DESIGN SOLUTIONS FOR PROCESS EQUIPMENT FAILURES
CENTER FOR CHEMICAL PROCESS SAJ?ETY of the AMERICAN INSTITWE OF CHEMICAL ENGINEERS 345 East 47th Street New York, New York 10017
dcd-wg
C2.jpg
GUIDELINES FOR
DESIGN SOLUTIONS FOR PROCESS EQUIPMENT FAILURES
This is a publication of the CENTER FOR CHEMICAL PROCESS SAFETY of the AMERICAN INSTITUTE OF CHEMICAL ENGINEERS A complete list of CCPS publications can be found at the end of this book
GUIDELINES FOR
DESIGN SOLUTIONS FOR PROCESS EQUIPMENT FAILURES
CENTER FOR CHEMICAL PROCESS SAJ?ETY of the AMERICAN INSTITWE OF CHEMICAL ENGINEERS 345 East 47th Street New York, New York 10017
Copyright © 1998 American Institute of Chemical Engineers 345 East 47th Street New York, New York 10017
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, elec- tronic, mechanical, photocopying, recording, or otherwise without the prior permission of the copyright owner.
Library of Congress Cataloging-in Publication Data Guidelines for design solutions for process equipment failures.
p. cm. Includes bibliography and index. ISBN 0-8169-0684-X 1. Chemical plants—Safety measures. 2. Petroleum refineries—
safety measures. 3. Hazardous materials—safety measures. I. American Institute of Chemical Engineers. Center for Chemical Process Safety. II. Title: Design solutions for process equipment failures. TP155.5.G784 1997 97-20538 660'.2804—dc21 CIP
This book is available at a special discount when ordered in bulk quantities. For information, contact the Center for Chemical Process Safety at the address shown above.
It is sincerely hoped that die information presented in this volume will lead to an even more impressive safety record for die endre industry; however, the American Institute of Chemical Engineers, its consultants, CCPS Subcommittee members, their employers' officers and directors and Arthur D. Little Corporation disclaim making or giving any warranties or representations, express or implied, including with respect to fitness, intended purpose, use or merchantability and/or correctness or accuracy of the content of die information presented in this document. As between (1) American Institute of Chemical Engineers, its consultants, CCPS Subcommittee members, their employers, their employers' officers and directors, and Arthur D. Little Corporation and (2) the user of this document, the user accepts any legal liability or responsibility whatsoever for die consequences of its use or misuse.
CONTENTS
Foreword xiii Preface xv Acknowledgments xvii
I Introduction I 1.1 Objectives 1 1.2 Scope 2 1.3 Background 2 1.4 Applicability and Audience 3 1.5 Organization of This Book 3 1.6 References 4
Suggested Additional Reading 4
1 Technique for Selecting the Design Bases for Process Safety Systems 5 2.1 Risk-Based Design Decisions 5 2.2 the Concept of Risk 7 2.3 Selection of Design Bases for Safety Systems 9
2.3.1 Step 1: Identify Failure Scenarios 9 2.3.2 Step 2: Estimate the Consequences 9 2.3.3 Step 3: Determine Tolerability of Consequences 11 2.3.4 Step 4: Estimate Likelihood and Risk 11 2.3.5 Step 5: Determine Tolerability of Risk 12 2.3.6 Step 6: Consider Enhanced and/or Alternative Designs 12
vi CONTENTS
2.3.7 Step 7: Evaluate Enhancements and/or Alternatives 2.3.8 Step 8: Determine Tolerability of Risk and Cost 2.3.9 Step 9: Document Results
2.4 Guidelines for Risk Tolerability 2.5 Potential Process Safety Systems Design Solutions
2.5.1 Four Categories of Design Solutions 2.5.2 Characteristics of Design Solution Categories
2.6.1 Locking Open a Valve (a Simple Design Case) 2.6.2 Selecting the Relief System Basis for a Reactor
2.6 Applying the Risk-Based Design Bases Selection Technique
(a Complex Design Case) 2.7 References
Suggested Additional Reading
3.2.1 Storage Tank Autopolymerization Incident 3.2.2 Storage Tank Stratification Incident 3.2.3 Batch Pharmaceutical Reactor Accident
3.3 Failure Scenarios and Design Solutions 3.4 Discussion
3.4.1 Use of Potential Design Solutions Table 3.4.2 Special Considerations
3.5 References Suggested Additional Reading
Table 3. Failure Scenarios for Vessels
4 REACTORS 4.1 Introduction 4.2 Past Incidents
