ExpHAZOP+: Knowledge-based expert system to conduct automated HAZOP analysis

Journal of Loss Prevention in the Process Industries 22 (2009) 373–380

Contents lists available at ScienceDirect

Journal of Loss Prevention in the Process Industries journal homepage: www.elsevier.com/locate/jlp

ExpHAZOPþ: Knowledge-based expert system to conduct automated HAZOP analysis Shibly Rahman a, Faisal Khan b, *, Brian Veitch b, Paul Amyotte c a

Department of Computer Science, Memorial University, St. John’s, NL, Canada A1B 3X5 Faculty of Engineering & Applied Science, Memorial University, St. John’s, NL, Canada A1B 3X5 c Department of Process Engineering and Applied Science, Dalhousie University, Halifax, NS, Canada B3J 2X4 b

a r t i c l e i n f o

a b s t r a c t

Article history: Received 18 October 2007 Received in revised form 18 January 2009 Accepted 28 January 2009

HAZOP (Hazard and Operability) is a preliminary and systematic approach for identifying hazards and suggesting hazard mitigation measures in a process facility. A knowledge-based expert system, ExpHAZOPþ, has been developed to automate the manual HAZOP analysis and accelerate the process. ExpHAZOPþ comprises a graphical user interface (GUI), a knowledge-base and an inference engine. One of the unique features of ExpHAZOPþ is the fault propagation algorithm, an aspect of the inference engine, which defines the propagation of deviations to all downstream equipment. The dynamic knowledge-base of ExpHAZOPþ allows a user to update knowledge while performing the HAZOP analysis and to use that knowledge in the result. ExpHAZOPþ is easy to use and provides results in a standard report format. Crown Copyright Ó 2009 Published by Elsevier Ltd. All rights reserved.

Keywords: HAZOP ExpHAZOPþ Knowledge-based expert system Inference engine optHAZOP

1. Introduction Process Hazard Analysis (PHA) ensures equipment safety and identifies the possible hazards that may arise as a result of equipment malfunctions and deviations of process variables (temperature, pressure, etc.) from normal operation. PHA uses different techniques such as fault tree analysis, event tree analysis, what–if analysis, and Hazard and Operability (HAZOP) analysis. HAZOP is a qualitative analysis and is used primarily for hazard identification of a process plant before the setting up of equipment in the design stage (Khan & Abbasi, 1997a; Knowlton, 1997; Lawley, 1974; McKelvey, 1988; Sweeny, 1993). This is achieved using Piping and Instrumentation Diagrams (P&IDs), commonly referred to as Engineering Flow Diagrams (EFDs) that cover every vessel, conduit, valve and all control equipment in a process facility. To conduct a HAZOP analysis, a P&ID is divided into different sections known as study nodes. A group of experts conducts brainstorming activities within each study node. These experts are helped by guide words, which enable them to cover all possible malfunctions of a plant in a systematic way. The guide words often used are NONE, LESS, MORE, etc. When these guide words are applied to the process variables (temperature, pressure, etc.) in any unit of a plant, one

* Corresponding author. E-mail address: fi[email protected] (F. Khan).

gets the corresponding process variable deviations such as MORE PRESSURE, MORE TEMPERATURE, NO FLOW, etc. These deviations are used for detailed and focused HAZOP analysis. In many process facilities, HAZOP analysis is conducted manually. The results of such studies remain in paper form. As a result, important data are lost over time. Furthermore, the team members performing the analysis may become unnecessarily tied up with the system complexities and may lose their focus. To overcome these limitations, automated HAZOP analysis can be applied to improve the following areas:  significant saving of human effort and manpower cost by reviewing the most commonly occurring fault conditions;  integration of knowledge of the commonly occurring scenarios in a current HAZOP study to be applied for future HAZOP study;  standardization of the HAZOP study process by automatically recalling process parameters and reviewing the results;  easier tracking of the study through the automation of commonly generated scenarios making the study more focused. A few tools and approaches, as described in the next section, have been developed in the past for automating the HAZOP analysis. This paper aims to overcome some of the constraints of the previous tools using a new tool: ExpHAZOPþ. ExpHAZOPþ performs automated HAZOP analysis using a unique fault propagation

0950-4230/$ – see front matter Crown Copyright Ó 2009 Published by Elsevier Ltd. All rights reserved. doi:10.1016/j.jlp.2009.01.008

