Beruflich Dokumente
Kultur Dokumente
T
he construction of a new plant, or a large capital strategic project milestones, but these alone will not ensure
expansion to an existing facility, represents sig- a safe and seamless startup. A holistic approach to man-
nificant risk. That risk increases when construction aging risks on a large project requires some innovative
takes place in an operating environment and when criti- measures that must be supported by the entire project team.
cal tie-ins are made to “live” equipment. AIChE’s Center While the various phases of a major project can spread
for Chemical Process Safety (CCPS) provides excellent over 12 to 36 months, decisions for controlling risk made
guidance in its original process safety management (PSM) during each project phase echo through the next 20 to 50
guideline (1) and in many subsequent publications. Other years of operation. Design features, automated control
papers (2, 3) discuss how to manage major capital projects features, and human interactions must be controlled continu-
to achieve process designs and operating procedures that ously to manage the inherent hazards of chemical processes.
will control process safety.
These resources refer to the standard industry practice PSM requirements
of conducting multiple risk reviews — also called process The U.S. Occupational Safety and Health Administra-
hazard analyses (PHAs), project risk reviews, design safety tion’s (OSHA) PSM standard (4) sets requirements for the
reviews, etc. Typically, a small project includes one or two management of hazards associated with processes that use
risk reviews, whereas a large project (such as a new plant) highly hazardous chemicals (HHC). The regulations list 14
may involve as many as six risk reviews that build upon interrelated elements (outlined in the standard), treating them
each other to yield the initial PHA (Table 1). Although this as part of a holistic continuum. The elements apply to (or are
article focuses on major projects, these best practices apply affected by) capital projects to varying degrees, especially:
to medium and small projects as well. • process safety information (PSI) — developed through-
Conventional risk-analysis tools must be applied at out the project phases
Table 1. As project size and scope expand, more risk reviews are needed.
Project Phase: Preliminary Design
Typical Project Duration Number of Risk
Project Size Example of Project Scope (Concept to Commissioning) Reviews
Small Minor affiliate/plant works (installing piping to bypass a 1–2 mo 1
control valve)
Moderate Works engineered by an affiliate/ plant (installing a new 6–9 mo 2–3
design of knockout pot for a feed to a unit)
Major Major projects handled external to an affiliate/plant 12–36 mo 4–7
(expansions and new facilities)
Table 2. Conceptual risk reviews should be conducted during the earliest phases of a major capital project.
Project Phases: Conceptual Design, and Feasibility and Detailed Specifications
Goals of Risk Review Risk Review Methodology Key PSM Elements*
Choose inherently safer option Consequence modeling (to help on next Process safety information, including
Ensure overall feasibility project phase) chemical hazards, chemical reactivity,
What-If (no guidewords) hazards of inadvertent mixing, inventories,
Estimate impact on neighbors
applicable codes and standards (d)
Selected checklist for judging inherent
safety Baseline information for future PHA (e)
Baseline information for future mechanical
integrity (MI) (j)
Begin inherently safer concept
Begin leadership
Begin employee participation (c)
Risk Review Team Members: Leader; Scribe; Senior operator for the unit (or from a similar unit); Senior process engineer for the unit (or
from a similar unit); Process/design engineer from the project; Process safety specialist (if the previously listed members do not have
safety expertise)
* Letters in parentheses refer to the relevant section of the OHSA PSM Standard, 29 CFR 1910.119(_).
Table 3. Preliminary risk reviews continue into the preliminary design phase.
