Computer Aided Environmental Management Unit, Centre for Pollution Control and Energy Technology, Pondicherry University, Kalapet-605
014, Pondicherry, India
Abstract
This paper presents a state-of-art-review of the available techniques and methodologies for carrying out risk analysis in chemical
process industries. It also presents a set of methodologies developed by the authors to conduct risk analysis effectively and optimally.
1998 Elsevier Science Ltd. All rights reserved.
Keywords: Risk assessment; Hazard assessment; Quantitative risk assessment; Industrial hazard assessment; Process safety assessment
1. Introduction
The increasing diversity of products manufactured by
chemical process industries has made it more and more
common for these industries to use reactors, conduits
and storage vessels in which hazardous substances are
handled at elevated temperatures and/or pressures. Accidents in such units caused either by material failure (such
as crack in the storage vessels), operational mistakes
(such as raising the pressures temperature/flow-rate
beyond critical limits), or external perturbation (such as
damage caused by a projectile) can have serious-often
catastrophic-consequences. The most gruesome example
of such an accident is the Bhopal Gas Tragedy of 1984
which killed or maimed over 20 000 persons but there
have been numerous other accidents (Lees, 1996; Marshall, 1987) (Flixborough 1974, Basel-1986, Antwerp1987, Pasadena-1989, Panipat-1993, Mumbai-1995, and
Vishakhapatnam-1997) in which the death toll would
have been as high as in Bhopal if the areas where the
accidents took place were not less densely populated.
Along with the rapid growth of industrialization and
population the risk posed by probable accidents also continues to rise. This is particularly so in the third world
where population densities are very high and industrial
areas which are surrounded by dense clusters of neighbourhoods. Further it is common to find industrial areas
or industrial complexes where groups of industries are
situated in close proximity to one another. The growth
in the number of such industrial areas and in the number
of industries contained in each of the areas gives rise to
increasing probabilities of chain of accidents or
cascading/domino effects wherein an accident in one
industry may cause another accident in a neighbouring
industry which in turn may trigger another accident and
so on. Some of the past experiences like Mexico-1984,
Antwerp-1987, Pasadena-1989 and recently Vishakhapatnam-1997 (The Hindu, 1997) are examples of such
disasters. In order to prevent-or at least reduce the frequency of occurrence of such accidents, major efforts
are needed towards raising the level of safety, hazard
management and emergency preparedness. This realization and the increased public awareness towards this
issue, has prompted technique development of new processes for carrying out risk assessment and safety evaluation of chemical process industries, singly or in combinations (as they exist in chemical complexes).
The resulting science of risk assessment, which has
emerged in recent years with ever-increasing importance
being attached to it, deals with the following key aspects
of accidents in chemical process industries
1. Development of techniques and tools to forecast accidents.
262
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
2. Risk assessment
The terms hazard and risk are sometimes used interchangeably by the process/environmental engineer or
safety personnel. However, hazard relates to the source
of harm, while risk is the probability of the harm being
experienced (Lees, 1996; Greenberg & Cramer, 1991;
Khan & Abbasi, 1995a; Abbasi & Venilla, 1994; Abbasi
et al., 1998; Khan & Abbasi, 1998a). In the authors
opinion risk may be defined as a combination of hazard
and probability of hazard occurrence, where hazard is
defined as the degree of harm to human beings, property,
society or environment. In this context risk analysis can
be defined as an exercise, which includes both qualitative and quantitative determination of risk and its multidimensional impacts.
experienced personnel, even relatively untrained personnel can use them effectively. The main limitations of this
methodology are:
it takes a long time to develop a checklist but it yields
only qualitative results, with no insights into the system. It merely provides the status of each item in
terms of Yes or No.
a checklist can focus only on a single item at a time,
so it cant identify hazards as a result of interaction
among different units or components (equipment).
it is only as good as the ability and prior experience of
the person preparing it. There is always a significant
probability of some critical item being neglected.
it is unable to identify hazard due to the type of unit
operation (reaction, heat transfer, storage etc.), severity of operating conditions (temperature, pressure),
and any mis-operation (leak or excess heat generation etc.).
Due to the above-mentioned drawbacks this technique
is not recommended for detailed risk analysis. However,
it continues to be used (Eley, 1992; Ozog & Stickles,
1991).
