Stop-Work Authority in Process Plant Operation

Stop-Work Authority in Process Plant Operation

Authors: Raghava Nayak and Venkat Pattabathula

 

Stop-Work ­Authority­ (SWA) ­is ­widely­ practiced ­in every day­ occupational­ health,­ safety, ­and­ environment­ (OHSE)­ programs.­ All­ companies­ empower­ employees to ­intervene ­if­ they­ see ­unsafe ­situations.­ Several ­surveys­ have­ found ­that­ nearly­ 70 ­percent of­ catastrophic­ incidents­ happen­ during­ transient­ operations ­such­ as ­startups­ and ­shutdowns. ­Although later investigations ­identify ­several­ root­ causes, ­the immediate­ cause ­is ­invariably ­the ­omission ­or­commission ­of ­manual ­actions.­

Comparison of SWA for OHSE and Process Safety

Numerous stop-work policy statements are available in the public domain and state that all workers are empowered to apply SWA in any situation involving unsafe conditions, actions, inactions, omissions, or mistakes that may harm people or the environment levy no blame on the employee applying the SWA. The six SWA steps, whether for process safety or OHSE, are:

  1. Stop unsafe
  2. Notify the affected people and the
  3. Investigate the cause of the intervention without blaming the Some companies may reward the initiator.
  4. Correct the situation to reduce the risk to a tolerable
  5. Resume work after notifying the
  6. Follow up with detailed reports, safety alerts, and lessons

SWA in the process safety context differs markedly from SWA in OHSE because the process safety issue can be too complicated. In a day-to-day OHSE context, people can generally visualize, hear, feel, and understand the imminent danger of a potential accident and issue the SWA. In the case of process safety, the imminent incident is less understood.

SWA ­applied ­prematurely ­or ­incorrectly ­can ­de-rate each­ plant’s­ integrity­ and ­decrease­production.­ Hence,­ timely and­ valid­ SWA ­calls ­for­ specialized,­ process-specific ­training­ and ­experience.­The­ table­ below compares­ SWA ­in ­process safety­ with ­SWA ­in­ OHSE.

Enhancing SWA in Process-Safety Operation

The ­reasons­ why­ operators ­may ­fail­ to ­apply ­the­ SWA in­ the ­process ­safety­ context­ are:

  • They­ may ­not­ detect ­or­ perceive ­that ­the ­change ­in the­ process­ parameter­ would­develop quickly ­in to ­an uncontrolled,­ abnormal,­ unsafe ­situation.­
  • At­ times,­ the­ operator’s­ previous ­experience ­may ­lead him ­to­ believe ­that ­he­ can­ manage ­the ­process ­oscillations­ and­, not­ using ­the­ SWA ­may­ be­ an ­accepted practice.
  • Some ­operators­ tend ­to ­rely­ on ­safety ­instrumented systems ­and ­avoid­ applying­SWA.
  • Some­ operators­ may­ consider ­the ­level ­of ­risk ­to ­be below ­the­ actionable ­level.
  • Diffusion­ of ­responsibility ­can ­also ­cause ­non-use ­of the­ SWA.
  • Production ­pressures ­some times ­override ­the ­instinct ­to ­invoke ­the ­SWA.
  • The­ operator ­may ­also ­feel ­that ­he­ does ­not ­have ­the authority ­to ­intervene ­in­ an­abnormal ­situation.­
  • The­ operator­ may ­not ­wish ­to ­risk ­alienating­ his colleagues.
  • In ­a­ stable ­plant­ where­ deviations­ are ­very­ rare,­ operators­ may ­lose ­the ­ability­ to­compensate­ for abnormal ­situations.­Their ­understanding ­of ­how a ­system­ works­disappears­ over­ time.­When­ a ­very rare ­deviation ­occurs,­they ­no ­longer ­know­ how­to react.
  • The­ Feynman­ Gap ­between ­engineers ­and ­managers ­on ­risk ­probabilities ­may ­also­ apply­ between operators­ and­ the ­production­ manager. The­ above ­inhibitions ­mimic­ the­ Rasmussen ­failure model ­consisting­ of ­slips,­ lapses,­and­ mistakes.­

