Our site needs your help!
Site categories

All you need to know about Process Safety Management in Liquefied Petroleum Gas Industry

Join Our Telegram (Seaman Community)

Process Safety Management (PSM) is the management of hazards associated with the processing of products, particularly highly volatile substances such as hydrocarbons. The principle behind it is to reduce the number of incidents involving the release of highly volatile or toxic substances or, at the very least, mitigate the severity of such incidents.

The controls available in process safety management

Process Safety Management (PSM)

The oil and gas industries use process safety management extensively, particularly where they are processing volatile products or have large inventories of flammable or toxic materials.

“Process” in this respect means using, storing, manufacturing, handling or moving a hazardous product/ chemical on a site or installation.

Process safety management – what are the key benefits?

The main aim of Process Safety Management (PSM) is to develop plant systems and procedures which will prevent unwanted releases which may ignite and/or cause toxic impacts, local fires or explosions.

In addition, PSM can also address issues related to the operability, productivity, stability and quality output of processes.

If we look at the major incidents that have occurred over the past thirty years, such as Flixborough, Piper Alpha, Buncefield, Texas City, Deepwater Horizon, etc., we can understand the significance of applying PSM as a proactive tool.

The US Department of Labor Occupational Safety and Health Administration (OSHA) has published, and regularly updates, guidance on process safety management (OSHA 3133) which the oil and gas industry tends to use as a template for developing their own systems.

The key provision of PSM is Process Hazard Analysis (PHA). This is basically a careful review of what could go wrong and what safeguards must be implemented to prevent releases of hazardous substances.

Prior to conducting a process hazard analysis, management should complete a compilation of written process safety information. This compilation will help the management and the employees involved in operating the process to identify and understand the hazards posed by those processes.

Process safety information should include information on the hazards of the products used or produced by the process, information on the technology of the process and information on the equipment in the process. Let’s now look at the extent of information needed under these categories.

Process safety management – preparation for a process hazard analysis

Information on the hazards of the products/chemicals in the process should consist of the following:

  • Toxicity;
  • Permissible exposure limits;
  • Physical data;
  • Reactivity data;
  • Corrosivity data;
  • Thermal and chemical stability data, and hazardous effects of the inadvertent mixing of different materials.

Information on the technology of the process must include at least the following:

  • A process flow diagram;
  • Process chemistry;
  • Maximum intended inventory;
  • Safe upper and lower limits for such items as temperatures, pressures, flows or compositions;
  • An evaluation of the consequences of deviations, including those affecting the safety and health of employees.

Information on the equipment in the process should include the following:

  • Materials of construction;
  • Piping and instrument diagrams (P&IDs);
  • Electrical classification;
  • Relief system design and design basis;
  • Ventilation system design;
  • Design codes and standards employed;
  • Safety systems (e.g. interlocks, detection or suppression systems).

The compilation of the above process safety information provides the basis for identifying and understanding the hazards of a process and is necessary in developing the Process Hazard Analysis (PHA). It may also be necessary for other provisions of process safety management such as management of change and incident investigations.

Process safety management – Process Hazard Analysis (PHA)

Process Hazard Analysis (PHA) is a thorough, orderly, systematic approach for identifying, evaluating and controlling the hazards of processes involving hazardous products/chemicals. Management should perform an initial process hazard analysis (hazard evaluation) on all processes. The PHA methodology selected must be appropriate to the complexity of the process and must identify, evaluate and conclude with appropriate controls relating to the hazards involved in the process.

Management should determine and document the order of priority for conducting process hazard analysis based on a rationale that includes such considerations as the extent of the process hazards, the number of potentially affected personnel, the age of the process and the operating history of the process.

Management should use one or more of the following methods, as appropriate, to determine and evaluate the hazards of the process being analysed:

  • What-if/checklist;
  • Hazard and Operability Study (HAZOP);
  • Hazard Identification Study (HAZID);
  • Failure Mode and Effects Analysis (FMEA);
  • Fault tree analysis;
  • Any other appropriate equivalent methodology.