4. HAZOP
HAZOP (ICI, 1974; Lawley, 1974; CIA, 1977;
Knowlton, 1976; ILO, 1988; Kletz, 1983, 1985; Freeman, 1991; Sherrod & Early, 1991; Venkatasubramanian & Vaidyanathan, 1994; Medermid et al., 1998) is a
simple yet structured methodology for hazard identification and assessment. It had been developed at Imperial
Chemical Industries (ICI) in 1974 and later went through
several modifications ICI, 1974; Kletz, 1985; Andow et
al., 1980; Knowlton, 1982, 1989; McKelvey, 1988;
Montague, 1990. The basic principle of a HAZOP study
is that normal and standard conditions are safe, and hazards occur only when there is a deviation from normal
conditions. It is a procedure that allows its user to make
intelligent guesses in the identification of hazard and
operability problems.
In a typical HAZOP study, design and operation documents (PI&Ds, PFD, material flow diagrams, and
operating manuals) are examined systematically by a
group of experts. Abnormal causes and adverse consequences for all possible deviations from normal operation that could arise are identified for each unit of the
plant. HAZOP is considered by a multi-disciplinary team
of experts who have extensive knowledge of design,
operation and maintenance of the process plant. To cover
all the possible malfunctions in the plant the imagination
of the HAZOP team members is guided systematically
with a set of guide words for generating the process variable deviations. A list of guide words and their defi-
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
263
Table 1
Guide words and their physical significance
Guide word
Meaning
Parameter
Deviation
None
Negation intention
Less
Quantitative decrease
More
Quantitative increase
Reverse
Logical opposite
Part of
Qualitative decrease
As-Well-As
Qualitative increase
Other Than
Complete substitution
Flow
Level
Flow
Level
Temperature
Pressure
Concentration
Flow
Level
Temperature
Pressure
Concentration
Flow
Pressure
Concentration
Flow
Level
Concentration of impurity
Temperature of substance
Level of impurity
Pressure of substance
Flow of impurity
Concentration of desired substance
Level of desired substance
Flow of desired substance
No flow
Zero level
Low flow rate
Low level
Low temperature
Low pressure
Low concentration
High flow rate
High level
High temperature
High pressure
High concentration
Reverse flow rate
Reverse pressure
Concentration decrease
Flow decrease
Level decrease
Concentration increase
Temperature increase
Level increase
Pressure increase
Flow increases
Concentration zero
Level zero
Flow rate zero
264
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
Yllera (1988) and Lai et al. (1986) have drawn attention to the difficulties associated with FTA. According
to them FTA is a sophisticated form of reliability assessment and requires considerable time and effort by skilled
analysts. Although it is the best tool available for a comprehensive analysis, it is not foolproof and, in particular,
it does not of itself assure detection of all failures,
especially common cause failures. The accuracy of prediction is limited and depends upon the reliability and
failure data of components of the fault tree.
In many real-world applications, it may be difficult to
assign exact values to the probabilities of occurrence of
the fundamental events. This problem is likely to arise
in dynamically changing environments or in systems in
which accidents occur so frequently that reasonable failure data are not available. In the absence of genuine
probability data, estimates of failure probabilities are
customarily supplied by personnel familiar with the
operation of the system. Usually they prefer to express
their knowledge in general terms and find it extremely
difficult to specify the exact numerical values that are
required in conventional fault tree analysis.
To cope with this problem associated with the assignment of exact numerical values to failure probabilities,
modifications have been suggested by Lai et al. (1986);
Rauzy (1993); Camarinpoulous & Yllera (1985) to dilute
FTAs dependency on reliability data and cut short the
time of analysis using Fuzzy mathematics. Lapp & Powers (1979); Hauptmanns (1988); Lapp (1991); Bossche
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
265
266
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
Fig. 1.
Procedure for calculating the Dow Fire and explosion Index and other quantities (Lees, 1996).
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
267
5.2. ISGRA
This scheme, authored by the International Study
Group on Risk Analysis (ISGRA, 1985), comprises three
steps, (1) hazard identification, (2) consequence analysis,
and (3) quantification of risk. The hazard identification
step identifies and assesses hazards based on the chemical properties, capacity, and deviation in operating parameters. HAZOP, FMEA, and FTA/ETA have been recommended for this step. The consequence analysis step
is to estimate the damage potential using standard mathematical expressions. The last step-quantification of risk
is based on the frequency of occurrence of an accident
and its damage consequences. The frequency of occurrence is estimated based on the past history of similar
accidents.