374

S. Rahman et al. / Journal of Loss Prevention in the Process Industries 22 (2009) 373–380

approach. It further uses a knowledge-base to retrieve relevant causes and consequences for an operation or equipment failure. The overall methodology for ExpHAZOPþ is described in the subsequent sections and illustrated using a simple case study. 2. Past tools for automated HAZOP analysis Parmar and Lees (1987a, 1987b) used a fault propagation approach to perform automated HAZOP analysis, and applied it to the hazard identification of a water separation system. They represented the knowledge of each process unit using qualitative fault propagation equations and event statements for the initiation and termination of faults. The system was implemented using Fortran77 and Prolog. The system was efficient in identifying immediate causes and consequences, but had limited effectiveness in propagating deviations. Also, the existing technology was not flexible enough for the derivation of information from the knowledge-base. Waters and Ponton (1989) attempted to automate HAZOP analysis using a quasi-steady state qualitative simulation approach. The system was developed in Prolog and implemented on a Sun 3/ 50 workstation. The resulting system was time consuming even for a simple HAZOP analysis and was considered limited for practical application. A rule-based (if–then) expert system prototype called HAZOPEX was developed using the korn shell by Karvonen, Heino, and Suokas (1990). In HAZOPEX’s system, the knowledge-base consisted of the information on the structure of the process system, and rules for searching for causes and consequences. The rules in this system depended on the structure of the process. Thus, an increase in the number of processes increases the number of rules which reduces the generality of the system. Furthermore, the identification of abnormal causes was emphasized more than the consequences. Nagel (1991) developed an inductive and deductive reasoningbased approach for automatically identifying hazards in chemical plants caused by any hazardous reactions. This analysis consisted of only those hazards that have the possibility of causing chemical reactions in chemical plants. Thus, the approach was limited to only one type of hazard. Chae, Yoon, and Yoon (1994) have developed a rule-based expert system for HAZOP study. Although it incorporates six different equipment types, the knowledge-base consists of limited deviations, causes and consequences. Furthermore, it does not take into account the fault propagation from one unit to another and some of the relevant equipment types were omitted. Catino and Ungar (1995) developed a prototype for automated HAZOP analysis called Qualitative Hazard Identification (QHI). QHI works by exhaustively positing possible faults, automatically building qualitative process models, simulating them, and checking for hazards. Some HAZOP analyses using QHI took seconds while others took days (Catino & Ungar, 1995). Some of the faults generated using QHI exhausted the memory of the Sun SparcStation being used. As a result, its industrial application was very limited. Venkatasubramanian and Vaidhyanathan (1996) have developed a knowledge-based expert system. This is by far the most comprehensive system developed to date and has been applied successfully in an industrial chemical plant. The system was developed in object-oriented architecture with the G2 expert shell system. However, the system requires significant memory, which restricts its use to large machines, and the knowledge-base creation is very complex and is not accessible to users for modification. Suh, Lee, and Yon (1997) developed a knowledge-based prototype expert system using Cþþ. The system consists of three different knowledge-bases: the unit knowledge-base, the organizational knowledge-base and the materials knowledge-base. Deviation, malfunction and accident analysis algorithms were used

