CH4101 Chemical, Biological &

Plant Safety
Lecture-1&2 : Course Introduction,
Lessons from Disasters & Inherent
Safer Design
 Introduction
Course lecturer :
- Balajee Raman
Email: RBalajee@ntu.edu.sg

- Intro slides and videos (Ecolab)

2
 Need for Safety course
•Technological advances  more complex chemical
processes
•High pressures
•High and low temperatures
•High Velocities
•More reactive chemicals
•Exotic chemistry
•Need more complex safety technology.
•Chemical engineers need to have a more
fundamental understanding of safety and to be
constantly updated on new safety issues.
3
 LECTURE PLAN- AY 2018-19 Sem 1
Date Lecture Topics
Week 1 17/8 1 Introduction
2 Disasters and Inherent Safety Principles
Week 2 24/8 3
Toxicology
4
Week 3 31/8 5
----
6
Week 4 7/9 7 Industrial hygiene
8
Week 5 14/9 9 Hazards Identification , Hazop Introduction and Techniques
10
Week 6 21/9 11 Hazop Exercise
12
Week 7 28/9 Source models

Week 8 12/10 13 Toxic release and dispersion models

14
Week 9 19/10 15 Probability Theories
16 Risk Quantification Techniques/Fault Tree Analysis
Week 10 26/10 17 LOPA (Layers of Protection Analysis)
18
Week 11 2/11 19 Fires and explosions
20 Designs to Prevent Fires and explosions
Week 12 9/11 21 Introduction to Reliefs
22 Relief Sizing
Week 13 16/11 23 Safety Instrumented System/ Accident Investigation
24 Course Overview
MODULE ASSESSMENT

Continual Assessments: 40%

1. Hazards Identification project (group): 20%
Form project groups (4-5 members each) latest by 21st Sep,
Report due: 19th Oct -5 pm- soft copy by email.

2. LOPA Assignment (group): 20%

Group members: same as project group
Quiz due: 17th Nov -5 pm – soft copy by email.

Final Examination: 60% - 5th Dec 2018, Wednesday, 0900-

1130 hrs, (Open Book Exam)
 Textbook
Course textbooks (recommended):
•Chemical Process Safety (Fundamentals with Applications,
Daniel A. Crowl and Joseph F. Louvar, Prentice Hall (latest
or earlier editions)

• Living in the Environment by G.T. Miller, S.E.Spoolman.

•Textbook :
- Available in library (Reserved and Open section)
- Covers most topics in this course.

6
 Lecture 1&2 - contents
• Definitions /Acronyms - Safety
• What is Process Safety
• Engineering Ethics, Nature of Accident
Process
• Risk and its Measures.
• PSM Regulatory- OSHA / SS 506
• Sharing lessons from Disasters
• Inherent Safety Design Principles
 Some Definitions
Term Definition
Hazard A chemical or physical condition that has the potential for causing damage to
people, property or the environment.
Incident The loss of containment of material or energy, not all events propagate into
incidents; not all incidents propagate into accidents.
Accident The occurrence of a sequence of events that produce unintended injury, death, or
property damage. “Accident” refers to the event, not the result of the event.
Scenario A description of the events that result in an accident or incident. The description
should contain information relevant to defining the root causes.
Likelihood A measure of the expected probability or frequency of occurrence of an event. This
may be expressed as a frequency.
Consequence A measure of the expected effects of the results of an incident.
Risk A measure of human injury, environmental damage, or economic loss in terms of
both the incident likelihood and the magnitude of the loss of injury.
Risk analysis The development of a quantitative estimate of risk based on an engineering
evaluation and mathematical techniques for combining estimates of incident
consequences and frequencies.
Risk assessment The process by which the results of a risk analysis are used to make decisions,
either through a relative ranking of risk reduction strategies or through
comparison with risk targets.

8
 What is Process Safety?

The picture (Chemical Batch Reactor Plant) on the left

illustrates Process Safety when it is working. The picture on
the right shows what happened to that reactor when there
was a Process Safety failure.
9
 OCCUPATIONAL SAFETY vs PROCESS SAFETY
- Collective commitment from respective focal points

Occupational Process Safety

Health and Safety

•Focus on individual well being • Focus on systems

•Addresses Individual • Addresses events where the

behaviors individual has little or no control
over the consequences.
•Workplace rules / Worker
training / Supervision and • Broader impact – events that
Control could affect groups of workers
and general public
•Safety equipment
requirements / Job Safety • Safer Design for error tolerance,
Analysis not just prevention / PHA
10
 What is Process Safety?
• Process Safety is the application of engineering
principles to design, construction, operation, and
maintenance of plants and equipment, which minimize
process related hazards.

