Process safety

Process safety is an interdisciplinary engineering domain focusing on the study, prevention, and management of large-scale fires, explosions and chemical accidents (such as toxic gas clouds) in process plants or other facilities dealing with hazardous materials, such as refineries and oil and gas (onshore and offshore) production installations. Thus, process safety is generally concerned with the prevention of, control of, mitigation of and recovery from unintentional hazardous materials releases that can have a serious effect to people (onsite and offsite), plant and/or the environment.

Definition and scope
The American Petroleum Institute defines process safety as follows: "A disciplined framework for managing the integrity of hazardous operating systems and processes by applying good design principles, engineering, and operating and maintenance practices. It deals with the prevention and control of events that have the potential to release hazardous materials or energy. Such events can cause toxic effects, fire or explosion and could ultimately result in serious injuries, property damage, lost production, and environmental impact." The same definition is given by the International Association of Oil & Gas Producers (IOGP). The Center for Chemical Process Safety (CCPS) of the American Institute of Chemical Engineers (AIChE) gives the following:"A discipline that focuses on the prevention of fires, explosions, and accidental chemical releases at chemical process facilities."Process safety scope is usually contrasted with occupational safety and health (OSH). While both domains deal with dangerous conditions and hazardous events occurring at work sites and/or while carrying out one's job duties, they differ at several levels. Process safety is primarily concerned with events which involve hazardous materials and are or have the potential to escalate to major accidents. A major accident is usually defined as an event causing multiple fatalities, extensive environmental impact, and/or significant financial consequences. The consequences of major accidents, while typically limited to the work site, can overcome the plant or installation boundaries, thus causing significant offsite impact. In contrast to this, occupational safety and health focuses on events that cause harm to a limited number of workers (usually one or two per event), have consequences limited to well within the work site boundaries, and do not necessarily involve unintended contact with a hazardous material. Thus, for example, a gasoline storage tank loss of containment resulting in a fire is a process safety event, while a fall from height occurring while inspecting the tank is an OSH event. Although they may result in far higher impact to people, assets and the environment, process safety accidents are significantly less frequent than OSH events, with the latter account for the majority of workplace fatalities. However, the impact of a single major process safety event on such aspects as regional environmental resources, company reputation, or the societal perception of the chemical and process industries, can be very considerable and is usually given prominent visibility in the media.

The pivotal step in a process safety accident, around which a chain of accident causation and escalation can be built (including preventative and control/mitigative safety barriers), is generally the loss of containment of a hazardous material. It is this occurrence that frees the chemical energy available for the harmful consequences to materialize. Inadequate isolation, overflow, runaway or unplanned chemical reaction, defective equipment, human error, procedural violation, inadequate procedures, blockage, corrosion, degradation of material properties, excessive mechanical stress, fatigue, vibration, overpressure, and incorrect installation are the usual proximate causes for such loss of containment. If the material is flammable and encounters a source of ignition, a fire will take place. Under particular conditions, such as local congestion (e.g., arising from structures and piping in the area where the release occurred or the flammable gas cloud migrated), the flame front of a flammable gas cloud can accelerate and transition to an explosion, which can cause overpressure damage to nearby equipment and structures and harm to people. If the released chemical is a toxic gas or a liquid whose vapors are toxic, then a toxic gas cloud occurs, which may harm or kill people locally at the release source or remotely, if its size and the atmospheric conditions do not immediately result in its dilution to below hazardous concentration thresholds. Fires, explosions, and toxic clouds are the main types of accidents with which process safety is concerned.

In the domain of offshore oil and gas extraction, production, and subsea pipelines, the discipline of process safety is sometimes understood to extend to major accidents not directly associated with hazardous materials processing, storage, or transport. In this context, the potential for accidents such as ship collisions against oil platforms, loss of FPSO hull stability, or crew transportation accidents (such as from helicopter or boating events), is analyzed and managed with tools typical of process safety.

Process safety is usually associated with fixed onshore process and storage facilities, as well as fixed and floating offshore production and/or storage installations. However, process safety tools can and often are used (although to varying degrees) to analyze and manage bulk transportation of hazardous materials, such as by road tankers, rail tank cars, sea-going tankers, and onshore and offshore pipelines. Industrial domains that share similarities with the chemical process industries, and to which process safety concepts often apply, are nuclear power, fossil fuel power production, mining, steelmaking, foundries, etc. Some of these industries, notably nuclear power, follow an approach very similar to process safety's, which is usually referred to as system safety.

