The chemical industry relies on processes that can pose hazards due to the nature of the materials and chemistry used (chlorine is toxic by inhalation, nitration reactions usually are highly exothermic) or the characteristics of the process variables (ammonia manufacture requires elevated pressure). So, effective process safety management is crucial.
Process risk reduction can involve limiting the likelihood of potential accidents or cutting their consequences. Strategies fall into four categories:
- Inherent. Eliminate a hazard by using materials and process conditions that are non-hazardous. For example, replace a flammable solvent with water.
- Passive. Minimize the risk by process and equipment design features that decrease either the frequency or consequence of an incident without the active functioning of any device. For example, provide a containment dike around a flammable liquid storage tank.
- Active. Use controls, safety instrumented systems and other emergency shutdown systems to detect hazardous process deviations and move the process to a safe state. For example, install one foot below a tank overflow a high level switch that, when tripped, will stop a pump feeding the tank.
- Procedural. Implement operating procedures, training, administrative checks, emergency response and other management approaches to prevent incidents or to minimize their effects. For example, mandate that an operator’s supervisor verify that the amount of a critical catalyst to a batch reaction is correct by independently weighing the catalyst before charging it to the reactor.
Process safety management efforts typically start by accepting the existence and magnitude of the hazards. So, efforts concentrate on reducing the risk associated with those hazards by using passive, active and procedural strategies to provide “layers of protection.” The “layer of protection” concept is based on a simple premise. Given enough protective features and countermeasures, the prospect is sufficiently low that all will fail simultaneously when a process upset occurs that might lead to an undesired event that the risk is judged to be tolerable. This approach can be highly effective, and its application has resulted in significant improvement in the safety record of the chemical industry. But there are disadvantages:
- The process hazard remains and some combination of failures of the layers of protection may result in an incident.
- Every protective system or procedure layer potentially can fail because equipment is not perfect, people make mistakes, and management systems for maintenance can deteriorate over time. The likelihood of failure can increase if the protective systems aren’t properly maintained and operated throughout the life of the plant. Indeed, long term maintenance of management systems to ensure the reliability of protective systems may represent the biggest challenge for process safety in the chemical industry. Investigation reports after many serious incidents have identified the failures of management systems to ensure mechanical integrity, operating procedure integrity and personnel training, for example, as major contributing causes.
- Because the hazard still exists, there’s always a danger that some unanticipated route or mechanism could cause a potential impact. Nature may be more creative in inventing ways by which a hazardous event can occur than experts are in identifying them. Accidents can happen by mechanisms that were unanticipated or poorly understood.
- The layers of protection can be expensive to build and maintain throughout the life of the process. Factors include initial capital expense; operating, safety-training and maintenance costs; and diversion of scarce and valuable technical resources to maintain and operate the layers of protection.
A powerful alternative
Inherently safer design (ISD) approaches hazards differently. It focuses on eliminating or significantly decreasing them. (A process with reduced hazards is described as inherently safer, rather than inherently safe, because no technology is completely without risk.) Where feasible, ISD provides more robust and reliable risk management and, in many cases, potentially can make the processing technology simpler and more economical.
In general, ISD looks at how single events (chemical accidents) affect people, the environment, property and business. In a chemical plant, this usually means the immediate impacts of fire, explosion and the release of toxic materials. Often, however, an ISD also will reduce risk from long-term exposure to chemicals or environmental impacts from handling of toxic materials.
ISD aims to build safety into the process instead of adding it on. A hazard is eliminated, not controlled, and the means by which the hazard is removed is so fundamental to the design that it cannot be changed or defeated without altering the process. For example, replacing a combustible and toxic solvent with one that is non-combustible and non-toxic, perhaps water, would make a process inherently safer with respect to fire and toxicity hazards. However, it is highly unlikely that any technology for any process will ever be inherently safer with respect to all possible hazards. Here, for instance, while the old solvent operates at atmospheric pressure, the new one may require running at elevated pressure and thus may be inherently less safe for high pressure hazards.
The Center for Chemical Process Safety’s “Inherently Safer Chemical Processes: A Life Cycle Approach”  categorizes strategies for designing inherently safer processes into four groups:
- Minimize. Use small quantities of hazardous materials and decrease the size of equipment operating under hazardous condition such as high temperature or pressure;
- Substitute. Switch to less hazardous materials, chemistry and processes;
- Moderate. Reduce hazards by dilution, refrigeration and process alternatives that operate at less hazardous conditions; and
- Simplify. Eliminate unnecessary complexity and design “user friendly” plants.
Applying the approach
The best opportunities for implementing ISD are early in product or process research and development. At this point, there’s no commitment to a particular technology, most R &D work hasn’t yet taken place, potential customers haven’t committed to using products made by a certain technology and developed their processes to fit this product, and capital hasn’t been spent to build a plant. As the process moves through the life cycle, it becomes more difficult to change the basic technology. However, it’s never too late to consider ISD — although implementation options may be more limited in an existing plant.