REINVENTING HAZOP

The aim of the hazard and operability (HAZOP) analysis is to identify potential hazardous events and significant operability problems associated with the desalination or water treatment project.
Nobody will argue that the results of HAZOP depends heavily upon the human factor - experience and attitudes of the team members and the leadership style adopted.

The second factor to success is previous HAZOP experience. It cannot be neglected even in cases when the plant is of established design with a number of similar plants being operated throughout the world. The EPC contractor shall maintain the customized hazards checklist and the risk database storing the lessons learned from the previous projects, field service safety issues, and even failure reports.

The third factor to be reckoned with is limited time available for HAZOP analysis. For the SWRO project of above 150 MLD, for instance, its "coarse" variant requires about 600 man-hours of brainstorming sessions and another 400 man-hours for off-session paperwork and preparation. So a big load is explained by a volume of "what if" questions to be answered during sessions. Worse, the project engineering is frozen for the duration of HAZOP.
Table 1 gives some rough indication of the mental work to be done during HAZOP sessions.

Table 1 HAZOP time requirements
Number of P&ID items to be analyzed i 50
Number of deviation parameters (flow, pressure, level, pH, TDS) p 5
Number of guidewords (less, more, no) g 3
Questions to be answered i*p*g 750
Consider 5 minutes per question m 5 min
Consider 4 hours per session s 4 hours
Days per week w 5 days
Number of weeks to complete HAZOP i*p*g*m/s/w 3 weeks

Implementation of the HAZOP findings may substantially affect the project schedule and the budget and adds to the project risk. So it has to be conducted as early as possible.
In practice it means that out of a maze of the engineering documents only two are available with certainty for HAZOP – process flow diagram (PFD) and piping and instrumentation diagrams - P&IDs. Lack of others is substituted with the good engineering practice assumptions of the experienced engineers participated in brainstorming.
Other documents compilation requires roughly 10 times more man-hours and include the following.

  1. Process narrative and functional requirements
  2. Materials-fluids compatibility matrix
  3. Plant equipment layout and piping tracing
  4. Drain master plan & hydraulic profile
  5. Safe upper and lower limits for controlled process parameters
  6. Control loops and safety & operational interlocks data
  7. Operation sequences & subsystems operation modes
  8. Emergency shutdowns and failure propagation modes
  9. Preventive maintenance plan
  10. Plant noise pollution map
  11. Hydraulic transients and relief system design
  12. Reliability analysis and critical equipment list
  13. Level or subsystems automation
  14. (Inherently safe) equipment datasheets

The criticality of the above-mentioned list is explained by the fact that in desalination plants more than 80% of HAZOP recommendations are operability problems and are not hazards. Besides mentioned in Table 1 five parameters, feasible deviations from the design intent cover the whole specter of the plant design and operation starting from corrosion to system failure to batch processes recharging, and the operator training. This information cannot be deduced from the P&ID graphical symbols or the plant plot.

Even if all the documents are submitted for HAZOP review as the word, excel or image files, the required information is hidden amongst thousands of non-relevant pieces. For example, instrument index may contain more than 1500 entries, and only 3% may relate to the control loops searched for.

The lack of required information (or partial availability) and a big volume of work explain the HAZOP probabilistic nature (Monte-Carlo method) and its reliance on the human factor mentioned above. This is in sharp contrast to the wide-spread opinion that HAZOP is a systematic study.
Besides the risk identification, the other pole of HAZOP is safeguards – operating procedures and devices that detect and give early warning, prevent, or mitigate the consequences of hazard occurrences. Ironically enough, engineering practice has not yet developed requirements for documenting the safeguards in consistent manner. Taking unwarranted credit for non-documented safeguards is a common mistake of HAZOP sessions.
Finally, the HAZOP analysis is accompanied by mechanistic check-list review and the status review of the plant functionality implementation. In that respect HAZOP is by far the most important milestone of any project.

From the above-mentioned one may conclude that the HAZOP results and, consequently, the plant engineering quality may be drastically improved by solving the problems of information availability and accessibility.
Crenger solves these problems by offering a unique HAZOP interface for searching, recording, editing and storing the HAZOP findings, fast-linking to any piece of information, creating high-quality reports and metrics. Crenger makes HAZOP part of the FEED package.

SWRO plant hazards checklist example

  1. Safe discharge from pressure relief devices
  2. Pump shutoff and discharge pipe pressure rating
  3. Isolation valve leakage during maintenance or pumps/filters switchover
  4. Isolation valve or blinds to maintain and test subsystems
  5. Isolation valves exercising
  6. Pressure lines with a single hand valve
  7. Failed equipment isolation
  8. Depressurization of micron filters during cartridge replacement
  9. Area flooding after feed pipe burst
  10. Flooding of pumps installed below grade
  11. Tanks and MMF drainage control
  12. RO membrane vessel burst
  13. Blocked discharge of progressive cavity pump
  14. Switches for hand valves touched during startup or shutdown
  15. Energy recovery redundancy
  16. DWEER valves and vessel flanges cyclic fatigue
  17. High pressure pump emergency shutdown
  18. Intake station surge and water hammers
  19. High-temperature environment and chemical storage and dosing
  20. Overflow from chemical storage tanks, spill berms
  21. Calcium oxide blockage in lime plant
  22. CO2 leak from failed plastic piping
  23. Contamination – oil and biofouling
  24. Dust protection from the solid SBS in the loading process
  25. Chemical piping drainage
  26. Safety showers and service water at the chemical dosing system areas
  27. Contamination - backflow from product posttreatment to permeate lines
  28. ORP instruments redundancy
  29. CIP system instrumentation: T, pH, TDS
  30. Control loops safe failure check
  31. Alarm-bounded control loop "envelopes"
  32. RO membrane preservation during prolonged shutoffs, especially in summer
  33. Rotating screen band blockage during seasonal jellyfish or debris inrush
  34. Static mixer isolation and replacement
  35. Access to RO membrane vessels
  36. Access to hand valves and actuators
  37. Water leak into motor - electrical safety
  38. Noise sources
  39. PLC redundancy for critical service equipment and trains
  40. DAF vessels over-pressure
  41. DAF water-to-air flow ratio control stability
  42. CIP piping overpressure
  43. CIP tank overflow
  44. Flushing pump periodic test/exercising
  45. Flushing volumes sufficiency for all trains
  46. Restricted access to RO area