Process Related Hazards: Hazards involving

loss of containment of material or energy
from operating plant and related equipment
including storage, pipeline distribution,
and transportation by road, rail, air or water.

11
 What is Loss of Containment?
• Loss of containment (LOC) can result from:
– Overpressure
– Internal explosion
– Overheat
– Corrosion
– Brittle fracture
– Mechanical stress
– Inherent in material / system
– Inadequate protective systems to prevent LOC
– Others
12
 Why is Process Safety Critical

• If we have a major worker safety or environmental

incident, the company will survive

• If we don’t do Process Safety correctly, we can bet the

company

– Injuries or fatalities to employees, neighbors, ..

– Major environmental damage
– Major property loss, business interruption
– Loss of credibility, loss of contract
– End of the business

13
 Engineering Ethics
• Engineers are employed and paid by companies.
• Responsibilities of engineers:
• Providing a safe and secure environment for
the business and the people.
• Provide service to organizations to improve
profitability.
• Responsible to themselves, fellow workers,
family, community, and the engineering
profession.

14
 Engineering Ethics
Fundamental principles of the American Institute of
Chemical Engineers (AIChE) Code of Professional
ethics:
Engineers shall uphold and advance the integrity,
honor, and dignity of the engineering profession by
1) Using their knowledge and skill for the
enhancement of human welfare.
2) Being honest and impartial and serving with fidelity
the public, their employers and clients.
3) Striving to increase the competence and prestige of
the engineering profession.
15
 Engineering Ethics
Fundamental canons of the American Institute of Chemical Engineers (AIChE)
Code of Professional Ethics:
1) Engineers shall hold paramount the safety, health and welfare of the
public in the performance of their professional duties.
2) Engineers shall perform services only in areas of their competence.
3) Engineers shall issue public statements only in an objective and truthful
manner.
4) Engineers shall act in professional matters for each employer or client as
faithful agents or trustees, and shall avoid conflicts of interest.
5) Engineers shall build their professional reputations on the merits of their
services.
6) Engineers shall continue their professional development throughout their
careers and shall provide opportunities for the professional development
of those engineers under their supervision.

16
 Accident and Loss Statistics
Accident and loss statistics
• Important measures of the effectiveness of safety
programs.
• Valuable for determining whether a process is safe
or whether a safety procedure is working effectively.
• Must be used and interpreted carefully.
• Statistics are only averages and do not reflect the
potential for single episodes involving substantial
losses.
• No single method is capable of measuring all
required aspects.
17
 Accident and Loss Statistics
Accident and loss statistics
• Statistics are indications only of past performance.
• Statistics do not indicate future performance.
• Incident rates are standardized (normalized) so that
meaningful comparisons between companies or
industries can be made.
• Rates are usually normalized by total number of
employees or total number of working hours.

18
 Accident and Loss Statistics
Two Common Statistical Methods (Occupational and Process Safety)

Number of fatalities  10^8

Fatal Accident Rate (FAR) 
Total hours worked by employees
during period covered

Number of Lost Work days  200000

OSHA Incidence Rate 
Total hours worked by employees
during period covered

• FAR represents the number of fatalities based on 1000 employees working

their life time ( 50 work Years X 40 hours per week X 50 work weeks)
• OSHA Incidence Rate is based on cases per 100 worker years. A worker is
assumed contain 2000 hours ( 50 work weeks per year X 40 hours per
week)

• FAR can be converted to Fatality Rate (Vice Versa) if the number of

exposed hours is known.

• OSHA incidence rate cannot be readily converted to FAR or Fatality Rate as 19

it contains injury and fatality information.
 20

FAR’s for Industrial Activities in the

US
Industry FAR
•Chemical 3
•Manufacturing 5
•Trucking 11
•Agriculture 27
•Construction 30
•Mining/Quarrying 31
 FAR for Travel in the US
Mode of Travel FAR
Bus
-Within Cities 7.5
-Between Cities 1.0
Train 3
Airline (Large, Commercial) 30
Car 54
Motorcycle 680
 Acceptable Risk
• Risk cannot be eliminated entirely.
• Every chemical process has a certain amount of
risk associated with it.
• At some point in the design stage someone needs
to decide if the risks are “acceptable”.
• Engineers must make every effort to minimize
within the economic constraints of the process.
• No engineer should design a process that he/she
knows would lead to certain human loss or injuries,
regardless of statistics.