to develop the system. The models of some process units such as pipes and control valves were developed while others, however, were left incomplete. Khan and Abbasi (1997b) proposed a knowledge-based software tool called TOPHAZOP for automated HAZOP analysis. The knowledge-base consists of two main parts: process-specific and processgeneral knowledge. The process-specific knowledge has been classified in two main groups: objects (process unit) and their attributes, and causes and consequences. The objects are developed in a frame structure with attributes, while causes and consequences are developed in rule networks attached to the frame. The generic knowledge in this tool is classified in two ways: generic causes and generic consequences. EXPERTOP, the follow-up tool to TOPHAZOP, was developed by Khan and Abbasi (2000). This was coded in the visual Cþþ environment. One of the main features of this tool was a revised knowledgebase. The revised knowledge-base has four main features: general process causes, general process consequences, process-specific causes, and process-specific consequences. One of the serious limitations of EXPERTOP was the inability to propagate a deviation to all downstream units for possible causes and consequences. Khan (2005) proposed a modified framework for automated HAZOP analysis. The algorithm of this expert system consists of three different modules: inference engine module, knowledge-base module, and graphical user interface (GUI) module. The GUI is used for drawing P&IDs of a process system, and the inference engine of this system acts as a coordinator of the GUI and the knowledgebase system. However, this expert system lacks a fault propagation mechanism required for extracting the recommended causes and consequences of process systems under study. Even as each of these attempts has added to the precision and sophistication in automating HAZOP, a great deal remains to be done. For example, the following limitations persist:  the knowledge-bases for most of the systems are tied to a single process. Hence, the knowledge-base of one process is completely unrelated to the knowledge-base of another process;  the study node encompasses only a single piece of equipment;  the acquisition of knowledge is limited to only four types of equipment (except the system of Chae et al. (1994) which handles six types of equipment);  there is no direct avenue to study fault propagation (deviation propagation) from one unit to other;  large volumes of data regarding process and equipment have to be keyed-in for analyzing a single deviation. Table 1 shows all the distinguishing features of ExpHAZOPþ compared to traditional HAZOP tools. The current work presents a comprehensive knowledge-based expert system, with more focus towards offshore oil and gas industries. Offshore oil and gas industries deal with process equipment that is unique to the installation. This equipment poses significant hazards during operation. Further, as per regulatory requirements, offshore oil and gas process operations undergo frequent HAZOP analysis. ExpHAZOPþ can help to conduct more economic, efficient and effective HAZOP studies in offshore oil and gas process plants. 3. optHAZOP ExpHAZOPþ has its roots in the optHAZOP (optimum HAZOP) procedure developed by Khan and Abbasi (1997a). The algorithm for the optHAZOP procedure is presented in Fig. 1. The main element of the optHAZOP procedure is a knowledge-based

S. Rahman et al. / Journal of Loss Prevention in the Process Industries 22 (2009) 373–380

375

Table 1 Features comparison of ExpHAZOPþ with other traditional HAZOP tools. HAZOP tool methodology

ExpHAZOPþ tool

Other traditional HAZOP tools

Graphical user interface

 The study node can be defined by the user as a single piece of equipment or a set of equipment.  P&ID of process unit is user defined. The user can arrange the equipment to generate different process scenarios.

 The study node consists only of a single piece of equipment.  P&ID of the process unit is application defined.

Knowledge-base system

 Dynamic knowledge-base.  Dynamic update of the user-defined guide words, causes and consequences for different sets of equipment.

 Static knowledge-base.  Update of guide words, causes and consequences requires an expert.

Inference engine

 The deviation can propagate within the study node.  The unique fault propagation algorithm helps examine the effect of deviations to all downstream equipment for general and process-specific performance.  The propagation of a deviation provides a logical relationship between the effects of the deviation through different stages.

 Fault propagation is identified by cause and effect, graph theory, or through cause/consequence analysis.

software tool that identifies all probable deviations in the functioning of a process facility. This knowledge-based software cuts the total study time by more than 45% by identifying the failures, hazards and their causes (Khan & Abbasi, 1997a). It also reduces the expert manpower required in manual HAZOP analysis. This enables the HAZOP analysis to be performed more economically and effectively. ExpHAZOPþ enhances the idea of optHAZOP by propagating the deviation in any number of downstream equipment items in a given process facility. It also applies the concept of the knowledge-base described in optHAZOP. 4. Methodology of ExpHAZOPD The architecture of ExpHAZOPþ consists of a graphical user interface (GUI), a knowledge-base and an inference engine. The Take one unit or study node at a moment Keep this unit for conventional HAZOP

Compare the study node with unit of INFORMATION BASE

No

INFORMATION BASE

object-oriented architecture of ExpHAZOPþ is presented in Fig. 2. This figure demonstrates the interconnection between the three main components. 4.1. Graphical user interface (GUI) The GUI consists of an open interface in which users have the option of drawing P&ID using pre-defined equipment or performing the analysis using user-defined equipment. Each piece of the equipment is connected to its own knowledge-base. To add new equipment, the user inputs the equipment graphically along with the relevant process variables, deviations, and their causes and consequences. An example of a P&ID representing a process system on the GUI is shown in Fig. 3. Once the P&ID is drawn, a study node needs to be defined. In this application, the study node is represented by a dotted rectangular region (shown in Fig. 3). The study node encompasses one or more pieces of equipment. Upon defining the study node and performing the HAZOP analysis, users have the option to store the analysis for later use or to generate a report. General functions such as saving, opening a particular P&ID, and adding captions to the equipment and lines for identification can also be performed in the GUI. 4.2. Knowledge-base

Is the unit matching?