4.2.1 Seveso Runaway Reaction 4.2.2 3,4-Dichloroaniline Autoclave Incident 4.2.3 Continuous Sulfonation Reaction Explosion
4.3 Failure Scenarios and Design Solutions
13 13 13 14 20 20 24 27 27
30 34 35
37 37 37 37 38 39 40 40 40 41 43 35 45
61 61 61 62 62 63 63
CONTENTS vi i
4.4 Discussion 4.4.1 Use of Potential Design Solutions Table 4.4.2 General Discussion 4.4.3 Special Considerations
Suggested Additional Reading 4.5 References
Table 4. Failure Scenarios for Reactors
5 Mass Transfer Equipment 5 .1 Introduction 5.2 Past Incidents
5.2.1 Distillation Column Critical Concentration 5.2.2 Ethylene Purifier Vessel Rupture 5.2.3 Ignition of Pyrophoric Materials In Gasoline Fractionator
5.3 Failure Scenarios and Design Solutions 5.4 Discussion
5.4.1 Use of Potential Design Solutions Table 5.4.2 Special Considerations
Suggested Additional Reading 5.5 References
Table 5. Failure Scenarios for Mass Transfer Equipment
6 HEAT TRANSFER EQUIPMENT 6.1 Introduction 6.2 Past Incidents
6.2.1 Ethylene Oxide Redistillation Column Explosion 6.2.2 Brittle Fracture of a Heat Exchanger 6.2.3 Cold Box Explosion
6.3 Failure Scenarios and Design Solutions 6.4 Discussion
6.4.1 Use of Potential Design Solutions Table 6.4.2 Special Considerations
Suggested Additional Reading 6.5 References
Table 6. Failure Scenarios for Heat Transfer Equipment
64 64 64 66 67 68 69
79 79 79 80 80 81 82 82 82 82 83 83 84
89 89 89 89 90 91 92 92 92 92 93 94 95
viii CONTENTS
7 DRYERS 7.1 Introduction 7.2 Past Incidents
7.2.1 Drying of Compound Fertilizers 7.2.2 Fires In Cellulose Acetate Dryer 7.2.3 Pharmaceutical Powder Dryer Fire and Explosion
7.3 Failure Scenarios and Design Solutions 7.4 Discussion
7.4.1 Use of Potential Design Solutions Table 7.4.2 Special Considerations
7.5 References Suggested Additional Reading
Table 7. Failure Scenarios for Dryers
8 FLUID TRANSFER EQUIPMENT 8.1 Introduction 8.2 Past Incidents
8.2.1 Reciprocating Pump Leak 8.2.2 Pump Leak Fire 8.2.3 Compressor Fire and Explosion 8.2.4 Start-up of Parallel Centrifugal Pumps
8.3 Failure Scenarios and Design Solutions 8.4 Discussion
8.4.1 Use of Potential Design Solutions Table 8.4.2 Special Considerations
Suggested Additional Reading 8.5 References
Table 8. Failure Scenarios for Fluid Transfer Equipment
9 Solid-Fluid Separators 9.1 Introduction 9.2 Past Incidents
9.2.1 Batch Centrifuge Explosion
101 101 101 102 102 102 103 103 103 103 104 104
106
I I7 117 117 117 118 118 119 119 119 119 120 121 121 122
127 127 127 128
9.3 Failure Scenarios and Design Solutions 9.4 Discussion
9.4.1 Use of Potential Design Solutions Table 9.4.2 Special Considerations
Suggested Additional Reading 9.5 References
Table 9. Failure Scenarios for Solid-Fluid Separators
10 Solids Handling and Processing Equipment 10.1 Introduction 10.2 Past Incidents
10.2.1 Silicon Grinder Fire and Explosion 10.2.2 Blowing Agent Blender Operation Explosion Incident 10.2.3 Screw Conveyor Explosion 10.2.4 Bucket Elevator Explosion
10.3 Failure Scenarios and Design Solutions 10.4 Discussion
10.4.1 Use of Potential Design Solutions Table 10.4.2 General Discussion 10.4.3 Special Considerations
Suggested Additional Reading 10.5 References
Table 10. Failure Scenarios for Solids Handling and Processing Equipment
11 FIRED EQUIPMENT 11.1 Introduction 11.2 Past Incidents
11.2.1 Light-off Error 11.2.2 Ethylene Cracking Furnace Overfiring 11.2.3 Furnace Tube Failure
11.3 Failure Scenarios and Design Solutions 11.4 Discussion
128 129 129 130 130 130 131 131 132
137 137 138 138 138 139 139 139 140 140 140 140 142 143
144
X CONTENTS
11.4.1 Use of Potential Design Solutions Table 11.4.2 Special Considerations
Suggested Additional Reading 1 1.5 References
Table 11. Failure Scenarios for Fired Equipment
I 2 Piping and Piping Components 12.1 Introduction 12.2 Past Incidents
12.2.1 Flixborough Expansion Joint Failure 12.2.2 Chemical Storage Terminal Fire 12.2.3 Line Pluggage 12.2.4 External Corrosion
12.3 Failure Scenarios and Design Solutions 12.4 Discussion
12.4.1 Use of Potential Design Solutions Table 12.4.2 Special Considerations
Suggested Additional Reading 12.5 References
Table 12. Failure Scenario for Piping and Piping Components
APPENDIX A Example Problem: Batch Chemical Reactor A. 1 System Description A.2 General Information Requirements A.3 PSS Discussion for Batch Reactors