Figure­ 1. ­­shows ­that ­SWA­ application training ­in­ the ­operational ­context ­is ­a ­key ­to ­timely ­application­ of­ appropriate­ intervention­ and,­ therefore,­ the avoidance­ of­ costly­ errors. ­The ­training­ generally ­covers process ­introduction,­ basic­ maintenance,­ safety ­and environment,­ and­ classroom ­lectures­ on ­technology with ­assessments ­at­ each­ stage.­ Many ­firms ­give­ new operators­ on-the-job­ training­ with ­a ­buddy­ system ­in operating ­plants ­and­ use ­operator ­training ­simulators and­ desk top­ exercises­ for­ plant-specific­ scenarios ­that focus ­on ­minimizing­ SWA­ application­ through­ advance corrective ­actions, ­timing ­of ­SWA,­ and, ­finally, ­the SWA.­ An­ operator­ would ­be ­under ­immense­ pressure to ­respond­ during­ upsets. ­Automating­ the­ operator response­ with­ specific ­training ­would ­minimize ­the errors ­in­ SW A­application.­

Standard­ operating ­procedures­ (SOPs) ­should ­have been­ developed ­for­ normal­operations ­as­ well ­as ­for transient­ operations. ­Often, ­SIS­ overrides ­are­ placed for­maintenance,­ inspection,­ start-up,­etc. ­The­ SOPs should ­include­ such ­possibilities­ and­ provide ­guidelines­ on­ SWA ­for ­specific­ scenarios.­ These­ scenarios and ­appropriate­remedies ­should­ have­ been­ covered in­ documents ­such ­as­ HAZOP, ­Bow-Tie, ­LOPA, QRA,­ and­ operating ­philosophy.­

Transient ­operating­ mode ­in ­a­ continuous­ plant ­is similar ­to ­batch-plant­ operation, where­ tasks­ are­ carried ­out­ manually. ­The ­frequency ­of ­tasks,­ time ­pressures,­ missed sequence ­of­ steps,­ and­ safety­ overrides are ­liable­ to­ cause­ catastrophes.­ Automation would help­ minimize­ the­ manual­ actions.­ A­ new ­standard ISA­ 106­, is ­being­ developed­to ­help ­with ­automating the­ procedures.

The­ API­ standard,­ API­ 584 ­Integrity ­Operating­ Windows,­ was ­released­ in ­2014.­
Although ­the­ standard­ is ­intended ­for ­inspection­ and ­maintenance, ­the­ operating envelope­ in Figure ­2 is­ the­ right­ resource ­for­ SWA ­in­ process­ safety.

­Making­ the ­safe­ operating­ limits ­for ­each ­of ­the ­critical­ equipment ­scenarios readily­  available ­to­ the­operator,­ either ­in ­the ­SOPs­ or ­alerts ­on ­the ­screen,­ minimizes ­the­ operators’ reliance ­on­ memory ­and ­reduces­ the­ error­ rate.­Typical examples ­for­ an ­ammonia ­plant include­ the ­steam to carbon­ ratio ­for ­the ­primary reformer,­ steam­ drum ­level,­ pressure ­and ­temperature ­limits­ of ­reactors,­ methane slip, ­CO ­slip,­ and­ H2 to N2 ­ratio­ in ­the­ synthesis loop.

New ­software­ for­ forecasting­ or­ trending­ the ­process ­parameters­ can­ help support­ the ­operator’s­ action­ based ­on­ the ­likelihood­ of ­safe­ operating ­limits­ being exceeded.­ Alarm rationalization­ software­ and­ process-monitoring­ software,­ such as­ DynAMo,­ can ­reduce­ the­ number ­and ­severity­ of ­process­ upsets.­

SWA­ for­ process­ safety­ is­ more­ complex ­than­ SWA­ for­ OHSE ­because ­the process ­risks­ may ­not­ be­ easily­ understood.­ All ­operating­ personnel ­need­ to ­know when ­SWA­ applies.­ SWA should ­be ­used­ sparingly­ because­ thermal­ shocks ­may lead ­eventually­ to­ unsafe­ plant conditions.­

Share this on:
LinkedIn
Twitter

AMMONIAKNOWHOW and its partners provide solutions for:

► Ammonia Reforming Section

IGS

Ametek

Langfields

► CO2 Removal and Methanation

IGS

► Ammonia Storage Tanks

Fertilizer Industrial Services

► Plant General Operation

Navigance

Habonim

SDS Separation

E2G

Grandperspective

Gexcon

AMMONIAKNOWHOW and its partners provide solutions for various ammonia plants sections

READ MORE

AMMONIAKNOWHOW and its partners provide solutions for various ammonia plants sections

READ MORE
Latest news
Recent Publications
Latest forum discussions
2021 – 2023 © Fertilizer Industrial Services – United Kingdom. All rights reserved | Terms and conditions | Privacy Policy | A website designed by conceptie.ro

[user_registration_form id=”41351″]