The use of this scheme, unless he/she is very wellversed with the techniques and tools of risk assessment,
may be misleading by passing causes of hazards and frequency of their occurrence. These being crucial inputs
for any risk assessment study, may lead to wrong conclusions.
5.3. Maximum credible accident analysis (MCAA)
MCAA (AIChE, 1985; API, 1992; Mallikarjunan et
al., 1988; Khan & Abbasi, 1997c, i) is an approach for
forecasting the damage likely to be caused if an accident
takes place in a chemical plant. MCAA comprises the
following main steps:
1. study of the plant to identify hazardous materials, the
non/less-hazardous unit easy, thus saving the effort
and duration going to waste in studying non/less hazardous units. This provision is not available in QRA,
and to estimate the same parameters using Dows
Index and/or Monds Index requires extra information
and calculations.
2. development of credible accident scenarios,
3. assessment of damages likely to be caused in each
scenario using mathematical models, and
4. delineation of the maximum credible accident scenario.
Fig. 2.
268
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
hazard identification,
frequency estimation,
consequence analysis and
measure of risk.
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
269
270
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
Fig. 4.
procedures require a combination of these methodologies. As some of them-such as HAZOP-are cumbersome and costly, and some other-such as FMEA,FTArequire extensive reliability data which might not be easy
to obtain, the conventional RA procedures become tedious, costly, and prone to serious errors (when precise
basic data is required but is not available).
We have tried to improve the situation modifying
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
some of the conventional methodologies and strengthening some others in terms of enhancing their analytical
and computational capabilities. These efforts have led to
the following:
1.
2.
3.
4.
5.
6.
7.
8.
HIRA
optHAZOP
TOPHAZOP
PROFAT
HAZDIG
MOSEC
DOMIFFECT
MAXCRED
271
6.3. TOPHAZOP
optHAZOP, described above, consists of several steps,
the most crucial one requires use of a knowledge-based
software tool which would significantly reduce the
requirement of expert man-hours and speed up the work
of the study team. TOPHAZOP (Tool for OPtimizing
HAZOP) has been developed to fulfill this need (Khan &
Abbasi, 1997a).
TOPHAZOP is a knowledge-based user-friendly
software for conducting HAZOP study in a comprehensive, effective, and efficient manner within a short span
of time. TOPHAZOP overcomes several major limitations (time, effort, repetitious work, etc.) of the existing HAZOP procedure. The software has an in-built
knowledge-base which is extensive and dynamic. It
incorporates process units, and works out numerous
modes of failure for certain input operational conditions.
It drastically minimizes the need of expert time. The
knowledge-base has been developed in two segments:
process general knowledge, and process specific knowledge. The process specific knowledge segment handles
information specific to a particular process unit in a
particular operation, whereas the process general knowledge segments handle general information about the process unit. At present the knowledge-base incorporates
information pertaining to 15 different process units
including their characteristics and modes of failures. The
availability of on-line help and graphical user-interface
enhances its user-friendliness so that even an inexperienced professional can utilize the software with relative ease.
6.4. Probabilistic hazard assessment: PROFAT
Fault tree analysis involves identification of causes of
an accident, frequency of occurrence of an accident, and
contribution of each cause to the accident. It is a useful
methodology but is besieged with the same types of limitations which we find with other methodologies such as:
need of large volumes of precise data, and requirement
of much expert time. We have made attempts to overcome these limitations by incorporating a combination
of analytical method (Hauptmanns, 1988), and MonteCarlo
simulation
technique
(Rauzy,
1993;
Hauptmanns & Yllera, 1983) with fuzzy set theory
(Tanaka et al., 1983; Khan & Abbasi, 1997b). A
software PROFAT (Probabilistic Fault Tree Analysis)
has been developed on the basis of this recipe.
6.5. Consequence analysis: MOSEC, HAZDIG and
DOMIFFECT
Consequence analysis involves assessment of likely
consequences if an accident scenario does materialize.
The consequences are quantified in terms of damage
272
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
Fig. 5.
Simplified block diagram showing the main steps of different risk and safety procedures.
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
273
274
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
Fig. 6.
Simplified block diagram showing various steps with techniques and/or tools for conducting optimal risk analysis.