The knowledge-base consists of information derived from past HAZOP analyses related to process operations, process equipment, operating problems, failure modes, and failure frequencies. It also includes corrective actions required to reduce the risks of a process facility. The information is collected using practical industrial case studies of various offshore oil and gas process facilities.

Analyze the causes and consequences of the deviation drawn from the INFORMATION BASE

Yes

Apply guide words

Add or remove causes and consequences due to special behavior of unit

Graphical User Interface (GUI) Graphical editor to draw industrial flow diagram

No

Are all deviations over?

Yes

Are all study nodes over?

No

User

Input / Output device

Report generation (Process general and specific knowledge)

Yes

Prepare HAZOP report STOP Fig. 1. The optHAZOP methodology (Khan and Abbasi, 1997a).

Inference Engine Method for finding abnormal causes and consequences Method for propagation of deviation

Knowledge Base Process Specific Knowledge

Fig. 2. The architecture of ExpHAZOPþ.

Process General Knowledge

376

S. Rahman et al. / Journal of Loss Prevention in the Process Industries 22 (2009) 373–380

Knowledge-base General Process Knowledge

Specific Process Knowledge with Attributes

Equipment

Equipment

Deviation in Parameters

Available User Deviations

Rule Network for General Causes and Consequences Suggested Solution for Hazard Prevention

Rule Network for Specific Causes and Consequences Suggested Solution for Hazard Prevention

Fig. 4. The architecture of the knowledge-based system.

Fig. 3. The graphical user interface.

One of the observations made from previous accident analysis is that the cause of an equipment failure does not vary significantly from one facility to another, although the consequences vary based on the operating conditions, chemicals involved, and surroundings of the facility. Therefore, the consequence is a function of the process type, the process condition, and the chemical in use. The knowledge-base is characterized by seven different operations commonly present in a process facility. These include:  mass transfer operation units involving the transfer of one or more components from one stream to another stream (e.g. extractor, adsorber, dust collector, electrostatic precipitator, filter);  heat transfer operation units involving transfer of heat from one stream to other streams (e.g. air-cooled exchanger, carbon block exchanger, shell and tube exchanger, plate and frame exchanger);  mass and heat transfer combined units involving both molecular and heat transfer (e.g. distillation column);  reaction units involving chemical transformations including oxidation (e.g. continuous stirred tank reactor, plug flow reactor, autoclave);  transportation units involving transfer or movement of chemicals from one place to another (e.g. piping, compressor, pump, valve);  storage units storing bulk chemicals (e.g. vessel);  other physical operations, such as mixing, compression, relief venting, purging, relief device, etc. The existing knowledge-base consists of 19 different pieces of equipment. The pieces of equipment are: adsorber, air-cooled exchanger, blower, compact heat exchanger, centrifuge, compressor, cyclone, distillation column, dust collector, electrostatic precipitator, extractor, filter, heat exchanger, piping, pump, reactor, temperature sensor, temperature controller, and valve. The architecture of the knowledge-base is shown in Fig. 4 (Khan & Abbasi, 1997b, 2000). This figure describes the hierarchy or the organization of the knowledge. The knowledge-base is separated into process-general and process-specific knowledge. Each piece of equipment consists of a set of deviations. Each set of deviations consists of a set of causes. Each cause corresponds to a consequence. 4.2.1. Process-general knowledge The process-general knowledge is the information that has been collected over the years for a particular equipment type

independent of the operation it performs. There is no attribute attached to the equipment. This information consists of equipment deviations with corresponding generic causes and consequences. The parameters associated with process-general knowledge are: (1) (2) (3) (4)

equipment and their capacities; physical state of the chemicals; characteristics such as flammability, toxicity, etc; physical and chemical properties of chemicals such as vapor pressure, heat of combustion, etc.

