Latest post

Hazard and operability study: HAZOP decision making process – PHA Technique

Hazard and operability study: HAZOP decision making process – PHA Technique
Hazard and operability study: HAZOP

Hazard and operability study: HAZOP decision making process – PHA Technique

The Hazard and Operability Study (HAZOP) is a systematic technique to examine the risk of failure of the complex process in the intervention of operators, i.e. It is used to identify possible process deviations, operational difficulties, determine the causes of the deviation and recommend preventive actions or controls.
The basic concept behind the HAZOP study is that the process works well when operated under design conditions. When deviations from process design conditions occur, operability problems and accidents can occur.
Modern HAZOP was developed by Lawley in the UK after industrial accidents such as the Flixborough disaster on June 1, 1974, UK, which resulted in the loss of 28 lives. This technique adopted worldwide after the 1984 Bhopal toxic gas tragedy, India, which resulted in the loss of more than 2,500 lives.
HAZOP can be performed to configure new facilities, during change management (MOC), i.e. the modification of existing facilities or for a new project or for an expansion project.
HAZOP is one of the methodologies to perform the Process Hazard Analysis (PHA) which is a comprehensive systematic review of a process to identify hazards, analyze the significant hazards, evaluate the adequacy of safeguards and provide appropriate  solution to mitigate them when justified.
It is not a method of reviewing the quality or operation of the design, be carried out before your PHA meeting so that everyone has already accepted the functionality of the design.

HAZOP, PHA and PSM relation

In 1984, a Methyl isocyanate, a toxic gas was released at a Union Carbide pesticide plant in India that killed more than 2,500 people and hospitalized more than 125,000. The Bhopal India incident was the worst industrial accident in history, as a result, American Society of Chemical Engineers helping to develop OSHA 29CFR 1910.119, this is known as Process Safety Management (PSM). OSHA adopted Process Safety Management in 1992 for any process that could catastrophically release flammable or explosive reactive toxic chemicals or stores more than 10,000 pounds of flammable liquids.
These are the building blocks of Process Safety Management for emergency shutdown, safety and alarm systems, process controls, and logic and procedures.
An adequate PHA assessment will collectively focus design and safety operational teams to review risks, incorporate input and perspectives, and develop stronger safeguards and procedures to prevent accidents. Most of the time organizations prefer techniques like ‘What if’ or ‘HAZOP’.
HAZOP is a more comprehensive review of a complex P&ID system i.e. easy to organize and document. The ‘What if’ technique is preferred for simpler or more focused systems.


Hazard and operability (HAZOP) is a technique used to identify both potential hazards and potential operability problems due to deviation in the design intent. It helps to review the design intent of the particular installation or process system by applying guide words related to the parameters of each process to discover the causes of deviation, adequacy and effectiveness of the safeguards and then recommend controls. Use a risk matrix to determine the probability and consequences of failure.
HAZOP is generally conducted for new facilities, modification to existing facilities through MOC, and every 5 years for operational facilities.
Hazard Identification (HAZID) is a technique used to identify hazards based on standard checklists prepared with reference to best industry practices, standards, rules and regulations, experience and best engineering practices. Provides input to the primary risk assessment for credible events or scenarios.
HAZID can be performed at any stage of the installation, i.e. at initial stage of the new installation, in modification of existing project, expansion, operational project, regular, etc.

HAZOP purpose

HAZOP is a proactive technique to identify and assess hazards, review the adequacy of safeguards, and assess risk in facility design rather than waiting for an accident to occur.
Risk is the product of probability and consequence. The term probability is something that expresses uncertainty about future events, while the consequences are the result, extent, or severity of the event.
HAZOP reviews the process plan to pick up potential design and engineering problems. It helps to review the control philosophy defined in P&ID to describe how each piece of equipment is controlled and operated. The programmer uses the control philosophy to program the PLC, a control philosophy that describes the project process and the interactive control of the system. It also describes the safety system alarms and shutdown systems.
The first section of the control philosophy describes the general process in words. The control philosophy also includes shutdown and alarm setpoints, function and type of PLC. It Includes control loop tables that describe each loop function, loop variable, and parameters. A safety integrity level (SIL) describes the various layers of safety protection to prevent accidents.
HAZOP's study addresses hazards (safety, health, environment, property / asset) and issues that affect operability.