Whichever method(s) are used, the PHA must address the following:

  • The hazards of the process;
  • The identification of any previous incident that had a potential for catastrophic consequences in the workplace;
  • Engineering and administrative controls applicable to the hazards and their interrelationships, such as appropriate application of detection methodologies to provide early warning of releases. Acceptable detection methods might include process monitoring and control instrumentation with alarms, and detection hardware such as hydrocarbon sensors;
  • Consequences of failure of engineering and administrative controls;
  • The siting of the facility;
  • Human factors;
  • A qualitative evaluation of a range of the possible safety and health effects on employees in the workplace if there is a failure of controls.

The process hazard analysis is best performed by a team with expertise in engineering and process operations, and the team should include at least one employee who has experience of, and knowledge of, the process being evaluated. Also, one member of the team should be knowledgeable in the specific analysis methods being used.

Management should:

  • Establish a system to address promptly the team’s findings and recommendations;
  • Ensure that the recommendations are resolved in a timely manner and that the resolutions are documented;
  • Document what actions are to be taken;
  • Develop a written schedule of when these actions are to be completed;
  • Complete actions as soon as possible;
  • Communicate the actions to operating, maintenance and other employees whose work assignments are in the process and who may be affected by the recommendations or actions.

The process hazard analysis should be reviewed regularly and updated when necessary to ensure that the hazard analysis is consistent with the current process.

Process safety management – operating procedures

Management should develop and implement written operating procedures, consistent with the process safety information, that provide clear instructions for safely conducting activities involved in each covered process. The tasks and procedures related to the covered process must be appropriate, clear, consistent and, most importantly, well communicated to employees. The procedures should address the following elements:

Steps for each operating phase:

  • Initial start-up;
  • Normal operations;
  • Temporary operations;
  • Emergency shutdown, including the conditions under which emergency shutdown is required, and the assignment of shut down responsibility to qualified operators to ensure that emergency shutdown is executed in a safe and timely manner;
  • Emergency operations;
  • Normal shutdown;
  • Start-up following a turnaround, or after an emergency shutdown.

Operating limits:

  • Consequences of deviation;
  • Steps required to correct, or avoid, deviation.

Health and safety considerations:

  • Properties of, and hazards presented by, the products/chemicals used in the process;
  • Precautions necessary to prevent exposure, including engineering controls, administrative controls and personal protective equipment;
  • Control measures to be taken if physical contact or airborne exposure occurs;
  • Quality control for raw materials and control of hazardous chemical inventory levels;
  • Any special or unique hazards;
  • Safety systems (e.g. interlocks, detection or suppression systems) and their functions.

Management should ensure up-to-date references are available to employees who work in or maintain a process. The operating procedures must be reviewed as often as necessary to ensure that they reflect current operating practices, including changes in process chemicals, technology, equipment and facilities.

Management should develop and implement safe work practices to provide for the control of hazards during work activities, such as safe working procedures, permit-to-work systems, lockout/tag-out, confined space entry, opening process equipment or piping and control over the entry into a facility by maintenance, contractor, laboratory or other support personnel. These safe work practices and procedures should apply both to employees and to contractors.

Process safety management – employee participation

Management should consult with their employees and/or their representatives on the conduct and development of process hazard analysis and on the development of the other elements of process management. They should also provide access to process hazard analysis and to all other relevant information.

Process safety management – training

For Process Safety Management (PSM) to be effective, it is necessary for all personnel involved in the process to be fully trained on the implementation of the safe working procedures which have evolved from the Process Hazard Analysis (PHA) procedure.

All employees involved in operating a process, or a newly assigned process, should be trained in an overview of the process and in its operating procedures. The training should include an emphasis on the specific hazards of the process, emergency operations including shutdown, and other safe work practices that apply to the employee’s job or tasks.

Process safety management – contractors

It is essential that contractors and their employees emphasize the importance of everyone taking care that they do nothing to endanger those working nearby who may work for another employer.

Clients need to ensure that any contractor they engage is competent. That is to say, that they have sufficient skills and knowledge to undertake and complete the work safely, efficiently and to the quality level required.

Once a contractor is selected and engaged, the client should provide an appropriate level of supervision of the work being undertaken by the contractor. However, it is the contractor who is responsible for the safe method of working which he/she and his/her staff employ.

