Process Hazard Analysis (PHA). Overview of available techniques and when to apply them
In this article:
Definition
Process Hazard Analysis (PHA) is defined by the Centre for Chemical Process Safety (CCPS) as an organised effort to identify and evaluate the significance of hazards associated with an industrial process or activity [1]. This definition is commonly shared by experts and practitioners across industry.
There are many ways in which Process Hazard Analysis can be performed, yielding diverse results depending on several factors such as the method used, scope, lifecycle stage of the facility, etc. Common characteristics of Process Hazard Analysis are that they follow systematic and structured methods, are performed by multidisciplinary teams, led by expert facilitators, and are key components of the Process Safety Management (PSM) or Risk Management Program (RMP) of facilities which handle hazardous chemicals.
The aim of this article is to provide an overview of the main Process Hazard Analysis methods, their general characteristics and when to apply them.
Overview of Process Hazard Analysis Methods
Process Hazard Analysis techniques can be roughly grouped in two categories: non-scenario and scenario based, depending on whether they focus on events specific to the design, or on generic ones. Process Hazard Analysis techniques can also be classified as experience-based or predictive, as some of them are intended to use learnings from previous experience to evaluate known hazards, while others try to predict events which could occur depending on the design.
Not all Process Hazard Analysis are used at the same stages of the lifecycle of a facility, and not all of them are appropriate for all types of hazards. Therefore, the designer or owner is responsible for deciding which techniques to apply and when, depending on their objectives.
Non-scenario based: focused on the evaluation of hazards generic to a facility based, for instance, on the hazardous chemicals or conditions present, but not on scenarios which are specific to the design. They are more appropriate for general evaluations, usually early during the life of industrial processes, and are mostly based on previous experience and not suitable for prediction of unknown hazards.
Scenario based: focused on identification of hazards which occur due to specific and unique characteristics of the design. They require detailed design information, are better suited for application during later stages of design or during the operational phase, and are mostly predictive in nature.
Non-Scenario Based Techniques
Preliminary Hazard Review
Preliminary Hazard Analysis is a qualitative technique intended for use during the earlier stages of the design of industrial processes (conceptual or Research & Development (R&D) phases). It focuses on hazardous materials and major process hazards in a general way and can be used to identify the main potential hazards and propose diverse ways to prevent or mitigate them, such as through the use of Inherently Safe Design (ISD) principles or by lessons learned from a prior similar incident.
Like other PHA techniques, Preliminary Hazard Review hinges on the team experience, but is not focused on specific scenarios, as the design may not be mature. Its intention is to identify the main hazards according to the substances and technologies present to determine whether they can be reduced or eliminated at the earliest.
Safety Review
Also known as Process Safety or Design Review, this technique is one of the earliest to have been used. It can be performed at any stage and involves a review of different process safety related documentation, such as operating procedures, Management of Change (MoC), maintenance and audit reports, incident investigation reports, design basis for safeguarding systems, P&IDs, etc.; it also includes inspections of existing assets and interviews with personnel. This is done to identify potential hazards and shortcomings which could lead to Major Accident Hazard (MAH) events.
Relative Ranking
An analysis strategy which can be implemented in different ways to prioritise or compare hazards in diverse situations. For instance, during the early design of processes, it is interesting to compare layouts or technologies; other use would be comparing risks associated to two different plants. There are many ranking methods; one of the most well known is the Dow Fire and Explosion Index (F&EI) which allows evaluating the significance of fire and explosion hazards. Another use of Relative Ranking is in the European Seveso Directive, which presents a method which allows categorising a site as upper or lower tier based on the quantities of hazardous chemicals it stores.
The main struggle with Relative Rankings is that they need to be well understood so they can be applied consistently between different assets, so the comparison is relevant and does not result in misconceptions. Also, the user needs to be aware that one ranking method may not be consider all the risks present in a plant. For example, if only the Dow F&EI is applied, then other hazards such as those related to toxic materials may be overlooked.
Checklist Analysis
As it name states, checklist analysis consists of using checklists to verify the status of a system in regards to process safety requirements; They should be based on the requirements of the Process Safety Management system of the organisation.
Checklist analysis can be performed at any stage of the lifecycle of a plant, from earlier design to operation, as the checklists can be modified depending on what type of hazards, operations and stage of the design is being evaluated.