22
 Accident and loss statistics
Legislation covering workplace safety and health

•Work Injury Compensation Act

The Work Injury Compensation Act extends work injury
compensation to most employees.

•Workplace Safety and Health (WSH) Act

The WSH Act is the key legislation to effect the
principles of the new Occupational Safety and Health
framework. It replaces the Factories Act, with effect from
1 March 2006.
23
Accident and loss statistics-Singapore’s WSH profile

24
 Nature of the Accident Process
Accidents usually following a 3-step sequence

1) Initiation
• The event that starts the accident.
2) Propagation
• The event(s) that maintain or expand the
accident.
3) Termination
• The event(s) that stop the accident or diminish
it in size.

25
 Nature of the Accident Process
An example of an accident:

1) Initiation
• A worker tripped.
2) Propagation
• Shearing of valve; ejection of liquid; resulting
explosion and growing fire.
3) Termination
• Consumption of all flammable materials.

26
 Nature of the Accident Process
Videos
1) Storage Tank fire and explosion (Lamesa, Texas, USA
2009)
• Ignition: lightning?
• https://www.youtube.com/watch?v=DECyAxDk88
U&hl=en-GB&gl=SG
• Video taken about 200 yards (~180 m) away.

27
 Process Safety Management
• Process Safety Management is the risk management program
used to identify and control process safety hazards that could
have catastrophic consequences.

 Process safety management

prevents serious, process
related incidents, due to
loss of containment, which
can affect plant personnel,
off-site communities, the
environment, and/ or result
in significant property loss
or loss of business.

28
The Bhopal Incident

 3 December 1984
 Worst-ever industrial disaster
 About 40 MT of methyl
isocyanate (MIC) released.
 Nearly 10,000 fatalities, over
50,000 totally or partially
disabled, and 100,000 serious
injuries
 Severe financial implication and
penalties for Union Carbide

29
 The Bhopal Incident - background
Plant originally built in 1969 to make SEVIN
MIC used to make the insecticide SEVIN
Manufacturing of MIC started in 1979
Plant design based on the US plant
Union Carbide did not transfer all safety systems due to project cost
overruns
Initial leadership American with strong safety background
No LTI for 500,000 hrs

The Bhopal Plant - The Union Carbide Plant, Bhopal, India, site of a December,
1984 chemical gas leak which killed and injured thousands. 30
 The Bhopal Incident - leading
events
 By 1982, all work force localized, new plant manager had
accounting background
 Low demand for SEVIN resulted from a severe drought in
India
 To enhance profit, a cost-cutting drive was initiated by Union
Carbide Corporation,

 Reducing the number of personnel;

 Lowering minimal training for operatives from 6 months
to 15 days;
 Use of low quality construction material and labor;
 Hazardous operating procedures ignored;
 Critical safety systems not maintained, routine
maintenance ignored;
 Serious audit findings by American audit team ignored ;
Safety Manager left.
 Six months prior to the incident, plant was shut down due to
low demand of MIC. 31
 what
Bhopal Incident –

happened? Shutdown for

Shutdown to Maintenance
reduce power cost
Shutdown since MIC Released
plant down FLARE

HIGH-PURITY SCRUBBER
NITROGEN

REFRIGERATION
Opened to release
UNIT
high pressure

Raw material (MIC)

left in storage
SAFETY
VALVE
CONCRETE DECK
EARTH MOUND
GROUND
LEVEL
Permitted to
overheat

32
The Bhopal Incident -
leading events
 On the night of the disaster, 2 December 1984,
several safety measures designed to prevent a leak
were either malfunctioning, shut down or otherwise
inadequate.
 The refrigeration unit was turned off in order to
save $40 a day, which raised the MIC storage
temperature to 25 C instead of 0 C
 The scrubber system was down since the plant
was not running, and the scrubber was grossly
under designed.
 The flare system was under repair, and no spare
flare available
 At 11:30 PM workers detected a MIC release, at
approximately 12:45 am workers observed a
rapid pressure increase in one of the MIC storage
tanks, which opened the safety relief valve.
 The venting MIC passed out of the facility and
into the atmosphere.
33
 FLIXBOROUGH INCIDENT

• The chemical plant, owned by Nypro (UK)

and in operation since 1967.