Process safety management – pre-start-up safety review

It is important that a safety review takes place before any hazardous product is introduced into a process. Consequently, management should perform a prestart-up safety review for new facilities and for modified facilities when the modification is significant enough to require a change in the process safety information. Prior to the introduction of a hazardous product to a process, the pre-start-up safety review must confirm the following:

  • Construction and equipment are in accordance with design specifications;
  • Safety, operating, maintenance and emergency procedures are in place and are adequate;
  • A process hazard analysis has been performed for new facilities and recommendations have been resolved or implemented before start-up, and modified facilities meet the management of change requirements;
  • Training of each employee involved in operating a process has been completed.

Process safety management – mechanical integrity

It is important to maintain the mechanical integrity of critical process equipment to ensure it is designed and installed correctly and operates properly. Under process Questions and answers to Crew Evaluation System Test about Crowd and Crisis Managementsafety management techniques and systems, mechanical integrity applies to the following equipment:

  • Pressure vessels and storage tanks;
  • Piping systems (including piping components such as valves);
  • Relief and vent systems and devices;
  • Emergency shutdown systems;
  • Controls (including monitoring devices and sensors, alarms and interlocks);
  • Pumps.

Management should establish and implement written procedures to maintain the ongoing integrity of process equipment. Employees involved in maintaining the ongoing integrity of process equipment should be trained in an overview of that process and its hazards, and trained in the procedures applicable to their particular job or task.

Inspection and testing should be performed on process equipment, using procedures that follow recognized, and generally accepted, good engineering practices. The frequency of inspections and tests of process equipment should conform, at the very least, to the manufacturers recommendations and good engineering practices. Each inspection and test on process equipment should be documented, identifying the date of the inspection or test, the name of the person who performed the inspection or test, the serial number or other identifier of the equipment on which the inspection or test was performed, a description of the inspection or test performed and the results of the inspection or test.

Read also: Safety, Risks and Security Aspects in Liquefied Natural Gas Industry

Equipment deficiencies beyond the acceptable limits defined by the process safety information should be corrected before further use or in a timely manner if appropriate.

When constructing new plant and equipment, management should ensure that equipment is suitable for the process application for which it will be used. Appropriate checks and inspections should be undertaken to ensure that equipment is installed properly and is consistent with design specifications and the manufacturers instructions.

Management should also ensure that maintenance materials, spare parts and equipment are suitable for the process application for which they will be used.

Process safety management – permits-to-work

A permit-to-work must be issued prior to any work or operations being conducted on or near a process. This includes any hot work, breaking of containment, confined space entry, working at height or over water, etc.

Process safety management – management of change

Any change to a process must be thoroughly evaluated in order to fully assess its impact on employee health and safety, as well as to determine what adjustments will be needed to operating procedures. Management should ensure that the following considerations are addressed prior to any change being implemented:

  • The technical basis for the proposed change;
  • Impact of the change on employee health and safety;
  • Modifications to operating procedures;
  • Necessary time period for the change;
  • Authorization requirements for the proposed change.

Employees who operate a process, as well as maintenance and contract employees whose job or tasks will be affected by a change in the process, must be informed of, and trained in, the change prior to start-up of the process.

We will be looking in more detail at management of change controls later in this chapter.

Process safety management – incident investigation

Each and every incident that released, or could have resulted in a release of, any flammable or toxic substance should be investigated. A system must be established to promptly address and resolve the incident investigation’s findings and recommendations.

Process safety management – emergency planning and response

If, despite the best planning, an incident does occur, it is essential that a predetermined emergency plan is put into action. Again, all employees, as well as contractors, should be aware of what the plan is and what their role in that plan is. We shall be looking at emergency response in more detail in Chapter 18.

Now we have covered the principles of process safety management, we need to see how these principles are put into practice.

In particular we are going to look at:

  • Plant layout;
  • Control room design;
  • Temporary refuge integrity.

