Hazard and operability study

A hazard and operability study (HAZOP) is a structured and systematic examination of a planned or existing process or operation in order to identify and evaluate problems that may represent risks to personnel or equipment, or prevent efficient operation; it is carried out by a suitably experienced multi-disciplinary team (HAZOP team) during a set of meetings. The HAZOP technique is qualitative, and aims to stimulate the imagination of participants to identify potential hazards and operability problems; structure and completeness are given by using guideword prompts. The relevant international standard ^[1] calls for team members to display 'intuition and good judgement' and for the meetings to be held in 'a climate of positive thinking and frank discussion'. The HAZOP technique was initially developed to analyze chemical process systems and mining operation process but has later been extended to other types of systems and also to complex operations such as nuclear power plant operation and to use software to record the deviation and consequence.

Method

Outline

The method applies to processes (existing or planned) for which design information is available.^{[lower-alpha 1]} For continuous processes, this commonly includes a piping and instrumentation diagram and process flow diagram which is examined in sections, chosen so that for each a meaningful design intent (the desired, or specified range of behaviour for that item, not just its design duty point ) can be specified. For example, in a chemical plant, a pipe may be intended to transport 2.3 kg/s of 96% sulfuric acid at 20 °C and a pressure of 2 bar from a pump to a heat exchanger but a prudent designer will have allowed for foreseeable variations – hotter/stronger acid, pump ‘no-flow’ pressure on the line - before the design reaches detailed HAZOP and (where possible) that wider design envelope should be explicitly identified and taken as the ‘design intent’ basis for HAZOP study .^{[lower-alpha 2]} The intended duty of the heat exchanger may be to heat 2.3 kg/s of 96% sulfuric acid from 20 °C to 80 °C but its full design intent will also include ‘glimpse of the obvious’ functions; e.g. maintaining containment of hot acid (and of the heating fluid,and preventing leakage of one into the other). The size of sections should be appropriate to the complexity of the system and the magnitude of the hazards it might pose. The HAZOP team then determines what are the possible significant Deviations from each intent, feasible Causes and likely Consequences. It can then be decided (at the HAZOP, or by subsequent analysis) whether existing, designed safeguards are sufficient, or whether additional actions are necessary to reduce risk to an acceptable level. For batch and other sequential operations a logic flow diagram should be available for HAZOP study as well: equipment may have different design intents at different points in the operation (all should be considered) and hazards may arise from performing operations out of sequence. When HAZOP meetings were recorded by hand they were generally scheduled for three to four hours per day.^{[lower-alpha 3]} For a medium-sized chemical plant where the total number of items to be considered is 1200 (items of equipment and pipes or other transfers between them) about 40 such meetings would be needed.^[2] Various software programs are now available to assist in meetings.

Guide words and parameters

In order to identify deviations, the team applies (systematically, in order ^{[lower-alpha 4]}) a set of Guide Words to each section of the process. To prompt discussion, or to ensure completeness, it may also be helpful to explicitly consider appropriate parameters which apply to the design intent. These are general words such as Flow, Temperature, Pressure, Composition. The current standard^[1] notes that Guide words should be chosen which are appropriate to the study and neither too specific (limiting ideas and discussion) nor too general (allowing loss of focus). A fairly standard set of Guide Words (given as an example in Table 3 of ^[1]) is as follows:

Guide Word	Meaning
NO OR NOT	Complete negation of the design intent
MORE	Quantitative increase
LESS	Quantitative decrease
AS WELL AS	Qualitative modification/increase
PART OF	Qualitative modification/decrease
REVERSE	Logical opposite of the design intent
OTHER THAN	Complete substitution
EARLY	Relative to the clock time
LATE	Relative to the clock time
BEFORE	Relating to order or sequence
AFTER	Relating to order or sequence

(The last four guide words are applied to batch or sequential operations.) Where a guide word is meaningfully applicable to a parameter e.g. NO FLOW, MORE TEMPERATURE, their combination should be recorded as a credible potential deviation. The distinction between some guide words may not always be remembered by the team (LESS COMPOSITION should suggest less than 96% sulfuric acid, AS WELL AS COMPOSITION should suggest a contaminant whereas OTHER THAN COMPOSITION should suggest something else such as oil) or be well observed by the plant (if a 60% sulphuric/ 15% nitric acid mixture could be fed instead, the possibility could be flagged up against LESS, AS WELL AS, OTHER THAN).

HAZOP-type studies may also be carried out by considering applicable guide words and identifying elements to which they are applicable^[1] or by considering the parameters associated with plant elements and systematically applying guide words to them; although this last approach is not mentioned in the relevant standard, its examples of output include a study (B3) recorded in this way.^[1] The following table gives an overview of commonly used guide word - parameter pairs and common interpretations of them.

