Protection layers are critical in the chemical industry to protect (PEAR) Personnel, Environment, Assets (Equipment), and Reputation from the potential hazards associated with the process. A protection layer is a set of protective measures implemented to prevent or mitigate the effects of process deviations, equipment failures, and human errors.
There are seven layers of protection for accident prevention and mitigation. Each layer is important, as some are for prevention and others are for mitigation. Staying within the innermost layer of protection is the key to higher plant availability and safe operation. Maintaining other layers of protection intact ensures the prevention and mitigation of accidents.
There are 9 layers of protection for the process industry given below.
1. Process Design
2. Basic Process Control System (BPCS)
3. Alarms and Operator Intervention
4. Safety Instrumented Systems (SIS, ESD)
5. Physical Protection (Relief devices)
6. Physical Containment (Dikes/Bunds)
7. Fire and Gas Monitoring System
8. Plant Emergency Response
9. Community Emergency Response
1. Process Design
In many companies, it is assumed that some scenarios cannot occur because of the inherently safer design of the process equipment. For example, the equipment might be designed to withstand the maximum pressure for a particular scenario, batch size might be limited, inventory lowered, chemistry modified, etc.; i.e., scenarios are eliminated by the inherently safer design.
In other companies, some inherently safer process design features are considered to have a nonzero PFD that is, they do have possible failure modes that have been observed in industry. These companies consider such inherently safer process design features as Independent Protection Layer IPLs. The design of the IPL is intended to prevent the consequence from occurring. For example, a pump may have an impeller that is too small to generate high pressure in a downstream vessel. The latter approach allows a company to compare the risk between plants designed using different equipment standards; the analysis can result in different failure rates for similar pieces of equipment which in turn might require additional IPLs for the equipment with higher failure rates. The LOPA analyst should be aware that inherently safer process design features may have a PFD and appropriate inspection and maintenance (auditing) might be required (e.g., a small impeller may be replaced with a larger impeller during repair or maintenance, batch size may be changed, etc.).
2. Basic Process Control System (BPCS)
The basic process control system (BPCS), including normal manual controls, is the first level of protection during normal operation. BPCS is a protection layer for the process industry, providing real-time monitoring and control of basic processes to ensure safe and efficient operations. Its advanced algorithms and real-time data capabilities enable precise control and fast response times, serving as a crucial safeguard against accidents and operational failures. In summary, BPCS is an essential protection layer that helps minimize risks and protect against potential hazards in the manufacturing process.
3. Alarms and Operator Intervention
These systems are the second level of protection during normal operation and should be activated by the BPCS. Operator action, initiated by alarms or observation, can be credited as an IPL when various criteria are satisfied to assure the effectiveness of the action. Company procedures and training may improve the performance of humans in the system, but procedures themselves are not an IPL.
Alarms with operator intervention are a critical protection layer in the process industry, providing an early warning of potential issues and allowing for quick intervention to prevent accidents or operational failures. Operators can take corrective action upon receiving an alarm, such as adjusting process parameters, shutting down equipment, or initiating emergency protocols, to minimize risks and ensure safe and efficient operations. Their ability to provide real-time alerts and enable rapid intervention make them an essential component of any process safety system.
4. Safety Instrumented Systems
SIS, or Safety Instrumented Systems, are an essential aspect of process safety management. They are designed to provide protection against hazardous events that may occur in a process plant or industrial setting. SIS are typically implemented at the protection layer of the process control system and are responsible for automatically taking action in the event of a process upset or abnormal condition that could lead to a hazardous event. SIS typically include sensors, logic solvers, and final elements such as valves or switches, all of which work together to detect and mitigate hazardous conditions before they can cause harm. The design and implementation of SIS require careful consideration of the process hazards, the level of risk, and the required level of safety integrity.
A SIF is a combination of sensors, logic solver, and final elements with a specified safety integrity level that detects an out-of-limit (abnormal) condition and brings the process to a functionally safe state. A SIF is functionally independent of the BPCS. A SIF is normally considered to be an IPL and the design of the system, the level of redundancy, and the amount and type of testing will determine the PFD the SIF receives in LOPA “Interlock” is an older, imprecise term for SIF.