Plant layout

Plant layout is often a compromise between various factors. These can include:

  • The need to locate hazardous materials in facilities as far from site boundaries and local residents as possible. This may be limited by the geography of the site;
  • The need to minimize distances between buildings and storage areas where materials are located in order to reduce the risks during transfer;
  • The need to facilitate interaction between other plants on the same site, allowing for greater operability and maintainability;
  • The need to provide access for emergency services as well as emergency escape routes for personnel working on the site. It is also necessary to prevent confi nement in the case of accidental release of fl ammable substances;
  • Interaction with existing facilities, e.g. roads, drainage and utilities;
  • The need for acceptable working conditions for personnel.

With regard to safety, the most important factors of plant layout are those which:

  • Prevent or mitigate an escalation of events;
  • Ensure safety of personnel within on site buildings;
  • Control access of unauthorized personnel;
  • Facilitate access of emergency services.

When designing plant layout, consideration should be given to the following factors:

  • Inherent safety;
  • Explosion;
  • Toxic gas release;
  • How to reduce the consequences of an event;
  • Positioning of occupied buildings;
  • The aggregation or trapping of fl ammable vapour.

Let’s look at each of these in more detail.

Plant layout – inherent safety

The first principle in applying inherent safety to a plant layout is to remove the hazard altogether. This means reducing the inventory of hazardous substances within the plant layout to such a level that a major hazard is no longer exists.

However, this is not often achievable, as the sole purpose of many installations is to process hazardous substances in one way or another.

Other possible methods to achieve an inherently safe design include:

  • Reducing inventories;
  • Substituting hazardous substances with less hazardous alternatives where possible.;
  • Minimizing hazardous process conditions where possible i.e. temperature, pressure, rate of fl ow, etc;
  • Designing systems and processes to be as simple as possible. This will have the effect of reducing human errors which could create a hazardous event;
  • Using fail-s afe design features, e.g. a downhole safety valve which requires hydraulic pressure to open the valve and allow product to fl ow, but in the case of lack of hydraulic pressure, the valve closes and product stops fl owing.

Plant layout – the Dow/Mond indices

These indices are useful in the development stage of a project because they evaluate process plant hazards and rank them against existing processes or projects in order to provide a comparative measure of the risk of fire and explosion. They do this by assigning them incident classifications and allow objective spacing distances to be considered during the development phase of a process or project.

Plant layout – domino effects

When undertaking a hazard assessment of site layout it is essential that the consequences of loss of containment are fully evaluated. This includes the potential escalation of an incident and what this entails. These escalations are known as a domino effect, an example of which may be a loss of containment followed by fire and explosion which in turn damages the control room causing the loss of control of operations in other locations.

Plant layout – fire

There are four ways a fire can spread:

  • Direct burning;
  • Convection;
  • Radiation;
  • Conduction.

Fire can be prevented from spreading by fire resistant walls, floors and ceilings.

However, running fires caused by flammable liquids can spread through drains, ducts and ventilation systems. Consideration of these possibilities should be given at the plant layout design stage. Furthermore, Transportation of Liquified Petroleum Gas and Ammonia Cargoesflammable gases and vapours may also find their way into passageways and cause a delayed ignition.

Other considerations to reduce the effects of convection, conduction and radiation during a fire include ensuring the distances between plant items are sufficient in order to prevent overheating of adjacent plants. Where this is not possible, other methods such as fire walls, active or passive fire protection may be considered.

Plant layout – explosion

An explosion can be described as the release of energy in a violent manner (pressure wave) accompanied by the generation of high temperatures. This release of energy can often create missiles which emanated from the source of the explosion.

With regard to explosion pressure waves when designing plant layout, the following are mitigating factors:

  • Ensuring separation distances are sufficient in even the worst case so that damage to adjacent plants will not occur;
  • Providing blast walls or locating adjacent plant in strong buildings;
  • Ensuring the walls of vessels are thick and strong enough to withstand a pressure wave from an explosion;
  • Ensuring any explosion relief vents are directed away from vulnerable areas, e.g. other plants or buildings, or roadways near site boundaries.

The consequences of missiles emanating from an explosion will require a more involved and detailed analysis on an individual basis in order to provide adequate safety.