A.3.1 Vessel Design and Primary Containment A.3.2 Control Systems and Safe Automation A.3.3 Pressure and Vacuum Relief A.3.4 Fixed Fire Protection and Passive Mitigation
A.4 Selection of Design Bases for Safety Systems A.5 Ignition of Flammable Atmosphere in the Reactor Vapor Space
A.6 Cooling System Control Failure (failure Scenario B) A.7 External Fire (failure Scenario C)
Caused by Static Discharge Spark (failure Scenario A)
151 151 152 153 154
161 161 161 161 162 163 163 163 164 164 164 166 166 168
179 1 79 181 182 182 183 186 187 187
193 194 196
CONTENTS xi
A.8 Loss of Sealing Fluid to Reactor Agitator Mechanical Seal (failure Scenario D) 197
A.9 Ignition of Flammable Atmosphere in Reactor Vapor Space Caused by Hot Mechanical Seal (failure Scenario E) 199
A. 10 Documentation 200 References 20 1
Suggested Additional Reading 20 1
B Example Problem: Distillation System 203 B . l System Description 204 B.2 General Information Requirements 204 B.3 PSS Discussion for Distillation Operations 205
B.3.1 Vessel Design and Primary Containment 205 B.3.2 Control Systems and Safe Automation 205 B.3.3 Pressure and Vacuum Relief 207 B.3.4 Fixed Fire Protection, Passive Mitigation and System-wide Concerns 208
B.4 Design Basis Selection Process 208 B.5 Uncontrolled Energy Input (failure Scenario A) 215
220 B.7 Internal Deflagration (failure Scenario C) 225 B.8 Vacuum Collapse of the Column (failure Scenario D) 226 B.9 Blocked-in Liquids in Heat Transfer Equipment
(failure Scenario E) 230 B.10 Documentation 230 References 233
Suggested Additional Reading 234
Glossary Acronyms and Abbreviations Index
235 245 249
FOREWORD
Engineers like to think of their discipline as a rigorous application of scientific and mathematical principles to the problem of creating a useful object. To a certain extent, this is an appropriate description of the tools of engineering- those techniques that we use to translate a concept in the mind of the designer into a physical object. But, where does that mental image of the object to be built come from? At its heart, engineering is intuitive, and an art form. The engineer/designer’s accumulated experience, and that of others, is applied to a defined problem. By intuitive and creative problem solving processes the engi- neer develops and refines a conceptual design, and uses the mathematical and scientific tools of engineering to translate a mental concept into reality.
The selection of the design basis for a process safety system is a problem like any other engineering problem. There is no equation or formula, no scien- tific principle, which will define the “best” design. Yes, there are scientific and mathematical tools which will help convert a design concept into something which can actually be constructed. But there is no general answer to the ques- tion ‘What is the best design?” Each system must be considered on its own, with a thorough evaluation of all of the details of its envirorment and required functions, to determine what the optimal design will be.
The number of potential solutions to any engineering problem is large. For each specific problem, there will be some solutions which meet the overall objectives better than others. How can we best find the optimal solution? I believe that the critical first step is to consider a large number of potential solu- tions, thereby increasing the likelihood that the best solution will be among those identified. Where do we get those potential solutions? One important source is accumulated experience-our own, and that of others who have faced similar problems in the past. This book collects much of that accumu- lated experience from a large number of experts in the chemical process indus- try for equipment in common use. Use of the tables which make up the heart of this book will allow the reader to take advantage of many years of practical experience. By considering a large number of potential solutions to the prob-
xiii
xiv FOREWORD
lem of specifying the design basis for safety systems, the design engineer is more likely to be able to identify the solution which best meets his needs.