Parameter / Guide Word	More	Less	None	Reverse	As well as	Part of	Other than
Flow	high flow	low flow	no flow	reverse flow	deviating concentration	contamination	deviating material
Pressure	high pressure	low pressure	vacuum		delta-p		explosion
Temperature	high temperature	low temperature
Level	high level	low level	no level		different level
Time	too long / too late	too short / too soon	sequence step skipped	backwards	missing actions	extra actions	wrong time
Agitation	fast mixing	slow mixing	no mixing
Reaction	fast reaction / runaway	slow reaction	no reaction				unwanted reaction
Start-up / Shut-down	too fast	too slow			actions missed		wrong recipe
Draining / Venting	too long	too short	none		deviating pressure	wrong timing
Inertising	high pressure	low pressure	none			contamination	wrong material
Utility failure (instrument air, power)			failure
DCS failure ^{[lower-alpha 5]}			failure
Maintenance			none
Vibrations	too low	too high	none				wrong frequency

Once the causes and effects of any potential hazards have been established, the system being studied can then be modified to improve its safety. The modified design should then be subject to another HAZOP, to ensure that no new problems have been added. ^{[lower-alpha 6]}

Team

A HAZOP study is a team effort. The team should be as small as possible consistent with their having relevant skills and experience ^{[lower-alpha 7]} A minimum team size of 4^[1]-5 ^[3] is recommended. In a large process there will be many HAZOP meetings and the team may change as different specialists and possibly different members of the design team are brought in, but the Study Leader and Recorder will usually be fixed. As many as 20 individuals may be involved^[4] but is recommended that no more than 7^[1]-8^[3] are involved at any one time (a larger team will make slower progress): each team member should have a definite role as follows ^[1] (with alternative names from other sources):

Name	Alternative	Role
Study leader	Chairman	someone experienced in HAZOP but not directly involved in the design, to ensure that the method is followed carefully. Responsible for ensuring that discussion leads to a definite conclusion and is adequately recorded, problems are documented and recommendations passed on
Recorder	Secretary or scribe	to record discussions (accurately but comprehensibly), to alert Study Leader when this becomes impossible,^{[lower-alpha 8]} to document problems and recommendations
Designer	(or representative of the team which has designed the process)	To explain any design details or provide further information
User	(or representative of those who will use it ^{[lower-alpha 9]})	To consider it in use and question its operability, and the effect of deviations
Specialist	according to specialism; e.g. Chemist ; Human Factors Specialist	someone with relevant technical knowledge, e.g. knowledge about effect of varying reaction conditions; training in human reliability analysis, and human error identification
Maintainer	(if appropriate)	someone concerned with maintenance of the plant.

In earlier publications it was suggested that the Study Leader could also be the Recorder^[4] but separate roles are now generally recommended. Software is now available from several suppliers to aid the Study Leader and the Recorder.

History

The technique originated in the Heavy Organic Chemicals Division of ICI, which was then a major British and international chemical company. The history has been described by Trevor Kletz^[4]^[5] who was the company's safety advisor from 1968 to 1982, from which the following is abstracted.

In 1963 a team of 3 people met for 3 days a week for 4 months to study the design of a new phenol plant. They started with a technique called critical examination which asked for alternatives, but changed this to look for deviations. The method was further refined within the company, under the name operability studies, and became the third stage of its hazard analysis procedure (the first two being done at the conceptual and specification stages) when the first detailed design was produced.

In 1974 a one-week safety course including this procedure was offered by the Institution of Chemical Engineers (IChemE) at Teesside Polytechnic. Coming shortly after the Flixborough disaster, the course was fully booked, as were ones in the next few years. In the same year the first paper in the open literature was also published.^[6] In 1977 the Chemical Industries Association published a guide.^[7] Up to this time the term HAZOP had not been used in formal publications. The first to do this was Kletz in 1983, with what were essentially the course notes (revised and updated) from the IChemE courses.^[4] By this time, hazard and operability studies had become an expected part of chemical engineering degree courses in the UK.^[4]

Notes

↑ The HAZOP technique can also be applied where design information is not fully available - and doing so may be useful in knocking bad ideas on the head before too much time is wasted upon them - but a meeting carried out on that basis is not a 'HAZOP' within the meaning of the standard which notes its restrictive redefinition of the term "The term HAZOP has been often associated, in a generic sense, with some other hazard identification techniques (e.g. checklist HAZOP, HAZOP 1 or 2, knowledge-based HAZOP). The use of the term with such techniques is considered to be inappropriate and is specifically excluded from this document."^[1]
↑ Otherwise the HAZOP gets bogged down
↑ Hours were restricted for a number of reasons: to allow the secretary time to manage the records, to allow attendance by busy people with valuable insights, and because HAZOP meetings (and HAZOP team members) tend to lose focus if they go on too long. The last two considerations still apply: “The success of the HAZOP study strongly depends on the alertness and concentration of the team members and it is therefore important that the sessions are of limited duration and that there are appropriate intervals between sessions. How these requirements are achieved is ultimately the responsibility of the study leader.” ^[1]
↑ If an individual team member spots a problem before the appropriate guideword is reached it may be possible to maintain rigid adherence to order; if most of the team wants to take the discussion out of order no great harm is done if they do, provided the Study Leader ensures that the secretary is not becoming too confused, and that all guidewords are (eventually) adequately considered
↑ This relates to the Distributed Control System (DCS) hardware only; software (unless specially carefully written) must be assumed to be capable of attempting incorrect or inopportune operation of anything under its control
↑ ie the modifications (and their possible effect on other plant items) should undergo re-HAZOP
↑ and affiliation “Where a system has been designed by a contractor, the HAZOP team should contain personnel from both the contractor and the client.” ^[1]
↑ e.g. he is unclear what conclusion has been reached against a guideword (or he suspects the Study Leader has missed one)
↑ If similar plant exists, its users should also be represented

