Comprehensive Process Hazard Analysis 2003. 11. CEC 기술사사무소차스텍이앤씨 135.860 서울특별시강남구도곡 1 동 947-30 용호빌딩 2 층 Tel: 02-573-9795~6 Fax: 02-573-9725 E-mail: cec@charstech.com www.charstech.com
1. 개요 화학플랜트및가스플랜트의사고를방지하기위하여가장먼저해야할일은공정중에존재하는위험을모두찾아내어이를확인 (identification) 하고분석 (analysis) 하는것이다. 위험이확인되지않은상황에서는그위험을제거하고통제하는적절한대책을수립할수없기때문이다. 위험요소를규명하여평가, 분석하기위해서는위험을규명하는방법이있어야하고, 규명된위험이얼마나자주발생하며또한위험이발생하였을경우에얼마나큰손실이미치는가를평가, 분석할수있는기법이있어야한다. 화재 폭발 누출과같은대형사고를예방하기위해서는위험을찾아내어그위험이얼마나자주발생할수있는가를평가하는것도중요하지만사고가발생했을때어느범위에어떤영향 ( 손실 ) 을줄수있는가를평가하는것도매우중요하다. 사업장에서의위험이실제로발생한경우, 근로자의안전보건위험을 예견하는과정 (EU) 직장에서무엇이위해의원인이될수있는지를주의깊게검사하고, 이미충분한대책이세워져있는지, 그이상의대책을행해야할지를판단할수있도록하는것 ( 영국 HSE) 2. 위험성평가의목적 가동중인혹은설계중인시설의위험성정량화 공정에잠재하는위험성의우선순위화결정 위험성평가를통한재해방지대책제시 위험성평가를통한비상대응계획지원 재정위험평가 : 보험요율산정 고용인, 일반인에대한위험성평가 법적또는규정요건준수 2 기술사사무소차스텍이앤씨 ( 주 )
3. 위험성평가의역사 1970 년대 - 확률론적위험성평가기술 (PRA) 등장 HAZOP 개발 (AEA, ICI, USAEC 등 ) 1974 년 - Flixborough 폭발사고 (UK) 1976 년 - Seveso 다이옥신누출사고 (Italy) 1982 년 - Rijnmond 위험성평가 (Holland) 1982 년 - EC Seveso Directive : 안전 1984 년 - Bopal MIC 독성누출사고 (India) 1984 년 - CIMAH (Control of Industrial Major Accident Hazards) Regulation (UK) 1999 년 - COMAH(Contorl of Major Accident Hazards) 1986 년 - 라인강오염사고 : 독성물질누출 1996 년 - EU Seveso 2 directive : 안전 & 환경 3 기술사사무소차스텍이앤씨 ( 주 )
4. 위험성평가의단계 잠재위험규명 (Hazard Identification) 공정내에잠재하는위험요소확인및분석 HAZOP, What-If, FMECA 등 사고발생확률분석 (Accident Frequency Analysis) 사고의발생가능성분석및계산 사고사례분석및관련데이터 수집 FTA, ETA, CA 등 사고영향분석 (Accident Consequence Analysis) 사고의피해영향분석 Source Modeling, Dispersion Modeling, Effect Modeling 등 위험성표현 (Presentation of Risk Measures) Indices : FAR, IHI 등 개인적위험 (Individual Risk Contour) 사회적위험 (F-N curve) 위험성평가및대책 위험수용여부판단 안전장치설치 방재대책설립 4 기술사사무소차스텍이앤씨 ( 주 )
A. 정성적위험성평가기법 (Qualitative Analysis Method) 1. Procedure Based HAZOP 1) 개요 기존 P&ID에바탕을둔 HAZOP(Hazard and Operability) 이아닌운전절차에바탕을두어위험및운전을분석하는기법으로, 숙련된팀의리더가각분야경험을가진사람들과함께공정상의일탈을찾아내어공정의위험요소와운전상의문제점에대한토론 (Brainstorming) 을바탕으로체계적으로분석하여평가한다. HAZOP Rules Assume that equipment will fail and operators will make errors: This is not a criticism of the design & operation team One person speaks at a time, no separate meetings Stick to identification of issues, not re-design of plant Follow structure of HAZOP procedure 2) Procedure Based HAZOP 예 5 기술사사무소차스텍이앤씨 ( 주 )
2. FMECA (Failure Mode, Effects and Criticality Analysis) 1) 개요 HAZOP 기법이나유사하나, System을 Sub system으로점점좁혀가고고장에대해그영향을기록하여평가하는방법이다. 서브시스템위험분석이나시스템위험분석을위하여일반적으로사용되는전형적인정성적, 귀납적분석기법으로시스템에영향을미치는모든요소의고장을형태별로분석하여그영향을검토하는것이다. Failure Modes and Effect Analysis evaluate the ways equipment can fail ( or be improperly operated) and the effects these failures can have on a process. A criticality attribute to the severity associated with a component failure in an FMEA. This extension of the FMEA technique is formally known as the Failure Modes, Effects and Criticality Analysis method. 2) FMECA 예 6 기술사사무소차스텍이앤씨 ( 주 )
3. What-If Analysis 1) 개요 공정에대한각고장모드, 고장모드의결과, 그리고고장모드에대한위험도순위를표로만드는것이다. 부품, 장치, 설비및시스템의고장또는기능상실에따른원인과영향을분석하여, 치명도에따라분류하고, 각각의잠재된고장형태에따른피해결과를분석하여이에대한적절한개선조치를도출한다. The What-If Analysis technique is a brainstorming approach in which a group of experienced people familiar with the subject process ask question or voice concerns about possible undesired events. 2) What-If Analysis 예 7 기술사사무소차스텍이앤씨 ( 주 )
B. 정량적위험성평가기법 (Quantitative Analysis Method) 1. FTA (Fault Tree Analysis) 1) 개요 화학플랜트, 핵발전소, 대기우주산업, 전자공업에서화재 폭발 누출등어떤특정한예상사고에대하여, 그사고의원인이되는장치 / 기기의결함이나설계자 / 조업자의오류를연역적 순차적 도식적 확률적으로검토분석하여이의정성적 정량적안전성을평가진단하는방법이다. A Deductive technique that focuses on one particular accident event and provides a method for determining causes of that accident event. A basic assumption in FTA is that all failures in a system are binary in nature. That is, a component or operator either performs successfully or fails completely. In addition, the system is assumed to be capable of performing its task if all subcomponents are working. The most common application in the process industry has been in the area of reliability, and the analysis of complex interlock or control systems. 2) FTA 예 8 기술사사무소차스텍이앤씨 ( 주 )