Project Phase: Preliminary Design
Goals of Risk Review Risk Review Methodology Key PSM Elements*
Identify and resolve most-expensive design What-If (no guidewords) Process safety information, including
issues, including layout of plant, facility HAZOP/FMEA of selected scenarios applicable codes and standards, process
siting concerns, environmental protection flow diagram, thermal/kinetic chemistry
Layer of Protection Analysis (LOPA) of
issues, and major tie-ins information, material and energy balances,
selected scenarios
and materials of construction (d)
Facility siting basis
Begin emergency response plans and
procedures (n)
Baseline information for future PHA (e)
Baseline information for future MI (j)
Continue employee participation (c)
Risk Review Team Members: Leader; Scribe; Senior operator for the unit (or from a similar unit); Senior process engineer for the unit (or
from a similar unit); Process/design engineer from the project; Process safety specialist (if the previously listed members do not have
safety expertise)
* Letters in parentheses refer to the relevant section of the OHSA PSM Standard, 29 CFR 1910.119(_).
Table 4. Considerations that guide risk reviews for the conceptual and preliminary design phases.
Key Concern Ways to Address/Evaluate Key Concern
Inherently safe/reliable process selection Evaluate lower-waste chemistries
Evaluate low-inventory processes
Evaluate the use of non-hazardous solvents and reagents
Evaluate low-energy reactor configurations (5)
Plot location relative to other units Process opportunities — reduced pipe runs
Operating logistics — number of operators
Distance between control room and tie-in to control room
Backup contingency considerations — begin utility failure risk review
Effects from major incidents in nearby units; include consequence modeling if necessary
Begin facility siting risk review (checklist-based), if possible
Size of plot areas — based on preliminary Access to utilities and other support systems, sewers, etc.
process designs Cost of real estate, site preparation
Elevation considerations
Precise spacing between unit boundaries — Insurance and industry spacing guidelines
standoff distances between battery limits or Effects on nearby units
between major equipment in nearby units
Business interruption considerations
Inner unit layout Ease of access (begin consideration of human factors)
Operability and maintainability
Constructability and repair (consider future lifting activities for construction and repairs)
Equipment decking and layering (operators should not be expected to climb through
caged ladders to take routine process reading)
Fire protection review Emergency access and escape routes
Firefighting or toxic rescue capability
Placement of detectors
Strategy to protect neighbors from releases
Construction of control rooms to protect “stay-behinds”
Refer to consequence modeling if performed to address plot location concern
• select the process (inherently safe, or at least the a project has been lacking in many companies — despite the
inherently safest design); choose lower-waste chemistries, availability of guidelines (1–3) that explain how to develop
low-inventory processes, nonhazardous solvents and a PHA throughout a project, as well as the broad adoption of
reagents, and low-energy reactor configurations (5) hazard and operability (HAZOP), What-If (brainstorming),
• decide on the maximum level of inherent risk (not and failure mode and effects analyses (FMEA). This is
residual risk) that will be accepted especially true for owners who allow the primary contractor
• establish siting and layout (consider control of to oversee the risk review process.
inherent risk to neighbors) As methods for early-phase risk review have been
• establish grading and drainage improved or customized, project-level risk reviews have
• establish preliminary process design been performed increasingly well. Over the past 15 years,
• establish circuit isolation requirements considerable focus has been placed on inherent safety at
• establish process control philosophy the initial concept phase of a new unit or process. In ad-
• establish strategy for control of ignition sources dition to inherent safety, inherent reliability and inherent
(electrical area classification) environmental protection are also receiving more attention
• establish relief and blowdown requirements during the conceptual design phase and the preliminary
• establish fire protection strategy. design phase (Table 3). Still, weaknesses persist among
No one cares more about controlling the risk of the these improved early-phase risk review practices.
delivered process than the owner/operator. Yet the imple- Several key factors contribute to successful risk
mentation of risk review methods during the early stages of reviews in the conceptual and preliminary phases of a
Table 5. Risk reviews in this phase evaluate the risk of any design modifications that have been made
or hazards that have been identified since the previous reviews.