5. Physical Protection (Relief devices, Rupture discs, etc.)
Another type of protection layer is commonly used in process plants to prevent overpressure events that could lead to equipment failure or other hazardous conditions. Relief devices are designed to relieve pressure from a process vessel or piping system by allowing the release of fluid or gas when the pressure exceeds a certain setpoint. There are various types of relief devices, including relief valves, rupture discs, and bursting discs, each with its own unique characteristics and applications. Relief devices are typically sized and selected based on the maximum expected pressure and the maximum allowable working pressure of the protected equipment. The design and installation of relief devices require careful consideration of the process conditions, including the type of fluid, temperature, and pressure, as well as the potential impact of the relief event on the surrounding environment. Properly designed and maintained relief devices are essential for safe and reliable operation of process equipment.
These devices, when appropriately sized, designed and maintained, are IPLs which can provide a high degree of protection against overpressure in clean services. However, their effectiveness can be impaired in fouling or corrosive services, if block valves are installed under the relief valves, or if the inspection and maintenance activities are of poor quality. If the flow from the relief valves is discharged to the atmosphere, additional consequences may occur which will require examination. This could involve the examination of the effectiveness of flares, quench tanks, scrubbers, etc.
6. Physical Containment (Dikes, Bunds wall, Blast walls, etc.)
Dikes, also known as bunds or containment systems, are another type of protection layer used to prevent the release of hazardous materials in the event of a spill or leak. Dikes are typically constructed around storage tanks or process equipment to contain any spills or leaks that may occur. The design and construction of dikes must consider the volume of material being stored, the potential impact of a spill on the surrounding environment, and the requirements of regulatory agencies. Dikes can be made of various materials, including concrete, steel, or earthen berms, and may be equipped with drains or sumps to collect and contain spilled material. The effectiveness of dikes as a protection layer depends on their proper design, construction, and maintenance. It is important to regularly inspect and repair dikes to ensure their integrity and prevent the release of hazardous materials.
7. Fire and Gas Monitoring System
Fire and Gas monitoring system is a safeguard against unacceptable fire and explosion risk. FGS actively identifies the release of flammable and toxic materials and mitigates the consequences by various means, including Active Alarms, Water spray systems, and emergency shutdown of the system/process.
A fire and Gas monitoring system that has been properly designed will not prevent a hazardous consequence from occurring; however, it can reduce the likelihood of a small leak escalating into a much larger consequence that could damage equipment or fatally injure personnel.
8. Plant Emergency Response
Plant Emergency Response is a critical protection layer that involves developing and implementing an emergency response plan (ERP) to address potential process safety incidents. This plan outlines necessary procedures, evacuation protocols, and communication methods in case of an emergency. Regular training and drills are necessary to ensure that personnel can respond quickly and efficiently. Plant emergency response helps prevent injuries, minimize damage, and mitigate the impact of an incident on the environment.
9. Community Emergency Response
Community Emergency Response is a protection layer that involves engaging and preparing the surrounding community for potential process safety incidents. This involves educating the community about the hazards associated with the process and providing information on what to do in the event of an emergency. Community Emergency Response may involve developing and implementing an emergency notification system, conducting public meetings or drills, and establishing partnerships with emergency response agencies. The effectiveness of Community Emergency Response depends on building trust and open communication between the facility and the community. Properly engaging and preparing the community can help minimize the impact of an incident, and protect both personnel and the surrounding environment.
Protection layers are applied in a layered approach to provide multiple barriers of protection. The sequence of action typically involves hazard prevention, process controls, safety instrumented systems, relief devices, dikes, and emergency response plans as given above. This comprehensive approach aims to prevent incidents from occurring and minimize their impact if they do occur. Therefore, Protection layers can be broadly categorized into two types: preventive and mitigative. The selection and implementation of protection layers depends on the specific hazards associated with the process, potential consequences, and regulatory requirements.