Chapter 1:

Introduction to Process Safety

 Learning Outcomes

• Importance of Safety at the Workplace

• Accident, Incident & Losses
• Accident Causation Model
• Major Accidents in Process Industries
- Analyzing related Case Studies
• Concept of Acceptable Risk
• Inherent Safety
• Engineering Ethics
2
 Importance of Safety at Workplace
• We are living in the society with high value on human life and welfare.

• Each person has a different degree of regard for others and uses different
standards for right or wrong.

• To minimize these differences, society formalizes standards of conduct

among people.

• Complex processes require more advance safety technology. Growth of an

industry is also dependent on technological advances.

• Since 1950 significant technological advances and safety analysis

techniques have been made in chemical process safety :
- dispersion models representing spread of toxic vapor through a
plant after a release
- hazard identification or quantification technique 3
Occupational Accident by State until March 2022
(Ref : DOSH Malaysia)
Occupational Accident by Sector until March 2022
(Ref: DOSH Malaysia)
 Process Safety
• To ensure safe process and operation throughout the life of a
plant.
• By identifying all potential hazards or incident scenarios and
minimizing all risks using loss prevention techniques such as
follows :
- technological advances using better design/control
- inherent safety concept in design
- hazard identification methods
Notes
Any potential hazards need to be identified as early as possible so6
that action can be taken to correct or mitigate the situation.
To know is to survive and to ignore
fundamentals is to court disaster

H.H. Fawcett and W.S. Wood, Safety and Accident Prevention

in chemical operation, New York, Wiley, 1984.
 Accident / Incident / Losses
• Accident
Happening or event that is not expected, foreseen or intended that
causes injury, loss or damage. Evokes through undesirable effects or
consequences.

• Incident:
Refer to any unplanned event or event sequence, whether it results in
loss, injury, illness, disease or none of these. It does not carry the
connotation that the event or event sequence cannot be prevented, which
always applied in the term of Accident.

• Losses
Losses from incident may vary forms such as injury, illness, disease, death,
damage of property, equipment, materials and the environment and the
cost of repair or replacement. It also can include in loss of time, sales,
production.
8
9
 HAZARD

• A chemical or physical condition that has the

potential to cause damage to people, property or the
environment

• The Institution of Chemical Engineers (IChemE, 1985) has

defined hazard as a physical situation with a potential for
human injury, damage to property, damage to the
environment or some combination of these.
•

11
23-24 Sept 2010, University of Graz, Austria
Accident Causation Model
23-24 Sept 2010, University of Graz, Austria
Domino Effect
23-24 Sept 2010, University of Graz, Austria
Loss Causation Model
23-24 Sept 2010, University of Graz, Austria
Accident – Ratio Study
 Major Accidents in Process Industries

• Fire
23-24 Sept 2010, University of Graz, Austria

• Explosion
• Toxic Release
23-24 Sept 2010, University of Graz, Austria
Process Hazard
23-24 Sept 2010, University of Graz, Austria Human Factors / Errors
23-24 Sept 2010, University of Graz, Austria
23-24 Sept 2010, University of Graz, Austria
In Memories…………

21
•Bhopal, India 1984
Contaminated methyl isocynate (MIC) caused
runaway reaction.

Vapor released through pressure relief system but

scrubber and flare system not working. 25 tons of
MIC vapor released.

Toxic cloud spread nearby town killing 2500

civilian, injured more than 20,000. No plant
workers were injured or killed. No plant equipment
was damaged

22
• MIC is toxic, reactive, volatile and flammable and the boiling point
is 39.1 degree celcius.
• Flixborough, England 1974

Plant was designed to produce caprolactam, raw

material for the production of nylon.

Failure of temporary bypass pipe replacing reactor no 5

(from 6 reactors) released 30 tons of cyclohexane,
form vapor clouds, killing 28 people, injured 36.

The feed pipes connecting the reactors were 28-in

diameter, because only 20-in pipe stock was available at
the plant, connections to reactor 4 and reactor 6 were
made using flexible bellows-type piping.

It is hypothesized that the bypass pipe-section ruptures

because of inadequate support, cyclohexane clouds was
ignited by an unknown source.
24
 Accident
➢Direct cause :
Attribute to equipment failure or unsafe operating conditions

➢Indirect cause :
Not as readily apparent and can generally be tied to some human failure

➢Root cause :
Result of poor management safety policies, procedures or decisions

➢ Most accidents follow a THREE STEPS sequence:

➢Initiation (Starting of the event)

➢Propagation (the event/expand the event) 26
➢Termination (stop the accident/diminish it in size)
In life, there is always some
risks…
▪ There is no such thing as zero risk

▪ All activities involve some risks

▪ The issue is at level should we tolerate these risks…

 Definition of Risk
A measure of human injury, environmental damage or
economic loss in terms of both the incident likelihood
and the magnitude of the loss or injury

