Reliable Risk Analysis of Chemical Industry

JELEMENSKÝ ĽUDOVÍT
Department of Chemical and Biochemical Engineering,
Faculty of Chemical and Food Technology,
STU Bratislava, Slovakia
SEVESO II Transposition

into Slovak Legislation

Act no 261/2002 “ About the Prevention of

Major Accidents caused by Selected

Dangerous Substances ”

From 1 July 2002

Regulations associated to the

Act no 261/2002

489/2002 the Method of Evaluation of

the Preliminary Risk Assessment,

the Authorisation Process of Persons,

the Major Accident Risk Assessment

Regulations associated to the

Act no 261/2002

490/2002 About the Safety Reports

and the in/off - Side Emergency Planing

From 1 September 2002

How Many Companies will be involved

by Act 261/2002

Around 160 Companies

Every 2.5 km one SEVESO Company

Basic Duties Follow from

Act 261/2002

Declaration

Safety Documentation

Safety Management

Insurance
 DECLARATION

Categorisation of Existing Installation as

“A” or “B” class

Preliminary Risk Assessment by Modified

Method IABA TECDOC - 727

Deadline of Existing Installation 1 July 2003

SAFETY DOCUMENTATION

Operator Have to Send to the Competent

Authority the Safety Documentation with
Complex Risk Assessment

Deadline of Existing Installation 1 July 2005

 What is Risk

The Seveso II Directive defines RISK as

the likehood of a specific effect occurring within a specified period or in

specified circumstances.

RISK is a complex function of the

¾ hazards connected with a certain system

¾ likehood that a hazard results in an undesired event
¾ vulnerability of the environment into which the consequences may develop
 Risk Analysis

Risk analysis should be based on

¾ systematic analysis of hazards;

¾ development of possible all representative scenarios;

¾ qualitative and quantitative (probability/frequency) estimation of the

‘likelihood’ of events in a reference time;

¾ estimation of consequences;

¾ evaluation of responses of human beings and environmental factors to

stressors
 Uncertainties in Risk Analysis

Different approaches, methodologies and ways of presentation

make comparisons of results difficult;

Lack of comprehensive investigation of the uncertainties

related to the results of risk analysis and of the causes of their
variability;
 Distinction Between
Risk and Uncertainty

Risk = Undesirable Consequences x ‘Uncertainty’

Risk = 0.01

99 accident scenarios with 0 fatal consequences

1 accident scenarios with 1 fatal consequences

9999 accident scenarios with 0 fatal consequences

1 accident scenarios with 100 fatal consequences
 Distinction Between
Risk and Hazard

Hazard

Source of risk, intrinsic property of substances or activities,

physical situations, involved in scenarios;

Hazard
Risk =
Protective measures
 Source & Receptors of Risk

Sources:

Natural:
Earthquakes, floods, hurricanes, etc.;

Technological:
Energy sector, Industrial production, Chemical technology,
Transportation, Domestic sector, Building construction;

Receptors:
Human beings, Environment
 Risk Measures

Individual Risk

is the probability of occurrence of an undesirable

consequence due to accident to an individual human
being at a point (x,y);

Societal Risk

gives the relationship between expected frequency an number

of people suffering from a specified level of harm due to
realization of specific hazards.
 Risk evaluation

Hazard Risk
identification Hazards analysis
 Risk Analysis

Quantitative analysis

¾ how frequently do I expect this event?

¾ how do two design alternatives compare?

