Documente Academic
Documente Profesional
Documente Cultură
APPENDIX I
Introduction
For the users of structured hazards analysis techniques such as Hazard and Operability
(HAZOP) analysis and Failure Modes and Effects Analysis (FMEA) there are distinct
differences and alternative applications for their usage. Although HAZOP is very well
established and practiced, its exact basis is rather more empirical and subject to
considerable variations. This situation has significant disadvantages including
inconsistency of methodologies and lack of agreed criteria for assessment. In the field this
has lead to a number of different approaches so that repeatability, a hallmark of the
scientific method, is largely absent.
The problem is the inability to derive Deviations for HAZOP from first principles. This
has lead to experience and empirically based methods filling the gap. These methods are
more subjective and dependent upon those executing the analyses. Therefore considerable
diversity in results is very frequent. The question is thus one of "who's or what" method
should be used for a particular application. This clearly leads to the demand for a basic
root methodology that removes it from the vagaries of subjectivism.
This paper addresses the situation by proposing Component Functional Analysis (CFA) as
the root methodology. It also shows how Deviations (for HAZOP) may be derived through
2 DYADEM
© 2003 by CRC Prcss LLC
Deriving Deviations from First Principles Appendix 1 2-
the concomitant identification of malfunctions and counter functions from CFA using
FMEA. It shows how both FMEA and HAZOP are closely related through consideration
of functional envelopes,
The main forms of process hazards analysis (PHA) include Guide Word HAZOP, FMEA
and What If analysis. The first two methods (HAZOP and FMEA) are highly structured
while What If has little structure and is largely experience based.
FMEA, the most structured of the two remaining methods, is widely used as MIL - STD
1629 in the defense, aircraft and automobile industries. The technique is relatively straight
forward and considers the failure modes of specific components.
Guide Word HAZOP, unlike FMEA, is dependent upon applying Deviations (and
Disturbances) £i-om the Design Intent. This method is somewhat more complex than
FMEA and is very widely used in the process industries.
Although highly structured from an applications standpoint Guide Word HAZOP has the
underlying weaknesses that the Deviations (for HAZOP) are assumed to be self evident,
which indeed, they are not. With Guide Word HAZOP the deviations are obtained by the
application of Guide Words to Properties (which includes Parameters and Activities).
However the methodology for determining which Properties should be selected is not
obvious. Ellis Knowlton (Chemetics) has developed an approach based on the application
of Guide Words to Materials, Activities, Sources and Destinations: this requires
imagination and skill on the part of the user while the CCPS (ref. "Guidelines to Hazards
Evaluation Procedures", 2ndedition) has endorsed the Parametric Deviation methodology.
Knowlton's method is most suitable for batch processes while the Parametric Deviation
methodology is more suitable for continuous processes.
One of the major problems with Guide Word HAZOP, is that Deviations (for HAZOP) may
be either over or under specified. This leads to wasted efforts or oversights respectively.
For example, it may appear to be obvious, for a process line, to examine High, Low,
Reverse Flow, High, Low Pressure, High, Low Temperature and so forth. But what is the
basis for this? Unfortunately, applying a non-structured basis to a highly structured
methodology leads to somewhat arbitrary results as the basis of a supposedly complete
analysis.
Under these circumstances who can dictate that one set of deviations is right and another
wrong? Furthermore if a specific methodology for deriving Deviations is correct, should
not those systems with the greatest potential for failure also be associated with the greatest
number/ range of Deviations? There is some good evidence, as this paper suggests, that
equipment, such as pumps (and compressors) are underassessed using the current HAZOP
methodology while other equipment is being over-assessed.
With any form of structured analysis the greater the number of assumptions and
simplifications the greater the tendency to compromise the methodology and its
effectiveness. By way of an analogy, computers, which are not programmed to take short
cuts, are effective simply because the level of detail needed is not a constraint in program
execution. Insisting upon thoroughness, when it is affordable, is understandable. Settling
for less, because greater effort is required, may be a false economy.
2 DYADEM
© 2003 by CRC Prcss LLC
Deriving Deviations from First Principles -
Appendix 1 4
The analysis requires breakdown into parts (i.e., nodes, subsystems). Typically these are
line(s), vessel(s), heat exchanger(s), pump(s), compressor(s) and so forth.
The CFA requires the parts to be broken down into components. By way of example,
consider a line passing from one point to another as typically having isolation valves, flow
transmitter, control valve, piping, drain, vent etc. as components each having specific
hctions. Hence the line should be understood not simply as "line" but rather as an
integrated group of components, each with their own purpose, i.e., functions.