4.2.2. Process-specific knowledge Process-specific knowledge is the additional knowledge provided by an expert or HAZOP team (henceforth referred to as expert) using ExpHAZOPþ. Upon identifying the plant operations and the corresponding equipment, the expert adds specific attributes and knowledge as well as additional equipment required to perform the operation. Process-specific knowledge varies from plant to plant and depends on the type of operation performed in the plant. The knowledge-base for process-specific units is implemented in the form of ‘‘objects’’ and ‘‘rule networks’’ (Khan & Abbasi, 1997b). Objects are developed using frame structures with attributes, whereas causes and consequences are developed using an if–else rule network. The attributes associated with specific knowledge-bases consist of: (1) (2) (3) (4) (5) (6) (7)

types of operation; equipment (operational units); operating conditions; atmospheric conditions; chemicals in use and their properties; inventories of chemicals in use; interaction among different units.

4.3. Inference engine The inference engine is an intermediary between the knowledge-base and the GUI. It acts as a search engine, which searches the causes and consequences for the user-selected deviations throughout the study node. The inference engine uses the fault propagation algorithm to propagate a deviation and to identify its causes and consequences. Once a user draws the P&ID and selects the study node, the inference engine is used to perform a search within each piece of equipment in the study node. This search is performed-based on the user-specified deviation for both process-general and process-

S. Rahman et al. / Journal of Loss Prevention in the Process Industries 22 (2009) 373–380

specific knowledge. After the user chooses the starting and the ending equipment along with the deviation, the deviation can propagate all the way downstream or to the last piece of equipment specified by the user. If the knowledge-base does not have the information for the user-chosen deviation of a specific piece of equipment, then that equipment does not produce any output. However, as a result of propagation, the next equipment item that might have that deviation in its knowledge-base will generate an output. In the end, the output result identifies all the possible causes and consequences that might result in the failure of equipment due to the user-defined deviation. The fault propagation algorithm used to identify these deviations is described in the next section.

377

Start

Select the study node to perform HAZOP analysis Select the starting and ending unit and initialize process variable deviation For each equipment between start and end

Select the deviation to be applied

5. Fault propagation algorithm The central idea of fault propagation is not based on any particular propagation equation or event statement but on the basic assumption that faults can propagate through pipelines that are connected to the pieces of equipment. A fault can be in the form of an increase or decrease in a process parameter such as the set temperature, pressure, or flow that is designed to perform an operation in a process facility. Moreover, all pieces of equipment and pipes also have a set temperature and pressure; above or below these set temperatures or pressures, an accident may occur. When this capacity is exceeded due to an anomaly in the process facility, there is a possibility that the deviation can propagate from one piece of equipment to another. However, to perform a HAZOP analysis based on this consideration, it is important to identify all the connecting equipment and pipelines in the analysis. Furthermore, the knowledge associated with all the equipment in the P&ID in terms of the causes and consequences of such deviations is also required. The knowledge-base required and the inference engine performing the search have been described in Sections 4.2 and 4.3, respectively. The fault propagation algorithm uses the knowledge-base to generate the output results based on the input deviation and equipment arrangement in the P&ID. Fig. 5 shows the fault propagation algorithm for ExpHAZOPþ. In earlier studies, the developed fault propagation algorithms for HAZOP analysis performed only a forward search to find the causes of the deviation and then a backward search to find the consequences as a result of a deviation. The algorithm in ExpHAZOPþ combines both forward and backward search techniques for finding the connectivity of all pipes and equipment and extracting the causes and consequences of deviation for each piece of equipment. This allows propagation of the deviation for the identified fault to all downstream units.

NO

Is the deviation processspecific?

Is the deviation processspecific?

NO

YES

YES Apply propagation method to identify general causes and consequences

Apply propagation method to identify specific causes and consequences

NO

Is this the last equipment? YES End

Fig. 5. Fault propagation algorithm for ExpHAZOPþ.

a user needs to provide the equipment figure data and input parameter. The equipment data is updated to the knowledge-base. 6.3. Selection of study node

The algorithm for HAZOP analysis implemented in ExpHAZOPþ comprises the following steps.

ExpHAZOPþ has the extended capability to perform HAZOP analysis on more than one piece of equipment defined in the study node. The study node is selected by the user to perform the HAZOP analysis. All equipment and pipes are entered in a data structure to identify the connectivity of the equipment and pipes inside the study node. Only the pieces of equipment inside the study nodes are considered as the starting and ending points of analysis.

6.1. Development of P&ID

6.4. Performing HAZOP analysis

The piping and instrumentation diagram (P&ID) varies from one process facility to another. In order to perform the HAZOP analysis, the user must have all equipment data. The HAZOP analysis may be performed on connected equipment as well as on individual equipment.