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
Table 2
Parameters used in the effectiveness study of various risk assessment schemes
Parameters Detail description
A
B
C
D
E
F
G
H
Quantitative results
Inexpensive to execute (in terms of expert
time/computational time/data requirement)
Sequence of steps optimal
In some steps numerous techniques have been clustered
without giving criteria of which to choose in which
situation, this may lead persons not very well-versed to
either waste time or bypass some crucial aspects
Precision
Applicability at various stages of the project
Covers most of the aspects of risk study
Cumulative performance index
Fig. 7. Comparison of parameters for various schemes of risk assessment (legends AG are defined in Table 2).
Acknowledgement
The authors thank the All India Council for Technical
Education (AICTE), New Delhi, for instituting the Computer-Aided Environmental Management (CAEM) Unit
which has enabled this study.
275
References
Abbasi, S. A., & Venilla, V. (1994). Risk assessment, Encyclopaedia
for Environmental Engineering, R. K. Trivadi, Karad: Enviro
Media, 239254.
Abbasi, S. A., Krishnakumari, P., & Khan, F. I. (1998). Hot topics:
Global warming, acid rain, ozone hole, hazardous waste, industrial
disasters, disinfection. New Delhi, Oxford University Press (in
press).
AIChE. (1994). Dows Fire and Explosion Index Classification Guide,
AIChE Technical Manual, LC 80-29237. New York.
AIChE. (1995). Guidelines for Hazard Evaluation Procedures, prepared by Battle Columbus Division. New York.
Andow, P. K., Lees, F. P., & Murphy, C. P. (1980). Int. Chem. Eng.
Sym. Ser., 58, 225.
API. (1992). Management of Process Hazards, Recommended Practice
750. Washington, DC: American Petroleum Institute.
Arendt, J. S. (1990). Plant/Operation Progress, 4, 262268.
Arendt, J. S. (1990). Reliability Engineering and System Safety, 29,
133149.
Balemans, A. W. M. (1974). Loss Prevention and Safety Promotion,
1, 715.
Beckjord, E. S., Cunningham, M. A., & Murphy, J. A. (1993).
Reliability Engineering and System Safety, 39, 159170.
Bossche, A. (1991). Reliability Engineering and System Safety, 32,
217241.
Buck, A. F. (1992). Chemical Engineering Progress, 88(6), 90.
Camarinpoulous, L., & Yllera, J. (1985). Reliability Engineering,
11(2), 93.
CCPS. (1989). Guidelines for Chemical Process Quantitative Risk
Analysis (Vol. 32). New York: AIChE.
CCPS. (1994). Guidelines for Evaluating the Characteristics for Vapor
Cloud Explosions, Flash Fires, and BLEVEs. New York, AIChE.
CIA. (1997). A Guide to Hazard and Operability Studies. Chemical
Industries Association Ltd. Tonbridge: Tonbridge Printers Ltd.
CMA. (1985). Risk Analysis in the Chemical Industry. Rockville, MD:
Chemical Manufacturers Association, Government Institute Inc.
Cummings, D. L., Lapp, S. A., & Powers, G. J. (1983). J. IEEE Transaction on Reliability, R-, 32, 140.
Dow Chemical Company. (1964). Dows Process Safety Guide. Midland.
Dow Chemical Company. (1994). Dows Chemical Exposure Index.
New York: AIChE.
Eley, C. (1992). Hydrocarbon Process, 71(8), 97.
Environment Protection Act-40CFR part 355. (1987). Washington,
DC.
Erbink, J. J. (1993). Workshop on Intercomparison of Advanced Practical Short Range Atmospheric Dispersion Modeling, Manno, Switzerland.
Erbink, J. J. (1995). Turbulent diffusion model from tall stacks. Ph.D.
thesis submitted to VRIJ University, The Netherlands.
Freeman, R. A., Lee, R., & MeMamara, T. (1992). Chemical Engineering Progress. (August).
Freeman, R. A. (1991). Plant/Operation progress, 10(3), 155.
Greenberg, H. R., & Cramer, J. J. (1991). Risk Assessment and Risk
Management for Chemical Process Industries. New York: Van
Nostrand Reinhold.
Guymer, P., Kaiser, G. D., & Mckelvey, T. C. (1987). Chemical Engineering Progress. (January) 37-45.
Hauptmanns, U. (1988). Fault Tree Analysis for Process Industries:
Engineering Risk and Hazard Assessment, (Kandel and Avani,
Eds.). Florida: CRC Press Inc.