This book emphasizes a risk-based approach to the evaluation of safety system design. Potential safety systems suggested are categorized as inherently safer/passive, active, and procedural, in decreasing order of robustness and reliability. Inherently safer approaches are often preferred, but there can be no general answer to the question of which approach or specific solution is best for a particular situation. Instead, the design engineer must take a very broad and holistic approach to the complete design, accounting for the many differ- ent, and often competing, objectives which the design must accomplish. Safety, health effects, environmental impact, loss prevention, economic and business factors, product quality, technical feasibility, and many other factors must be considered. This book challenges the engineer to adopt a risk-based approach to evaluating many competing goals when deciding among a number of potential design alternatives.
This book can be extremely useful in conducting process hazard analysis studies. The failure mode tables in Chapters 3-12 can be the basis for hazard identification checklists, and also offer a variety of potential solutions for iden- tified concerns. However, the book will be even more beneficial if used by the individual engineer at the earliest stages of the design process, before any formal hazard reviews.
The message of this book can be summarized very briefly:
Consider a large number of design options Identify opportunities for inherent and passive safety features early Use a risk-based approach to process safety systems specification
I hope that this book wdl find a home on the desk (not gathering dust on the bookshelf!) of every chemical process designer, particularly those involved in the earliest phases of conceptual design where the basic chemistry and unit operations are defined. It should be consulted frequently in the course of the designer’s day to day work in specifying and designing process facilities. If you are a process safety professional, make sure that all of the process design engi- neers in your organization read and use this book. It will make your job a lot easier!
Dennis C. Hendershot
PREFACE
The Center for Chemical Process Safety (CCPS) was established in 1985 by the American Institute of Chemical Engineers (AIChE) for the express pur- pose of assisting the Chemical and Hydrocarbon Process Industries in avoid- ing or mitigating catastrophic chemical accidents. To achieve this goal, CCPS has focused its work on four areas:
establishing and publishing the latest scientific and engineering prac- tices (not standards) for prevention and mitigation of incidents involv- ing toxic and/or reactive materials, encouraging the use of such information by dissemination through pub- lications, seminars, symposia and continuing education programs for engineers, advancing the state-of-the-art in engineering practices and technical management through research in prevention and mitigation of cata- strophic events, and developing and encouraging the use of undergraduate education curric- ula which will improve the safety knowledge and consciousness of engi- neers.
This book, Guihlinesjw Denan Solutimrfbr Process Equijwnmt Failures, is the result of a project begun in 1994 in which a group of volunteer profession- als representing major chemical, pharmaceutical and hydrocarbon processing companies, worked with Arthur D. Little Inc., the contractor, to produce a book that attempts to describe the ways that major processing equipment can fail and be the cause of a catastrophic accident. The book then identifies the available design solutions that might avoid or mitigate the failure in a series of options ranging from inherently safer/passive solutions to active and proce- dural solutions. The book is concerned with engineering design that reduces risk due to process hazards only. It does not focus on operations, maintenance, transportation or personnel safety issues, although improved process safety can benefit each area. Detailed engineering designs are outside the scope of the
xvi PREFACE
work, but the authors have provided an extensive guide to the literature to assist the designer who wishes to go beyond safety design philosophy to the specifics of a particular safety system design.
By capturing industry experience in how major processing equipment can fail, the book provides a very usell tool for the selection of process safety sys- tems which should be of service to process design engineers as well as mem- bers of process hazards analysis teams. The mherently safer solutions that are suggested may, in some cases, come as a surprise to the process and design engineer in that they may in fact be the most cost effective solution as well, if a true life cycle analysis is made of the cost of maintaining add-on safety systems or the resulting cost of operator failure to carry out procedural controls is con- sidered. In other cases the procedural solution may be the best choice because it involves operators so that they may better understand and therefore better control the process as opposed to the replacement of operator intehgence with process interlocks. The book offers engineers mherently safer/passive, active and procedural design solutions but, ultimately engineers must make the case for the solutions that best satisfy their company’s requirements for a balance between risk reduction and cost.
