1. Risk Analysis
Dr. I. M. Mishra
Pt. G. B. Pant Chair Professor of Environmental Pollution
Abatement, Professor of Chemical Engineering and
Dean Saharanpur Campus
Indian Institute of Technology, Roorkee
E-mail:- imishfch@iitr.ernet.in
2. Some Important Definitions
Risk
A measure of the potential for loss in terms of both the
likelihood (events/year) of the incident and the
consequences (effects/event) of the incident
Mathematically Risk = Σ probability of event ×
consequence of event
Risk Analysis
The development of a quantitative estimate of risk based on
engineering evaluation & mathematical techniques for
combining estimates of incident likelihood and
consequences
3. Some Important Definitions
Risk Assessment
The process by which the results of a risk analysis (i.e., risk
estimates) are used to make decisions, either through
relative ranking or through comparison with risk targets
Risk Management
The planning, organizing, leading and controlling of an
organization’s assets and activities in ways, which minimize
the adverse operational and financial effects of accidental
losses upon the organization
4. Risk Analysis?
It is an important part and precursor of risk assessment and
management
A full analysis involves the estimation of the frequency and
consequences of a range of hazards scenarios and the damages
expected.
Damages include injury and loss of life, damage to the
environment and equipment, loss of work, and finally also
economic loss to the plant
5. Why Risk Analysis?
Chemicals have become a part
of our life
Chemicals have their own
inherent properties and hazards
and so do the processes by
which they are manufactured
Risks posed by these
highlighted by Flixborough
(1974), Bhopal (1984), Piper
Alpha(1998) & Other
Accidents
Government regulations and
public awareness Source: www.hse-databases.co.uk
6. Fig.1. Bucheon LPG filling station
Fig. 2 Incident of Bucheon LPG Filling station
7. History of Risk & Risk Analysis
In 1654 , a French duke asked the famous
mathematician Pascal to solve a problem
of how to divide the stakes of an
unfinished game of dice when one of the
players was ahead.
Developed with focus on financial
matters and gambling
Realisation with industrial revolution of
risks posed due to technology used in
industry
Early emphasis on nuclear industry but
importance realized by Chemical industry
due to accidents like Flixborough,
Bhopal, VIizag, Jaipur etc.
8. Risk Management Procedure
Data Input
Identify
Estimate
Likelihood
Determine
Consequences
Risk Matrix
Accept
able
Operate
Reduce
Mitigate
Transfer
Yes
No
9. Sources of Data Input
Chemical Usage, Contractor Activity, EH&S Policies,
Equipment Reliability, External Events, Facility & Process
Descriptions, Historical Accident, Human Reliability
Manuals for Policies & Procedures, Engineering Design,
Safety, Maintenance and data from Material Usage,
Meteorological, Population etc
10. General Steps in Risk Analysis
The general steps in any hazard identification
technique are
1. Assembling a team
2. Collection of data
3. Deciding on level of detail
4. Applying the technique
5. Documenting the results
11. Methods For Risk Analysis
Risk analysis can be carried out by a number of methods
Cause-Consequence Analysis, Checklist, Event Tree Analysis
Failure Modes, Effects and Criticality Analysis (FMECA)
Fault Tree Analysis (FTA), Hazard & Operability Analysis
(HAZOP), Bow Ties, Petri nets
Method usage depends on level of detail and resources
available
12. Classification of Methods
The methods can be classified in to the following categories:
1. Qualitative
2. Quantitative
These can further be divided into:
1. Deterministic
2. Probabilistic
13. Methods for Risk Analysis
The deterministic methods take into consideration the
products, the equipment and the quantification of
consequences for various targets such as people, environment
and equipment.
The probabilistic methods are based on the probability or
frequency of hazardous situation apparitions or on the
occurrence of potential accident.
The probabilistic methods are mainly focused on failure
probability of equipment or their components.
14. Some Qualitative Methods
Preliminary Risk Analysis
In this technique, the possible undesirable events are identified
first and then analyzed separately.
For each undesirable events or hazards, possible improvements,
or preventive measures are then formulated.
The result from this methodology provides a basis for
determining which categories of hazard should be looked into
more closely and which analysis methods are most suitable.
With the aid of a frequency / consequence diagram, the
identified hazards can then be ranked according to risk, allowing
measures to be prioritized to prevent accidents
15. Some Qualitative Methods
Hazard And Operability Study
This technique is usually performed using a set of guidewords: NO / NOT,
MORE / LESS OF, AS WELL AS, PART OF REVERSE, AND OTHER
THAN.