Risk = Severity x Likelihood

• Extent of Damage • Likelihood of failure
• Probability of Fatality
• Monetory Losses

28
 Risk is expressed in as Rating
• Rating is typically
• simple to use and understand
• Not require extensive knowledge to use
• Have consistent likelihood ranges that cover the full
spectrum of potential scenarios
• In applying risk assessment
• Clear guidance on applicability is provided
• Detailed descriptions of the consequences of concern for
each consequence range should be described
• Have clearly defined tolerable and intolerable risk levels
• Following risk assessment
• Scenarios that are at an intolerable risk level can be
mitigated to a tolerable risk level on the matrix
• Clear guidance on what action is necessary to mitigate
scenarios with intolerable risk levels are provided
29
Example of a Consequence Range

30
Example of Likelihood Ranges

32
Risk matrix

33
Risk Category
• Individual risk (IR) is the frequency at which a given individual
may be expected to sustain a given level of harm from specified
hazard.

• Occupational risk is a risk that may happen at the work place. Can
be described in term of FAR.

• Societal risk is frequencies with which specified numbers of people

in a given population sustain a specified level of harm from
specified hazards.

34
 Tolerable Risk
• Risk cannot be eliminated entirely.
• Every chemical process has a certain amount of risk
associated with it.
• At some point in the design stage someone needs to
decide if the risks are “tolerable".
• Each country has it owns tolerability criteria.
• One tolerability criteria in the UK is "as low as
reasonable practicable" (ALARP) concept formalized in
1974 by United Kingdom Health and Safety at Work Act.
Page
35
 Tolerability Criteria
• This framework is represented as a three-tier system as
shown in figure. It consists of several elements :
(1) Upper-bound on individual (and possibly, societal) risk
levels, beyond which risks unacceptable.
(2) Lower-bound on individual (and possibly, societal) risk
levels, below which risks are deemed not to warrant
regulatory concern.
(3) intermediate region between (1) and (2) above, where
further individual and societal risk reductions are required to
achieve a level deemed "as low as reasonably practicable
(ALARP)". Page
36
 ALARP Criteria
INTOLERABLE LEVEL
(Risk cannot be justified
on any ground)

TOLERABLE only if risk reduction

is impracticable or if its cost is
THE ALARP REGION (Risk is grossly disproportionate to the
undertaken if benefited is improvement gained
desired)
TOLERABLE if cost of reduction
would exceed the improvement
gained

BROADLY
ACCEPTABLE
REGION
Page
37
Inherent Safety
Minimize

Substitute

Moderate

Simplify
Minimize
(reducing the hazard by using smaller quantities of hazardous
substances)

• Example :

• Change from larger batch reactor to smaller continuous

reactor

• Reduce storage inventory of raw materials

• Improve control to reduce inventory of hazardous

intermediate chemicals

• Reduce process hold-up

Substitute
(adopting alternative concept; using safer materials)

• Example :
• Use welded pipe instead of flanged pipe.

• Use solvent that are less toxic.

• Use mechanical gauges instead of mercury.

• Use chemicals with higher flash point, boiling points,

and other less hazardous properties.

• Use water as heat transfer fluid instead of hot oil

Moderate
(using a hazardous material under less hazardous condition)

• Example:

• Use vacuum to reduce boiling point

• Reduce process temperature and pressure
• Dissolve hazardous materials in safe solvent
• Place control rooms away from operation
• Operate at conditions where runaway reactions are not
possible
• Separate pump rooms from other rooms
• Barricade control rooms and tanks
Simplify
(reduces the opportunities for errors and mis-operation)

•Example:
• Keep piping systems neat and visually easy to follow
• Design control panels that are easy to comprehend
• Design plants for easy and safe maintenance
• Pick equipment with low failure rates
• Separate systems and controls into blocks that are
easy to comprehend and understand
• Label pipes for easy ‘walking the line”
• Label vessels and controls to enhance understanding
• Add fire and explosion resistant barricades
 Inherent Safety Concept
•Reduce the risk at early stage of design

44
 PROJECT PHASE
Safety issues must be embedded within all project life-cycle

Conceptual Process Project Design, engineering, Hand operation

development sanction construction over

Relationship of six-stage process study system to project life-

cycle

Stage 5 Stage 6
Stage 1 Stage 2 Stage 3 Stage 4
Pre- Post-
Process Detailed
Commis commis
Concept design Engineering Construction 45
sioning sioning
Many hazard identification technique can
be used at appropriate cycle
LOPA
Checklist HAZOP

RR
Method Used PHR

What-if
FMEA
FTA ETA 46
 Accident and Loss Statistics
• Accident and loss statistics are used to measure the effectiveness
of safety programs.
• Among statistical methods used to characterize accident and loss
performance :
- OSHA
(Occupational Safety and Health Administration, USA) incidence rate
- Fatal accident rate (FAR)
- Fatality rate or deaths per person per year

• These methods report number of accidents and/or fatalities for

fixed number of workers during specified period. 47
A: OSHA Incidence rate :
An incidence rate is the number of recordable injuries and
illnesse occurring among a given number of full-time workers
(usually 100 fulltime workers) over a given period of time
(usually one year).

