(47ad) Increase Hazard Discovery and Minimize Errors in Your Process Hazard Analyses, a Graph Theoretical Approach

Process Hazard Analysis (PHA) is an analytical discipline whose purpose is to discover process hazards and initiating causes that if uncorrected could lead to process upsets, accidents and disasters. The U.S. Chemical Safety and Hazard Investigation Board (CSB) and the U.S. Occupational Safety and Health Administration (OSHA) have found that a large number of incidents could have been prevented if the hazards implicated in the incidents had been recognized and mitigated. PHA is a fundamental part of any Process Safety Management (PSM) program and is one of the keys to preventing accidents.  Furthermore, PHAs are required for facilities with hazardous materials subject to the OSHA PSM Standard and/or the U.S. Environmental Protection Agency (EPA) Risk Management Program or RMP as well as state and local regulations.

In the past decades improvements have been made to existing PHA methods and new techniques are constantly being developed. Yet, PHAs conducted often fail to recognize discoverable, credible hazard scenarios. Unrecognized hazards and other PHA deficiencies were implicated in the BP Texas City disaster, Formosa Plastics explosion, Chevron Richmond Refinery fire and other high profile incidents. Unrecognized scenarios represent a gap in understanding of process hazards and limit our ability to prevent accidents and disasters. There is a need therefore to improve the effectiveness of PHA to maximize the discovery of credible hazard scenarios. This would improve our ability to identify measures that can reduce risk and increase safety performance.  The more complete the hazard identification the more successfully can the associated risks, safeguards and mitigation measures be evaluated. This paper focuses on improving the completeness of the hazard identification phase.

 A key aspect of this paper is the visualization of the PHA process by mapping it in the form of graphs.  Ammonia tank hazard and operability study (HAZOP) and Failure Modes and Effects Analysis (FMEA) examples are mapped as graphs to reveal tree structures. These tree graphs or inference maps directly allow us to visualize causal connections and inferences. Chains of cause and effect are mapped as unique pathways that can be represented as both graphs and matrices. Frequently occurring cause-and-effect patterns are mapped. For example, one can graphically trace the pathways to hazardous events such as loss of containment.

By abstracting the PHA process for its general form and structure key insights about discoverability of hazards are gained. Mapping the PHA tree structure shows that the loss of information from errors and omissions is greatest closer to the vertex of the tree. Failure to recognize a cause-consequence pair at the terminal branches results in missing a single scenario. But not recognizing a single valid guide word results in the failure to recognize several potential hazard scenarios. Not recognizing an important process variable would lead to a loss of information about many more potential hazard scenarios. Thus an omission at the front end or “upstream” in the analysis is more consequential than at the terminal or downstream end.

This paper also investigates the role of errors, omissions and constraints in reducing or limiting the discovery of process hazards by PHA.  Specifically the following questions are explored – Why do PHAs fail to identify credible hazard scenarios? What are the sources of errors and omissions (E/O)? What are the effects of constraints like budget and time? How can PHAs be audited efficiently to identify and correct errors and omissions? A fault tree analysis (FTA) of the PHA process is performed to trace the sources of the E/O, show how they arise, and how they may be minimized. CSB reports are cited where the E/O identified in the FTA occurred in real incidents. The paper also discusses regulatory requirements, standards/ guidelines and best practices that apply to PHA.

Insights Gained

1. The logical steps of a PHA using methods such as HAZOP and FMEA can be modeled as a connected, acyclic graph or tree.
2. The tree structure shows that the loss of information from errors and omissions is greatest closer to the vertex of the tree and this aids us in efficiently tracking and auditing the completeness of hazard discovery.
3. An FTA of the generic HAZOP process identifies seventeen distinct sources of E/O.  The sources of E/O are mapped to the issues they affect e.g. missing PSI is mapped to missing deviations from design intent.  Examples of CSB case studies are cited showing the impact of the E/O on hazard discovery in real world incidents.
4. A quality assurance checklist is derived from E/O discovered by FTA of the PHA process.  This checklist is an aid to maximize hazard discovery and can be used in conjunction with other checklists, best practices and incident databases to minimize E/O.