This book has been organized into three major sections:
First, a technique is provided for making risk-based design decisions. Second, a description of potential failure scenarios is presented for ten major processing equipment categories along with the potential design solutions that are available to the engineer. Third, the book contains two worked examples that illustrate how the risk-based decision technique can be applied to two process plant sys- tems.
The major equipment categories that are covered are; Vessels, Reactors, Mass Transfer Equipment, Heat Transfer Equipment, Dryers, Fluid Transfer Equipment, Solid-Fluid Separators, Solids Handling and Processing Equip- ment, Fired Equipment, and Piping and Piping Components. The potential equipment failure scenarios and design solutions for each equipment category are provided in tabular form in each equipment chapter. To facilitate use of thls information, particularly in hazard identification studies such as HAZOPs, these tables have been provided in electronic format on a 3.5” disk- ette as Microsoft Word0 files. It is hoped that this will encourage the expan- sion of these tables based on the users experience.
ACKNOWLEDGMENTS
The Center for Chemical Process Safety (CCPS) and those involved in its operation, wish to thank its many sponsors whose funding made this project possible, the members of its Technical Steering Committee who conceived of and supported this Guidelines project and the members of its Engineering Practices Subcommittee for their dedicated efforts, technical contributions, and enthusiasm. The subcommittee played a major role in the writing of the book by suggesting examples, by offering failure scenarios for the major equipment covered in the book and by suggesting possible design solutions. It is their collective industrial experience captured in this book that makes the book especially valuable to the process and design engineer. The members of the subcommittee wish to thank their employers for providmg time and sup- port to participate in this project.
The members of the Engineering Practices Subcommittee were:
Robert H. Walz (Chairman), Laurence G. Britton, Stephen E. Cloutier, Glenn R. Davis, Kenneth W. Linder, Peter N. Lodal, Joseph B. Mettalia, Jr., John A. Noronha, Carl A. Schiappa,
ABB Lurnmus Global Inc. Union Carbide Cop. UOP DuPont Industrial Risk Insurers Eastman Chemical Co. CCPS Staf Eastman Kbdak Co. Dow Chemical USA
Technical contributors and reviewers were:
Steven R. Bruce, Myron Casada, William F. Early, Rudolph C. Frey,
EQE International JBF Associates Inc. Early Consultin., L. C. The M. W: Kellogg Company
xvii
xviii ACKNOWLEDGMENTS
John A. Hoffmeister, T. Janicik, Robert W. Johnson, Joseph Keel, D. Harper Meek, Mark A. Moderslu, Harvey Rosenhouse, Stanley J. Schecter, Adrian L. Sepeda, Anthony A. Thompson, Lester H. Wittenberg,
Lockheed Martin Energy Systems Mallinckrodt Inc. Battelle The Bechtel Corporation ARC0 Chemical Company Stone Q Webster Engineering Covpmatabn FMC Cmpmatwn Consultant Occihntal Chemical Corporation Monsanto Company CCPS
The Engineering Practices Subcommittee is particularly indebted to its chairman, Bob Walz, for his leadership, and to Peter Lodal of Eastman Chemical Company and Joe Keel of The Bechtel Corporation for their dedi- cated efforts in preparing the VCM/HCI fractionation worked example in the book. Dennis C. Hendershot of the Rohm and Haas Company wrote the fore- word to the book and is appreciated for his ongoing interest in this project and his able assistance and review of the work as it was being produced. Sanjeev Mohindra, P. J. Bellomo and R. Peter Stickles directed the project at Arthur D. Little, Inc. and were the authors of the risk-based design technique described in Chapter 2. Stanley S. Grossel, consultant and former chairman of the Engineering Practices Subcommittee, was the author of Chapter 4 (Reac- tors), Chapter 7 (Dryers), Chapter 9 (Solid-Fluid Separators), Chapter 10 (Solids Handling and Processing Equipment) and the Batch Reactor worked example.
INTRODUCTION
The Center for Chemical Process Safety (CCPS) publication Guidelines j ~ r Engineering Designfir Process Safety (CCPS 1993) emphasized the importance of focusing on process safety at the earliest stages of design. The 1993 Guide- lines presented process safety design philosophies and approaches to avoid catastrophes through:
Making good initial design choices Understanding and controlling chemical processing hazards
The purpose of this book is to provide a companion book to the 1993 Guidelines. This book narrows the design focus further, concentrating on known process safety problems and associated design solutions for specific types of process equipment.
