshore
studies, 'exposed hours' is taken to mean 'hours at work', and the FAR
is defined as: 45

FAR = Fatalities at work x 108 / Person hours at work

FARs are convenient for describing the risk in individual
activities (e.g. working on the drill floor, flying in a helicopter).
Unlike individual risks per year, they do not require any
assumptions about what the individual does for the rest of the
year.

However, they may be misleading because they represent a rate

of risk per unit time in the activity. Hence, in contrast to
individual risks per year, FARs cannot necessarily be added
together.

For example, the FAR in helicopter travel may be in the range

200 - 400 (as it involves high risks during a short time period),
while the total FAR in offshore activities may be only 10 - 20
(with the helicopter risk averaged over the whole time period 46
offshore).
Example
• Given FAR =2. If employee works 8 hr shift 300 days per year, compute
fatality rate
Fatality rate = 8 hrs/day x 300 days/year x 2 deaths/108 hrs = 4.8 x 10-6 death
per person per year

47
 EXERCISE
1. An employee works in a plant with a FAR of 4. If this employee
works a 4-hour shift, 200 days per year, what is the expected
death per person per year?

2. Three process units are in a plant. The units have FARs of 0.5, 0.3
and 1.0, respectively.

(a) What is the overall FAR for the plant, assuming

worker exposure to all three units simultaneously?

(b) Assume now the units are far enough apart that an accident in
one would not affect the workers in another unit. If a worker spends
20% of his time in process area 1, 40% in process area 2 and 40% in
process area 3, what is his overall FAR?
48
• 3. A plant employs 1500 full-time workers in a
process with a FAR of 5. How many industrial
related death are expected each year?

49
 Causes of Accidents and Incidents
Incidents and Accidents are caused by
either unsafe behaviours (substandard
practice) and/or unsafe conditions
(substandard designs).

Unsafe behaviours are handled by Occupational Safety Program,

Unsafe conditions are managed through Process Safety Programs.

50
Safety and Health Programs
• Ingredients of successful safety and health program :
-System
-Attitude
-Fundamental
-Experience
-Time
-You
• Good safety and health program identifies and eliminates existing hazards.
Excellent one has management system to prevent existence of hazards.

51
• Commitment of management for successful safety programs is
to have a written safety and health program.

• Safety and health policy is an important element. Policy

ensures that :
- All employees must follow safety and health program.
- This program is designed to encourage all employees to
promote the safety of their fellow employees and customers.
- To accomplish safety and health goals, all members of
management are responsible and accountable for
52
implementing the policy, and to insure it is followed.
Incident Prevention
The Ministry of Labour and National Service (UK) postulated SIX (6)
principles of
accident prevention in year 1956.

(a)Accident prevention is an essential part of good management and of

good workmanship.
(b)Management and workers must cooperate wholeheartedly in
securing freedom from accident.
(c)Top management must take the lead in organizing safety.
(d)There must be a definite and known safety policy in each workplace.
(e)The organization and resources necessary to carry out the policy must
exist.
53
(f)The best available knowledge and methods must be applied.

These principles later on are included in Occupational Safety and Health

List of Recognized Techniques
and Their Application
• Hazard Survey/Hazard Inventory - Identifies all stocks of hazardous
material or energy with details of conditions of storage and information on
nature of hazard i.e toxic flammable etc (conceptual design stage).
• Hazard indices - Checklist method of hazard identification which
provides a comparative ranking of the degree of hazard posed by a
particular design conditions, i.e the Mond Index and the Dow Fire and
Explosion Index (detailed design stage).
• Hazard and Operability Study (HAZOP) - A formal systematic method
of identifying hazards and operability problems by used of guide words
(detailed design stage).
54
 • Failure Mode and Effects Analysis (FMEA) - Hazard identification
method where all known failure modes of components or features of a
system are considered in turn and undesired outcomes noted. If the chances of
failures and the seriousness of the consequences are ranked to identify the
most critical features it becomes Failure modes, Effects and Criticality
Analysis (FMECA) (detailed design stage).

•Fault Tree Analysis - A method for representing the logical combination

of various system states which can lead to a particular hazardous outcome,
usually quantified as a form of QRA. (detailed design stage).

•Event Tree Analysis - A method of illustrating and quantifying the

intermediate and final outcomes of a given initiating event, another form of
QRA (detailed design stage).

•Safety Audit - A critical examination of all or part of a plant with

relevance of safety. Normally refers to a check of hardware and procedures
after the plant has been in operation for some time. 55
Inherent Safety
Inherently safer designs permanently and inseparably reduce or eliminate process
hazards that must be contained and controlled to avoid accidents.
• The major approach to inherent safer process is divided into:
Intensification: minimize
Substitution: Replace with a less hazardous material
Attenuation: Reduce hazardous material/energy quantity
Limitation of effect: Use under less hazardous conditions
Simplification/Error tolerance: Reduce unnecessary complexity

Example: Storage Installation

• Avoid storage by plant relocation - if possible, relocating producing and consuming
plant near each other so that to avoid storing and transporting hazardous materials.
• Reduce amount of materials in storage - by making the plant 5% or 10% larger than
required. Extra capacity is used to cover delay in arrival of raw material.
• Storage in safer form - for example, some dyestuffs can be supplied as pastes
instead of powders to avoid dust explosion. Liquid NH3 stored refrigerated at
atmospheric pressure instead of stored under pressure at atmospheric temperature. 56
 • Hazard: Lions
• Scenario: Truck drives thru Lion cage fence.
• Lions walk thru hole in fence.
• Lions prowl around community.
• Incident Outcome: Local community is alarmed, people are
attacked,
Inherently several
Safer Design dogs disappear.
Approach: If we are cultivating the lions for meat, why not use57
lambs instead? This way, the hazard is eliminated, control is simplified, fences are
reduced in strength, and emergency response is eliminated.
When to apply Inherent Safety?
• Process safety must be integrated into the entire life-cycle of a
plant, from conceptual design to decommissioning.

58