Plant layout – toxic gas releases

The release of toxic gas may render a plant or process inoperable due to the domino effect which may ensue. This could be as a result of personnel being injured and unable to bring the situation under control.

This may be prevented or mitigated by:

  • The implementation of automatic control systems (which use inherently safer principles);
  • Controlling plant and processes from a remote facility, e.g. a suitably protected control centre.

Plant layout – reduction of consequences of event on- and offsite

With regard to the design of inherently safe plant layout, other measures which may be considered include the following:

  • Storage of flammable/toxic material away from process areas;
  • Siting hazardous plant and processes away from main roadways within the site;
  • Fitting remote-actuated isolation valves where large inventories of hazardous materials may be released;
  • Using the terrain as a means of controlling potential releases of liquid hazardous material. This can include embankments (bunds), ditches, dykes, etc;
  • The siting of plant within buildings to act as a secondary containment facility;
  • Where there is the potential for minor release of flammable gases or vapours, then siting this plant in the open air. This will ensure there is a rapid dispersion of these gases or vapours;
  • Classification of areas where flammable gases, vapours and dusts may be released. This will enable ignition sources to be controlled and eliminated.

Risk management techniques will enable the appropriate control measures to be applied.

Plant layout – positioning of occupied buildings

As we mentioned earlier, the distance between, and the position of, occupied buildings and buildings housing plant will be governed by the need to reduce the domino effect of a fire, an explosion or the release of toxic gases. Over and above the distance and proximity issues, consideration should also be given to evacuation routes, which should not be impeded by poor plant layout. The siting of occupied buildings should generally be upwind of hazardous plant areas.

Plant layout – aggregation/trapping of flammable vapours

In order to prevent flammable/toxic vapours accumulating in buildings and creating a hazardous event, buildings should be well ventilated by natural or engineered ventilation.

Storage of flammable products should be in the open air so that any minor leaks can be allowed to disperse naturally, although some form of warning system should be deployed so that a minor leak does not develop into a major leak.

Control room design

With regard to control room design, there are two main aspects that should be part of the design consideration. These are:

  • The ability of the control room to withstand a major hazardous event such as a fire, explosion or release of toxic gas or smoke;
  • The efficient and appropriate layout of the control room and its equipment to ensure the effective operation and control of the plant under any circumstances, including an emergency.

Control room design – control room structure

The structure of the control room should be such that it can be safely used by personnel to maintain plant control at all times, even if an emergency situation or undesirable event takes place.

Events that have the potential to affect the control room are:

  • Vapour Cloud Explosion (VCE);
  • Boiling Liquid Expanding Vapour Explosion (BLEVE);
  • Pressure burst;
  • Toxic gas release;
  • Fires, including pool fires, jet fires, flash fires and fireballs.

The control room should be able to withstand overpressure in order to ensure that risks to personnel are acceptable. The design should incorporate safety measures, e.g. using laminated or polycarbonate glass in windows to protect against serious injury, and should consider using internal fixtures and fittings which are able to withstand the effect of a building shaking.

Should there be a risk of a release of toxic gases, the control room should be a place of safety where the ingress of toxic gases is controlled so that it cannot rise to a level which will affect the health and safety of the operators and/or make them unable to maintain control of the plant.

Careful consideration of the building’s ventilation system is required to ensure that air intakes are situated away from areas that may be affected or to ensure that there is no air intake during an incident, preferably by closure of an automatic valve linked to a gas analyser. The ventilation system should be designed to ensure that in the event of an incident occurring, the air intakes can be shut down. Ideally, this should be done automatically, i.e. having Heating, Ventilation and Air Conditioning (HVAC) duct inlet dampers installed. The design should also require that air intakes are placed away from areas which may be affected by incidents.

Control rooms should be constructed from materials which are fire resistant and able to withstand the effects of thermal radiation without the risk of collapse.

Temporary Refuge (TR) integrity

Temporary Refuge (TR) integrity can be described as the ability to protect the occupants following a hazardous event for a specific time period such that they will remain safe until they decide there is either a need to evacuate the installation, or to recover the situation.