I. I OBJECTIVES
A broad objective of this book is to help in the design and evaluation of spe- cific types of process equipment, from a process safety standpoint. The overall goal is to help reduce process safety related incidents and resulting downtime. More specific objectives include:
Providing a risk-based and cost-based technique for selecting the design
Listing known process safety failure scenarios associated with different
Identifying known design solutions that prevent or mitigate risks associ-
Illustrating application of the risk-based technique with worked exam-
bases for process safety systems
categories/types of process equipment
ples
1
2 I . INTRODUCTION
This book compiles successful safety system design approaches, so that design engineers can benefit from the prior experiences of the industry at large, and thus avoid known design traps. Having all this equipment-specific failure scenario information-and associated design solution discussions-in one reference should facilitate design and risk analysis in the process indus- tries.
1.2 SCOPE
The focus of this work is the avoidance of acute, catastrophic incidents that can result in:
Fires Explosions Releases of toxic chemicals Major equipment damage
The scope of this volume specifically excludes:
Transportation safety Routine environmental control Personnel safety and industrial hygiene practices
Although detailed engineering design and process safety management are not emphasized in this book, engineers who are involved in those activities will benefit greatly from the concepts and information discussed.
I .3 BACKGROUND
Since its inception in 1985, CCPS has advocated deliberate process safety approaches in all aspects of facility design, operation, and maintenance. Yet unlike other technical endeavors of the engineer, the day-to-day practice of process safety has often lacked a deliberate, systematic approach. How often have engineers installed process safety systems simply because it “felt” like the right thing to do or because it “seemed” to make the overall process safer?
In the evolution of its process safety thinking, CCPS has sensed the need to state and discuss what some might find obvious:
Analogous to the sizing and specification of process equipment, process safety systems have specific design bases. Process safety system design decisions deserve systematic technical approaches s lmi la r to those associated with other process design decisions.
I .4 APPLICABILITY AND AUDIENCE 3
The designs of process facilities should, from the outset, accommodate known or potential failure scenarios associated with the types of equip- ment employed.
Thus, the reason for producing this book is to capture the hard-won expe- rience of industry experts in understanding how process equipment can fail and how these failures could be avoided through proper design. No attempt is made to provide detailed design suggestions, but the reader is supplied with a guide to the available literature that should enable him or her to investigate potential designs in some depth.
I .4 APPLICABILITY AND AUDIENCE
The history of process safety related incidents suggests that engineers have les- sons to learn about the most “standard” process equipment and components, such as storage tanks, pumps, and piping systems. Accordingly, these guide- lines apply to standard process equipment and components and their known, related failure scenarios-for both new and existing process facilities. Given the broad range of standard process equipment covered, this book should apply to a wide variety of system designs.
While it is expected that this book will have general appeal to anyone involved in process design o r process safety evaluation, the book is intended for a particular audience. This audience is comprised of (1) process design engineers, (2) plant operations and maintenance engineers, and (3) process hazard analysis (PHA) leaders and teams. Readers can benefit from the wealth of knowledge derived from others’ experiences, informed judgment, and proven design solutions. PHA leaders and teams should find the book useful as a reference for possible failure mechanisms to consider during PHAs.
I .5 ORGANIZATION OF THIS BOOK
This book begins with this brief introductory chapter, followed by Chapter 2, which presents a practical and systematic technique for selecting the design bases for process safety systems. A series of “equipment chapters” follows, pre- senting known failure scenarios for the specific equipment in question along- side associated design solutions. Finally, the book concludes with an appendix comprised of two worked examples. In summary, this book has four parts:
Chapter 1. Introduction
4 I. INTRODUCTION
Chapters 3-12. Equipment Chapters
Appendix. Worked Examples The equipment chapters comprise the bulk of this book. The content of
these chapters is standardized and includes: (1) equipment descriptions, (2) past incidents, (3) discussions of potential design solutions, and (4) failure scenario tables. The heart of an equipment chapter is the failure scenario table. This table presents failure scenarios in a format similar to a PHA log sheet.
Alongside each failure scenario, process safety system design solutions are presented and divided into categories as described in 2.5.1:
Inherently Safer/Passive systems Active systems Procedural systems
Since the first two categories of Inherently Safer and Passive can overlap, they are presented in a single column as Inherently Safir~assive. In addition to addressing the risk reduction of associated failure scenarios, discussions of process safety system design solutions touch on issues impacting system oper- ability and maintainability. Chapter 2 provides a deeper discussion of the design solution categories and their scope of coverage within this book. Chapter 2 should be studied before using the information in Chapters 3-12.
