Page 152 - Dust Explosions in the Process Industries
P. 152
Dust Explosions: An Overview 125
For each top event, the analyst must identify all those events or combinations of events
that could lead directly to the failure. The precise logical relationship between cause and
effect is expressed by AND or OR gates and is usually presented in diagrammatic form.
The immediate causes of the top event have their own contributory causes, and these can
be presented in a similar way, so that a complete fault tree is built up. The process ceases
when all the causative factors at the bottom of the tree are of a simple kind for which
frequencies of occurrence or probabilities can be estimated.
The synthesis of fault tree is a job that is best done by an engineer with good experi-
ence irk the type of system under consideration; it is much easier to teach such a person
how tcc construct a fault tree than to teach a reliability specialist everything about the
system. However, the quantitative analysis of a fault tree is a separate activity in which
the reliability specialist plays the dominant role.
An illustrative example of a quite comprehensive fault tree for a grain dust explosion
in a grain storage facility was given by National Materials Advisory Board (1982).
Risk Analysis by Event Tree Analysis Risk analysis consists of four major steps: identifi-
cation of a representative set of failure cases, calculation of consequences, estimation
of failure probabilities, and assessment of overall impact.
Failure cases are identified first by establishing the location of the main inventories
of hazardous material and then by detailed scrutiny of the process flow and instrumen-
tation diagrams using checklist methods or HAZOP.
Once the failure cases have been identified, the consequences of the failure must be
calculated. Event tree analysis is a useful method in this process. An event tree is the
reverse of a fault tree, starting with the initial or “bottom events” and exploring all pos-
sible “lop events” that can result from it. Each outcome has further outcomes, and all
these can be related by means of decision gates. At each gate, the conditional probabil-
ities must be estimated for each of the alternative branches. On this basis, the probabil-
ities of the final hazard, or “top event,” can be calculated.
Criteria have been suggested whereby calculated risks can be judged. Almost all cri-
teria proposed so far are based on the concept of comparability with the existing gen-
eral risk background. Costhenefit and “risk perception” arguments have been advanced,
but they have not yet been developed to a practical and accepted form for being used in
risk analysis.
Risk analysis has been criticized by pointing at
0 Inaccurate mathematical models.
8 Incomplete analysis of actual practical problem.
8 Inaccurate primary failure probability data.
@ Inadequate acceptability criteria.
8 Difficulty of checking final result.
Complexity and laboriousness of method.
Hawksley (1989) discussed the conditions under which the various elements of quan-
titative risk analysis are useful in the assessment of risks in practice.
Safety Audits Once a plant enters operation, hardware and procedures start to change from
those originally established by the commissioning team. Usually, there are good reasons
for this: The plant engineers and operators may find simpler or more economic procedures,