Hauptmanns, U., & Yllera, J. (1983). Chemical Engineer, 90, 91103.
Henevely, E. J., & Kumanoto, M. (1981). Reliability Engineering and
Risk Assessment. New Jersey: Englewood Cliffs.
Hessian, R. T., & Rubin, J. N. (1991). Risk Assessment and Risk Man-
276
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
agement for the CPI (Greenberg and Creamer, Eds.). New York:
Van Nostrand.
IChemE, (1985). Risk Analysis in the Process Industries, EFCE Publication Series No. 45. Rugby, UK: IChemE.
ICI. (1974). Hazard and Operability Studies, Process Safety Report 2.
London: Imperial Chemical Industries.
ICI. (1982). The Chemical Engineer, 385, 355-367.
ILO. (1988). Major Hazard Control: a Practical Manual. Geneva:
ILO Office.
Insurance Technical Bureau. (1981). IFAL Factor Workbook. London.
ISGRA. (1985). Risk analysis in the process industries-an ISGRA
update. Plant/Operation Progress (April). 4(2), 6367.
Kafka, F. L. (1984). The 1984 European Major Hazards Conference, London.
Kafka, P. (1991), Probabilistic Safety Assessment: Quantitative Process to Balance Design, Manufacturing and Operation for Safety
of Plant Structures and Systems. Principal Division Lecture, Transactions SMiRT 11, A Tokyo.
Kafka, P. (1993). Important issues using PSA technology for design
of new system and plants. GRS mbH 85748 Garchirg, Germany.
Kavianian, H. R., Surname, J. K., & Brown, G. V. (1992). Application
of Hazard Evaluation Techniques to the Design of Potentially Hazardous Industrial Chemical Processes, Cincinnati, OH: Report Div.
of Training and Manpower Development. Nat. Inst. Occup. Safety
and Health.
Khan, F. I., & Abbasi, S. A. (1995). Journal of Industrial Pollution
Control, 11(2), 8998.
Khan, F. I., & Abbasi, S. A. (1995). Analytical Simulation: a Procedure to Conduct FTA in Chemical Process Industries, CPCE/RA
012/95. Pondicherry University, Pondicherry.
Khan, F. I., & Abbasi, S. A. (1996). Indian Journal of Chemical Technology, 3, 338344.
Khan, F.I., & Abbasi, S.A. (1997). Journal of Loss Prevention in the
Process Industries, 10(3), 191204.
Khan, F. I., & Abbasi, S. A. (1997). Journal of Loss Prevention in the
Process Industries, 10(5), 321334.
Khan, F. I., & Abbasi, S. A. (1997). Journal of Loss Prevention in the
Process Industries, 10(2), 91100.
Khan, F. I., & Abbasi, S. A. (1997). Journal of Cleaner Production
(in press).
Khan, F. I., & Abbasi, S. A. (1997). Process Safety Progress, 16(3),
172185.
Khan, F.I., & Abbasi, S.A. (1997). Journal of Loss Prevention in the
Process Industries, 10(4), 249257.
Khan, F. I., & Abbasi, S. A. (1997). MOSEC: MOdeling and Simulation of Fire and Explosion in Chemical Process Industries.
Research report CPCE/RA 21/97. Pondicherry University, Pondicherry.
Khan, F. I., & Abbasi, S. A. (1997). Environmental Modeling and
Software (in press).
Khan, F.I., & Abbasi, S.A. (1997). Indian Journal of Chemical Technology, 4, 167179.
Khan, F. I., & Abbasi, S. A. (1997). Indian Chemical Engineer, B39,
164172.
Khan, F. I., & Abbasi, S. A., (1997) Process Safety Progress. New
York (November)
Khan, F. I., & Abbasi, S. A. (1997). Hazard Identification and Ranking: a Multi-attribute Technique for Hazard Identification.
Research Report CPCE/RA 22/97. Pondicherry University, Pondicherry.
Khan, F. I., & Abbasi, S. A. (1997). 2nd International Specialty Conference on Environment Progress in the Petroleum and Petrochemical Industries. (1719 November) Bahrain.
Khan, F. I., Abbasi, & S. A. (1997). Environmental Modeling and
Software (communicated)
Khan, F. I., & Abbasi, S. A. (1997). Symp. of Air Quality Management
F.I. Khan, S.A. Abbasi / Journal of Loss Prevention in the Process Industries 11 (1998) 261277
277