History
In the early chemical industry, processes were relatively simple and societal expectations regarding safety were low by today’s standards. As chemical technology evolved and increased in complexity, and, simultaneously, societal expectations for safety in industrial activities increased, it became clear that there was a need for increasingly specialized expertise and knowledge in safety and loss prevention for the chemical industry. Organizations in the process industries originally had safety reviews for processes that relied on the experience and expertise of the people in the review. In the mid 20th century, more formal review techniques began to appear. These included the hazard and operability (HAZOP) review, developed by ICI in the 1960s, failure mode and effects analysis (FMEA), checklists and what-if reviews. These were mostly qualitative techniques for identifying the hazards of a process.

Quantitative analysis techniques, such as fault tree analysis (FTA, which had been in use by the nuclear industry), quantified risk assessment (QRA, also referred to as Quantitative Risk Analysis), and layer-of-protection analysis (LOPA) also began to be used in the process industries in the 1970s, 1980s and 1990s. Modeling techniques were developed for analyzing the consequences of spills and releases, explosions, and toxic exposure.

The expression "process safety" began to be used increasingly to define this engineering field of study. It was generally understood to be a branch of chemical engineering, as it primarily relied on the understanding of industrial chemical processes, as exemplified in the HAZOP technique. In time, it absorbed a range of elements from other disciplines (such as chemistry and physics for mathematical modelling of releases, fires and explosions, instrumentation engineering, asset management, human factors and ergonomics, reliability engineering, etc.), thus becoming a relatively interdisciplinary engineering domain, although at its core it remains strongly connected with the understanding of industrial process chemical technology. "Process safety" gradually prevailed over alternative terms; for example, Frank P. Lees in his monumental work Loss Prevention in the Process Industries either used the titular expression or "safety and loss prevention", and so did Trevor Kletz, a central figure in the development of this discipline. One of the first publications to use the term in its current sense is the Process Safety Guide by the Dow Chemical Company.

By the mid to late 1970s, process safety was a recognized technical specialty. The American Institute of Chemical Engineers (AIChE) formed its Safety and Health Division in 1979. In 1985, AIChE established the Center for Chemical Process Safety (CCPS), partly in response to the Bhopal tragedy occurred the previous year.

Lessons learnt from past events have been key in determining advances in process safety. Some of the major accidents that shaped it as an engineering discipline are:


 * The Flixborough disaster (1974)
 * The Seveso toxic gas cloud (1976)
 * The Bhopal toxic gas cloud (1984), the worst industrial accident ever occurred in terms of the number of fatalities
 * The Piper Alpha oil platform disaster (1988)
 * The Texas City refinery explosion (2005)
 * The Buncefield tank farm fire (2005)
 * The Deepwater Horizon explosion and oil spill (2010).

Topics in process safety
The following is a list of topics covered in process safety. There are some overlaps with equivalent domains from other disciplines, especially occupational safety and health (OSH), although the focus in process safety will always be specifically on the loss of control in the handling of hazardous materials at industrial scale.