• Produced caprolactam, a precursor

chemical used in the manufacture of
nylon.

• The process involved oxidation of

cyclohexane with air in a series of six
reactors to produce a mixture of
cyclohexanol and cyclohexanone.

34
 The Incident
• A 20 inch diameter temporary by-pass pipe Jack-
knifed and failed under thermal expansion stress.

• 40 of 120 tons of cyclohexane escaped into the

congested reactor support structure.

• Within two minutes, the vapor cloud ignited and a

Detonation Class VCE took place (35 tons TNT
equiv).

35
Flixborough Flow sheet
Thermal Expansion Jack-
Knife

36
 The Consequences

• 28 plant people were killed.

• 53 people were wounded and required
medical treatment.
• 1,800 houses were damaged in the rural
area beyond the plant fence line.
• Property damage was $425MM in US funds.

37
 Events Leading To The Incident.
• Two months before the incident, R-5 was found to be
leaking.
• A 6 ft. long crack had developed.
• A water hose stream was directed to the crack to cool
and quench the small cyclohexane leak.
• The cooling water contained nitrates which encourage
stress corrosion of certain carbon steels.
• Thus, by trying to relieve the situation, the quenching
was actually acting as a promoter of corrosion.
• Ultimately, the reactor had to be removed from
service. 38
 Events Cont’d
• As there was no experienced mechanical engineer on site, those
remaining decided to “fast track” or “scratch pad” a solution for
the intended by-pass.
• They sketched a full-scale by-pass line in chalk on the
maintenance floor.
• No stress analyses calculations were performed on the by-pass
connection.
• The by-pass line was quickly installed and the plant put into
start-up mode.
• Shortly after start-up, the by-pass line failed causing 40 tons of
cyclohexane to leak into the confined spaces of the reactor
support structure.
• Within two minutes, the vapor cloud exploded.

39
 Lessons Learned

• The main root cause of this incident was the use of

cooling water with nitrates to quench cyclohexane
leaks on the reactors.
• The Second root cause was installation of by-pass line,
without stress analysis. This is a recipe for disaster.
• A third root cause was management must recognize
when they are vulnerable to critical manpower
changes.

40
 Inherent Safer Design
Various measures for prevention and mitigation
of major accidents may be thought of as “layers
of protection”.
• These layers serve to
1) Prevent an initiating event (such as loss of
cooling or overcharging of a material to a
reactor) from developing into an incident
(typically a release of a dangerous
substance)
2) Mitigate the consequences of an incident
41 once it occurs.
 Inherent Safer Design
• In general, the safety of a process relies on
multiple layers of protection.
1) The first layer of protection is the process
design features.
2) Subsequent layers include control systems,
interlocks, safety shutdown systems, protective
systems, alarms and emergency response plan.
• Inherent safer design is especially directed toward
process design features.
• The best approach to prevent accidents is to add
process design features so as to prevent hazardous
situations.
42
Achieving Inherent Safer Design
 Inherent Safer Design
Advantages of an inherently safer plant
• Relies on chemistry and physics to prevent
accidents rather than on control systems,
interlocks, SOP etc.
• More tolerant of operator errors and abnormal
conditions.
• Simpler, easier to operate, and more reliable.
• Often the most cost effective- Smaller
equipment operating at lower temperatures and
pressures have lower capital and operating
costs.
44
 Inherent Safer Design
• The potential for major improvements in
safety is the greatest at the earliest stages of
process design, when process engineers
have the maximum degree of freedom in the
plant and process specifications.

• They are free to consider basic process

alternatives, such as changes to the
fundamental chemistry and technology.

45
 Inherent Safer Design
Video
1) Inherent Safer Design 1
• https://www.youtube.com/watch?v=iqPMHWnJiXk
• All (9 min)

46
 Inherent Safer Design- examples
 Use a hazardous material under less hazardous
conditions.
 Refrigeration to lower vapor pressure
 Store chlorine, ammonia, ethylene under
refrigeration at lower pressure instead of room
temperature at higher pressure.
 Operate under lower temperature and pressure (e.g.
use a catalyst).
 Use larger particle size solids (or paste or liquid) to
minimize dust.
 Dilution to lower vapor pressure.
47