Project Phase: Detailed-Design Risk Reviews
Goals of Risk Review Risk Review Methodology Key PSM Elements*
Begin detailed identification of potential HAZOP/FMEA of equipment nodes, Process safety information, including
accident scenarios, primarily focused on focusing on normal (continuous) mode of applicable codes and standards, process
the normal (usually continuous) mode of operation and instrumentation diagrams (P&IDs),
operation What-If of lower-consequence and lower- revised materials of construction, safety
Begin risk assessment for scenarios with complexity systems interlocks and controls, equipment design
large residual risk basis. and some final equipment details (d)
LOPA of 1–5% of the scenarios; determine
safety integrated level (SIL), as necessary Multiple layers of protection
Detailed information for future PHA (e)
Detailed information for future MI (j)
Begin detailed emergency planning and
response (n)
Continue employee participation (c)
Risk Review Team Members: Leader; Scribe; Senior operator for the unit (or from a similar unit); Senior process engineer for the unit (or
from a similar unit); Process/design engineer from the project; Process safety specialist (if the previously listed members do not have
safety expertise)
* Letters in parentheses refer to the relevant section of the OHSA PSM Standard, 29 CFR 1910.119(_).
Table 6. Final design phase risk reviews ensure that the occupational safety, process safety, reliability,
and operational risk issues identified in previous reviews have been resolved.
Project Phase: Final Design Risk Reviews
Goals of Risk Review Risk Review Methodology Key PSM Elements*
Update results of previous risk review to Complete HAZOP, FMEA, or What-If for Process safety information (revisions) (d)
account for new details, identify potential nodes started in previous risk review Multiple layers of protection (revisions)
accident scenarios for nodes not previously Perform HAZOP, FMEA, What-If for nodes Revised details building toward initial
reviewed, primarily focused on normal not covered in previous risk review (due to PHA (e)
(usually continuous) mode of operation. previously missing information)
Revised data for MI, including development
Resolve most previous recommendations Begin human factors and facility siting of inspection, test, preventive maintenance
Complete risk assessment for scenarios checklist (PM) plans and populating databases (j)
with large residual risk Perform general utility failure checklist Begin detailed consideration of human
LOPA of 1–5% of the scenarios; determine factors
SIL, as necessary Data and recommendations for developing
operating and maintenance procedures (f, j)
Continue employee participation (c)
Risk Review Team Members: Leader; Scribe; Senior operator for the unit (or from a similar unit); Senior process engineer for the unit (or
from a similar unit); Process/design engineer from the project; Process safety specialist (if the previously listed members do not have
safety expertise)
* Letters in parentheses refer to the relevant section of the OHSA PSM Standard, 29 CFR 1910.119(_).
possible explosions, tanks designed to withstand maxi- Inadequate risk review of nonroutine
mum possible pressure, etc. (5)
modes of operation (which should be analyzed
• conducting a final review of equipment, ventilation,
containment, and environmental safeguards, including by applying HAZOP or What-If to procedural
instrumentation, interlocks, fail-safe decisions, detailed steps) is the most frequently observed
layouts, and fire protection provisions weakness in the project risk review cycle.
• performing a human factors risk review (checklist-based)
• continuing the facility siting risk review (checklist- exposures to these higher risk modes of operation are reduced.
and modeling-based) Write operating procedures designed to control risks.
• applying layers of protection analysis (LOPA) to After the risk reviews are complete, the next important step
complex risk scenarios, and also to define safety instru- in controlling risk before startup is developing the written
mented systems needs. procedures for operations, maintenance, troubleshooting,
As shown in Table 5, the reviews during detailed engi- and emergencies. The data needed for writing procedures
neering will evaluate the risk of any design modifications is typically generated by the end of the final design phase
that have been made or hazards that have been identified (detailed in Table 6), and it is finalized as the project
since the previous reviews. This includes ensuring that the moves into the commissioning phase.
