Plant Engineering

Plant engineering is that branch of engineering which embraces the installation, operation, maintenance, modification, modernization, and protection of physical facilities and equipment used to produce a product or provide a service. It is easier to describe plant engineering than to define it. Yet, the descriptions will vary from facility to facility and over time. Every successful plant is continuously changing, improving, expanding, and evolving. And the activities of the plant engineer must reflect this environment. Each plant engineer is likely to have his own, unique job description, and that description is likely to be different from the one he had five years earlier. 

By definition, the plant engineering function is multidisciplinary. It routinely incorporates the disciplines of mechanical engineering, electrical engineering, and civil engineering. Other disciplines, such as chemical engineering for example, may also be needed, depending on the type of industry or service involved. In addition, skills in business/financial management, personnel supervision, project management, contracting, and training are necessary to the successful fulfillment of plant engineering responsibilities. The function is fundamentally a technical one, requiring a thorough technical/engineering background through education and/or experience. But beyond it’s most basic level, a broad range of skills is needed. If the plant engineer is a specialist in anything, it is in his/her own plant or facility. 

Plant engineers must learn to know their own plants thoroughly, from the geology underlying its foundations and the topology of the rainwater runoff to the distribution of its electricity and the eccentricities of its production machinery. They must ensure the quality of the environment both inside and outside the facility as well as the safety and health of the employees and the reliability of its systems and equipment. And they are expected to do all of this in a cost-effective manner. A few phrases from a 1999 classified ad for a plant engineer provide some real-world insight on the scope of responsibilities: 

• Support ongoing operations, troubleshoot, resolve emergencies, implement shutdowns
• Organize and maintain information on plant systems/equipment and improvement programs
• Implement plant projects and maintain proper documentation 
• Deal effectively with multiple activities, requests, and emergencies
• Manage scope, design, specification, procurement, installation, startup, debugging, validation, training, and maintenance. 

To this list, most plant engineers would quickly add compliance with all applicable laws and regulations as well as accepted industry standards and practices. 

The primary mission of the plant engineer is to provide optimum plant and equipment facilities to meet the established objective of the business. This can be broken down into these four fundamental activities: 

(1) ensure the reliability of plant and equipment operation; 

(2) optimize maintenance and operating costs; 

(3) satisfy all safety, environmental, and other regulations; and 

(4) provide a strong element of both short term and long-range facilities and equipment planning.’ 

The description still rings true today

Fault Tree for Air Compressor Explosion

 

Goals of risk analysis

 

A risk analysis can have a variety of potential goals:

1.          To screen or bracket a number of risks in order to prioritize them for possible future study

2.          To estimate risk to employees

3.          To estimate risk to the public

4.          To estimate financial risk

5.          To evaluate a range of risk reduction measures

6.          To meet legal or regulatory requirements

7.          To assist in emergency planning

Qualitative Tools for Hazard Analysis

SHEL (Safety, Health, Environmental, and Loss Prevention Reviews) These reviews are performed during design. The purpose of the reviews is to have an outsider’s evaluation of the process and layout from safety, industrial hygiene, environmental, and loss prevention points of view. It is often desirable to combine these reviews to improve the efficiency of the use of time for the reviewers.

Checklists Checklists are simple means of applying experience to designs or situations to ensure that the features appearing in the list are not overlooked. Checklists tend to be general and may not be appropriate to a specific situation. They may not handle adequately the novel design or unusual process.

What-if At each process step, what-if questions are formulated and answered to evaluate the effects of component failures or procedural errors. This technique relies on the experience level of the questioner.

Failure Mode and Effect Analysis (FMEA) This is a systematic study of the causes of failures and their effects. All causes or modes of failure are considered for each element of a system, and then all possible outcomes or effects are recorded. This method is usually used in combination with fault tree analysis, a quantitative technique. FMEA is a complicated procedure, usually carried out by experienced risk analysts.

Cause-Consequence Diagram These diagrams illustrate the causes and consequences of a particular scenario. They are not widely used because, even for simple systems, displaying all causes and outcomes leads to very complex diagrams. Again, this technique is employed by experienced risk analysts.

Reactive Chemicals Reviews The process chemistry is reviewed for evidence of exotherms, shock sensitivity, and other instability, with emphasis on possible exothermic reactions. It is especially important to consider pressure effects—“Pressure blows up people, not temperature!” The purpose of this review is to prevent unexpected and uncontrolled chemical reactions. Reviewers should be knowledgeable people in the 

Industrial Hygiene Reviews These reviews evaluate the potential of a process to cause harm to the health of people. It is the science of the anticipation, recognition, evaluation, and control of health hazards in the environment. It usually deals with chronic, not acute, releases and is involved with toxicity.

