Impact of Guidelines for Independent Protection Layers and Initiating Events
- Type: Conference Presentation
- Skill Level:
Layers of Protection Analysis (LOPA) was introduced about 15 years ago as a simplified risk assessment method between HAZOP (Process Hazard Analysis [PHA]) and quantitative risk assessment (QRA). This introduction was timely; LOPA was quickly adopted world-wide. The rules for independent protection layers (IPLs) were especially critical to the industry. The first guidelines for LOPA from AIChE/CCPS were published in 2001. Ten years later, a tremendous number of LOPAs have been performed by many practitioners. But the first book left many questions; and since 2001, much new data on process and human reliability has come to light.
In late 2007, a new book was commissioned by CCPS to expand the guidance for choosing and rating initiating events (IEs) and IPLs. The committee for the new book, Guidelines for Independent Protection Layers and Initiating Events,” spent about 3 years collecting data and debating necessary conditions for initiating event frequency (IEF) and probability of failure on demand (PFD). This paper describes the key changes to LOPA introduced in the new guidelines:
- All IPLs and IEs should be maintained and should be initially and periodically validated to provide the IEF or PDF that was credited the IE or IPL, respectively. This can include periodic drills for human IPLs.
- Human error and other systemic errors during maintenance and testing and restoration should be considered in assigning the PFD, especially for any IPL with a PFD < 0.1. This particularly affects PFDs for process safety valves (PSVs) with block valves underneath and safety instrumented functions requiring a high degree of reliability (especially those in continuous processes).
- Human error during fabrication of material sensitive equipment (such as pressure vessel made from alloys) can dominate the failure rates of this equipment.
- Clarification that LOPA is not normally appropriate when loss of containment is the IE.
- Advanced LOPA, which does not follow the simple rules established for the LOPA method or integrates methods from Quantitative Risk Analysis (QRA), requires a greater degree of expertise, knowledge, and judgement and should be used with care. Several advanced topics are addressed in the text including:
- Use of QRA methods in conjunction with LOPA
- Evalution of Common Mode Failure in LOPA
- Use of multiple failures in a BPCS in LOPA
- High demand rate for independent protection layers
- Complex mitigative controls in LOPA
- Human Reliability Analysis