Use the Bow Tie Diagram to Help Reduce Process Safety Risks

December
2016

Bruce K. Vaughen, P.E., Kenneth Bloch

Bow tie diagrams are useful for visualizing process safety risks and safeguards. Although typically used after an incident has occurred, bow tie diagrams can also be employed during a process hazard analysis.

Bow tie diagrams visually depict the safeguards or barriers put in place to prevent and mitigate a loss-of-containment (LOC) incident. Although bow tie diagrams are typically constructed after an incident has occurred (1), they can also be useful during a process hazard analysis (PHA) to identify deficiencies in a process safety program and help to prevent the occurrence of an incident. Instead of simply showing what went wrong, bow tie diagrams can be used proactively to keep things from going wrong.

This article introduces the bow tie method and explains how bow tie diagrams can assist in preventing incidents and developing corrective actions needed to effectively mitigate any incidents that do occur. The article also illustrates how bow tie diagrams might have been used during a PHA of the Bhopal facility — the site of the world’s worst industrial disaster.

Process safety hazards and risks

AIChE’s Center for Chemical Process Safety (CCPS) defines process safety as: “A disciplined framework for managing the integrity of operating systems and processes handling hazardous substances by applying good design principles, engineering, and operating practices. It deals with the prevention and control of incidents that have the potential to release hazardous materials or energy. Such incidents can cause toxic effects, fire, or explosion, and could ultimately result in serious injuries, property damage, lost production, and environmental impact” (2).

Process safety hazards encountered in industry involve materials with toxic, flammable, explosive, and reactive properties. Losing control or containment of these hazardous materials can cause a toxic release, fire, explosion, or runaway reaction. Loss-of-containment release scenarios have the potential for injuries, fatalities, environmental harm, property damage, and business interruption.

The risk posed by such process safety hazards is traditionally thought of as a function of the product of a scenario’s frequency (F) and consequence (C). Practical experience demonstrates, however, that risk is also influenced by the example set by leadership, the reliability of available process safety systems, and an organization’s operational discipline (OD) (3). Thus, a more accurate description of risk incorporates OD into the equation, whereby risk is inversely proportional to OD (4–6):

image

As operational discipline improves, risk decreases, and vice versa.

As shown in Eq. 1, risk can be reduced by reducing the frequency and consequences of a hazardous scenario — via safeguards, which include inherently safer designs, process safety systems, basic process control systems, instrumentation and alarms, safety instrumented systems (SISs), active and passive engineering controls, and emergency response systems. Implementing the hierarchy of controls (Figure 1) is the most effective way to manage process safety risks. This approach focuses on inherently safer design as the first, crucial barrier. A process safety incident occurs when weaknesses develop in these barriers.

images

Figure 1. A hierarchy of protection layers can be used in a process hazard analysis to determine the adequacy of the existing safeguards. This approach identifies design as the first and most crucial barrier. Source: Adapted from (3).

The bow tie diagram

The bow tie diagram (Figure 2) depicts a potential process safety incident. The knot in the middle of the bow represents loss of control over a hazardous material or energy. On the left of the knot are threats that contribute to such an event, such as a material’s toxicity, flammability, explosivity, and reactivity, as well as hazardous processing conditions (e.g., extremely high pressures or temperatures). On the right of the knot are the possible consequences of the loss of control, such as injuries, fatalities, environmental harm, property damage, and business interruption.

images

Figure 2. The bow tie diagram visually depicts the three parts of an incident — the threats that can cause an incident (left), the loss-of-containment event (knot), and the resulting consequences of the event (right). Source: Adapted from (3).

Various engineering and administrative controls can be used to manage process safety risks. These are referred to as individual barriers, and they are shown as rectangles on the bow tie diagram (Figure 3). Preventive barriers (Figure 3, green rectangles) help reduce the likelihood of the event, while mitigative barriers (Figure 3, blue rectangles) help reduce the severity of the consequences if the incident does occur.

images

Figure 3. The engineering and administrative controls that are being used to manage process safety risks can be shown on a bow tie diagram. Preventive barriers (green rectangles) help reduce the likelihood of the event, while mitigative barriers (blue rectangles) help reduce the severity of the consequences if the incident does occur. Source: Adapted from (3).

Systemic barriers can also be represented on a bow tie diagram (Figure 4, next page). These are the process safety systems designed to manage the individual barriers. For example, a computerized maintenance management system (CMMS) is a systemic barrier that controls several individual barriers, including preventive maintenance (PM) schedules, normal work order processing, failure analysis coding, and warehouse inventory management.

images

Figure 4. Systemic barriers — the process safety systems designed to manage the individual barriers — can also be displayed on bow tie diagrams as dotted lines. Source: Adapted from (3).

Bow tie diagrams and PHAs

Even the most effective incident investigations can be used only to prevent similar incidents from occurring in the future (7, 8). It is much better to operate and manage processes so that learning from hindsight is not necessary. A PHA that incorporates a bow tie diagram is one way to do this.

A PHA identifies potential...

Would you like to access the complete CEP Article?

No problem. You just have to complete the following steps.

You have completed 0 of 2 steps.

  1. Log in

    You must be logged in to view this content. Log in now.

  2. AIChE Membership

    You must be an AIChE member to view this article. Join now.

Copyright Permissions: 

Would you like to reuse content from CEP Magazine? It’s easy to request permission to reuse content. Simply click here to connect instantly to licensing services, where you can choose from a list of options regarding how you would like to reuse the desired content and complete the transaction.