Toxicity is the ability to cause biological injury. Toxicity is a property of all materials, even salt, sugar, and water. It is related to dose and the degree of hazard associated with a material. The amount of a dose is both time and duration dependent. Dose is a function of exposure (concentration) and duration and is sometimes expressed as dose = (concentration)n × duration, where n can vary from 1 to 4.

Industrial hygiene deals with hazards caused by chemicals, radiation, and noise. Routes of exposure are through the eyes, by inhalation, by ingestion, and through the skin. An industrial hygiene guide is based on exposures for an 8-hour day, 40-hour week and is to be used as a guide in the control of health hazards. It is not to be used as a fine line between safe and dangerous conditions. Types of controls used include:

• Engineering, such as containment, ventilation, and automation

• Administrative, such as use of remote areas and job rotation

• Protective equipment

HAZOP

HAZOP stands for “hazard and operability studies.” This is a set of formal hazard identification and elimination procedures designed to identify hazards to people, process plants, and the environment. The techniques aim to stimulate in a systematic way the imagination of designers and people who operate plants or equipment so they can identify potential hazards. In effect, HAZOP studies make the assumption that a hazard or operating problem can arise when there is a deviation from the design or operating intention. Corrective actions can then be made before a real accident occurs.

Some studies have shown that a HAZOP study will result in recommendations that are 40 percent safety-related and 60 percent operability-related. HAZOP is far more than a safety tool; a good HAZOP study also results in improved operability of the process or plant, which can mean greater profitability.

The primary goal in performing a HAZOP study is to identify, not analyze or quantify, the hazards in a process. The end product of a study is a list of concerns and recommendations for prevention of the problem, not an analysis of the occurrence, frequency, overall effects, and the definite solution. If HAZOP is started too late in a project, it can lose effectiveness because:

1.               There may be a tendency not to challenge an already existing design.

2.               Changes may come too late, possibly requiring redesign of the process.

3.               There may be loss of operability and design decision data used to generate the design.

HAZOP is a formal procedure that offers a great potential to improve the safety, reliability, and operability of process plants by recognizing and eliminating potential problems at the design stage. It is not limited to the design stage, however. It can be applied anywhere that a design intention (how the part or process is expected to operate) can be defined, such as:

•            Continuous or batch processes being designed or operated

•            Operating procedures

•            Maintenance procedures

•            Mechanical equipment design

•            Critical instrument systems

•            Development of process control computer codeThese studies make use of the combined experience and training of a group of knowledgeable people in a structured setting. Some key concepts are:

•            Intention—defines how the part or process is expected to operate.

•            Guide words—simple words used to qualify the intention in order to guide and stimulate creative thinking and so discover deviations. Table 26-2 describes commonly used guide words.

Deviations—departures from the intention discovered by 

•            Causes—reasons that deviations might occur.

•            Consequences—results of deviations if they occur.

•            Actions—prevention, mitigation, and control —Prevent causes.

—Mitigate the consequence.

—Control actions, e.g., provide alarms to indicate things getting out of control; define control actions to get back into control.

The HAZOP study is not complete until response to actions has been documented. Initial HAZOP planning should establish the management follow-up procedure that will be used.

The guide words can be used on broadly based intentions (see Table 26-2), but when intentions are expressed in fine detail, some restrictions or modifications are necessary for chemical processes, such as:

No flow

Reverse flow

Less flow

More temperature

Less temperature

Composition change

Sampling

Corrosion/erosion

This gives a process plant a specific HAZOP guide-word list with a process variable, plant condition, or an issue.

HAZOP studies may be made on batch as well as continuous processes. For a continuous process, the working document is usually a set of flow sheets or piping and instrument diagrams (P&IDs). Batch processes have another dimension: time. Time is usually not significant with a continuous process that is operating smoothly except during start-up and shutdown, when time will be important and it will resemble a batch process. For batch processes, the working documents consist not only of the flow sheets or P&IDs but also the operating procedures. One method to incorporate this fourth dimension is to use guide words associated with time, such as those described in Table 26-3.

HAZOP studies involve a team, at least some of whom have had experience in the plant design to be studied. These team members apply their expertise to achieve the aims of HAZOP. There are four overall aims to which any HAZOP study should be addressed:

1.               Identify as many deviations as possible from the way the design is expected to work, their causes, and problems associated with these deviations.

2.               Decide whether action is required, and identify ways the problem can be solved.

3.               Identify cases in which a decision cannot be made immediately and decide what information or action is required.

4.               Ensure that required actions are followed through.

The team leader is a key to the success of a HAZOP study and should have adequate training for the job. Proper planning is important to success. The leader is actually a facilitator (a discussion leader and one who keeps the meetings on track) whose facilitating skills are just as important as technical knowledge. The leader outlines the boundaries of the study and ensures that the design intention is clearly understood. The leader applies guide words and encourages the team to discuss causes, consequences, and possible remedial actions for each deviation. Prolonged discussions of how a problem may be solved should be avoided.