Analysis Techniques

¾ Fault tree analysis

¾ Event Tree analysis

¾ Human error analysis

 Fault Tree Analysis

A fault tree analysis is a logical flow diagram

OR gates give an output if any input is made

AND gates give an output if all inputs are made

Example of Fault Tree Analysis

Top event

OR

Intermediate
A event
AND
Basic event

B C
Basic event
Basic event
 Fault Tree Limitations

Fault trees cannot represent all system failures

In particular there are problems of sequencing and timing

 Event Tree analysis

Initial Plant Incident Incident Probability

event damage outcome- outcome case of fatality
flammable UVCE
yes
gas release
P
Pio
+
Pio,d + no

-
+
Pd,i -

+ -

-
 Event Tree analysis
Nie je prietok chladiacej Alarm vysokej teploty Operátor presmeruje Automatický systém
Opis postupov
vody do reaktora v reaktore pre oper. chlad. vodu do reaktora zastaví reakciu
A B C D

ABC Bezpečné podmienky návratu k

normálnemu chodu reaktora

úspech
ABCD
Bezpečné podmienky
automatická odstávka

ABCD Nebezpečné podmienky

runaway, operátor vie
o probléme

ABD
Bezpečné podmienky
automatická odstávka
zlýhanie

ABD Nebezpečné podmienky

runaway, operátor nevie
o probléme
 Event Tree analysis
Je únik Je zapálenie Je hustota oblaku väč-
okamžitý? priame? šia ako hust. vzduchu?

ÁNO FIRE f1 = 2,00 . 10-6

P = 0,20 BALL
ÁNO
P = 0,10 ÁNO Disperzia f2 = 3,20 . 10-6
NIE P = 0,40 ťažkého plynu
P = 0,80
NIE Neutrálna f3 = 4,80 . 10-6
ÚNIK P = 0,60 disperzia
F = 1,00 . 10-4
ÁNO JET f4 = 1,80 . 10-5
P = 0,20 FIRE
NIE
P = 0,90 ÁNO Disperzia f5 = 2,88 . 10-5
NIE P = 0,40 ťažkého plynu
P = 0,80
NIE Neutrálna f6 = 4,32 . 10-5
P = 0,60 disperzia
 Event Frequency and Probability
Analysis

Risk is
the likehood of a specific effect occurring within a specified period or in
specified circumstances.

Risk = Frequency/Probability x Concequence

How likely is it that If an accident occurs,

a hazard will cause an how severe are the
accident consequences
 Frequency / Probability

Frequency - past frequency

-identical trials
- many trials

Probability - expected (future) frequency

-limit of relative frequencies
- degree of belief
 Use in Quantitative Risk
Analysis - QRA

Failure frequencies and probabilities are needed at

several stages of QRA:

- leak frequencies;
- frequencies of loss of power supply;
- fault frequencies of equipment, regulator,..
- probabilities of operator error;
- ignition probabilities;
 Where do they appear?

Plant – specific data – historical data;

Reliability parameter values from operating experience of the plant

/component under consideration
Qualitative&Quantitative data on operation, maintenance, testing,
environment

Generic data (historical data, probabilistic results);

Reliability parameter values from operating experience of other similar

plants, industries, components, environment, …
Reliability parameter values from other QRAs.

Expert judgment estimates

 Failure Mode

Failure:

-total or partial loss of function of a component within a

given operating environment

Failure Effect:

- immediate loss of function

- latent or potential failure condition
- failure without effect on safety/operation
 Failure Mode
Possible Classification:

-active mechanical functions:

-does not open/close
-does not start
-fails to run
- …….
- passive mechanical functions:
- blockage of flow
- leakage
- loss of support

- active / passive electrical functions

 Reference Measures

Depending on the use of a component in a process,

the following reference measures are suitable:

¾ Operating time

¾ Calendar time

¾ Number of Actuations / Demands

Failure Probabilities and Reliability
Parameters
Unreliability F(t):

- probability of failure over a period of time

- F(t) = 1 – exp(-µ t) = 1 – R(t)
- failure rate µ = x/T = 1/MTBF (mean time before failure)
- µ - scale event/year

Unavailability Q(t);

- probability of failure at a point of time

- Q(t) = µ/(µ + λ)
- repair rate λ = 1/MTBR (mean time before repair)
 Reliability Parameters:
Data Requirements

Quantitative Raw Data:

¾ number of components
¾ number of operating hours
¾ number of actuations/demands
¾ number of failures
¾ number of repair hours
 Reliability Parameters:
Data Requirements