HAZOP Applicability

1. For any stage in the life of a process that has reasonably high levels of danger and complexity of the process
2. For flow type processes. It is not used very effectively for the mechanical or electrical type of risk analysis of industrial processes or facilities.
3. In general, hazard analysis in the process industries, especially in change management (MOC).
4. For the expansion of existing projects, new or new facilities of process industries.

Hazards and Operability (HAZOP) Steps

The HAZOP method uses guide words to ask questions about any possible deviations from the mode of operation, evaluating the related causes and consequences.
Before starting HAZOP, the company must have the HAZOP procedure and the risk matrix.

Preconditions or preparation for HAZOP

When conducting a HAZOP it is essential that there must be standardized format to record all important identified causes. The consequences of each cause will be developed globally without regard to safeguards, safeguards will be claimed only if they are documented and proven and a consistent risk classification process must be used.

HAZOP team with leader
For a successful HAZOP, the collective knowledge of a multidisciplinary team helps to identify risk through a creative and collaborative process, so high-quality decisions require shared perspectives.
Team members with engineering and operational skills are very important in conducting HAZOP in decision making, but they do not always agree, therefore a facilitator (team leader) should act as a decision leader with the tools and the right approach.
The team leader guides the team to make rational, high-quality decisions by applying a simple decision process that should be sufficient for all team members to understand but must be comprehensive enough to address risk.

List of nodes with design intent
Break down the process installation design into a number of simpler sections in P&ID and PFD. These sections are called 'nodes' which are then individually reviewed. Prepare a list of nodes along with the design intent to analyze each node in the design.
You must select a section or node to review, you can highlight each node in the P&ID in colour, for each node you must continue with the start of the process and then clearly discuss and understand the function or design. Spend enough time to thoroughly analyze design intent and goals.
Please note that this is not an opportunity to change the design, but it is to ensure the suitability, reliability and effectiveness of the safeguards. Gather relevant up-to-date documents for chemicals, materials, and equipment data.
Here are the steps to perform HAZOP;

HAZOP Step-01: Select a design intent parameter

This is the first step where the team documents the node description and design intent when referring to the control philosophy. The process parameters can be pressure, temperature, flow, composition, etc.
For a better understanding, let's take the example of the first node, there is a liquid-gas separator container that receives the saturated liquid mixture from the bottom and then passes the gas to the compressor and the liquid to the tank. The main parameters are pressure and flow. But, for example, here we are selecting pressure as a parameter to evaluate first.

HAZOP Step-02: Select an applicable guide-word

To identify the deviation, guidewords for each parameter are applied to each node in the process. The guide words should be selected according to the parameters and the study. Here are the ideas for selecting guides.
• MORE or HIGH: indicates that the value increased more than the design intention
• LESS or LOW: Indicates that the value decreases than the design intention
• NO or NO: Indicates complete stop or failure of design intent.
• REVERSE: Opposed to design, logical or directional intention.
• AS WELL: Modification of the value towards the upper side or increase
• PART OF: Modification of the value towards the lower side or decrease
• INSTEAD OR OTHER THAN: Indicate substitute
• EARLY: Indicate the time before the design intention
• LATE: Indicates the delay of the design intention
• BEFORE: Indicates the sequence or before the order
• AFTER: Indicates the sequence or later to order
There are several guidewords, but here for our examples, we select the guideword as "high". So, the parameter is "pressure" and the guide word is "high". Let's look at the deviation in the next step

HAZOP Step-03: Generate the deviation

Here we discuss the process deviations from its design intent. We can add various core deviations to each node, including changes in flow, temperature, pressure, level, leaks, concentrations, among other problems. Each deviation will be reviewed by the team. The team must analyze the consequence of each deviation without any design safeguards, then analyze the protection included in the current design.
Brainstorm the possible causes within the node that could cause the deviation, don't analyze or criticize these causes, you just need to capture the score and record all of them, i.e. make a list.