From these guidewords, scenarios that may result in a hazard or an
operational problem are identified
The consequences of the hazard and measures to reduce the frequency with
which the hazard will occur are then discussed.
This technique had gained wide acceptance in process industries
16. Example of HAZOP applied to a Hot Air Filter system
Deviation
Possible
Causes
Potential
consequences
Existing
systems
Recommendations
No temp N A NIL NIL NIL
Less Temp Inlet gas temp low Operability
Temp indications
available
NIL
More Temp
Inlet gas temp
high
Equipment
damage
Temp indications
available
NIL
As well as
Temp
NIL NIL NIL NIL
Part of Temp NIL NIL NIL NIL
Other than
Temp
NIL NIL NIL NIL
Reverse
Temp
N A N A NIL NIL
17. Some Qualitative Methods
Failure Modes and Effects Analysis (FMEA)
This method was developed in the 1950s by reliability
engineers to determine problems that could arise from
malfunctions of military system.
Failure mode and effects analysis is a procedure by which each
potential failure mode in a system is analyzed to determine its
effect on the system and to classify it according to its severity.
When the FMEA is extended by a criticality analysis, the
technique is then called failure mode and effects criticality
analysis (FMECA)
18. Failure
mode
Causes Effects Detection
method
Safety
provisions
Severity
class
Comments
Valve
Fails
open
Internal
malfunct
Operator
error
Toxic
release
Pressure
indicators
PRV II Prevent
operator
error
Valve
fails
closed
Internal
malfunct
Operator
error
Flow
stopped
Pressure
indicators
None IV Check for
over
Pressure
A Typical FMEA Sheet
19. Some Qualitative Methods
Checklists
A list of possible problems and
areas to be checked and reminds
the reviewer of potential problem
areas
Easy to apply and assessment can
be performed by inexperienced
practitioners
Assessment will only be as
complete as the list used and
difficulties faced in novel process
Simple Checklist for long
drive in a car
1. Check oil
2. Check tire air pressure
3. Check radiator fluid
4. Check air filter
5. Check head and tail lights
6. Check exhaust
7. Check petrol
20. Pros and Cons of Qualitative Techniques
The three techniques outlined above require only the
employment of "hardware familiar" personnel
FMEA tends to be more labor intensive, as the failure of each
individual component in the system has to be considered
A point to note is that these qualitative techniques can be used
in the design as well as operational stage of a system
21. Some Quantitative Techniques
Fault Tree Analysis
A fault tree is a logical diagram which shows the relation
between system failure, i.e. a specific undesirable event in the
system, and failures of the components of the system
It is a technique based on deductive logic. An undesirable
event is first defined and causal relationships of the failures
leading to that event are then identified
22. Symbols used in FTA
Primary Event Block
Classic FTA Symbol Description
Basic Event A basic initiating fault (or failure event).
External Event (House
Event)
An event that is normally expected to occur.
In general, these events can be set to occur or not occur, i.e. they
have a fixed probability of 0 or 1.
Undeveloped Event
An event which is no further developed. It is a basic event that does
not need further resolution.
Conditioning Event A specific condition or restriction that can apply to any gate.
23. Symbols used in FTA
Name of Gate
Classic FTA
Symbol
Description
AND The output event occurs if all input events occur.
OR The output event occurs if at least one of the input events occurs.
Inhibit
The input event occurs if all input events occur and an additional
conditional event occurs.
Priority AND
The output event occurs if all input events occur in a specific
sequence.
XOR The output event occurs if exactly one input event occurs.
31. Event Tree for the Reactor. This Includes High Temperature Shut Down
System
32. Some Quantitative Techniques
Event Tree Analysis
Event tree analysis - consists of an analysis of possible causes
starting at a system level and working down through the
system, sub-system, equipment and component, identifying all
possible causes. (What faults might we expect? How may they
be arrived at?)