Facilities Reviews

 There are many kinds of facilities reviews that are useful in detecting and preventing process safety problems. They include 

1. pre-start-up reviews (before the plant operates),
2. new plant reviews (the plant has started, but is still new), 
3. reviews of existing plants (safety, technology, and operations audits and reviews), 
4. management reviews, 
5. critical instrument reviews, and 
6. hazardous materials transportation reviews.

Knowledge Organization

 INSTITUTIONAL MEMORY

Most accidents do not occur because we do not know how to prevent them but because we do not use the information that is available. The recommendations made after an accident are forgotten when the people involved have left the plant; the procedures they introduced are allowed to lapse, the equipment they installed is no longer used, and the accident happens again. The following actions can prevent or reduce this loss of information.

•             Include a note on “the reason why” in every instruction, code, and standard, and accounts of accidents which would not have occurred if the instruction, code, or standard had been followed.

•             Describe old accidents, as well as recent ones, in safety bulletins and newsletters and discuss them at safety meetings.

•             Follow up at regular intervals (for example, during audits) to see that the recommendations made after accidents are being followed, in design as well as operations.

•             Make sure that recommendations for changes in design are acceptable to the design organization. On each unit keep a memory book, a folder of reports on past accidents, which is compulsory reading for new recruits and which 

•             others dip into from time to time. It should include relevant reports from other companies but should not include cuts and bruises.

•             Never remove equipment before you know why it was installed. Never abandon a procedure before you know why it was adopted.

•             Devise better information retrieval systems so that details of past accidents, in our own and other companies, and the recommendations made afterward are more easily accessible than at present.

•             Include important accidents of the past in the training of young graduates and company employees. 

INCIDENT INVESTIGATION AND HUMAN ERROR

Although most companies investigate accidents (and many investigate dangerous incidents in which no one was injured), these investigations are often superficial, and we fail to learn all the lessons for which we have paid the high price of an accident. The facts are usually recorded correctly, but often only superficial conclusions are drawn from them. Identifying the causes of an accident is like peeling an onion. The outer layers deal with the immediate technical causes and triggering events while the inner layers deal with ways of avoiding the hazard and with the underlying weaknesses in the management system (Kletz, Learning from Accidents, 2d ed., Butterworth-Heinemann, 1994).

Dealing with the immediate technical causes of a leak, for example, will prevent another leak for the same reason. If so little of the hazardous material can be used that leaks do not matter or a safer material can be used instead, as previously discussed, all significant leaks of this hazardous material can be prevented. If the management system can be improved, we may be able to prevent many more accidents of other sorts.

Other points to watch when drawing conclusions from the facts are:

1. Avoid the temptation to list causes we can do little or nothing about. For example, a source of ignition should not be listed as the primary cause of a fire or explosion, as leaks of flammable gases are liable to ignite even though we remove known sources of ignition. The cause is whatever led to the formation of a flammable mixture of gas or vapor and air. (Removal of known sources of ignition should, however, be included in the recommendations.) Similarly, human error should not be listed as a cause. 

2. Do not produce a long list of recommendations without any indication of the relative contributions they will make to the reduction of risk or without any comparison of costs and benefits. Resources are not unlimited and the more we spend on reducing one hazard, the less there is left to spend on reducing others.

3. Avoid the temptation to overreact after an accident and install an excessive amount of protective equipment or complex procedures which are unlikely to be followed after a few years have elapsed. Sometimes an accident occurs because the protective equipment available was not used; nevertheless, the report recommends installation of more protective equipment; or an accident occurs because complex procedures were not followed and the report recommends extra procedures. It would be better to find out why the original equipment was not used or the original procedures were not followed. 

4. Remember that few, if any, accidents have simple causes.

5. When reading an accident report, look for the things that are not said. For example, a gland leak on a liquefied flammable gas pump caught fire and caused considerable damage. The report drew attention to the congested layout, the amount of redundant equipment in the area, the fact that a gearbox casing had been made of aluminum, which melted, and several other unsatisfactory features. It did not stress that there had been a number of gland leaks on this pump over the years, that reliable glands are available for liquefied gases at ambient temperatures, and, therefore, there was no need to have tolerated a leaky pump on this duty.

As another example, a fire was said to have been caused by lightning. The report admitted that the grounding was faulty but did not say when it was last checked, if it was scheduled for regular inspection, if there was a specification for the resistance to earth (ground), if employees understood the need for good grounding, and so on.