This step involves selecting the starting and ending equipment for which HAZOP analysis is to be performed. The process variable deviation applied to all equipment during the deviation propagation is also selected in this step. The deviation propagation algorithm described in Fig. 5 is applied at this step.

6.2. Selection of process-general and process-specific equipment

6.5. Selection of path for HAZOP analysis

The process-general equipment is already available as menu buttons on the GUI. In the case of the process-specific equipment,

There can be more than one possible path from the starting equipment to the ending equipment. This path is sorted out once

6. HAZOP analysis with ExpHAZOPD

378

S. Rahman et al. / Journal of Loss Prevention in the Process Industries 22 (2009) 373–380

the user enters the starting and ending equipment for HAZOP analysis. If there is more than one path, then all the paths are shown to the user so that the user can choose a specific path for HAZOP analysis. The equipment knowledge-base is accessed for all equipment present in the selected path. The user performs the desired analysis on the selected path. 6.6. Report generation In this step, the final result of the analysis is a report formatted in Microsoft Word. The results of the analysis can be used by an expert for audit or review purposes. This enables a given HAZOP analysis to be more focused and less time consuming. Fig. 7. Starting and ending equipment selection for HAZOP analysis.

7. Case study The case study involves a HAZOP study of a hot nitric acid cooling process system. The hot nitric acid cooling process was first studied by Lapp and Powers (1977) and subsequently used by Wang (2004) in his doctoral thesis for fault tree analysis. As this is a welltested and widely discussed study, it has been used to test and validate ExpHAZOPþ in the current work. 7.1. Process description The P&ID of the hot nitric acid cooling process is shown in Fig. 6. The nitric acid in this process is first cooled in the heat exchanger. The water flowing through the pump is used to cool and control the temperature of the hot nitric acid through the heat exchanger. Valve 1 regulates the flow of hot nitric acid to the heat exchanger. After sensing the temperature, the temperature controller sends a signal to valve 2 to maintain water flow. This keeps the hot nitric acid at a desired temperature. The cold acid is then finally sent to the reactor to react with benzene to form nitrobenzene. The functions of each piece of equipment shown in Fig. 6 are described below: (1) valve 1 (V1): regulates the flow of hot nitric acid into the heat exchanger; (2) pump (PU): maintains the circulation of water and supplies the water to the heat exchanger; (3) heat exchanger (HE): lowers the temperature of the hot nitric acid using the water supplied by the pump;

Fig. 6. P&ID for the nitric acid cooling process.

(4) valve 2 (V2): regulates the flow of water entering the heat exchanger from the pump; (5) temperature sensor (TS): detects the temperature of the nitric acid and sends a signal to the temperature controller if the desired temperature is not maintained; (6) reactor (REA): assists the reaction between nitric acid and benzene to obtain nitrobenzene. The reaction must take place at a specified temperature and pressure. High temperature or pressure in the nitric acid reactor feed could cause a reactor runaway. HAZOP analysis is performed by using ExpHAZOPþ on the nitric acid plant in accordance with the steps described in Section 5. 7.1.1. Development of P&ID A P&ID (Fig. 6) is drawn according to the above process description using the ExpHAZOPþ graphical user interface. The equipment used in this case are valves, pump heat exchanger, temperature sensor, temperature controller and reactor. 7.1.2. Selection of process-general and process-specific equipment All pieces of equipment used in this case study are classed as process-general because the data for this equipment are already available in the knowledge-base. 7.1.3. Selection of study node The study node is marked as a dotted rectangle in Fig. 6. Control of the temperature of hot nitric acid within the reactor is required to run the process facility within safe limits. Excessive heat in the reactor is caused by the high flow of hot nitric acid through valve 1. The study node is thus marked from valve 1 to the reactor for this case study.

Fig. 8. Path selection for HAZOP analysis.

S. Rahman et al. / Journal of Loss Prevention in the Process Industries 22 (2009) 373–380

379

Table 2 Results of the HAZOP analysis by ExpHAZOPþ. Item Valve1 Valve1 Heat exchanger Heat exchanger Heat exchanger Heat exchanger Temperature sensor Temperature sensor Temperature sensor Reactor Reactor Reactor Reactor

Connect. equip.