Assessment methods which allow quantifying the probability
of an accident and the risk associated with plant operation
based on the graphic description of accident sequences employ
the fault tree or event tree analysis (FTA or ETA) techniques
33. Example of ETA Applied With Loss Of Cooling in a Polymerisation Reactor as an
Safety Functions: High Temp Operator Restarts Operator Shuts Result
Continue Operation
Shut Down
Shut Down
Runaway
Alerts Cooling Down Reactor
Yes
No
Loss of cooling
Initiating Event
34. Some Quantitative Techniques
Cause Consequence Analysis
Cause-consequence analysis (CCA) is a blend of fault tree and
event tree analysis. This technique combines cause analysis
(described by fault trees) and consequence analysis (described
by event trees), and hence deductive and inductive analysis is
used.
The purpose of CCA is to identify chains of events that can
result in undesirable consequences. With the probabilities of
the various events in the CCA diagram, the probabilities of the
various consequences can be calculated, thus establishing the
risk level of the system
35. Typical Cause Consequence Analysis
Consequence Consequence
Yes No
Initiating event
Fault Tree
Event Tree Side
36. Some Quantitative Techniques
Management Oversight Risk Tree
MORT is a diagram which arranges safety program elements
in an orderly and logical manner.
Its analysis is carried out by means of fault tree, where the top
event is "Damage, destruction, other costs, lost production or
reduced credibility of the enterprise in the eyes of society".
The tree gives an overview of the causes of the top event from
management oversights and omissions or from assumed risks
or both
37. Some Quantitative Techniques
Safety Management Organization Review Technique
This technique is structured by means of analysis levels with
associated checklists.
The SMORT analysis includes data collection based on the
checklists and their associated questions, in addition to
evaluation of results.
The information can be collected from interviews, studies of
documents and investigations. This technique can be used to
perform detailed investigation of accidents and near misses. It
also servs well as a method for safety audits and planning of
safety measures
38. Some Quantitative Techniques
Petri Nets
A graphical methodology based on ARTIFEX software
package.
A circle represents a place and a rectangle represents a
transition
A Petri Net is composed of four parts, A set of places, A set of
transitions, An input function, An output function
Either bottom-up or top-down
Other techniques like GO, Diagraph modeling, Markov
modeling
39. A Petri Net Diagram
Normal Operations
Transitions
Reduced
operations
40. Pros and Cons of Quantitative Methods
These methods are mainly used to find cut-sets leading to the
undesired events.
Event tree and fault tree have been widely used to quantify the
probabilities of occurrence of accidents and other undesired
events leading to the loss of life or economic losses in
probabilistic risk assessment.
However, the usage of fault tree and event tree are confined to
static, logic modeling of accident scenarios. In giving the same
treatment to hardware failures and human errors in fault tree and
event tree analysis, the conditions affecting human behavior can
not be modeled explicitly
41. Qualitative Vs Quantitative
Qualitative methodologies though lacking the ability to
account the dependencies between events are effective
in identifying potential hazards and failures within the
system.
The Quantitative techniques addressed this deficiency
by taking into consideration the dependencies between
each event. The probabilities of occurrence of the
undesired event can also be quantified with the
availability of operational data.
42. Human Reliability Analysis
Human Hazards Identification ( Task Analysis)
Identify hazards occurring due to human error while performing
standard procedures
The task is a set of operations/actions required to achieve a set goal and
assesses what people might do while performing the operations
Questions such as “What actions do the operators perform ?”, “How do
operators respond to different cues in the environment ?”
