IMPLEMENTING INHERENT SAFETY THROUGHOUT PROCESS LIFECYCLE
Markku Hurme, Mostafizur Rahman
Helsinki University of Technology,
Laboratory of Plant Design, P.O. Box 6100, FIN-02015 HUT, Finland
Abstract
Inherent safety should be implemented as early as possible in the design life cycle, since the changes in process design are easier and cheaper the earlier they are done. The problem is, how to evaluate process alternatives in the terms of inherent safety in the early design phases, when much of the information is missing. In this paper the process life cycle phases, the inherent safety analysis techniques used in them and the accuracy of methods is discussed.
1. Introduction
The aim of process design is to create a process that is economic, safe, and environmentally benign throughout the whole lifetime of the plant. It is required that the safety of a process plant fulfils certain level because of general society requirements, company image and economic reasons. An unsafe plant cannot be profitable due to potential losses of production and capital. The safety of a chemical process can be achieved through inherent (internal) and external means. The inherent safety is related to the intrinsic properties of the inherent safety to remove hazards rather than to controlling them by added-on protective systems, whic is the principle of external safety.
As a process goes through the phases of lifecycle, such as research and development, design, construction, operation, modification, and finally decommissioning, inherent and added on safety have a varying emphasis. The major decisions on process principle are done in the process development and conceptual design phases. Therefore the process development and conceptual design phases give the best opportunities of implementing inherent safety, whereas added on safety has its applications in detailed process and plant engineering. In fact the possibility of implementing inherent safety decreases as the design proceeds (Fig.1). Thus the inherent safety characteristics should be evaluated systematically as early as possible to gain larges benefit. However, the lack of detailed information especially in early design phases complicates safety evaluations and decision making. At this point, much of the detailed information - on which the decisions should be based - is still missing, because the process is not yet designed. Once the process is designed, one would have all the information, but not the freedom to make conceptual changes. This design paradox makes it necessary to implement a dedicated methodology for estimating inherent safety in the early design phases to allow its early adoption. This paper will discuss the principles of inherent safety implementation and evaluation throughout the process lifecycle.
Figure 1. The design paradox and inherently safer design
2. Evaluation of inherent safety
Most of the existing safety analysis methods have been focussed on existing plants or design phases where all documents are already available, because they require detailed information about equipment and plant layout. Safety aspects are however most effectively being considered early in chemical process development. This is hindered by lack of knowledge of the process. At the early stages, only quite limited information on equipment and plant layout exists. Thus, most common methods intended for analysing full designs or plants in operation cannot be used. For this purpose in inherent safety indices have been developed. They are based on the information available in the early design phases.
The first index published for evaluating the inherent safety was the Prototype Index for Inherent Safety (PIIS) by Edwards and Lawrence (1993). The Inherent Safety Index (ISI) by Heikkilä and Hurme (1996 and 1999) was developed to include more aspects than PIIS. The i-Safe Index was developed by Palaniappan et al. (2002 and 2004). The indices use somewhat different criteria to evaluate inherent safety and therefore have to some extent different data requirements (Rahman et al. 2004a,b).
In this paper the problems of implementing inherent safety evaluations and their accuracies in process lifecycle are discussed. For this purpose we have to look more closely, what are the lifecycle phases and how the amount of the knowledge on the process will increase in design.
3. Process lifecycle phases
A process goes through various stages of evolution. Progression through these stages is typically referred to as the process life cycle:
- Idea
- Research and development
- Preliminary process design
- Basic engineering
- Detailed engineering (Plant engineering)
- Procurement, fabrication, construction, installation
- Start up
- Operations, maintenance
- Modifications, retrofitting
- Decommissioning
Many of the phases are separated by decision phases as shown in Figure 2.
Figure 2. Life cycle phases of a process in a development and design project
3.1 Idea phase
New ideas often deal with new or improved products and processes. The first check of the viability of a new idea is often done quite quickly. If the idea looks promising in economic, safety and environmental terms, preliminary research and development can be started by a research decision (see Fig. 2). In idea phase information is collected on competing processes, patent situation, legal aspects and environmental and safety considerations, as well as raw materials, reaction chemistry and product specifications. Typical information available in this phase on a new process is the main reaction chemistry and the basic physical, chemical and toxicity properties of the compounds present (Figure 3). The methods used in safety analyzes have to be based on these basic properties. The result of inherent safety estimation by index methods is very rough and does not give a right ranking of process routes (Table 2).