Deviation

From equipment From equipment From equipment From equipment From equipment From equipment From equipment From equipment From equipment From equipment From equipment

More temperature More temperature More temperature More temperature More temperature More temperature More temperature More temperature More temperature More temperature More temperature More temperature More temperature

V1 pipe 1 V1 pipe 1 V1 pipe 1 V1 pipe 1 HE pipe 2 HE pipe 2 HE pipe 2 TS pipe 3 TS pipe 3 TS pipe 3 TS pipe 3

from from from from from from from from from from from from from

V1 V1 V1 V1 V1 V1 V1 V1 V1 V1 V1 V1 V1

Causes

Consequences

Too hot supply of nitric acid Valve 1 stuck Internal fouling occurs Large external temperature External fire Valve 2 stuck Sensor improperly operating Temperature sensor stuck Temperature sensor failure Heat exchanger failure Hot nitric acid flowing Pump failure Temperature sensor/controller failure

Flow rate increase Heat exchanger temperature increase Reactor too hot (reactor runaway) Excess flow from pump Equipment/instrument damage Temperature control failure High temperature in cooler Improper cooling Pump load increase Reaction temperature increase Reactor runaway Reactor rupture Exceed design temperature and pressure

7.1.4. Performing HAZOP analysis In this case study, valve 1 is selected as the starting equipment and the reactor is selected as the ending equipment. ‘‘More Temperature’’ is chosen as the deviation to be propagated from valve 1 to the reactor. This is done because the analysis is being performed for the causes and consequences of deviation due to the increase of temperature for hot nitric acid. The input to perform HAZOP analysis with ExpHAZOPþ for the case study is shown in Fig. 7.

potential causes along with secondary causes (temperature sensor failure, temperature controller failure, and reaction temperature increase to supply hot nitric acid into the reactor). The report generated in Table 2 by ExpHAZOPþ also shows the possible causes and consequences (valve stuck, internal fouling in heat exchanger, improper temperature sensing) for other equipment in the process. It may be observed that ExpHAZOPþ provides an in-depth analysis of causes and consequences through a qualitative assessment at the stage when quantitative tools such as FTA have limited application.

7.1.5. Selection of path for HAZOP analysis This particular ExpHAZOPþ analysis of the nitric acid plant generates one path from valve 1 to the reactor, which is shown in Fig. 8. Each piece of equipment is represented by its symbols (e.g. valve 1 is represented by V1, heat exchanger by HE, etc.). The connecting pipes within the equipment are labeled by the user at the time they are entered in the P&ID.

8. Conclusion

7.1.6. Report generation The results for the deviation propagation of ‘‘More Temperature’’ are shown in Table 2. As valve 1 has no connecting equipment, the appropriate cells are left blank in Table 2. 7.2. Results of ExpHAZOPþ analysis Lapp and Powers (1977) and Wang (2004) used the Fault Tree Analysis (FTA) technique to identify and quantitatively analyze the causes of supplying hot nitric acid to the reactor in a nitric acid cooling facility. Wang (2004) found a set of important basic causes (temperature sensor failure, temperature controller failure, and a large external fire) resulting in hot nitric acid being fed into the reactor, along with their probability of occurrence (quantitative results). ExpHAZOPþ analysis identified the same causes (without quantitative results) and also the potential consequences of the conditions. As mentioned earlier, ExpHAZOPþ has been embedded with a fault propagation algorithm which extends its ability to map the logical sequence of basic causes leading to an unwanted condition in a process facility. Therefore, ExpHAZOPþ serves two purposes: first it identifies the logical sequence of basic causes for a deviation; second it identifies the ultimate consequences of the deviation (impact of deviation in one unit on others). Both of these assessments are qualitative, unlike FTA which is quantitative. Adding fault propagation in the HAZOP procedure provides a more in-depth analysis of hazard identification at an early stage of a process facility when FTA is not generally feasible to apply due to limited available data or imprecise data. After comparing the results of FTA and ExpHAZOPþ for the same case study, it is observed that ExpHAZOPþ identified the same