This protection is applied by means of siting the temporary refuge in a position away from likely sources of fire, explosion or toxic gas release and being built to a standard that will withstand the effects of fire, explosion or toxic gas release. These will include building the TR of fire resistant material, building it to a blast resistant design and standard, and having temporary refuge Heating, Ventilation and Air Conditioning (HVAC) duct inlet dampers installed. These duct inlets are an obvious threat to the integrity of the temporary refuge and, as such, are required to be activated on any alarm detection of smoke, gas, vapour or heat.
A temporary refuge HVAC fire damper has two purposes:

  1. To provide fire protection for the temporary refuge structure and heating, ventilation and air conditioning duct inlet and outlet ducting to the same standard as the fire rating of the wall it is penetrating;
  2. To provide some sealing function to prevent excessive temporary refuge air outflow and the ingress of toxic smoke and gas for the specified temporary refuge endurance time – this is usually about 1 hour.

The design of a temporary refuge should take into account potential hazards and allow personnel access to a safe evacuation route. This means that, should a facility be evacuated, the route to safety should take personnel away from areas where plant and hazardous materials are stored as well as away from any potential exposure to toxic gases or fumes.

Management of change controls

Management of change

Many accidents and incidents, some of them catastrophic, can be attributed to changes in processes and equipment. Management should have systems in place to ensure that any proposed changes are evaluated before they are implemented. The management of change procedure should:

  • Include expert personnel to review the proposed changes to ensure that they will not result in any operations exceeding established operating limits;
  • Ensure that any proposed changes are subject to a safety review using hazard analysis techniques (e.g. hazard and operability studies) to assess the risks. This should be conducted by a team with relevant expertise which covers all areas of the process;
  • Have in place arrangements for the control of relevant documents (e.g. safety case/report, drawings, Piping and Instrument Diagrams (P&IDs), etc.) and ensure that they are kept up to date. Any operating procedures should always be updated to reflect any changes in the plant or process.
  • Ensure that any changes in the operating envelope (e.g. temperatures, pressures, flow rates, etc.) are communicated to the operators and documented. The operators should also have appropriate training to ensure competent and safe use of the equipment.

Temporary changes do need to be included in the management of change procedure, although it may not be necessary to include all the requirements of a permanent change. For example, master Piping and Instrument Diagrams (P&IDs) may not need to be changed although changes may need to be documented on temporary drawings.

Revision questions for element 2 continued

Question 1: When considering plant layout and the possibility of explosion, explain what mitigating factors can be introduced at the design stage.
Answer 1
The command word in this question is explain. This requires an answer which gives a clear account of, or reasons for, a subject or issue. Your answer should expand on the following information:
  • Ensuring separation distances are sufficient in even the worst case so that damage to adjacent plants will not occur.
  • Providing blast walls, or locating adjacent plant in strong buildings.
  • Ensuring the walls of vessels are thick and strong enough to withstand a pressure wave from an explosion.
  • Ensuring any explosion relief vents are directed away from vulnerable areas, e.g. other plants or buildings, or roadways near site boundaries.
Question 2: Changes to processes and process operations can potentially introduce hazards, some inadvertently. Explain what measures can be introduced to ensure changes in procedures are managed as safely as possible.
Answer 2
The command word in this question is explain. This requires an answer which gives a clear account of, or reasons for, a subject or issue. Your answer should expand on the following information
  • Include expert personnel to review the proposed changes to ensure that they will not result in any operations exceeding established operating limits.
  • Ensure that any proposed changes are subject to a safety review using hazard analysis techniques (e. g. hazard and operability studies) to assess the risks. This should be conducted by a team with relevant expertise which covers all areas of the process.
  • Have in place arrangements for the control of relevant documents (e.g. safety case/report, drawings, Piping and Instrument Diagrams (P&IDs), etc.) and ensure that they are kept up to date. Any operating procedures should always be updated to reflect any changes in the plant or process.
  • Ensure that any changes in the operating envelope (e. g. temperatures, pressures, flow rates, etc.) are communicated to the operators and documented. The operators should also have appropriate training to ensure competent and safe use of the equipment.


Did you find mistake? Highlight and press CTRL+Enter

Июль, 07, 2022 1439 0
Add a comment

Text copied