2. ETA (Event Tree Analysis) 1) 개요 사상의안전도를이용한시스템의안전도를나타내는시스템모델의하나로써귀납적이기는하나, 정량적인분석기법이다. 재해의확대요인을분석하는데적합하다. 사고의초기조짐을출발점으로하고여러가지주의영향에대해 Yes, No의판단에따라사고결과를연역적으로평가하는정량적분석방법이다. An event tree is a graphical logic model that identifies and quantifies possible outcomes following an initiating event. The event tree provides systematic coverage of the time sequence of event propagation, either through a series of protective system actions, normal plant functions, and operator interventions ( a preincident application), or where loss of containment has occurred, through the range of consequences possible (a postincident application). 2) ETA 예 9 기술사사무소차스텍이앤씨 ( 주 )
FTA & ETA 장점 사고발생전개과정을논리적으로표현 사고발생확률 ( 혹은빈도 ) 를과학적으로예측계산 공정 / 시스템에잠재하는위험요인을효과적으로제어 비용절감적인안전투자유도 FTA & ETA 단점 비전문가가수행하기에는상당한시간과노력이필요 분석에서사용할수있는데이터부족 분석가에따라분석결과가다름 10 기술사사무소차스텍이앤씨 ( 주 )
3. CA (Consequence Analysis) 1) 개요 공정에서최악의사고가발생할경우에대한시나리오를작성하여, 각각의시나리 오에대한화재, 폭발그리고누출에의하여복사열에따른피해거리, 과압에따른 피해거리등을구해사고피해를예측한다. Consequence Analysis는이러한화재 폭발 누출과같은사고가발생했을때인명이나재산상의손실또는업무중단으로인한손실비용등에영향을주는원치않는결과를분석, 추산하는위험성평가기법이다. 이는사고의종류와형태, 사고시의환경조건, 비상시를대비한손실감소대책등이어떠하냐에따라아주크게달라진다. 2) CA 예 < 과압에대한피해영향거리 > 11 기술사사무소차스텍이앤씨 ( 주 )
3) 수행방법 누출원모델링 (Source Term Modeling) 을다음과같이산정하고, - 기상유출 - 액체유출 - Two phase 포화액체유출 - Two phase 과냉액체유출 대기확산모델링 (Dispersion Modeling), 화재모델링 (Fire Modeling) 및폭발 모델링 (Explosion Modeling) 을다음과같이모델링한다음에, 대기확산모델링 (Dispersion Modeling): - Instantaneous heavy gas - Continuous heavy gas - Gas jet - Two phase jet - Plume - Integrated Gaussian - Puff finite duration Gaussian: light(passive) gas, heavy(dense) gas 화재모델링 (Fire Modeling): - Fireball - Pool fires - Gas flame jets - Two phase flame jet - Vapor cloud fires - Flash fire 폭발모델링 (Explosion Modeling): - BLEVE(Boiling Liquid Expanding Vapor Explosion) - UVCE(Unconfined Vapor Cloud Explosion) - Tank overpressurization - Shock wave - Fragment Trajectory 다음과같은사고영향모델링 (Effect Modeling) 을수행한다. Radiation heat effect( 복사열영향 ) Overpressurization( 과압 ) Toxic effect( 인체에대한독성 ) 12 기술사사무소차스텍이앤씨 ( 주 )
4. QRA (Quantitative Risk Assessment) 1) 개요정량적위험성평가는설비상에잠재하고있는위험성 (Risk) 의형태를발견하기위한정성적위험성평가를수행한후, 발견된위험요소들이사고로전이할가능성을 FTA등을이용하여확률적으로산출하고사고의결과를사전에예측하기위한평가방법으로서사고발생시예상되는피해범위등을예측하여전체시설의위험을정량적으로결정하고, 그수치가목표수준보다큰경우에는이를토대로비상조치계획을수립하여시행한다. < 외국의위험성평가기준 (Acceptable criteria) > 13 기술사사무소차스텍이앤씨 ( 주 )
The QRA would be carried out at the initial engineering design stage to match design consistency. Any changes out of QRA outcomes would be incorporated into engineering design such as Plot Plan. The QRA would be carried out in four stages: frequency analysis consequence analysis risk calculation recommendations for risk reduction. The need for risk reduction measures will be evaluated by comparing the calculated risk levels against agreed risk acceptance criteria. Each stage of the risk analysis process is described below: A. Hazard Identification A hazard identification (HAZID) review will be carried out to identify all major hazards associated with the proposed facilities. This will result in a list of the key hazards and associated initiating events. B. Frequency Analysis A high level frequency analysis review will be carried out to assess the likelihood of different sizes of liquid/gas release and the potential release locations. The release sizes considered will span the range from small leaks to major failure. 14 기술사사무소차스텍이앤씨 ( 주 )