An expert tool, ExpHAZOPþ, has been developed to conduct automated HAZOP analysis using a knowledge-based expert system. The aim of the ExpHAZOPþ tool is to integrate the expert knowledge-base with an efficient fault propagation algorithm, which can significantly reduce the expert time and effort and manpower cost, thus improving the effectiveness of automated HAZOP analysis by reducing repetitive work. The study node selection of ExpHAZOPþ enhances the user’s flexibility to analyze process scenarios through which a deviation may propagate; the corresponding causes and consequences may thus be identified. Finally, to implement the developed ExpHAZOPþ framework into a tool, this work uses software engineering methodologies in every stage of its implementation, including the design of the architecture, development of the code base, and testing of the software. The developed ExpHAZOPþ tool has the following features compared to previous automated tools. (1) Enhanced graphical user interface: requires minimum expertise by a user to perform HAZOP analysis for any process plant. (2) Method of identifying a study node: allows a user to draw study nodes consisting of a single piece of equipment or a process consisting of multiple pieces of equipment. (3) Dynamic knowledge-base: allows a user to update knowledge as an addition to the existing knowledge. (4) Fault propagation algorithm: identifies the causes and consequences for all downstream equipment due to an unwanted event upstream. (5) Report generation: automatically generates the output report for HAZOP analysis. Acknowledgement The authors acknowledge with gratitude the financial support provided for this project by Petroleum Research Atlantic Canada (PRAC). Special thanks are extended to Mr. Refaul Ferdous for helping to prepare the manuscript.

380

S. Rahman et al. / Journal of Loss Prevention in the Process Industries 22 (2009) 373–380

References Catino, C., & Ungar, L. H. (1995). Model based approach to automated hazard identification of chemical plants. American Institute of Chemical Engineering Journal, 41, 97–109. Chae, H., Yoon, Y. H., & Yoon, E. S. (1994). Safety analysis using an expert system in chemical processes. Korean Journal of Chemical Engineering, 11, 153–161. Karvonen, I., Heino, P., & Suokas, J. (1990). Knowledge-based approach to support HAZOP studies. Technical Research Center of Finland. Research Report. Khan, F. I. (2005). Knowledge-based expert system framework, systems, management, and cybernetics. IEEE International Conference, 3, 2274–2280. Khan, F. I., & Abbasi, S. A. (1997a). OptHAZOP – an effective and optimum approach for HAZOP study. Journal of Loss Prevention in the Process Industries, 10, 191–204. Khan, F. I., & Abbasi, S. A. (1997b). TOPHAZOP: a knowledge-based software tool for conducting HAZOP in a rapid, efficient yet inexpensive manner. Journal of Loss Prevention in the Process Industries, 10, 333–343. Khan, F. I., & Abbasi, S. A. (2000). Towards automation of HAZOP with a new tool EXPERTOP. Environmental Modelling and Software, 15, 67–77. Knowlton, R. E. (1997). The widespread acceptability of hazard and operability studies. In K. V. Raghvan, & G. Sawminathan (Eds.), Hazard assessment and disaster mitigation. New Delhi: Oxford & IBH Publishing Company Pvt. Ltd. Lapp, S. A., & Powers, G. J. (1977). Computer aided synthesis of fault trees. IEEE Transactions Reliability, R26, 2–12.

Lawley, G. (1974). Operability studies and hazard analysis. Chemical Engineering Progress (Loss Prevention), 70, 45–55. McKelvey, C. (1988). How to improve the effectiveness of hazard and operability analysis. IEEE Transactions Reliability, 37, 167–170. Nagel, C. J. (1991). Identification of hazards in chemical process systems. Ph.D. Thesis, USA, MIT. Parmar, J. C., & Lees, F. P. (1987a). The propagation of faults in process plants: hazard identification. Reliability Engineering, 17, 277–302. Parmar, J. C., & Lees, F. P. (1987b). The propagation of faults in process plants: hazard identification for a water separator system. Reliability Engineering, 17, 303–314. Suh, J. C., Lee, S., & Yon, E. S. (1997). New strategy for automated hazard analysis of chemical plant, part 1 & 2. Journal of Loss Prevention in the Process Industries, 10, 113–134. Sweeny, J. C. (1993). ARCO chemical’s HAZOP experience. Process Safety Progress, 12, 83–90. Venkatasubramanian, V., & Vaidhyanathan, R. (1996). Experience with an expert system for automated HAZOP analysis. Computers and Chemical Engineering, 20, 1589–1594. Wang, Y. (2004). Development of a computer-aided fault tree synthesis methodology for quantitative risk analysis in the chemical process industry. Ph.D. Thesis, USA, Texas A & M. Waters, A., & Ponton, J. W. (1989). Qualitative simulation and fault propagation in process plants. Chemical Engineering Research & Design, 67, 407–422.