Main limitation being that it is only applicable to human interaction
with the process
43. Human Reliability Analysis
Hierarchical Task Analysis
Same methodology as task analysis, but a hierarchy is placed on the
order of the tasks to be investigated
Methodology produces either a tree structure, with the most complex
task on the top and the simplest on the bottom, or a list of steps that are
required to be performed in order to produce the required goal
The technique provides an easily understandable breakdown of the
tasks and order of which they are to be performed
Other techniques such as Human Interaction with Machine (HIM) ,
Human Error Analysis (HEA)
44. Likelihood Calculation
Incident History
Industry Experience
Site Experience
Equipment Vendor Experience
Specialty Consulting Firm Experience
Component Failure Rate Data, Handbooks
Non-electronic Parts Reliability Data
45. Use of Risk Analysis Data
Avoidance
Discontinue the practice that creates the risk
Mitigation
Implement strategies to reduce the impact
Transfer
Purchase financial relief (Insurance)
Acceptable risk and concept of ALARP
46. Risk Matrix
Never Heard
on .. In
industry
Heard on .. In
industry
Incident
occurred in
our company
Happens
Several times
Happens
Several times
in a location
PEOPLE ASSET
ENVIORM
ENT
REPUTATI
ON
A B C D E
0
No health
effect/
Injury
No damage No effect No Impact LOW
1
Slight
Health
effect/
injury
Slight
Damage
Slight effect
slight
Impact
RISK
2
Minor
Health
effect/
injury
Minor
Damage
Minor
effect
Limited
impact
3
Major
Health
effect/
injury
Localised
Damaged
Localised
effect
Considerabl
e impact
MEDIUM RISK
4
1 to 3
fatalities
Major
Damage
major effect
National
impact
HIGH RISK
5
Multiple
Fatalities
Extensive
Damage
Massive
effect
internationa
l impact
LIKELYHOOD
CONSEQUENCES
SEVERITY
47. Codes & Standards for Risk Analysis
American Institute of Chemical Engineers have Guidelines for
Chemical Process Quantitative Risk Analysis & Hazard Evaluation
Procedures, OSHA has 29 CFR 1910.119, EPA Risk Management Plan
(RMP)
India has its own BIS guidelines in BIS 18001, guidelines by labour
ministry
Even in non chemical industries codes like Nuclear Regulatory
Commission NUREG/CR-2815 , IEC 61508, SEMI S10 - Safety
Guideline for Risk Assessment, S14 - Safety Guide for Fire Assessment
& Mitigation for Semiconductor Manufacturing Equipment
48. Intelligent Systems : The Way Ahead!
The estimated cost of process hazards reviews in the CPI
is about 1% of sales or about 10% of profits
An intelligent system can help
1. Reduce the time effort and expense involved in a PHA
review
2. Make the review more thorough, detailed, and consistent,
3. Minimize human errors
4. Free the team to concentrate on the more complex aspects
of the analysis which are unique and difficult to automate
49. An example is the HAZOP Expert a model-based, object-oriented,
intelligent system for automating HAZOP analysis
Other well known software packages include HAZTEC,
CARA BRAVO, CAFTAN, RISKMAN, QRAS
50. Conclusions
Risk is a subjective concept varying according to context
In actual industry a number of variations are applied to
methods of risk analysis and sometimes steps are
completed simultaneously or given a miss according to
need and resources present
Risk analysis can be qualitative as well as quantitative.
Quantitative methods are being given more stress since
they allow for a better comparison of risk levels and
reduce subjectivity in decision making process
51. Conclusions
Probabilistic risk analysis is perhaps the best
methodology available at present for application of low
probability high impact systems like CPI
Intelligent systems hold the key to reduction in resource
utilization and increasing accuracy of risk analysis and
hence risk assessment
There is no possibility of eliminating all hazards
completely and concept of allowable risk becomes
important
52. END GAME
Hazards and overall risk associated with
technology is a crucial element for triggering
regulatory action, public protest and a host of
other problems, so it is of utmost importance to
find the origins of risks, to strengthen safeguards
and thus preserve the acceptability of hazardous
facilities or activities. It constitutes a real need
then, to provide a coherent strategy to maximise
performance and minimize risk
53. References
Center for Chemical Process Safety (CCPS). Guidelines for Hazard Evaluation
Procedures, Second Edition with Worked Examples; Publication G18; American
Institute of Chemical Engineers, New York (1992)
Lees, F. P. Loss Prevention In The Process Industries: Hazard Identification,
Assessment And Control. (2001) (3rd Ed). UK: Butterworth- Heinemann
Crowl D, Louvar J. Chemical process safety fundamentals with applications.
(1990). Prentice Hall
Bernstein PL . “Against the Gods: The Remarkable Story of Risk”. (1996). Wiley
New York.
Nivolianitou Z.S. Comparison Of Techniques For Accident Scenario Analysis In
Hazardous Systems. Journal of Loss Prevention in the Process Industries, (2004), v-
17, pp- 467–475
54. References
Wells G., Whetton C. Preliminary Safety Analysis. Journal of Loss
Prevention in the Process Industry, (1993), v-6, no 1, pp-47-60
Venkatasubramanian V., Zhao J. Viswanathan S . Intelligent Systems
For Hazop Analysis Of Complex Process Plants. Computers and
Chemical Engineering (2000),v-24, 2291–23
Cacciabue, P. C. Human Factors On Risks Analysis Of Complex
Systems. Journal of Hazardous Materials (2000), v-71, 101–116.
Robert D. Choosing The Level Of Detail For Hazard Identification.
Process Safety Progress (1995), v-14, no 3