General
5.1.1. Hazard analysis should be carried out primarily be works management, but the same technique may also be applied to the evaluation of safety systems by the competent authorities.
5.1.2. To analyse the safety of a major hazard installation as well as its potential hazards, a hazard analysis should be carried out covering the following areas:
which toxic, reactive, explosive or flammable substances in the installation constitute a major hazard;
which failures or errors could cause abnormal conditions leading to a major accident;
the consequences of a major accident for the workers, people living or working outside the installation, or the environment;
prevention measures for accidents;
mitigation of the consequences of an accident.
5.1.3. The hazard analysis should follow a formalised method to ensure reasonable completeness and comparability.
Preliminary hazard analysis (PHA)
5.2.1. As a first step in hazard analysis, a PHA should be carried out.
5.2.2. A PHA should be used to identify types of potential accident in the installation, such as toxic release, fire, explosion or release of flammable material, and to check the fundamental elements of the safety system.
5.2.3. The PHA should be summarised in documentation covering, for each accident considered, the relevant component (storage vessel, reaction vessel, etc.), the events initiating the accident and the corresponding safety devices (safety valves, pressure gauges, temperature gauges, etc.).
5.2.4. The results of a PHA should indicate which units or procedures within the installation require further and more detailed examination and which are of less significance from a major hazard point of view.
Hazard and operability study (HAZOP)
5.3.1. A HAZOP study or its equivalent should be carried out to determine deviations from normal operation in the installation, and operational malfunctions which could lead to uncontrolled events.
5.3.2. A HAZOP study should be carried out for new plant at the design stage and for existing plant before significant modifications are implemented or for other operational or legal reasons.
5.3.3. A HAZOP study should be based on the principles described in the relevant literature.
5.3.4. The examination should systematically question every critical part of the design, its intention, deviations from this intention and possible hazardous conditions.
5.3.5. A HAZOP study should be performed by a multidisciplinary expert group, always including workers familiar with the installation.
5.3.6. The HAZOP study group should be headed by an experienced specialist from works management or by a specially trained consultant.
Accident consequence analysis
5.4.1. As the final step of a hazard analysis, an accident consequence analysis should be carried out to determine the consequences of a potential major accident on the installation, the workers, the neighbourhood and the environment.
5.4.2. An accident consequence analysis should contain:
a description of the potential accident (tank rupture, rupture of a pipe, failure of a safety valve, fire);
an estimation of the quantity of material released (toxic, flammable, explosive);
where appropriate, a calculation of the dispersion of the material released (gas or evaporating liquid);
an assessment of the harmful effects (toxic, heat radiation, blast wave).
5.4.3. The techniques for accident consequence analysis should include physical models for dispersion of pollutants in the atmosphere, propagation of blast waves, thermal radiation and so on, depending on the type of hazardous substances present in the major hazard installation.
5.4.4. The results of the analysis should be used to determine which protective measures, such as fire-fighting systems, alarm systems or pressure-relief systems, are necessary.
Other methods of analysis
5.5.1. Where necessary, a more sophisticated method should be applied to individual parts of an installation, such as the control system or other components that are very sensitive.
5.5.2. To analyse accidents in more detail and according to the frequency of their occurrence, methods should be considered which, for example, allow the graphic description of failure sequences and the mathematical calculation of probabilities.
5.5.3. The following methods should be applied where necessary:
– event tree analysis;
– fault tree analysis.
5.5.4. The aim of these methods should be the optimisation of the reliability and availability of safety systems.
5.5.5. Application of these quantitative methods should be restricted to sensitive components of a major hazard installation.
5.5.6. The interpretation of the results of quantitative methods should take account of the reliability of data used.