HAZOP Step-04: Risk identification

The risk identification process must be systematic, selecting specific deviations from the process; otherwise, if we only try to identify the risk by asking what can cause a hazardous event, then we cannot conclude since the process can have thousands of causes of hazards.
We can consider the process deviation as high temperature, high pressure, low level, misdirected flow, no or low flow, etc. which are relevant to the identified process. Then the team should focus on a specific deviation simply by asking the question, what can cause high pressure in the process.
For example, there is a separator vessel that separates the liquid from the gas once it is received. This vessel is provided with a pressure control circuit and a level control circuit and a maximum allowable working pressure is slightly above the set point of the pressure relief valve.
Now apply the first guide word, ie "high pressure", deviation from normal operation. Then find out the cause of the deviation, and if the pressure control valve fails to closed position.

HAZOP Step-05: Identify the effect or consequences

This step is to confirm that the cause is valid and then analyze it, otherwise remove it. When considering the consequences, imagine that we are operating without safeguards, the operator is not paying attention, the control valve is manual, position alarms and safe interlocks are not working, and no one is following the procedures. It is vital to develop and document the consequences fully and chronologically. You should look at the worst possible reasonable scenarios. You must record all consequences.
Identify the worst credible consequences without safeguards and assign a level of severity. What will be the consequences if overpressure of the vessel leads to rupture due to involuntary closure of the pressure control valve? What is the level of exposure of operators or other personnel at the facility and what will be the impact? Can it kill someone? Can it cause a public relations disaster, a major loss of property? Will it cost huge financing to repair or replace equipment, etc. Some of the significant consequences may be considerable and important for the company to manage risk based on the decision of the HAZOP team. Suppose here that the team agreed that rupture of vessel can lead to fatality.

HAZOP Step-06: Assess probability

In our example, here we must evaluate the probability of failure of the pressure control valve without safety safeguards. The causes of failure of the control valve may be due to the logic controller or the sensor outlet air.
Then based on data within the company, past experience, or different operational and engineering experience, we have to determine the probability of failure. It can be 5% or 10% or 20% or 90% probability in a year.

HAZOP Step-07: Risk evaluation without safeguard

Once we have decided the probability and the consequences, we must assess the risk without any safeguards. In our example of the separator vessel rupture scenario, the probability of failure of the control valve is high, and the severity is also high due to a possible fatality. 
Consider that in our organization's standard risk matrix, when there is high probability and high consequences, the risk is considered high. According to the risk matrix, high risk is not acceptable at all. Then we must decide on some control measures to reduce the risk and bring it to an acceptable level.

HAZOP Step-08: Assess the safeguards

Now here at this stage, our main focus is to reduce risk and bring it to an acceptable level by ensuring some safeguards. We can reduce risk by reducing probability and / or consequences. In an earlier stage we evaluated the risk without considering the safeguard, but in this stage we have to evaluate the risk with the available safeguards. 
So just check if there is an alarm with operator intervention, if there is any pressure relief valve or PSV available in the vessel, if there is any trip interlock, if there is any automatic bypass system, if there is any automatic shutdown system high pressure alarm trigger etc.
You must add safeguards that are included in the P&ID and control philosophy. It first assesses global safeguards and challenges their effectiveness, then we visualize the sequence of the accident, consider the time, effects, and possible impact of stress and urgency in reaction time. Safeguards are listed in priority.
First, it lists the elements that eliminate the causes, then we list the elements that mitigate the consequences, and finally, it documents human intervention, such as the emergency response.
If you check the layer of protection, the first layer is the processed design, which is the most reliable. As you work from the centre, you add alarms, safety instrumented systems (SIS), emergency relief systems, and lastly, emergency response.
Each of these is an additional layer of protection that can collectively prevent accidents. Safeguards include instrumented protection such as control loops and alarms, non-instrumented operator surveillance and mechanical design features, and others such as training and preventive maintenance.
Now, for our examples, suppose there is PSV available to deal with failure of pressure control valve, it will reduce pressure. This protection can prevent the rupture of the vessel, that is, it will reduce the probability of rupture of the vessel.
But based on industry experience and data, it has been observed that the PSV can also fail, so we cannot consider it as the most reliable or full proof system as it will not completely eliminate the risk to an acceptable level.