3.2. Research and development phase
As a new project is started, the chemical synthesis route is selected. The main goals are yield, product quality and safety. To apply inherent safety, research chemists must make an in-depth investigation on the process chemistry. Reaction hazards have to be investigated by reaction calorimeter to find out the conditions, where possible side reactions take place and to find out the possibilities of a runaway reaction.
After the definition of the chemistry, reaction conditions the basic concept of the future process is defined. Research engineers have now many opportunities to incorporate inherent safety principles in the choice of chemical synthesis route for example by:
1) implementing catalysts leading to less severe operating conditions
2) eliminating a hazardous solvent by using a safer one such as water
3) reducing reaction temperature, pressure and concentration
4) using a more volatile solvent that refluxes and provides efficient cooling of reaction.
After the process chemistry has been established, which defines the hazards of the materials, process development personnel needs to focus primarily on process synthesis and unit operations used. This includes the process scheme with reaction and separation steps. In this phase bench and pilot experiments may be necessary for scale-up. Nowadays also mini plants are used to allow continuous process testing in small scale.
In R&D phase, which includes also conceptual phase, the designer has the greatest opportunity to implement inherent safety principles, since most major decisions are done in this phase. Also most inherent safety principles can be considered in conceptual design as shown by Kletz (1991) in Table 1.
Table 1. Inherent safety principles considered in first project stages (Kletz, 1991)
Feature / Conceptual stage / Flowsheet stage / PI-diagram stageIntensification / X / X
Substitution / X / X
Attenuation / X / X
Limitation of effects:
- By equipment design
- By changing reaction conditions / X / X / X
Avoiding knock-on effects:
-By layout
-In other ways / X / X
X / X
Making incorrect assembly impossible / X
Making status clear / X
Simplification / X / X
Tolerance / X
Ease of control / X / X
Software / X
Because many fundamental decisions are made, creative thinking is important in new process development and in looking opportunities to make the process more inherently safer. New principles, such as process intensification, can systematically be implemented to reach the goal (Rong et al., 2004).
In R&D phase inherent safety can be estimated quite well by using the Inherent Safety Index, since most of the information needed is already available (Fig. 3). The accuracy of evaluation is nearly as good as in the process predesign phase coming next. The ISI index can give a quite reliable inherent safety ranking of the process alternatives as presented in the MMA process case study (Table 2). In some cases ranking gave however same ranks to some quite similar alternatives.
3.3 Preliminary process design
Preliminary engineering (or process predesign) is often done only for one process concept based on a pre-feasibility study done earlier. Material and heat balances for the process concept are calculated and flowsheet diagrams generated. For this purpose the type of unit operations have to be decided, if not already done in process development. Preliminary sizing of main equipment and a preliminary layout is also done. More accurate estimations of cost and profitability, safety and environmental aspects are made in a feasibility study to find out, if the project is still promising.
In process predesign the decisions are related to process dimensioning and unit operation types. Even the operating conditions of key equipment are partly determined already in process development, there are still good opportunities to implement inherent safety principles; see Table 1: Intensification and simplification can be done further by using process intensification methodologies (Rong et al., 2004). It may also be possible to substitute some chemicals with safer ones. Attenuation can be practised on temperature and pressure. Knock-on effects can be limited by layout. Using smaller vessels and reducing need for intermediate storages can change process inventories. This may however have a negative effect on controllability.
Plant location is analysed. It may be possible to reduce or eliminate transportation risk by locating the plant, where hazardous raw materials or intermediates are produced, if the risk from transporting the raw materials or intermediates outweights the risk of transporting the final product. Locating plants at the same site will provide additional opportunities for risk reduction by inventory reduction.
In inherent safety evaluation there are some new data is available for the ISI index; equipment types, process structure and a more exact inventory. The accuracy of estimation is however not much increased compared to conceptual phase in the MMA case study shown in Table 2. Other methods available are a pre Hazop, which can be done by the designer as a simplified form, and Dow F&I index, which can be applied to large extent even some information is missing.
3.4 Basic engineering
A plant construction project starts with basic engineering. The main task is to make the PI-diagrams to AFD (accepted for design) phase and to complete all equipment process datasheets. This means all process data for equipment is defined. Automation designers make the basic definition of the automation system, which includes the number of instruments and controllers. Facility designers make only a layout in this phase. Some companies require also that a Hazop (hazard and operability study) is done already in this phase. Also a cost estimate and a project plan for the design and construction project is done. In basic engineering no pipeline or instrumentation design is made, neither equipment diagrams.