To evaluate injury and illness experience over time or to

compare with that of a specific industry as a whole. Because
a specific number of workers and a specific period of time are
involved, these rates can help to identify problems in
workplace and/or progress that may have made in preventing
work related injuries and illnesses
48
Calculating Injury and Illness
Incidence Rates

For all of these indicators, smaller is better! 49

OSHA definition :

Occupational injury :
any injury such as cut, fracture, sprain, amputation, as a result from work
accident or from exposure involving single incident in the work
environment.

Occupational Illness:
Any abnormal conditions or disorder, other than one resulting from an
occupational injury. Eg : acute or chronic illness

Lost workdays :
days which employee normally work but could not because of occupational
injury or illness. this day does not include the day of injury.

1 worker year = 50 work weeks/yr x 40 hrs/weeks = 2000 hrs & based on cases per 100 50
worker years = 200,000 hrs worker exposure to hazard
 Fatal Accident Rates (FAR)
Individual risks for workers are commonly expressed as a fatal
accident rate (FAR), which is the number of fatalities per 108 exposed
hours.

FARs are typically in the range 1-30, and are more convenient and
readily understandable than individual risks per year, which are
typically in the range 10-5 - 10-3.

The number of 108 exposed hours is roughly equivalent to the number

of hours at work in 1000 employees working lifetimes (50 years).
The FAR measure was developed to describe onshore occupational
risks, which only apply during working hours. Hence, in onshore
studies, 'exposed hours' is taken to mean 'hours at work', and the FAR
is defined as: 51
FAR = Fatalities at work x 108 / Person hours at work
FARs are convenient for describing the risk in individual
activities (e.g. working on the drill floor, flying in a helicopter).
Unlike individual risks per year, they do not require any
assumptions about what the individual does for the rest of the
year.

However, they may be misleading because they represent a rate

of risk per unit time in the activity. Hence, in contrast to
individual risks per year, FARs cannot necessarily be added
together.

For example, the FAR in helicopter travel may be in the range

200 - 400 (as it involves high risks during a short time period),
while the total FAR in offshore activities may be only 10 - 20
(with the helicopter risk averaged over the whole time period 52
offshore).
Fatality Rate
• Fatality Rate =
No of fatality per year / Total number of people in
applicable population

Or known as death per person per year. This system is

independent of the number of hours actually worked and
reports only the number of fatalities expected per person per
year.

Note :
FAR can be converted to a fatality rate (vice versa) if the number
of exposed hours is known.
Example
• Given FAR =2. If employee works 8 hr shift 300 days per year, compute
fatality rate
Fatality rate = 8 hrs/day x 300 days/year x 2 deaths/108 hrs = 4.8 x 10-6 death
per person per year

54
 EXERCISE
1. An employee works in a plant with a FAR of 4. If this employee
works a 4-hour shift, 200 days per year, what is the expected
death per person per year?

2. Three process units are in a plant. The units have FARs of 0.5, 0.3
and 1.0, respectively.

(a) What is the overall FAR for the plant, assuming

worker exposure to all three units simultaneously?

(b) Assume now the units are far enough apart that an accident in
one would not affect the workers in another unit. If a worker spends
20% of his time in process area 1, 40% in process area 2 and 40% in
process area 3, what is his overall FAR?
55
• 3. A plant employs 1500 full-time workers in a
process with a FAR of 5. How many industrial
related death are expected each year?

56
 Engineering Professional Ethics
Ref : American Institute of Chemical Engineers Code of
Professional Ethics

Fundamental principles
• Engineers shall uphold and advance the integrity, honor and dignity of
engineering profession by :
- using knowledge & skill for enhancement of human welfare.
- honest and impartial and serving with fidelity to public, employers,
clients.
- striving to increase competence and prestige of engineering profession.

57
Fundamental canons (for engineers)

• Shall hold paramount safety, health and welfare of public in

performance of their professional duties.
• Shall perform services only in areas of their competence.
• Shall issue public statements only in an objective and truthful manner.
• Shall act in professional matters for each employer or client as faithful
agents or trustees, shall avoid conflicts of interest.
• Shall build their professional reputations on merits of their services.
• Shall act in such manner as to uphold and enhance the honor, integrity
and dignity of engineering profession.
• Shall continue their professional development throughout their careers
and shall provide opportunities for professional development of those
58
engineers under their supervision.
You may refer to the “CODE OF CONDUCT OF REGISTERED
PERSON” endorsed by the Board of Engineers Malaysia in the
website. The document is available in the CN page as well.