I .6 REFERENCES
CCPS 1993. Gudelinesfi Engineering De*n fi Process Safety. Center for Chemical Process Safety, New York: American Institute of Chemical Engineers.
Suggested Additional Reading Lees, F. P. 1996. LosspI.eventWn in theProcessZndum'a. 2nd Edition. Oxford, UK: Butterworth-
Heinemann. Bollinger, R. E., Clark, D. G., Dowell, A. M., Euwank, R. M., Hendershot, D. C., Lutz, W. K.,
Meszaros, S. I., Park, D. E., and Wiuom, E. D. 1996. Inherently Sufi ChemiculprOcessess: A Life CycLeApuch, ed. D. A. Crowl. New York: American Institute of Chemical Engineers.
Englund, S. M. 1991. Den@ and ~ e r u t e P f u n ~ ~ Z n h e r ~ t S u ~ , Part 1, Chemical Engineering Progress, 85-91,March, 1991; Part 2, Chemical Engineering Progress, 79-86, May, 1991.
Lin, D., Mittelman, A., Halpin, V. and Cannon, D. 1994. Inherently S u . Chemirty: A Guide to Cuwent Z n d d Procme~ to Adclresr H&h %k Chemicals. Office of Pollution Prevention andToxics, September 21,1994.Washington, DC: US Environmental Protection Agency.
Lutz, W. K. 1995. Puttikg Safety into Chemical Plant Den&. Chemical Health and Safety, November/December, 1995.
TECHNIQUE FOR SELECTING THE DESIGN BASES FOR PROCESS SAFETY SYSTEMS
2. I RISK-BASED DESIGN DECISIONS
Anyone involved with process or equipment design sooner or later faces the problem of choosing among alternative designs with differing process effi- ciency, safety, environmental control, cost, and schedule implications. To accomplish this, the formation of a multidisciplinary design team is required at the beginning of a project in order to obtain total integration of process safety with process design and environmental protection considerations (Windhorst 1995). Sometimes the safety considerations clearly dominate and the decisions are already made in the form of special design approaches (e.g., design of nitromethane and ethylene oxide facilities). In some instances codes and standards exist that either mandate or suggest design approaches to known high risks.
In a majority of situations, however, no one factor dominates, except per- haps cost. When there are recognized safety implications, optimizing on cost alone is not an acceptable strategy. In the process of arriving at a design basis decision, the risks of each option are typically dealt with judgmentally or quali- tatively (CCPS 1995a). In some instances, one component of risk is quanMied (i.e., either consequence or probability) to just@ the design selection. For large projects, full risk quantification is sometimes used to assess the combined impacts of multiple hazards.
To take a generic case, imagine a core process design at the stage of an ini- tial process flow diagram, whereby designers have specified the general con- figuration of all major system equipment (i.e., for all primary unit operations). At th is point, the design is defined in terms of heat and material balances, and basic process controls.
5
6 2. SELECTING THE DESIGN BASES FOR PROCESS SAFETY SYSTEMS
With the core system established, an engineering team proceeds to detail and enhance the process design. Questions of qualtty, safety, health, and envi- ronmental impact arise. Designers begin imagining things that can go wrong with the system, (i.e., failure scenarios). Focusing here on process safety sys- tems, we suggest that designers begin thinking like risk analysts, asking:
What can go wrong? What failure scenarios can we realistically expect
What impact can those failure scenarios have? Can we live with such
Do we need to worry about these potential failure scenarios actually
What is the risk? Can we tolerate the potential consequences at the esti-
Historically design engineers have typically answered these questions according to their own best judgment. This is how process safety systems came to be: designers made risk-based decisions when considering the need for, and when selecting design bases for, process safety systems.
If posed at the conceptual stage of a process design, these questions offer great opportunity for the application of inherently safer design solutions. While inherently safer solutions should emerge as recurring themes through- out the design cycle (i.e., laboratory stage, pilot plant scale, production design, operations), the earlier the application of inherently safer solutions, the more cost-effective these solutions will be.
It is important to recognize that, irrespective of the specific approaches and the level of effort, engineers and technical managers are already directly or indirectly factoring risk into the selection of design options. Unfortunately, the process used to assess risk is often neither systematic nor comprehensive. This chapter presents a decision process for design bases selection that explic- itly incorporates the elements of risk into process safety system design selec- tion. The purpose of this technique is not to require designers to conduct rigorous risk assessments, but rather to provide a logical approach and frame- work for considering risk factors, even when the situation only warrants quali- tative analysis. This decision process can be applied at any stage of the design.