In basic engineering phase the normal operating conditions and the limits for safe operation are defined. The key equipment is the chemical reactor. All their possible hazardous situations should be covered and possibilities of them minimized. Means to deal with these situations should be taken into account. The information defined in process design phase determines the values for mechanical design. For example, the materials of construction of equipment should be in accordance with process materials and also with all possible impurities and trace elements. Because over half of the hazardous incidents are associated with start-ups, shut-downs, maintenance work and abnormal operations, all the abnormal situations, including start-ups and shut-downs, should be considered. Assessments can be done in different ways. A commonly used method is a critical examination, especially the Hazop study.
In process design it is important to get the fundamentals right from the start. As the design project proceeds, it becomes more and more expensive and difficult to change process fundamentals. Earlier decisions may limit the options in the later design stages, but inherently safer principles can still be applied. Basic design is the last step when changes can be made at moderate cost. Once the facility is constructed the cost of modification usually increases notably.
The situation of implementing inherent safety principles is somewhat changed from the previous design steps (see Table 1). The inherent safety aspects are now related to process components such as process design aspects of equipment, piping and instrumentation. Inherent safety indices cannot any more be applied to measure safety level but more detailed methods such as Dow F&I index and Hazop studies can be applied.
3.5 Detailed engineering
The detailed design includes mechanical design of the equipment, piping, structural, civil engineering and electric design and specification and a design of ancillary services. Also a detailed layout is done. The key objective of the detailed design phase is to make documents and drawings for construction, procurement and commissioning. However the plant cannot always be engineered as the process engineers have designed. Therefore checking of piping, equipment and instrument design documentation has to be done by the process engineer. The differences between process and detailed engineering documents have to be analysed and the effect on safety studied. Small changes may change the process behaviour and ruin the inherently safer design principles adopted. As an analysis method a complete Hazop study can now be done, since all engineering documents are now available. However, making changes is expensive and can cause delays and further errors. So no changes are welcomed in this phase.
3.6 Construction and start-up
The construction phase starts with preparation of foundations and buildings. When equipment is installed, work continues with the installation of pipes, steel structures, electric devices and instrumentation. From safety point of view the proper installations of equipment is necessary. This is checked by inspection. The start-up phase begins with the testing of the facility. The testing of the facility starts with water drives when all utility systems are operational and instruments and control system are tested. It should be also ensured that process sequences operate as they are planned. When the water drives have been fully completed, testing is carried out with processing materials.
A key point in safety is the training given to operators. The training of workforce should be started early before the start-up of the plant. They should understand the operation principle of the process and automation system to be able to operate the plant in an inherently safer way.
3.7 Operations, maintenance and modifications
In addition to the safe operation and maintenance principles, which include proper training and a work permit system, it is necessary that the inherently safer features, which are built into the installation, must be documented and maintained. Often in process modifications these are not understood or appreciated and changes are made, which change also the operation principle of the process. Therefore the inherently safer aspects may be lost. In fact when making changes, we should look for opportunities to make the system inherently safer and to reduce the risk level of the process. This can be done based on the experience gained, i.e. there is a learning process taking place during the plant operation.
In operation there are possibilities to human operating errors. Therefore the design should be operating error tolerant. From this perspective, the chemistry of the process should be made inherently safer by selecting materials that can better tolerate error in handling and charging. Making systems easier to understand, operate, repair and assemble correctly can make the process more inherently safer and more human error tolerant.
3.8 Decommissioning
Decommissioning means activities that take place after the normal production cycle and result from recognition that a process has reached the end of its useful life time.
The design and implementation of inherently safer chemical processes includes also a consideration on the safety of dismantling of process equipment, reusing the site, and which impact chemicals left behind in the plant or left in the soil or groundwater have at the plant site or nearby. The process equipment and ancillary equipment must be removed or at least left in a safe condition. There is a temptation to delay the cleanup of decommissioned plants as long as possible. However, it is less expensive to do all the plant closure related activities immediately after the plant is closed. This is also inherently safer.
A summary of tasks, information produced and safety tools available in various process lifecycle phases is given as Appendix 1.
4. Accuracy of inherent safety evaluations in process lifecycle phases of MMA processes
The Inherent Safety Index (ISI) developed by Heikkilä and Hurme (1996, 1999) was tested in three stages of process design lifecycle; in idea phase, R&D phase and predesign phase. The information requirements of the ISI index for evaluating inherent safety are presented in Figure 3. In the idea phase there is typically available information on reactivity, flammability, explosiveness and toxicity of chemicals. In R&D phase there is available in addition to the previously mentioned information also: heats of reaction, chemical interaction, corrosiveness, yield, temperature, pressure. In process predesign phase in addition to the previous ones also: inventory, type of equipment and process structure. Part of this information becomes gradually more exact as shown in Figure 3 by dotted lines.