![Driving fatality
0.01% per year
(i.e. same as the
acceptable risk
for industrial
work
environment)
[NIOSH 1997]](https://image.slidesharecdn.com/lopa-240723115040-6a0e3413/85/LOPA-STANDS-FOR-LAYER-OF-PROTECTION-ANALYSIS-10-320.jpg)
![Alaska crab fishing
fatality
0.356% per year
(i.e. 35x the
acceptable risk for
industrial work
environment)
[NIOSH 1997]](https://image.slidesharecdn.com/lopa-240723115040-6a0e3413/85/LOPA-STANDS-FOR-LAYER-OF-PROTECTION-ANALYSIS-11-320.jpg)
LOPA STANDS FOR LAYER OF PROTECTION ANALYSIS
- 1. What is a LOPA?
- 2. LOPA stands for Layer of Protection Analysis
- 3. LOPA is a process to evaluate risk with explicit risk tolerance for a specific consequence
- 4. Its about creating value without taking unnecessary risk
- 5. The level of risk acceptance is expressed in terms of tolerable frequency
- 6. Tolerable frequency is a decision criteria
- 7. The higher the consequence the lower the tolerable frequency
- 8. Single fatality risk tolerance* 0.01% per year Compared to Multiple fatality risk tolerance* 0.001% per year *Generalized risk tolerance in an industrial environment
- 9. Lets try to make these numbers resonate with some relativity
- 10. Driving fatality 0.01% per year (i.e. same as the acceptable risk for industrial work environment) [NIOSH 1997]
- 11. Alaska crab fishing fatality 0.356% per year (i.e. 35x the acceptable risk for industrial work environment) [NIOSH 1997]
- 12. Do you know the tolerable frequency of for your company?
- 13. If so, who decide how much risk your company can take on? Are the decisions consistent across the company?
- 14. Lets break down the LOPA into seven steps:
- 15. Step 1: Identify a single consequence to analyze
- 16. In our example, the re- boiler condensate pot can overpressure leading to vessel rupture and resulting in a single fatality
- 17. LT 253 HLL=2550 mm NLL=1650 mm LLL=250 mm LC LY LV Steam Condensate To atmosphere at safe location PSV D-101 D-101 Re-boiler Condensate Pot 253 253 253 111 Drawing Ref. Drawing Ref. PG 253 2 2 3 3 3/4 3/4 6 6 6 6 Size 遜 SET @ 700kPag 6
- 18. Step 2: Define the tolerable frequency for the consequence
- 20. Step 3: Assess the probability of the initiating events
- 21. The level control valve can fail in the closed position leading to overpressure
- 22. LT 253 HLL=2550 mm NLL=1650 mm LLL=250 mm LC LY LV Steam Condensate To atmosphere at safe location PSV D-101 D-101 Re-boiler Condensate Pot 253 253 253 111 Drawing Ref. Drawing Ref. PG 253 2 2 3 3 3/4 3/4 6 6 6 6 Size 遜 SET @ 700kPag 6
- 23. Lets say this control loop has a 0.1 probability (10% chance) of failure per year
- 24. Step 4: Identify independent protection layers and assign a risk reduction factor
- 25. Important! Each protection layer must be independent from the initiating event and independent from other safeguards
- 26. LT 253 HLL=2550 mm NLL=1650 mm LLL=250 mm LC LY LV Steam Condensate To atmosphere at safe location PSV D-101 D-101 Re-boiler Condensate Pot 253 253 253 111 Drawing Ref. Drawing Ref. PG 253 2 2 3 3 3/4 3/4 6 6 6 6 Size 遜 SET @ 700kPag 6
- 27. Lets say the pressure safety valve will reduce the likelihood of rupture by 100 or you can say Risk Reduction of 100 you can also say the Probability of Failure on Demand of 0.01
- 28. Step 5: Calculate the new expected frequency of the consequence
- 29. Expected frequency = initiating events frequency x probability of failure of the safeguard New expected frequency = 0.001 (0.1 valve failure per year x 0.01 probability of safety valve failure)
- 30. LT 253 HLL=2550 mm NLL=1650 mm LLL=250 mm LC LY LV Steam Condensate To atmosphere at safe location PSV D-101 D-101 Re-boiler Condensate Pot 253 253 253 111 Drawing Ref. Drawing Ref. PG 253 2 2 3 3 3/4 3/4 6 6 6 6 Size 遜 SET @ 700kPag 6
- 31. Given a person will be around the vessel when ruptured Our expected frequency of a fatality in this scenario is 0.001 per year Or 0.1% chance of a fatality per year
- 32. LT 253 HLL=2550 mm NLL=1650 mm LLL=250 mm LC LY LV Steam Condensate To atmosphere at safe location PSV D-101 D-101 Re-boiler Condensate Pot 253 253 253 111 Drawing Ref. Drawing Ref. PG 253 2 2 3 3 3/4 3/4 6 6 6 6 Size 遜 SET @ 700kPag 6 1/1000 chance a fatality per year
- 33. Step 6: Decide if risk is acceptable based on the tolerable frequency
- 34. Expected frequency of a single fatality = 0.001/year Tolerable frequency of a single fatality = 0.0001/year
- 35. Thats 10 times more likely than the maximum frequency your company can accept for a single fatality
- 36. Step 7: Determine additional safeguards to reduce the risk
- 37. Lets add a high pressure shutdown to the inlet as a safeguard
- 38. LT 253 HLL=2550 mm NLL=1650 mm LLL=250 mm LC LY LV Steam Condensate To atmosphere at safe location PSV D-101 D-101 Re-boiler Condensate Pot 253 253 253 111 Drawing Ref. Drawing Ref. PT 253 2 2 3 3 6 6 6 6 Size 遜 SET @ 700kPag 6 XV 253 HH
- 39. This safeguard consist of a pressure sensor, logic solver (independent from the level control) and a valve as a final element
- 40. This safeguard is a safety instrumented function (SIF) PT 253 XV 253
- 41. Since we need to reduce the risk by a factor of 10 The probability of failure on demand of the safety instrumented function must be less than 0.1
- 42. Or you can say the safety instrumented function must meet the requirements of safety integrity level 1
- 43. This safety instrumented function is at SIL 1 PT 253 XV 253
- 44. Expected frequency with the new safeguard = 0.1 probability of valve failure per year x 0.01 probability of safety valve failure x 0.1 probability of the safety instrumented function failure =0.0001/year
- 45. New expected frequency of a single fatality = 0.0001/year Tolerable frequency of a single fatality = 0.0001/year
- 46. Now the risk is acceptable
- 47. Adding a safety instrumented function is one option to meet the tolerable frequency. Is it a good decision? Is there a better option?
- 48. Any Questions?
- 49. Risk. Inspired. For more lessons go to www.icarus-orm.com