Strictly related to process safety, although for historical reasons usually not considered to belong to its domain, is the design of the following systems (note however that their selection is often the responsibility of a specialized process safety engineer):
 * Process safety regulation, which has been established in several countries in the past decades.
 * Compiling trends and statistics of past process safety events.
 * The study of past process accident history cases.
 * Process accident investigation.
 * Inherently safer design.
 * Process safety culture.
 * Process safety management (PSM). PSM covers business and operations management aspects that are known to be critical in the prevention, management, or mitigation of process accidents. These include, but are not limited to, compliance with standards, operators' competency, workforce involvement, operating procedures and safe work practices, management of asset integrity (for ensuring the performance of systems critical to plant safety), contractor management, management of change, operational readiness, selection and maintenance of process safety metrics, safety auditing, etc.
 * Hazard identification, using methods such as audits, checklists, review of MSDS, historical analysis, hazard identification (HAZID) reviews, structured what-if technique (SWIFT), hazard and operability (HAZOP) studies, failure mode and effects analysis (FMEA), etc.
 * Aspects of human factors and ergonomics, especially as pertains to criticality and operability of valves, alarm management, prevention and mitigation of control room operators errors, etc.
 * Avoidance and mitigation of Natech (natural hazards triggering technological accidents), i.e. external environmental factors, such as earthquakes and extreme weather, that can escalate to a major process accident if process facilities are affected. An example of a Natech event is the 2017 Arkema explosion in Crosby, Texas, which was triggered by Hurricane Harvey.
 * The physico-chemical study and modeling of:
 * Fluid emission rates resulting from accidental loss of containment.
 * Gas dispersion, for the assessment of the reach of toxic and flammable concentration contours.
 * Fire (typically in the form of pool fires, jet fire, flash fires, or fireballs), in terms of ignition sources, spread, radiative power transfer, and smoke dispersion.
 * Explosions (vapor cloud explosions, BLEVEs, dust explosions) and closed vessel bursts, such as caused by runaway reactions.
 * The understanding and modeling of the vulnerability of people to the effect of fires (thermal radiation, smoke inhalation), explosion (blast overpressure, missiles, etc.), and toxic gas inhalation. This domain incorporates elements of human physiology, toxicology, and statistics.
 * The modeling of the effects of fire and explosion on structures and process equipment, for evaluating the possibility that an accident escalates to additional inventories of hazardous materials or damages facilities critical to emergency management (such as depressurization and flare systems, firefighting facilities, refuge buildings, control rooms, lifeboats on offshore installations, etc.).
 * Process risk assessment, which combines the evaluation of the accidental consequences of the hazard scenarios identified, with their effects on people and critical assets and with thewhat-if probability and/or the frequency with which the accidental scenarios are expected to occur. Risk assessment techniques include hazard indices, preliminary hazard analysis (PreHA, usually accomplished by the use of a risk matrix), fault tree analysis (FTA), event tree analysis (ETA), layer-of-protection analysis (LOPA, which is often used to determine the safety integrity level [SIL] of safety instrumented functions), quantified risk assessment (QRA), dynamic risk assessment etc.
 * Support to risk-based decision making. It is usually accepted that risk cannot be eliminated, and that a certain amount of residual risk will be accepted if the societal, financial, or other benefits of the hazardous process make it desirable. Examples of decision-making tools are land-use planning criteria, and the ALARP principle (which may require a cost-benefit analysis entailing sometimes controversial assumptions on the value of a human life).
 * Onsite and offsite emergency management for process accidents.


 * The definition of process equipment and piping mechanical and thermal specifications (by process and mechanical engineers).
 * The design of pressure relief devices, such as rupture discs and relief valves (by mechanical engineers, supported by process engineers).
 * The design of depressurization and flare systems (by process engineers).
 * The design of emergency liquid drainage facilities (by process engineers).
 * The design of ignition prevention systems, such as pressure vessel inerting (typically within the domain of process engineering), flame arrestors (mechanical engineering), and equipment for use in explosive atmospheres (largely left to electrical engineers).
 * The design of passive fire protection and active firefighting facilities (such as firewater pumps, distribution, etc.), usually under the purview of fire protection specialists.

Management
Companies whose business heavily relies on the extraction, processing, storage, and/or transport of hazardous materials, usually integrate elements of process safety management (PSM) within their health and safety management system. PSM was notably regulated by the United States' OSHA in 1992. The OSHA model for PSM is still widely used, not only in the US but also internationally. Other equivalent models and regulations have become available since, notably by the EPA, the Center for Chemical Process Safety (CCPS), and the UK's Energy Institute.

PSM schemes are organized in 'elements'. Different schemes are based on different lists of elements. This is the CCPS scheme for risk-based process safety, which can be reconciled with most other established PSM schemes:


 * Commit to process safety
 * Process safety culture
 * Compliance with standards
 * Process safety competency
 * Workforce involvement
 * Stakeholder outreach
 * Understand hazards and risks
 * Process knowledge and documentation management
 * Hazard identification and risk analysis
 * Manage risk
 * Operating procedures
 * Safe work practices (e.g. a permit-to-work system)
 * Asset integrity management
 * Contractor management
 * Training and performance assurance
 * Management of change
 * Operational readiness
 * Conduct of operations
 * Emergency management
 * Learn from experience
 * Incident investigation
 * Process safety metrics and performance measurement
 * Auditing
 * Management review and continuous improvement

While originally designed eminently for plants in their operations phase, elements of PSM can and should be implemented through the entire lifecycle of a project, wherever applicable. This includes design (from front-end loading to detailed design), procurement of equipment, commissioning, operations, material and organizational changes, and decommissioning.

A common model used to represent and explain the various different but connected systems related to achieving process safety is described by James T. Reason's Swiss cheese model. In this model, barriers that prevent, detect, control and mitigate a major accident are depicted as slices, each having a number of holes. The holes represent imperfections in the barrier, which can be defined as specific performance standards. The better managed the barrier, the smaller these holes will be. When a major accident happens, this is invariably because all the imperfections in the barriers (the holes) have lined up. It is the multiplicity of barriers that provide the protection.