This topic illustrates how Hazards Analysis is applied to a hazardous process involving transfer of chemicals from one tank to another.
The following image illustrates the process of transferring hazardous chemicals from Tank E-1 to Tank E-2.
The liquid level in E-1 is maintained by the level control loop that contains the following elements:
level sensor (LT-01)
level controller (LC-01)
level valve (LV-01)
When the level increases above the set point the valve moves in the open direction. Conversely, when the level is below the set point the valve moves in the close direction.
Failure of any component in the level control loop can cause an excess pressure event in E-1. The probability of the event is reduced by the presence and proper operation of the following two safeguards:
High Pressure Instrumented Functions: Open a vent line to the flare system where excess pressure can safely be burned off. The set point of the instrumented function is 80% of the maximum allowable working pressure (MAWP)
Pressure Safety Valves: Vent out excess pressure to the atmosphere when the pressure reaches a point of 90% of the MAWP
Note: This example represents a simplified process and is provided to explain the terminology and concepts that you will need to understand in order to work with the Hazards Analysis module. Depending on the types of processes in your facility, the complexity of your analyses will differ. For example, your process might include multiple deviations, or it might include deviations that are also causes of other deviations.
Suppose that a scenario occurs, where the level control in E-1 fails, leading to a catastrophic failure of E-1 and ultimately causing multiple fatalities. This scenario includes the following risk and risk assessment:
Risk: Hazardous chemicals leak out of the connector, causing multiple fatalities.
Risk Assessment: The probability of multiple fatalities having a negative safety impact is very high, and the severity of the impact is also very high. However, multiple fatalities are not likely to cause a negative environmental impact.
The specific parts of the scenario are outlined in the following list:
System/Node: The chemical transfer system that consists of E-1 and E-2, two pressure sensors , pressure switches, and valves.
Deviation: More pressure in E-1.
Cause: Failure of the pressure switch and the valve connected to E-1.
Consequence: Multiple people around the connector at the time of the leak are killed.
Risk Assessment: The probability of multiple fatalities having a negative safety impact is very high, and the consequence of the impact is also very high. However, multiple fatalities are not likely to cause a negative environmental impact.
Suppose that a scenario occurs, where hazardous chemicals leak out of the connector causing an environmental degradation. This scenario includes the following risk and risk assessment:
Risk: Hazardous chemicals leak out of the connector, causing environmental degradation.
Risk Assessment: The probability of environmental degradation having a negative safety impact is very low. However, the probability of environmental degradation having a negative environmental impact if very high, but the severity of the impact is medium.
The specific parts of the Scenario are outlined in the following list:
System/Node: The chemical transfer system that consists of E-1, E-2, and valves.
Deviation: More pressure in the piping system between E-1 and E-2.
Cause: Failure of the valve connected to E-1.
Consequence: Environmental degradation.
Risk Assessment: The probability of environmental degradation having a negative safety impact is very low. However, the probability of environmental degradation having a negative environmental impact is very high, but the severity of the impact is medium.
Safeguard: A toxicity detector, which sounds an alarm when the toxicity levels in the facility reach high-risk levels.