HAZOP Step-09: Decision making

This is the stage in which we have to conclude that the risk is acceptable, or we have to think of some other more reliable safeguard, that is. recommendation to further reduce risk by reducing probability. You should follow your organization's risk matrix to decide the acceptability of risk, as it is the only document that will help you make a decision on risk acceptance criteria. Based on the risk decision, you should recommend safeguards when the risk is not acceptable.
Team must rank i.e. classify cause and consequence. Team has first assigned a numerical level of severity without safeguards, then assign a numerical probability of occurrence with safeguards and finally assign a numerical risk ranking or rating from the risk matrix. 
Team must classify the probability of the consequence according to these descriptions is the frequent, occasional, possible, improbable, or improbable probability afterwards. Severity may be high, medium, or low probability. 
The risk ranking is based on the rating of probability and impact of the consequence, then you must determine the level of action required for each level of risk, after having evaluated these events, team will propose recommendations for the highest risk scenarios.

HAZOP Step-10: Record and report

The team must prioritize ideas that prevent the cause from occurring. If the cause cannot be avoided, the team will suggest ideas to mitigate the consequences, the team should not attempt to design solutions at this point.
But without commitment to action, there is no value in recommendations. Therefore, there should be an action plan with properly assigned responsibilities with a target date. Record all recommendations and assigned responsible parties. It is important to assign responsible parties before the end of the HAZOP.

Merits of Hazard and operability study (HAZOP)

1. It is more suitable to study the complex process or a complicated procedure.
2. It helps to study and analyze large processes in detail.
3. It is the most appropriate process to analyze both safety and operability problems.
4. It is the most logical and gives a constructive result to decide the control measures or safeguards.

Demerits of Hazard and operability study (HAZOP)

1. It is a complicated and time-consuming process
2. Study sessions can be intensive and exhausting, as it takes time to provide a full analysis.
3. In general, do not observe chronic or occupational hazards.
4. People may spend time discussing operational issues rather than safety.

Hazard and operability (HAZOP) study Example

Here are the sample of HAZOP sheet as we studied above for the gas-liquid separator system
Sr. No.
Guide word
High pressure in vessel
Control valve failure to close
Rupture of vessel
PSV on vessel
Automatic shutdown system

Examples No-2: Cooling water chlorination system
Sr. No.
Guide word
No flow in chlorination loop
Pump failure.
IV failed to open
Loss of electric power to pump
No chlorin in tower basin reduces the desired concentration
Pump malfunction alarm
High flow in chlorination loop
Non identified
Note: Pump normally runs at full speed

Hazard and Operability (HAZOP) is the most appropriate Process Hazard Analysis (PHA) technique to study the complex process to identify potential hazards in the designed process and probable operability problems by analyzing the causes of the deviation of the process and associated risk and review the safeguards to prevent accidents during its operation stage.
The HAZOP team should be competent and aware of the PHA technique led by the facilitator to facilitate the decision-making process. A record must be kept for the full HAZOP study and roles and responsibilities assigned for each recommendation before the study is closed.

You may find affiliate links in this article. This means that if you click on a link and purchase any of the products on this page, we may receive a commission, at no additional cost to you, It does not affect our knowledge sharing, opinions or reviews. Everything we do is benefit for you as the reader, so all our knowledge sharing, reviews are as honest and unbiased as possible.

Related Articles

No comments

Please don't add links in the comments, they will be treated as spam comments