Qualitative Raw Data:

Component specific factors with a potential

impact on its failure behavior:

¾ type/design
¾ nominal output and speed
¾ flow rate
¾ discharge pressure
¾ nominal size
¾ efficiency
 Reliability Parameters:
Data Requirements

Qualitative Raw Data:

Factors characterizing the environment of the

component with a potential impact on its
failure behavior:

system
operating pressure
operating temperature
operating medium
loading
vibration
 Data Sources

Database – historical data: plant-spec., generic

Fault Trees – probabilistic results

Expert - subjective
 A Methodology for Risk Analysis
Case Study – Ammonia tank
Individual Risk
Risk = f (Undesirable Consequences, Probability)

IO D I
Risk = IR( x, y ) = ∑ Pio ( x, y )∑ Pio ,d ∑ Pd ,i f i
io =1 d =1 i =1

 P−5  P − 5 
Pio ( x, y ) = 0.51 + erf  
 P−5  2 

Probit equation P = A + B ln d io ( x, y )

d io ( x, y ) = ∫ f [cio ( x, y, t )] dt
T

Dose o
Ammonia storage pressurized sphere tank

Six unwanted incident outcomes – d = 6

I. Catastrophic failure/rupture of the spherical tank;

II. A major crack in the sphere shell, equivalent to a

hypothetical hole with a diameter of 50mm;

III. Full bore fracture of a bottom connection on the sphere in

front of the valve;

IV. Full bore fracture of the relief valve on the sphere;

V. Full bore fracture of the pipeline with a diameter of 100mm

for liquid ammonia;

VI. Small liquid leakage from the pipeline, equivalent to 10%

of the pipeline diameter hole.
 Fault Tree
Ammonia storage pressurized sphere tank
Complex Fault Tree
 Event Tree

Ammonia storage pressurized sphere tank

Pool Immediately Delayed

formation ignition ignition

YES f = 2,51 . 10 -7
P = 0,10 UVCE
YES
-7
P = 0,99 YES f = 2,26 . 10
NO P = 0,10 UVCE
P = 0,90
NO f = 2,04 . 10 -6 Incident
Release

f = 2,54 . 10
-6
P = 0,90 Toxic dispersion
outcome cases
YES f = 2,54 . 10 -9
P = 0,10 UVCE
NO
P = 0,01 YES f = 2,29 . 10 -9
IO = 2
NO P = 0,10 UVCE
P = 0,90
NO f = 2,06 . 10 -8
P = 0,90 Toxic dispersion
 Individual Risk

Ammonia storage pressurized sphere tank

-3
10

Toxic dispersion
UVCE
Toxic dispersion + UVCE
Individual risk [ year ]

-4
10
-1

-5
10

-6
10
0 1000 2000 3000 4000
Distance from the source of release [m]
 Societal Risk

is the relationship between expected frequency

D
F ( N ) = ∑ f d Pd ( N )
d =1

and

the numbers of people that will die in area A due to the

incident outcome io can be defined as

N io = ∑ Pio ( x, y ) h( x, y )
A

where
Pd(N) is probability that the plant damage d will result in more
than N fatalities and F(N) is the frequency with which an
accident is causing N or more fatalities.
 Societal Risk F –N curve
Ammonia storage pressurized sphere tank

-3
10

-4
10
Frequency of fatalities [ year ]
-1

Unacceptable risk

-5
10

-6
10
Acceptable risk
Risk
-7
10
1 10 100 1000 10000
Number of fatalities, N
10-3/N2
Conclusion

The probabilistic safety analysis outlined is reliable for

chemical installations.

Individual and societal risks are more effective measures

for acceptable or unacceptable risk - for complex incident
outcome cases is a very difficult and time-consuming
process.

More effective and rapid procedures for complex risk

estimation
Acknowledgements

This work was financed by the Grant VEGA 1/8112/04 of

the Slovak Grant Agency.