Consider Inherent Safety at Your Plant

Inherently safer design (ISD) is a philosophy for designing and operating a safe process plant [1,2]. ISD aims to eliminate or significantly reduce hazards, rather than managing them with hardware and procedures. When feasible, ISD provides more robust and reliable risk management and, by eliminating costs associated with safety equipment and procedures, may make processes simpler and more economical.

ISD has received considerable attention from the public, government and non-governmental organizations (NGO) in recent years. Legislation to require consideration of ISD as an approach for reducing security concerns at chemical plants has been introduced in every session of the U.S. Congress since at least 2001, most recently as the Chemical & Water Security Act of 2009 (H.R. 2868), which was passed by the House of Representatives on November 6, 2009. The Senate will consider that bill this year (see "Anti-Terrorism Mandates Face Major Revision"). Also, New Jersey and Contra Costa County, Calif., require certain regulated hazardous-material-handling facilities to consider applicability of inherently safer technology (IST). Public interest, existing and potential regulations, and company and professional desires to design and operate safe facilities provide incentives for considering ISD/IST. But how do you actually do this for a real plant, either a new design or an existing facility?

The Center for Chemical Process Safety (New York City) recently released the second edition of its landmark book on ISD [3], first published in 1996. The new edition boasts a greatly extended discussion of how to actually implement ISD, including several examples and case histories. It also offers significantly upgraded checklists and other aids.

Levels of Inherent Safety
Over the years, considerable disagreement has arisen about whether or not a particular design feature of a process plant was "inherent" or not. Often the disagreement develops because people are looking at ISD from different perspectives. For example, from a high level viewpoint, an oil refinery can't achieve inherent safety because it must handle large amounts of highly hazardous materials. You can't avoid this in a refinery — the products are valuable because they contain a lot of energy. But that doesn't mean ISD doesn't apply. Used during detailed equipment configuration and design, it can eliminate or significantly reduce many risks within a process that still contains major hazards.

You can classify levels of ISD as follows:

• First-order inherent safety — eliminating hazards from the process altogether;
• Second-order inherent safety — reducing the magnitude of a hazard, or making it extremely unlikely, perhaps nearly impossible, for an accident to occur; and
• Layers of protection — making passive, active and procedural risk-management safeguards inherently more reliable and robust.

An ISD "strict constructionist" might consider only first-order ISD to be truly inherent — you have entirely eliminated a particular hazard. However, this often is impossible to achieve. In contrast, many opportunities exist to design a more robustly safe plant by applying second-order strategies and even by using ISD thought processes during design of safety hardware and procedures that manage risk of major inherent hazards. Unfortunately, several myths have kept sites from seriously considering ISD (see sidebar).

Implementing ISD
In an ideal world, plant designers and operators would think about ISD throughout the process design and operational lifecycle; specific ISD review tools wouldn't be needed. But, in the real world, most facilities already exist and ISD wasn't considered during their design, or companies and engineers aren't familiar with ISD and don't look for opportunities in process design. Specific ISD review tools can help overcome these problems. Chemical engineers have used three approaches for implementing ISD in new and existing plants:

1. An inherent safety analysis of a process using an ISD checklist;
2. An independent process hazard analysis (PHA) for a plant focusing on ISD; and
3. A complete PHA of the plant with ISD considerations fully incorporated into the PHA discussions.

ISD checklist analysis. A checklist is a common PHA technique and can serve to identify ISD options. The checklist is best used in a team setting, with a variety of people familiar with all aspects of the plant and process considering the questions on the checklist. Treat it as as a "creative checklist" — in other words, use it to prompt creative thinking by the team, not just "yes" or "no" responses.

Reference 3 includes an extensive checklist of practical inherent safety considerations. It's organized around four major ISD strategies as well as plant geography:

• Substitute;
• Minimize;
• Moderate;
• Simplify; and
• Location, siting and transportation.

The book gives more than 40 specific questions, many with additional considerations and sub-questions, providing hundreds of ISD ideas to consider for your process. Table 1 shows some examples. It's important to make sure use of checklists doesn't limit team creativity. No general checklist can identify every potential ISD option for a specific process — the review team itself will have more knowledge about the plant and should use the checklist as a tool to facilitate creative thinking about how to eliminate or reduce hazards.