process safety management (psm) books

Inherent Safety

Home

Bookshop
Seminars/Webinars

Incidents
Management
Industries
PSM
Bow Tie Analysis
Emergencies
FMEA
HAZOP
HAZOP Team
Incident Analysis
Inherent Safety
KPIs
MOC
Operating Procedures
PSSR
PHA
Process Safe Limits
Regulations/Standards
SEMS
Safety Analysis

Affiliates / Social Sites
Meetings
Contact Us



Join Our Email List Email:

A facility that is inherently safe is one that is of low risk, even if safeguards and protective measures do not work as they should. The classic example of an inherent safety device is the bund (earth) wall that is often placed around storage tanks. If the tank leaks the bund wall will retain the spilled liquid, regardless of instrument or operator response.

Inherent safety is usually divided into different elements, in rough order of priority. There is no standardized list, but the following five elements are representative. The preferred order in which they should be addressed is shown below.

Eliminate
Substitute
Minimize (Intensification)
Moderate (Attenuation, Limitation of Effects)
Simplify (Error Tolerance)

The use of inherent safety principles not only improves safety, it is likely to reduce capital costs and the investment that has to be made in activities such as training and operating procedures.

Warning!

Albert Einstein once said, "Everything should be made as simple as possible, but not simpler."

Use of the principles of inherent safety may lead to adverse consequences as a result of the Law of Unintended Consequences, as discussed below.

Eliminate

The only way of reducing risk to zero is to remove the hazard that creates that risk. (Safety can also be made perfect if no one is present. There is risk to the equipment, but not to the people.) Therefore inherent safety can best be achieved by totally removing the items that creates the hazard. ("If a tank's not there, it can't leak.")

Overton and King (2006) provide an example in which the liquefaction step in a chlorination process allowed for the elimination of at storage tank containing 750 tons of chlorine.

For example, if a pump is being used to transfer a liquid from one tank to another it may be found that there are other means of effecting the transfer that don't need a pump. Options may include gravity flow or the use of air at high pressure. (But the use of compressed air may create greater risk than that associated with having a pump.)

Another way of eliminating risk is to remove an activity altogether, and so remove the chance of that activity going awry.

Substitute

The next step in addressing inherent safety is, where possible, to replace a hazardous material with one that is less hazardous. Thus the consequences of a release are fundamentally less dangerous. For example, water-based additive solutions are likely to be safer than hydrocarbon-based solutions because the latter are flammable.

Minimize

Where possible, smaller quantities of hazardous materials should be used. This philosophy comes in part from the Bhopal tragedy. The facility stored large quantities of the intermediate compound methyl isocyanate that created the toxic cloud. Had the facility been designed so as to greatly reduce this inventory - a technically feasible solution - then the consequences of the event would have been much less severe.

In general, it is often found that the use of continuous reaction rather than batch processes will help minimize the amount of hazardous material that is present.

Referring to the pump example, once more, the risk associated with transferring the liquid can be reduced by using a smaller capacity pump and smaller piping to and from it. Then, if either the pump or the piping leaks, the consequences of the event are not so severe.

Moderate

Moderation (attenuation) accepts that a certain condition exists but aims to reduce its impact. In the case of the pump that is transferring liquid from one tank to another it may be that the greatest risk occurs if the pump is blocked in while running and achieves dead-head pressure. In such a case the risk can be moderated by using a lower pressure pump curve.

Simplify

The final step in achieving Inherent Safety is to reduce unnecessary complexity, make operating errors less likely and that are more forgiving of any errors that are made.

Referring to the pump example once more, it is possible that another vendor can provide the same piece of equipment but with many fewer moving parts - thus reducing both the chance of failure and the number of maintenance tasks to be carried out.

When to Use

The best time to apply the concepts of inherent safety is early in the design stages of a new-build process. However, many of the concepts - particularly those to do with removing or reducing equipment sizes - can be applied to facilities that are already in operation.

Law of Unintended Consequences

The Law of Unintended Consequences is a term that is generally used somewhat ironically or tongue in cheek. The basic idea is that human intervention in complex systems may create a range of unexpected outcomes, most of which are assumed to be undesirable, and which could readily lead to losses which negate the benefits many times over. (For example, the rabbit shown on the left was introduced into Australia for food, but eventually became a highly destructive pest.)

Unintended consequences can fall into one of three general categories.

The unexpected outcome is desirable. This concept is usually described as serendipity. In process facilities a commonly desired serendipity is between equipment reliability and safety. If an equipment item is made more reliable, it is argued, then the facility will reduce maintenance costs, and, simultaneously, improve safety because workers will not have to work in hazardous situations so often.
The unexpected outcome is undesirable. Using the same example to do with equipment reliability, it may be found that, because the workers now have to work on the item less frequently, they are less experienced when they have to do so, and they therefore are more likely to make a mistake resulting in an injury.
The third type of outcome is one that makes the original situation worse. Once more using an equipment item as an example, it may be found that making it more reliable not only increases the chance of an injury accident because the workers have less experience with regard to maintaining the item. It may even be found that excessively long repair times reduced the overall system availability.

home| top of page | view cart

PO Box 2217
Ashland, VA 23005-9998