The corollary to knowing the function(s) of each component is that diametrically opposite
considerations, i.e., malfunctions, can be specified. In addition to malfunctions,
components may have functions that are mutually antagonistic; when this occurs these are
identified as counter functions. Following the listing of the malfunctions and counter
functions the conventional process of specifying Causes, Consequences, Safeguards and
Recommendations follows.
An example, as per the attached sketch, shows a transfer line from a caustic storage vessel,
automatically neutralizing an acid stream in a neutralizing vessel. CFA with FMEA
applied is used to derive Deviations. It can be seen that the malfunctions are related to
failure modes. It is not necessary to specify the Design Intent because it is implicit within
the methodology.
FMEA depends upon dividing subsystems into components. Failure Modes are then
postulated, together with listing of Effects, Safeguards and Recommendations. With
HAZOP the system is divided into Nodes which are examined for Deviations from the
Design Intent. In the latter case prefixing Guide Words to a Property term, a Parameter or
Activity, creates Deviations. However the choice of combinations relies upon experience
rather than the application of any well recognized method.
2DYADEM
© 2003 by CRC Prcss LLC
Deriving Deviations from First Principles Appendix I - 5
In Tables 1-1 and 1-2 the application of Component Functional Analysis is used to derive
both Functional Failures (for FMEA) and Deviations (for HAZOP) using the example.
Functionality and functional envelopes can also be extended to activities and operations
where specific errors are identified through the same route of malfunctions and counter
functions.
CFA applied to FMEA can be used in a number of ways. Firstly, it can be used directly as
a thorough method for performing Structured Hazards Analysis wherever FMEA or
HAZOP is normally used. Secondly it can be used for deriving Failure Modes for FMEA
or Deviations for HAZOP.
There are a number of items of equipment, such as pumps and compressors, where HAZOP
fails to identifl the key areas of failure. This is of significant concern because it is
precisely these types of equipment, involving multiple components, where failures and
major problems are most frequently experienced. To demonstrate the effectiveness of CFA
Table 1-2 shows how it can be applied to a simple Centrifugal Pump in order to derive
Functional Failure Modes and Deviations.
Functional envelopes can be created for both Parameters and Operations. It is then
possible to list Malfunctions and Counterfunctions leading to listing of potential
Deviations.
Once the exercise has been performed for ranges of systems it is thus possible to create a
library of valid Deviations that can be used on a repetitive basis.
9DYADEM
© 2003 by CRC Prcss LLC
Deriving Deviations from First Principles Appendix I - 7
Flow transmitter 1. Measure liquid flow 1.1 Loss of hydraulic signal 1.1. Loss of transmitter
rate and transmits signal
hydraulic signal
Flow1 pH controller 1. Controls liquid flow 1.1 Flow controller fails control 1.1. High flow
rate and doses to pH valve open 1.2. Low/ no flow
set point 1.2 Flow controller fails control
valve close
Control valve 1. Controls flow rate of 1.1 Control valve fails open 1.1. High flow
liquid 1.2 Control valve fails close 1.2. Low/ no flow
2. Maintains seal 2.1 Loss of CV seal 2.1. Loss of CV seal
Control valve 1. Operates control 1.1 Loss of air fails CV in locked 1.1. Loss of instrument air
actuator valve by IIP position
conversion
Bypass valve 1. Manual control 1.1 Bypass left open or 1.1. High flow
around CV when CV is out for unattended causing excess 1.2. Low flow
maintenance flow or low flow
Block valves in CV 1. Permits CV to be 1.1 Leakage when CV is out for 1.1. Leak
set removed for maintenance
maintenance
Heat tracing plus 1 Maintains line at 1.1 Heats line too much due to 1.1 High temperature
insulation of line 60°F to 80°F loss of temperature control 1.2. Low temperature
1.2 Loss of heat tracing
Process material 1. 50% caustic at 50 1.1.Source pressure too high 1.1. High pressure
psig, 150°F with 1.2.Source pressure too low 1.2. Low pressure
F.P. of 60°F 1.3.Temperature below F.P. 1.3. Low temperature
9DYADEM
© 2003 by CRC Prcss LLC
Deriving Deviations from First Principles Appendix 1 8 -
9DYADEM
© 2003 by CRC Prcss LLC
Deriving Deviations from First Principles Appendix I - 10
I-------_--__-_--_
I
I--------
EFFLUENT
)
, DYADEM
© 2003 by CRC Prcss LLC
Deriving Deviations from First Principles Appendix I 11 -
Centrifugal Pump
Power
Supply
Impeller
(Overload) Coupling
/
Shafi
Seal
.\
Pump Casing