The phrase “objects in the mirror may be closer than they appear” is a safety warning often seen on vehicle mirrors and mirrored fixtures where hazards may be present when looking at reflected images. The warning highlights that while some mirrors (particularly those with convex surfaces) have a wide field-of-view, they can also make objects appear smaller. Objects that appear smaller may give the illusion that they are further away than they actually are which can prove hazardous to, for example, a driver changing lanes or a vehicle manoeuvring.
Operational phase hazard and safety reviews can be a bit like this.
Having completed an extensive HAZOP of a new plant design at an appropriate stage of a project, and having resolved any recommendations arising, proponents can be reasonably confident that the plant will be built with minimised hazards and high levels of operability. Following commissioning, plants can often demonstrate a reasonable period of steady state operation.
But like all systems with inherent risk, plant designs can be altered, operations may change, modifications may occur and new risks may be introduced that weren’t originally present. Maintenance practices become an integrated part of operations. Very few facilities will experience trouble-free operation or no change of design within their design life. Steady state is rarely so steady. History is filled with examples of plants that have operated (purportedly) with few incidents only to suffer a catastrophic failure that takes many by surprise.
Facility owners can often develop convex instincts or over-optimism about their facility if they have enjoyed reasonable safety over many years. Hazards arise, dynamic conditions may appear, or minor incidents occur which may, appear small in isolation and which might be dealt with in some way but not portray an inherent or systemic failure. On reflection, disaster might be closer than it appears.
Re-HAZOP is a vital tool that ensures plant owners follow a systematic, pragmatic and consistent re-evaluation of their fundamental plant design and operations to ensure hazards remain minimised and operability optimal.
But Re-HAZOP has a different tone and emphasis to a design phase HAZOP. For a start, the team has the benefit of being able to review the operating history of the plant and compare it to the planned design and operating parameters. There should, by virtue of the progression of design, be fewer major or obvious hazards and more focus on operability.
Teams can focus on recent modifications, to ensure these do not present new hazards and should also evaluate any incidents or accidents that have occurred historically.
One of the greatest features of any plant Re-HAZOP involves the input of plant operations engineers and technicians, who can attest through experience how a plant is behaving and re-affirm the design is accurately reflected in drawings and documentation.
It is almost ubiquitous during a plant Re-HAZOP to hear the phrases “well that equipment has never worked properly”, or “we changed that pipe routing/trip set-point/etc. years ago – I’m not sure why the P&ID hasn’t been updated”.
Unfortunately, like some design phase HAZOPs, some operators treat re-HAZOP as a box ticking exercise or worse, omit them altogether.
OW&L recently heard of an operator who thought that simply reviewing its plant’s existing bow-tie diagrams, (which depicted generic illustrations of hazardous top-events and corresponding safeguards based on the original design) was sufficient to review plant hazards and ‘reflect’ on its performance. Whilst useful, bow-tie’s do not provide the specificity, or systematic, equipment-by-equipment, line-by-line review that a Re-HAZOP undertakes. Worse, HAZOP itself is usually a subset of the management systems and standards conformance preventative safeguards that those same bow-ties describe as helping ensure hazards are identified and mitigated! Hence, new hazards, including those that may only be introduced by recent modifications or maintenance practice, and which may have altogether different consequences and safeguards, can be missed. This operator is literally so fixated on their ‘dashboard’ that they fail to look up at their ‘rear view mirrors’.
Interestingly, following the Longford Explosion and subsequent Royal Commission into the disaster, commentators rightly pointed out that HAZOP had been elevated in the eyes of Australian Law. Esso (the operator of the plant) had been found to have failed to conduct an adequate hazard analysis “as far as is practicable” and a HAZOP was determined by the jury in that case to have been the appropriate technique to have done so and should have been done. The plant, which had been operating for many years, had been modified many times and significantly reduced engineering oversight over time. The precedent is now set and it will be a brave operator who tries to argue that such a technique either would not identify a hazard or was not available to them (i.e. was practicable). Clearly the secret lies in making use of the technique appropriately and in an effective and timely manner, with the focussed input of operations personnel.