occupational safety, process safety, reliability, and opera- Write the procedures — the correct instruction for
tional risk issues identified in previous reviews have been each step, in the correct sequence — and properly format
resolved in the final detailed design. the instructions to reduce the chance of someone mak-
The most senior operator and process engineers should ing an error when following the procedures. References
continue to actively participate on the risk review team. for drafting, formatting, and validating procedures using
Catch design problems before they create operational subject matter experts (SMEs) are available (6). Correctly
traps. This is the goal through all of the risk reviews for a done, these written procedures will become the basis for
new process unit, but the detailed design phase is the most the initial training of the new unit’s operators and serve as
effective time to detect and eliminate such problems. To a refresher for staff over the long-term. This, in turn, will
accomplish this, equal focus must be given to hazards and help control (but never eliminate) the human-error compo-
operability/quality issues. Look for ways to keep the final nent of process safety risk.
process easy to operate and easy to maintain online, and
ways to avoid process upsets. Pre-commissioning and commissioning
Two-thirds of accidents occur during nonroutine modes of The commissioning phase risk review (Table 7)
operation, so by avoiding deviations from the norm, the plant’s continues to build upon the previous risk reviews. As
Table 7. This phase review builds upon the previous reviews, and also serves as the “initial PHA” for the process.
Project Phase: Commissioning Phase Risk Reviews
Goals of Risk Review Risk Review Methodology Key PSM Elements*
Conduct full hazard/risk review of operating HAZOP or What-If of operating procedures Process safety information (revisions) (d)
procedures to control risk of errors during (choose method based on hazard and Multiple layers of protection (revisions)
startup, shutdown, emergency shutdown, complexity of each task)
Complete the initial PHA (e)
and other nonroutine modes of operation Complete HAZOP, FMEA, or What-If for
Revise MI plans, procedures, and
Close out previous risk review issues nodes started in previous risk reviews
database (j)
(from earlier phases of the project) and Perform HAZOP, FMEA, or What-If for
complete the human factors and facility Complete detailed consideration of human
nodes not covered in previous risk reviews
siting checklists factors
LOPA of 1–5% of the scenarios; determine
This risk review serves as the “Initial PHA” Continue employee participation (c)
SIL, as necessary
of the process Complete development of emergency
Complete human factors and facility siting
planning and response procedures (n)
checklists
Complete operating procedures (f)
Complete initial training (g, j, h)
Develop remaining elements of PSM,
including management of change (MOC)
procedures and incident reporting and
investigation system (l, m)
Conduct initial pre-startup safety review
(PSSR) (i)
Risk Review Team Members: Leader; Scribe; Senior operator for the unit (or from a similar unit); New/junior operator for the unit; Senior
process engineer for the unit (or from a similar unit); Process/design engineer from the project; Process safety specialist (if the previously
listed members do not have safety expertise)
Table 8. This review helps to weed out hazards that may have been missed earlier, and can serve as
the first PHA revalidation for the new unit.
Project Phase: Post-Startup Phase Risk Reviews
Goals of Risk Review Risk Review Methodology Key PSM Elements*
Conducted 3–6 mo after startup; similar to Audit of MOCs (and P&IDs and SOPs) since Initial PHA Revalidation (completed much
the revalidations that will be done in the fu- “Initial PHA” (since commissioning risk earlier than the required 5–yr cycle) (e)
ture, but with the goal of compensating for review) to ensure nothing has been missed MOC (l)
weaknesses in MOC process at the initial by MOC
Incident investigation (for lessons learned in
startup of the new unit/process HAZOP or What-If of missed or poorly first 3–6 mo) (m)
reviewed changes
Update PHA for the entire set of changes
(look at the whole picture for effects of all
changes)
Close any pending recommendations
(if possible)
Risk Review Team Members: Leader; Scribe; Senior operator for the unit (or from a similar unit); New/junior operator for the unit; Senior
process engineer for the unit (or from a similar unit); Process/design engineer from the project; Possibly project/design engineer (for
quality assurance of project).
* Letters in parentheses refer to the relevant section of the OHSA PSM Standard, 29 CFR 1910.119 (_).