Scenario Based Techniques
What-if Analysis
The What-if technique involves a team of experienced professionals brainstorming potential concerns related to an activity or process. It literally asks the participants to voice their safety related questions (not necessarily in a what-if? format) to identify potential causes and assess, as a team, what the consequences would be, and whether the existing protections are considered sufficient. It is not as structured as other process hazard analysis, and therefore is not as commonly used as other techniques (such as HAZOP analysis), as it may not provide sufficient traceability across the identification and evaluation process. However, it is a very useful tool to troubleshoot and quickly identify hazards during an operation. This technique can be applied a any stage of the lifecycle of a process or plant.
HAZOP Study
Hazard and Operability study (HAZOP) is the most widely used PHA technique due to its versatility and its capacity for identifying hazards in a pre-emptive manner.
It follows a systematic method by dividing the plant into different sections called nodes and applying combinations of process parameters and guidewords to generate potential deviations from the design intention of each of these nodes. The HAZOP study team is then asked to identify as many potential causes of these potential deviations as possible based on the Piping and Instrumentation Diagrams (P&IDs) and team experience; these causes can be related to process control failures, human error, equipment failures, etc. For each of these causes the team can evaluate the hazardous scenarios by brainstorming the worst potential consequences (credible) and the safeguards which can prevent or mitigate the event to decrease risk.
HAZOP study is to be performed when the design of the plant is sufficiently matured and P&IDs of sufficient quality have been generated. It is the most appropriate method for identifying and predicting specific causes which can lead to potential hazards and is normally used as the basis for further analysis, such as Layers of Protection Analysis (LOPA).
Hazard Identification (HAZID) Study
What is commonly referred to as a HAZID study, involves using guidewords related to diverse topics, such as environmental conditions, process risks, or occupational risks amongst many others, to identify potential hazards, including their possible causes and consequences, as well as prevention and mitigation measures, and necessary actions for improvement and risk reduction. It is not as structured as a HAZOP study and it is not as focused on what happens inside the process, but rather, on external hazards or risks which initiate outside of the process.
It is normally applied during the basic design stage of the lifecycle before a HAZOP study is performed, but can be revisited at any point of the lifecycle. It is very useful as a tool to develop a risk register of major accident hazards.
Failure modes and Effects Analysis (FMEA)
Failure modes and Effects Analysis involves breaking a piece of equipment or a into its different components and tabulating their failure modes to assess their impact on the equipment or the overall process it is a part of. FMEA can be used to derive the probabilities of failure related to each failure mode identified during the analysis; some of these failures will result in dangerous consequences while others will not, and some may be detectable while others may be not. Once the modes of failure and their effects are known, actions can be generated to improve the reliability of the equipment, therefore improving safety.
FMEA is normally used during the developmental phase of an equipment, as it allows understanding the different components, how they interact and how each failure mode impacts the overall system. However, it can be used during the operational phase to assess the reliability of a specific equipment.
Fault Tree Analysis (FTA)
Fault Tree Analysis is a deductive methodology which, through the application of Boolean logic, allows determining the combination of basic and intermediate events that can cause the Top Event. Its objective is, through logic, identifying the basic events and their combinations so it can be understood how the Top Event can happen. It also allows, through Boolean calculations, calculating the frequency of the Top Event, based on the frequencies and probabilities of the basic ones.
To build a Fault Tree, the Top Event (which is known) is placed at the top of the tree; then, the combination of causes and safeguards failures which lead to it are placed under "and" or "or" gates depending on the logical combination required. This is repeated until the events cannot be further broken down; these indivisible events are referred to as basic events (such as component failure or human error), for which frequencies or probabilities of occurrence can be derived from databases, operational knowledge, etc.
Fault Tree Analysis is very useful for understanding sequences of events and performing detailed frequency calculations. They can be used during Quantitative Risk Assessment (QRA) or for Safety Integrity Level (SIL) determination.
Event Tree Analysis (ETA)
An Event Tree shows the possible outcomes following an initiating event and the success or failure of different protective systems and the occurrence of external factors. The goal of ETA is identifying the sequences of events after an initial one (such as toxic chemical releases) until a specific incident is reached.
As a result of an Event Tree, the frequencies of occurrence of the final outcomes can be calculated based on the frequency of the initial event, and on the probability of failure of existing controls and occurrence of other conditions (such as ignition probabilities). This is why ETA is normally used during quantification of risks.
ETA can be applied at any stage of the lifecycle to better understand the risks associated to a facility.
Bow-Tie Analysis
Bow-Tie analysis refers to a version of Cause-Consequence analysis which combines aspects of FTA and ETA to generate a diagram to evaluate hazardous scenarios from root causes to impacts and identifying critical protection layers and conditions which can impact their ability to function correctly. Bow-Tie is most useful for the initial analysis of an existing process or for application during the middle stages of design.
References
CCPS. Guidelines for Hazard Evaluation Procedures. Third Edition.