Search
-
Recent Posts
Recent Comments
- Gabi Spencer on The importance of Process Hazard Analysis studies
- Ephraim Gasitene Phonela on The importance of Process Hazard Analysis studies
- Gabi Spencer on ESC’s TÜV Rheinland Cyber Security Training Program
- David Dewdney on ESC’s TÜV Rheinland Cyber Security Training Program
- David Balfour on Functional Safety (FS) for Technicians – Proposed CompEx modules
Archives
- May 2022
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- January 2020
- July 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- November 2018
- August 2018
- April 2018
- March 2018
- February 2018
- November 2017
- May 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- February 2016
- August 2015
- June 2015
- May 2015
- February 2015
- November 2014
- September 2014
- July 2014
- April 2014
Categories
Guidance for Performing an Effective LOPA – Part One
By Dr Esteban Bernechea, PhD FS Eng (TÜV Rheinland)
Dr Esteban Bernechea
Introduction
Layers Of Protection Analysis (LOPA) is a technique that can be used to determine or allocate the Safety Integrity Level (SIL) of a Safety Instrumented Function (SIF) according to IEC-61511 [1] Part 3.
Guidance for Performing an Effective LOPA
The technique is based on the principle that all of the Independent Protection Layers (IPLs) designed to prevent a scenario must fail at the same time for it to occur. In order for the hazardous consequences of the scenario to manifest, several Conditional Modifiers (CMs) might also have to coincide with the failure of all IPLs. This is the principle applied to calculate the demand rate on the SIF (before CMs) and the Intermediate Event Frequency (considering CMs). This can then be divided by the risk target selected for the scenario in order to determine the Probability of Failure on Demand (PFD) or Probability of Failure per Hour (PFH) and the SIL requirement of the function.
LOPA is normally performed after completion of a Process Hazard Assessment (PHA) or process Hazard & Risk Assessment (H&RA), as a brainstorming exercise by a team of professionals that have expertise on the plant (or system) under analysis. Due to its semi-quantitative, brainstorming nature, LOPA can suffer from several pitfalls that can negatively impact its results. The consequences of a poorly performed LOPA can be significant over the life of a process plant, whether due to overestimation or underestimation of the requirements of the SIFs. In the worst case, it can cause the plant to operate in an unsafe state, while in the best case, it can lead to over expenditure during the lifecycle of the plant.
This paper presents and explains simple tips that users can apply at the moment of performing LOPA in order to avoid potential pitfalls that can lead to poor results and a myriad of issues during the lifecycle of the Safety Instrumented Systems (SISs).
The tips are related to the various stages of a LOPA study as presented in Figure 1, from the preparation to the completion of sessions and management of results:
- Preparation is key
- Calibrate and define risk targets
- Select a competent team
- Always keep traceability in mind
- Time it right
- Specify hazardous consequences
- Justify the initiating events, as well as their frequencies
- Be aware of potential dependency issues between IPLs
- LOPA is a live study
In the opening part of this work, the first tip is expanded; other tips will be further developed in the next parts.
1. Preparation is key
LOPA is no different to any other study or project in that preparation prior to the sessions is paramount for success.
One of the key aspects when preparing for a LOPA is gathering the required process safety documentation. This information relates to PHA study(es) that should be performed in advance of LOPA, as well as the engineering documentation that is necessary to carry out the study workshop in an appropriate manner. A Terms of Reference (ToR) document or company procedure should also be prepared prior to the LOPA workshop, in order to define the rules and assumptions that will be applied during the study, as well as clarifying the roles and responsibilities of each of the parties involved in the study.
A common misconception when of performing SIL determination is to use the representative Risk Graphs / models presented in IEC 61508 [3] and IEC 61511 [1], which are not specific to any process or organization and should not be used in real applications. Definition and calibration of methodologies, including graphical methods (risk graph / risk matrix) should be undertaken by competent people, with an understanding of the hazards associated to processes that will be assessed.
Table 1 presents a list of typical required documentation, emphasizing which documents are required for the preparation of the LOPA workshop and which ones will be required during the study.
| Documentation Required for LOPA Studies |
|---|
| Prior to workshop: |
| – Terms of Reference agreed with client (for larger-scale studies only) |
| – Cause and Effects (C&E) Charts (or equivalent) for all SIFs under consideration |
| – Accurate Piping & Instrumentation Diagrams (P&IDs), which reflect the as-built status of the plant under analysis |
| – PHA or Hazard and Operability (HAZOP) report |
| During the workshop: |
| – Operating procedures |
| – Pressure Safety Valve (PSV) design data |
| – Equipment design data (mass & energy balances, materials of construction, etc.) |
| – List of alarms and rationalization philosophy (optional) |
| – Consequence analysis studies or Quantitative Risk Analysis (QRA) (optional) |
| – Failure history of equipment (optional) |
| – Plant layout drawings / Plot plans |
Once the ToR document has been issued, and the rest of the required documentation is available, the preparation centres in the LOPA team studying the scenarios and SIFs to be analysed during the workshop.
In case the minimum required documentation is not available, it is advisable to postpone the workshop sessions, in order to avoid performing an incomplete study, which could result in the requirement for further meetings and project delays.
Part two will be available next week.
If you have any questions or would like to leave us feedback please use the comments box below.
Certificate No.
2 Responses to Guidance for Performing an Effective LOPA – Part One