The assessment of additional release frequencies (if required) will involve the use of standard historical oil industry recognised data. This will be in the form of the OREDA, etc. which is the widest and most detailed survey of international oil and gas facilities failure data currently available. C. Consequence Analysis Consequence calculations have already been carried out at the FEED stage for each leak case to determine the extent of the liquid/gas released and the subsequent gas dispersion and fire/explosion hazards. These would be reviewed in the light of the detailed engineering. These are based on industry standard release equations derived from full scale experiments. The outcomes that may be re-assessed for ignited releases, will include jet fires, pool fires, flash fires and explosions. For un-ignited releases, the distances to specific gas concentrations with respect to flammability limits will be re-assessed. Industry-standard consequence modelling software will be used to calculate or revise any hazard ranges. The outcome of the consequence calculations will be mapped on area plans and will show as a minimum: 15 기술사사무소차스텍이앤씨 ( 주 )
Isotherms for thermal radiation at 37.5kW/m2, 17.5 kw /m2, 5.0 kw /m2 Contours for Hydrogen Sulphide concentrations at 500 ppm, 100 ppm and 50 ppm (corresponding to near immediate fatality limit down to irritation of respiratory tract and eyes limit) Explosion overpressure contours at 0.2 bar, 0.5 bar and 1.0 bar D. Risk Calculation The frequency and consequence information will be combined to generate risk levels for personnel and property. This will be presented in terms of contours showing the calculated level of risk for individuals. Additionally, the F-N curve will be revised for societal risk (frequency of incidents involving N or more fatalities) and the curve of frequency against size of spillage will be updated for environmental risk. Property risk will be presented as bar charts showing the risk of asset/production loss ($/year) for different types of incident. 16 기술사사무소차스텍이앤씨 ( 주 )
E. Risk Acceptability and Recommendations The results from the risk analysis will be assessed and compared against internationally recognised tolerability limits. The risks will be analysed to determine whether they are acceptable or whether further risk reduction measures, over and above those noted at the FEED stage, should be considered. If necessary, modifications to the facilities design will be recommended to bring the risk levels within acceptable limits. The QRA study report will be produced describing the methodology, data used, results and conclusions. The report will typically be in the format as following: Executive Summary Introduction Methodology description Systems and operation description Risk Criteria Hazard Identification Initiating Event Frequencies Consequence Assessment Models input Event Outcome Frequencies Risk Quantification and summation 17 기술사사무소차스텍이앤씨 ( 주 )
5. SIL (Safety Integrity Level) 1) 개요 This procedure defines the application to establish the required safety integrity level for instrument systems, based on the risk of injury to people, the financial loss due to potential damage to equipment, and on the level of potential damage to the environment. This procedure does not describe how to engineer instrument control system so as to achieve the different SIL level required. One of three possible discrete integrity levels (SIL 1, SIL 2, SIL 3) of Safety Instrumented Systems. SILs are defined in terms of Probability of Failure on Demand (PFD) Safety Integrity Level (SIL) Probability of Failure on Demand Average Range 1 10-1 to 10-2 2 10-2 to 10-3 3 10-3 to 10-4 18 기술사사무소차스텍이앤씨 ( 주 )
2) SIL 예 19 기술사사무소차스텍이앤씨 ( 주 )