6. At one time most accidents were said to be due to human error, and in a sense they all are. If someone—designer, manager, operator, or maintenance worker—had done something differently, the accident would not have occurred. However, to see how managers and supervisors can prevent them, we have to look more closely at what is meant by human error:

a.           Some errors are due to poor training or instructions: someone did not know what to do. It is a management responsibility to provide good training and instructions and avoid instructions that are designed to protect the writer rather than help the reader. However many instructions are written, problems will arise that are not covered, so people—particularly operators—should be trained in flexibility—that is, the ability to diagnose and handle unforeseen situations. If the instructions are hard to follow, can the job be simplified?

b.           Some accidents occur because someone knows what to do but makes a deliberate decision not to do it. If possible the job should be simplified (if the correct method is difficult, an incorrect method will be used); the reasons for the instructions should be explained; checks should be carried out from time to time to see that instructions are being followed; and if they are not, this fact should not be ignored.

c.            Some accidents occur because the job is beyond the physical or mental ability of the person asked to do it—sometimes it is beyond anyone’s ability. The plant design or the method of working should be improved.

d.           The fourth category is the commonest: a momentary slip or lapse of attention. They happen to everyone from time to time and cannot be prevented by telling people to be more careful or telling them to keep their minds on the job. All that can be done is to change the plant design or method of working to remove opportunities for error (or minimize the consequences or provide opportunities for recovery). Whenever possible, user-friendly plants (see above) should be designed which can withstand errors (and equipment failures) without serious effects on safety (and output and efficiency).

Plant Design for Safety—A User-Friendly Approach,

Intensification This involves using so little hazardous material that it does not matter if it all leaks out. For example, at Bhopal, methyl isocyanate (MIC), the material that leaked and killed over 2000 people, was an intermediate for which it was convenient but not essential to store. Within a few years many companies had reduced their stocks of MIC and other hazardous intermediates.

As another example, at one time nitroglycerin (NG) was manufactured in batch reactors containing about a ton of raw materials and product. If the reactor got too hot, there was a devastating explosion. In modern plants, NG is made in a small continuous reactor containing about a kilogram. The severity of an explosion has been reduced a thousandfold, not by adding on protective devices, which might fail or be neglected, but by redesigning the process. The key change was better mixing, achieved not by a better stirrer, which might fail, but by passing one reactant (acid) through a device like a laboratory water pump so that it sucks in the other reactant (glycerin) through a sidearm. If the acid flow stops, the glycerin flow also stops, not through the intervention of a flow controller, which might fail, but as an inevitable result of the laws of physics (Bell, Loss Prevention in the Process Industries, Institution of Chemical Engineers Symposium Series No. 34, 1971, p. 50).

Intensification is the preferred route to inherently safer design, as the plants, being smaller, are also cheaper.

Substitution If intensification is not possible, then an alternative is to consider using a safer material in place of a hazardous one. Thus it may be possible to replace flammable solvents, refrigerants, and heat-transfer media by nonflammable or less flammable (highboiling) ones, hazardous products by safer ones, and processes which use hazardous raw materials or intermediates by processes which do not. As an example of the latter, the product manufactured at Bhopal (carbaryl) was made from three raw materials. Methyl isocyanate is formed as an intermediate. It is possible to react the same raw materials in a different order so that a different and less hazardous intermediate is formed.

Attenuation Another alternative to intensification is attenuation, using a hazardous material under the least hazardous conditions. Thus large quantities of liquefied chlorine, ammonia, and petroleum gas can be stored as refrigerated liquids at atmospheric pressure instead of storing them under pressure at ambient temperature. (Leaks from the refrigeration equipment should also be considered, so there is probably no net gain in refrigerating quantities less than a few hundred tons.) Dyestuffs which form explosive dusts can be handled as slurries.

Process Safety Awareness

1.  Increase of concern due to numbers of accidents involve 
• Gas releases
• Major explosions
• Environmental incidents
2. Hazard of the chemical plant
• Damage & loss of life
• Vapor cloud explosions
• Sudden pressure release
• Static electricity as hidden cause
• Reactive nature of chemical
• Loss of containment due to mechanical failure or miss operation
3. Process Safety Analysis
1. Hazard analysis
2. Risk analysis
3. Guidelines for estimating damage
4. Project review and procedures
4. Safety Devices
1. Pressure relief devices
2. Flame arresters
3. Effluent handling
4. Highly toxic & hazardous chemical handling & storage
5. Hazardous Materials and Conditions
1. Reactive
2. Combustion and flammability hazards
3. Gas explosions
4. Unconfined vapor explosions (UVCEs) and Boiling Liquid Evaporating Vapor Explosions (BLEVEs)
5. Dust explosions
6. Static electricity
7. Hazards of vacuum
8. Hazard of Inert Gases
9. Gas Dispersion
10. Discharge rates from punctures lines and vessels