Guidelines for Initiating Events and Independent Protection Layers in Layer of Protection Analysis
1. Edition February 2015
384 Pages, Hardcover
Wiley & Sons Ltd
The book is a guide for Layers of Protection Analysis (LOPA)
practitioners. It explains the onion skin model
and in particular, how it relates to the use of LOPA and the need
for non-safety instrumented independent protection layers. It
provides specific guidance on Independent Protection Layers (IPLs)
that are not Safety Instrumented Systems (SIS). Using the
LOPA methodology, companies typically take credit for risk
reductions accomplished through non-SIS alternatives; i.e.
administrative procedures, equipment design, etc. It
addresses issues such as how to ensure the effectiveness and
maintain reliability for administrative controls or
"inherently safer, passive" concepts.
This book will address how the fields of Human Reliability
Analysis, Fault Tree Analysis, Inherent Safety, Audits and
Assessments, Maintenance, and Emergency Response relate to LOPA and
SIS.
The book will separate IPL's into categories such as the
following:
* Inherent Safety
* eliminates a scenario or fundamentally reduces a hazard
* Preventive/Proactive
* prevents initiating event from occurring such as enhanced
maintenance
* Preventive/Active
* stops chain of events after initiating event occurs but before
an incident has occurred such as high level in a tank shutting off
the pump.
* Mitigation (active or passive)
* minimizes impact once an incident has occurred such as closing
block valves once LEL is detected in the dike (active) or the dike
preventing contamination of groundwater (passive).
Acronyms and Abbreviations xv
Glossary xix
Acknowledgments xxv
Preface xxix
Introduction 1
1.1 Audience 2
1.2 Scope 3
1.3 Key Changes Since the Initial LOPA Concept Book 4
1.4 Recap of LOPA 6
1.5 Disclaimer 10
1.6 Linkage to Other CCPS Publications 11
1.7 Annotated Description of Chapters 13
Overview: Initiating Events and Independent Protection Layers
16
2.1 LOPA Elements: An Overview 16
2.2 Management Systems to Support LOPA 16
2.3 Scenario Selection 18
2.4 Overview of Scenario Frequency 20
2.5 Overview of Consequences 28
2.6 Risk Considerations 29
2.7 Conclusions 31
Core Attributes 34
3.1 Introduction to Core Attributes 34
3.2 Independence 35
3.3 Functionality 40
3.4 Integrity 47
3.5 Reliability 49
3.6 Auditability 52
3.7 Access Security 53
3.8 Management of Change 54
3.9 Use of Data Tables 55
Example Initiating Events and IE Frequencies 58
4.1 Overview of Initiating Events 58
4.2 Inherently Safer Design and Initiating Event Frequency 59
4.3 Specific Initiating Events for Use in LOPA 60
4.4 External Events 113
4.5 What if Your Candidate Initiating Event is Not Shown in a Data
Table? 113
Example IPLs and PFD Values 116
5.1 Overview of Independent Protection Layers (IPLs) 116
5.2 Specific Independent Protection Layers for Use in LOPA
118
5.3 What if Your Candidate IPL is Not Shown in a Data Table?
263
Advanced LOPA Topics 268
6.1 Purpose 268
6.2 Use of QRA Methods Relative to LOPA 269
6.3 Evaluation of Complex Mitigative IPLs 275
6.4 Conclusions 277
Appendices 280
Appendix A: Human Factors Considerations 282
Appendix B: Site-Specific Human Performance Data Collection
and Validation 300
Appendix C: Site-Specific Equipment Data Collection and
Validation 310
Appendix D: Example Reliability Data Conversion for Check
Valves 324
Appendix E: Considerations for Overpressure of Pressure
Vessels and Piping 328
REFERENCES 334
INDEX 342