A systematic technique can provide a consistent risk management frame- work for process safety system design basis decisions. Inconsistencies in approach can develop not only between different processes and facilities, but also in the case of large, complex design projects, different design engineers may follow different risk management philosophies.
Consistency with respect to risk tolerability decisions is necessary to assure all stakeholders (e.g., owners, employees, customers, and the general
with this process?
mated likelhood?
2.2 THE CONCEPT OF RISK 7
public) that risks are being properly managed. In some countries, govern- ments are also explicit stakeholders in the effort to reduce the risk of chemical industry accidents, providing such regulations as OSHA 1992, EPA 1996, and HSE 1989. Consequently, having a consistent, documented technique for the selection and design of process safety systems is not only prudent manage- ment, it is evolving into a regulatory requirement.
However, systematic does not necessarily imply .quantitative. Quantitative risk assessment is similar to strong medication-you don’t want to uverdose! In many simple design situations, qualitative approaches will satisfy the require- ments of the technique for selecting process safety system design bases. More complex design cases may occasionally require rigorous quantitative risk analysis approaches. But even in these complex cases, quantitative approaches should only be employed to the degree required to make a decision. This con- cept of the selective use of quantitative risk analysis has been incorporated into the technique presented later in the chapter.
For example, consider a company that has toxic impact criteria limiting potential off-site vapor concentrations to a specific, quantified level of con- cern. By performing vapor dispersion calculations (i.e., by quantitatively char- acterizing the consequences of potential releases), the company can determine whether particular loss of containment scenarios associated with specific fail- ures exceed the toxic impact criteria. If the consequences of a scenario satisfy the off-site toxic impact tolerability criteria, then the quantification of the risk stops right there. No analysis of event likelihood is needed to reach a decision.
2.2 THE CONCEPT OF RISK
As mentioned earlier, the design basis selection technique for process safety systems set forth later in this chapter is a risk-based technique. An overview of the concept of risk is therefore useful before presentation of the technique.
In prior CCPS books, discussions of risk evolved from the definition of hazard. These earlier works defined a hazard as a chemical or physical condi- tion or characteristic that has the potential for causing damage to people, the environment, or property (CCPS 1989; CCPS 1993). A hazard represents a potential source of harm.
Based on this concept of hazard, we can define an incident as an unplanned event or series of events with the potential for undesirable conse- quences (CCPS 1992a). An incident has the potential to expose people, the environment, or property to the harmful effects of a hazard.
Risk is defined as a measure of loss in terms of both “the incident likeli- hood and the magnitude of the lossyy (CCPS 1989). This concept of risk cou-
8 2. SELECTING THE DESIGN BASES FOR PROCESS SAFETY SYSTEMS
ples an undesirable outcome, i.e., a consequence such as safety impact or financial loss, with the likelihood of that outcome. The likelihood is expressed in terms of frequency or probability of occurrence. The outcome is expressed in terms of impacts such as loss of life, environmental damage, or business interruption.
In summary, inherent in the assessment of risk are the dimensions of con- sequences (outcomes/impacts) and likelihood ( frequency/probability) . Vari- ous techniques, both qualitative and quantitative, have evolved for assessment of risk. It is not the intent of this book to cover these techniques. A thorough discussion of this subject can be found in Guidelinesfir Chemical Process@n- titative Risk Assessment (CCPS 1989) and Guidelinesfbr Chemical Transpmta- tion Risk Analysis (CCPS 1995b). For the purpose of this book, the description of four key risk assessment steps in Exhibit 2.1 suffices.
EXHIBIT 2. I Four Key Integrated Activities in Risk Analysis
Activity
Description
Systematic identification of hazards and related failure scenarios that can lead to incidents Frequently involves application of standard techniques such as HAZOP, FMEA, and What-If
Process used to estimate the consequence of failure scenarios Typically involves a range of activities from simple application of qualitative damage criteria to complex computer models for char- acterizing impacts of hazardous materials releases that result in fires, explosions, and toxic vapor clouds Characterization of the release conditions ( k . , sourcc term) is a critical step in quantitative consequence analysis, having great influence on the validity of the results
Process used to estimate the likelihood (probability or frequency) of a particular incident or outcomc Where available, historical data arc used to quantify the likelihood When historical data are unavailable, incomplete, or inappropri- ate, analytical approaches such as fault tree and event trees are employed to determine the likelihood of incidcnt/outcomes based on more fundamental failure data