General Overview of HAZOP Method
Compiled by: Dr. Asit K Patra, Asstt. Director, DMI, Bhopal
1.1 Background – Concept of HAZOP
A HAZOP (HAZard and OPerability) study identifies hazards and
operability problems in a process plant. It is a tool for the identification
of hazards due to process parameter deviations. The concept
involves investigating how the plant might deviate from the design
intent. HAZOP is based on the principle that several experts with
different backgrounds can interact and identify more problems when
working together than when working separately and combining their
results. Although the HAZOP study was developed to supplement
experience-based practices when a new design or technology is
involved, its use has expanded to almost all phases of a plant's life.
The “Guide-Word” HAZOP is the most well known of the HAZOPs;
however, several specializations of this basic method have been
developed.
The HAZOP concept is to review the plant in a series of meetings,
during which a multidisciplinary team methodically “brainstorms” the
plant design, following the structure provided by the guide words and
the team leader's experience.
The primary advantage of this brainstorming is that it stimulates
creativity and generates ideas. This creativity results from the
interaction of the team and their diverse backgrounds. Consequently
the process requires that all team members participate (quantity
breeds quality in this case), and team members must refrain from
criticizing each other to the point that members hesitate to suggest
ideas.
The team focuses on specific points of the design (called "study
nodes"), one at a time. At each of these study nodes, deviations in
the process parameters are examined using the guide words. The
guide words are used to ensure that the design is explored in every
conceivable way. Thus the team must identify a fairly large number of
1
deviations, each of which must then be considered so that their
potential causes and consequences can be identified.
The success or failure of a HAZOP study depends on several factors,
to name a few:
 The completeness and accuracy of drawings and other data
used as a basis for the study
 The technical skills and insights of the team
 The ability of the team to use the approach as an aid to their
imagination in visualizing deviations, causes, and
consequences
 The ability of the team to concentrate on the more serious
hazards which are identified.
In the process of identifying problems during a HAZOP study, if a
solution becomes apparent, it is recorded as part of the HAZOP
result; however, care was taken to avoid trying to find solutions which
are not so apparent, because the prime objective for the HAZOP is
problem identification.
1.2 Various Terms used in HAZOP Study
The HAZOP process is systematic and it is helpful to define the terms
that are used in the study:
A. Study Nodes - The locations (on piping and instrumentation
drawings and procedures) at which the process parameters are
investigated for deviations.
B. Intention - The intention defines how the plant is expected to
operate in the absence of deviations at the study nodes. This can
take a number of forms and can either be descriptive or
diagrammatic; e.g., flow-heets, line diagrams, P&IDs.
C. Deviations - These are departures from the intention which are
discovered by systematically applying the guide words (e.g., "more
pressure").
D. Causes - These are the reasons why deviations might occur. Once
a deviation has been shown to have a credible cause, it can be
2
treated as a meaningful deviation. These causes can be hardware
failures, human errors, an unanticipated process state (e.g., change
of composition), external disruptions (e.g., loss of power), etc.
E. Consequences - These are the results of the deviations should
they occur (e.g., release of toxic materials). Trivial consequences,
relative to the study objective, are dropped.
F. Guide Words - These are simple words which are used to qualify
or quantify the intention in order to guide and stimulate the
brainstorming process and so discover deviations. The guide words
shown in Table 1 are the ones most often used in a HAZOP; some
organizations have made this list specific to their operations, to guide
the team more quickly to the areas where they have previously found
problems. Each guide word is applied to the process variables at the
point in the plant (study node) which is being examined. These guide
words are applicable to both the more general parameters (e.g.,
react, transfer) and the more specific parameters (e.g., pressure,
temperature).
Table 1: HAZOP Guide Words and Meanings
Guide Words
Meaning
No
Negation of the Design Intent
Less
Quantitative Decrease
More
Quantitative Increase
Part Of
Qualitative Decrease
As Well As
Qualitative Increase
Reverse
Logical Opposite of the Intent
Other Than
Complete Substitution
3
With the general parameters, meaningful deviations are usually
generated for each guide word. Moreover, it is not unusual to have
more than one deviation from the application of one guide word. For
example, "more reaction" could mean either than a reaction takes
place at a faster rate, or that a greater quantity of product results.
With the specific parameters, some modification of the guide words
may be necessary. In addition, it is not unusual to find that some
potential deviations are eliminated by physical limitation. For
example, if the design intention of a pressure or temperature is being
considered, the guide words "more" or "less" may be the only
possibilities.
Finally, when dealing with a design intention involving a complex set
of interrelated plant parameters (e.g., temperatures, reaction rates,
composition, or pressure), it may be better to apply the whole
sequence of guide words to each parameter individually than to apply
each guide word across all of the parameters as a group. Also, when
applying the guide words to a sentence it may be more useful to
apply the sequence of guide words to each word or phrase
separately, starting with the key part which describes the activity
(usually the verbs or adverbs). These parts of the sentence usually
are related to some impact on the process parameters.
1.3 HAZOP Methodology
The concepts presented above are put into practice in the following
steps:
1.
2.
3.
4.
5.
Define the purpose, objectives, and scope of the study
Select the team
Prepare for the study
Carry out the team review
Record the results.
It is important to recognize that some of these steps can take place at
the same time. For example, the team reviews the design, records
the findings, and follows up on the findings continuously.
4
1.4 Risk and Risk Matrix in HAZOP study
In the context of process safety management, Risk is defined in terms
of the likelihood and consequences of incidents that could expose
plant personnel, property, assets, process and environment to the
harmful effects of a hazard. According to Centre for Chemical
Process Safety of the American Institute of Chemical Engineers,
hazards are potential sources of harm, including chemical or physical
conditions or characteristics that can damage people, property or the
environment. Incident likelihood encompasses frequency and
probability; consequences refer to outcomes and impacts.
Risk ranking uses a matrix that has ranges of consequence and
likelihood as the axes. A typical risk matrix is a 4 x 4 grid.
5
1.5 Design of Risk Matrix in HAZOP study
Although there are many risk matrices that have been developed,
effective risk ranking tools in day-to-day operations, such as during
hazard and operability (HAZOP) studies are very limited. Layer of
Protection Analysis (LOPA) approach is one of them. It is simple to
implement and easy for most HAZOP participants to understand.
1.5.1 Various Layers of Protection in a Process Plant
HAZOP study deals with the identification of hazards due to process
parameter deviations. When a failure occurs due to deviations, it may
take the process outside of its normal operating ranges. In general,
there are several layers of protection measures in a plant in response
to a process deviation. The basic process controls, alarms, safety
valves, operator supervision etc. are the typical protection measures
against any harmful consequences due to deviation of process
parameters as shown below:
 Process equipments are designed for process operating limits.
 Basic process controls, alarms and operators are adjusted to
process deviations.
 Presence of Critical Alarms along with Speedy Response of
Operators.
 Safety Interlock System/Emergency Shut Down at operating
limits.
 Relief Systems that activate at equipment design limits.
 Mitigation systems that contain the effects of incident.
 Plant emergency response to control the effects of incidents
(On-site Control Arrangement).
 Emergency response to protect the public from the effects of an
incident (Offsite Control Arrangement).
6
1.5.2 Likelihood and Consequences Ranges
In LOPA approach, the highest likelihood range (Level 4) is defined
by the likelihood of the initiating event, e.g. human error, control
failure etc. Then for each level of existing protection measure,
likelihood range is reduced by one level. This approach assumes that
each level of protection has a similar failure probability, which is
generally acceptable for rough risk screening such as HAZOP risk
ranking. Some failures have fairly well defined frequencies of
occurrences and can be directly used. For example, catastrophic
failure of a pressure vessel has a frequency in the range of 10-5 per
year and thus by itself would be considered as Level 1 likelihood.
Similar likelihood levels can be defined for other common equipment
failures, pipe leaks, ruptures etc. (Refer to: CCPS Guidelines for
Process Equipment Reliability Data, AIChE, 1999). The above
likelihood ranges can be used in conjunction with typical
consequence ranges to people, property and environment. The
following Table 2 and 3 show the likelihood ranges and consequence
ranges respectively. In the likelihood range, highest chances of
occurrences have been given to leaking scenarios etc., associated
with least protection measures in a plant. Similarly, catastrophic
failure of tanks/process vessels has the least chances of occurrence
and also associated with various protection measures against
failures. In the consequence ranges, major aspects, viz., human
injury/fatality, environmental impact, production loss, product quality
etc. have been considered.
Table 2: Likelihood ranges based on levels of protection
Likelihood Range
1
2
3
4
Qualitative Frequency Criteria: Typical Scenarios
* Three levels of protection
* Tank/process vessel failures
* Two levels of protection
* Full-bore failures of small process lines or fittings
*One level of protection
* Piping leaks
*Initiating event/Human Error
*Hose leaks/rupture
7
Table 3: Typical Consequence ranges
Consequence
Range
1
Qualitative Safety Consequence Criteria



2
3
4










Injuries requiring first-aid only.
Product quality affected and damage value range:
Rs. 10,000 – 1 lakh.
Contained release with local environmental impact
and Pollution problem.
Injuries requiring a physician’s care.
Damage value Range: Rs. 1 lakh – 10 lakh.
Uncontained release with potential for minor
environmental impact.
Chances of fire and explosion.
Severe Injuries or Potential for a fatality
Damage value range: Rs. 10 lakh - 1 Crore.
Uncontained release with potential for moderate
environmental impact.
Multiple life threatening injuries and/or fatality
Damage value range: More than Rs. 1 Crore.
Uncontained release with potential for major
environmental impact.
8
1.5.3 Risk Ranking Matrix and Acceptability Values
Based on the likelihood and consequence ranges, risk ranking has
been defined with suitable acceptability criteria as shown in Table 4.
Table 4: Risk Rank Value and Acceptability Criteria
Risk Rank Value
Explanation
1–2
Acceptable as it is
3–4
Acceptable with Controls
5–9
Undesirable; Mitigation Required to Reduce Risk
>9
Unacceptable
*******
9