References

↑ ^1.00 ^1.01 ^1.02 ^1.03 ^1.04 ^1.05 ^1.06 ^1.07 ^1.08 ^1.09 ^1.10 British Standard BS: IEC61882:2002 Hazard and operability studies (HAZOP studies)- Application Guide British Standards Institution. “This British Standard reproduces verbatim IEC 61882:2001 and implements it as the UK national standard.”
↑ Swann, C. D., & Preston, M. L., (1995) Journal of Loss Prevention in the Process Industries, vol 8, no 6, pp349-353 "Twenty-five years of HAZOPs"
↑ ^3.0 ^3.1 Nolan, D.P. (1994) Application of HAZOP and What-If Safety Reviews to the Petroleum, Petrochemical and Chemical Industries. William Andrew Publishing/Noyes. ISBN 978-0-8155-1353-7
↑ ^4.0 ^4.1 ^4.2 ^4.3 ^4.4 Kletz, T. A., (1983) HAZOP & HAZAN Notes on the Identification and Assessment of Hazards IChemE Rugby
↑ Kletz, T., (2000) By Accident - a life preventing them in industry PVF Publications ISBN 0-9538440-0-5
↑ Lawley, H. G.,(1974) Chemical Engineering Progress, vol 70, no 4 page 45 "Operability studies and hazard analysis" AIChE
↑ Chemical Industries Association (1977) A Guide to Hazard and Operability Studies

v t e Occupational safety and health
Occupational diseases and injuries	Acrodynia Asbestosis Asthma Barotrauma Berylliosis Brucellosis Byssinosis ("brown lung") Chalicosis Chronic solvent-induced encephalopathy Chimney sweeps' carcinoma Coalworker's pneumoconiosis ("black lung") Concussions in sport Decompression sickness De Quervain syndrome Erethism Exposure to human nail dust Farmer's lung Fiddler's neck Flock worker's lung Glassblower's cataract Golfer's elbow Hearing loss Hospital-acquired infection Indium lung Laboratory animal allergy Lead poisoning Mesothelioma Metal fume fever Mule spinners' cancer Noise-induced hearing loss Phossy jaw Pneumoconiosis Radium jaw Repetitive strain injury Silicosis Silo-filler's disease Sports injury Surfer's ear Tennis elbow Tinnitus Writer's cramp
Occupational hygiene	Occupational hazard Biological hazard Chemical hazard Physical hazard Psychosocial hazard Hierarchy of hazard controls Prevention through design Exposure assessment Occupational exposure limit Occupational epidemiology Workplace health surveillance
Professions	Environmental health Industrial engineering Occupational health nursing Occupational health psychology Occupational medicine Occupational therapist Safety engineering
Agencies and organizations	Canadian Centre for Occupational Health and Safety European Agency for Safety and Health at Work UK Health and Safety Executive International Labour Organization Istituto nazionale per l'assicurazione contro gli infortuni sul lavoro US National Institute for Occupational Safety and Health National Institute for Safety and Health at Work (Spain) US Occupational Safety and Health Administration National Institute for Safety and Health at Work (Spain) WHO
Standards	Bangladesh Accord ISO 45001 Occupational Safety and Health Convention, 1981 Worker Protection Standard (US) Working Environment Convention, 1977
Safety	Checklist Code of practice Contingency plan Diving safety Emergency procedure Emergency evacuation Hazard Hierarchy of hazard controls Hazard elimination Administrative controls Engineering controls Hazard substitution Personal protective equipment Job safety analysis Lockout-tagout Permit To Work Operations manual Redundancy (engineering) Risk assessment Safety culture Standard operating procedure
Legislation	Diving regulations Occupational Safety and Health Act (United States) Right to sit (United States)
See also	Drug policy Environment, health and safety Environmental toxicology Ergonomics Health physics Indoor air quality International Chemical Safety Card National Day of Mourning (Canada) Process safety management Public health Risk management Safety data sheet Toxic tort Workers' compensation
Category Occupational diseases Journals Organizations Commons Glossary

Hazard and operability study

Contents

Method

Outline

Guide words and parameters

Team

History

See also

Notes

References

Further reading

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools