CP5101 Process Plant Safety & Engineering Ethics – Key Concepts: LOPA, SIS, PRS, Fire & Explosions, HAZOP, Bow-Tie, FTA, and Risk Management

A comprehensive set of practice flashcards covering LOPA, IPLs, BPCS, SIS, PRS, pressure relief terminology, relie f device types and sizing, fires, explosions, HAZOP, Bow-Tie, FTA, PSEs, risk management concepts (ALARP, FAR, risk matrix), and related safety engineering concepts from CP5101.

What does LOPA stand for and what is its primary purpose in process safety?

Layer of Protection Analysis; its primary purpose is to identify and quantify the required protection layers to achieve an acceptable risk for a specific accident scenario and determine the level of risk reduction needed.

Name the Independent Protection Layers (IPL) commonly depicted in a LOPA diagram.

Basic Process Control System (BPCS), Alarms and Operator Intervention, Safety Instrumented System (SIS), and Pressure Relief System (PRS).

What is the basic difference between Prevention and Mitigation layers in LOPA?

Prevention layers aim to stop the hazardous event from occurring (e.g., BPCS, plant design, alarms); Mitigation layers reduce the consequences after an event occurs (e.g., fire/gas systems, containments, evacuation procedures, PRS).

What is the role of the Basic Process Control System (BPCS) in safety architecture?

BPCS keeps process variables within safe operating bounds and is designed to be independent of the safety system; it is part of the prevention layers in LOPA.

What is a Safety Instrumented System (SIS) and what are its three typical elements?

An independent safety system designed to take the process to a safe state when required; three elements are Sensors, Logic Solver, and Final Element.

What is a Pressure Relief System (PRS) and why is it needed?

A system designed to relieve pressure (or vacuum) to prevent overpressure, protect personnel and equipment, minimize chemical losses, and comply with regulations.

Define MAWP and design pressure in the context of pressure relief.

MAWP (Maximum Allowable Working Pressure) is the maximum gauge pressure allowed in a vessel; Design pressure is the pressure used for the vessel’s design basis, often aligned with MAWP.

What do Set Pressure, Overpressure, and Relieving Pressure mean for a pressure relief device?

Set Pressure is where the device starts to relieve; Overpressure is the rise above the set pressure during relief; Relieving Pressure is the actual pressure maintained while relieving (Set Pressure + Overpressure).

What is Back-Pressure in relief systems?

The pressure at the outlet of the relief device during relieving, caused by pressure in the discharge system.

Differentiate a Safety Valve, a Relief Valve, and a Safety Relief Valve.

Safety Valve: used for gases; opens at set pressure and reseats after a small blowdown. Relief Valve: used for liquids; opens at set pressure and fully relieves with some overpressure; reseats as pressure returns. Safety Relief Valve: handles both liquids and gases, combining features of safety and relief functions.

What is a Rupture Disc and how is it used in relief systems?

A disc that ruptures at a specified relief set pressure to provide overpressure protection, often used in series or parallel with spring-operated PRVs.

Explain Pilot-Operated Pressure Relief Valves (PRVs).

A pilot valve senses system pressure and, when the pilot reaches its set pressure, it opens and releases pressure to allow the main valve to open; the main valve reseats when inlet pressure drops below the set pressure.

What are the main steps in Relief Design Methodology?

Define Protected System → Locate Relief Devices → Define Overpressure Scenarios → Choose Relief Device Types → Acquire Data → Determine Two-Phase Flow (if needed) → Specify Design Basis → Design Relief System.

List some typical locations where relief devices are required (based on general guidelines).

All vessels require overpressure protection; low-pressure storage tanks need relief for normal operation; positive-displacement pumps require discharge-side relief; piping segments with thermal expansion or risk of overpressure; vessel jackets typically require protection.

What is a worst-case relief scenario and why is it important?

The scenario requiring the largest relief vent area; used to size the relief system to handle the maximum required relief to prevent overpressure.

Name four components of a total containment relief system arrangement.

Knockout drums, Flare, Scrubbers (Absorbers), Condensers (and related post-treatment equipment) and possibly a water deluge/fire protection network.

What is a Knockout Drum in relief systems used for?

A vapour-liquid separator and hold-up vessel to separate liquids from relieved vapours before treatment or discharge.

What purpose do Flare, Scrubbers, and Condensers serve in relief systems?

Flare burns off combustible relief gases; Scrubbers remove toxic components from relief vapours; Condensers condense vapours back to liquid for recovery or reuse.

What are Fire and Explosion hazards covered in CP5101, and what key explosion types are discussed?

Fires and explosions; Vapour Cloud Explosions (VCE), Boiling Liquid Expanding Vapour Explosions (BLEVE), and Dust Explosions.

State the Fire Triangle and how to extinguish a fire.

Fuel, Oxygen, and Heat are the three elements; removing any one of them stops the fire.

What is the Fire Tetrahedron and its four elements?

Fuel, Oxygen, Heat, and Chemical Chain Reaction; all four are required for sustained fire; removing any one element can extinguish the fire.

List common ignition sources to control to prevent fires in plants.

Exposed flames, welding/cutting, hot surfaces, friction, electrical equipment, static electricity, pyrophoric materials, cigarettes/lighters.

What is meant by inert gas blanketing and when is it used?

Filling a vessel or space with an inert gas (e.g., N2, CO2) to prevent flammable mixtures from forming; used to reduce fire risk for flammable liquids and vapours.

What are the main fire extinguishing agents and when are they used?

Water spray for Class A (solids); Foam, Dry Powder, CO2 for Liquids (Class B) or mixed; Vaporizing liquids for Type I flammable liquids; non-conducting agents like CO2 or dry powder for Class C (electrical) fires; Dry powder for Class D (metal) fires.

Name some key fire prevention controls in plant layout and design.

Proper plant layout separating hazards from ignition sources; firefighting facilities; containment (dikes/bunds); wind analysis and dispersion planning; water spray systems; fireproofing; flame arrestors.

What is a Bow-Tie analysis, and what are its main components?

Qualitative risk assessment method showing an unwanted event (top event), threats leading to it, preventative controls (barriers), consequences, and mitigative/recovery barriers with escalation factors and controls.

Differentiate Prevention Barriers and Recovery/Mitigation Barriers in a Bow-Tie diagram.

Prevention barriers stop the threat from causing the top event (hardware or activities); Recovery/Mitigation barriers reduce or control consequences after the top event occurs (e.g., gas detection, deluge, emergency response).

What are Critical Equipment (CE) barriers and Critical Activities (CA) in Bow-Tie analysis?

CE barriers are hardware-based controls (e.g., relief valves, NRVs, IPF, alarms); CA barriers are human actions or procedures (e.g., inspections, maintenance, safe work practices) used to maintain barrier effectiveness.

What is the Swiss Cheese Model in accident causation?

An analogy where multiple safety barriers (slices of cheese) have holes (weaknesses) that can align and allow an accident to occur; dynamic and latent/active weaknesses require multiple layers to prevent propagation.

Explain how LOPA layers are arranged in the Swiss Cheese Model (the typical order of the layers).

From left to right: Basic Process Control System (BPCS), Alarms/Operator Intervention, Safety Instrumented System (SIS), Pressure Relief System (PRS) are arranged such that failure of all layers could lead to a hazard; the model emphasizes defense-in-depth.

What is Fault Tree Analysis (FTA) and what are its basic components?

A quantitative risk analysis method using a logic tree to show how basic and intermediate events combine through AND/OR gates to produce a Top Event; includes Hazard Rate, Failure Rate, MTBF, and probabilities.

Differentiate Series and Parallel interactions in fault trees or reliability modeling.

Series (OR gate): hazard occurs if any one component fails; overall reliability r = rA × rB; Parallel (AND gate): hazard occurs only if all components fail; overall failure f = fA × fB.

What is MTBF and how is it related to failure rate F?

Mean Time Between Failures; MTBF is the reciprocal of the failure rate (MTBF = 1/F) for a constant failure rate assumption.

What is a Process Safety Event (PSE) and its key elements?

An unplanned loss of containment or hazardous energy release leading to undesired consequences; elements include Process Hazard, Initiating Event, Intermediate Event, and Incident Outcome.

Define Hazard and Risk in the CP5101 context.

Hazard is an inherent characteristic with potential harm; Risk is the combination of probability of harm and its severity (Risk = Probability × Severity).

What is ALARP and how are risks categorized in its framework?

ALARP stands for As Low As Reasonably Practicable; risks are categorized as Negligible, Tolerable, or Unacceptable, guiding whether risk reduction is needed and at what level.

Explain the Singapore Risk Matrix concept for risk prioritization (RPN).

A matrix combining Likelihood (L) and Severity (S) levels to produce a Risk Priority Number (RPN = S × L); used to categorize risk as Low, Medium, or High and guide controls.

What is the hierarchy of risk controls in ALARP practice?

Elimination, Substitution, Engineering Controls, Administrative Controls, Personal Protective Equipment (PPE); applied in that order to reduce risk.

What is the difference between Revealed and Unrevealed Failures in SIS vs BPCS?

Revealed failures are obvious to operators (e.g., BPCS valve failure); Unrevealed failures occur on demand and may not be obvious (e.g., SIS failing when needed but not observed).

What is the role of HAZOP in process safety analysis?

HAZOP is a qualitative, systematic technique to identify deviations from design intent using guide words, assess causes and consequences, and determine actions to prevent or mitigate hazards.

List typical HAZOP team roles and responsibilities.

HAZOP facilitator (leads study), HAZOP scribe (records and reports), team members from process engineering, operations, instrumentation, electrical, maintenance, safety, and other disciplines.

What PSI (Process Safety Information) items are used in HAZOP?

P&IDs, PFDs, material and process limits (pressure, temp, flow, concentration), kinetics, SDS, safe work procedures, emergency plans, codes/standards, relief design basis, fire protection design basis, etc.

Outline the basic HAZOP procedure steps.

Divide the plant into study nodes; select design parameters; apply guide words to generate deviations; identify causes and consequences; check existing safeguards; propose actions; assess ALARP; document results.

What is a HAZOP Worksheet and what are its typical sections?

A structured form listing Design Parameter, Guide Word, Deviation, Causes, Consequences, Existing Safeguards, Recommended Actions and Responsible parties.

What is Bow-Tie Analysis used for in risk management?

A qualitative risk tool used to define hazards, causes, consequences, and the barriers controls (prevention and recovery) that prevent escalation and mitigate outcomes.

What are the key components of a Bow-Tie diagram (as shown in CP5101)?

Top Event, Threats (left side), Prevention Barriers, Consequences (right side), Recovery Barriers, Escalation Factors, and Controls.

How do CE (Critical Equipment) barriers differ from CA (Critical Activity) barriers in Bow-Tie analysis?

CE barriers are hardware-based protections; CA barriers are human actions or procedures that ensure barriers stay effective.

What are some common CE barriers listed in CP5101?

Relief valves, rupture discs, non-return valves, instrumented protective functions (IPF), alarm systems, pump seals, gas detectors.

Why is the Wind/Plot Plan layout considered in explosion prevention and mitigation?

To site equipment so dispersion of vapours is carried away from ignition sources and vulnerable areas, reducing the risk and consequence of releases.

Define FTA’s top event and how to construct a fault tree.

Top Event is the hazardous outcome of interest; construct the tree downward using AND/OR gates to show how basic/intermediate events combine to cause the top event, then quantify.

What are the limitations of Fault Tree Analysis (FTA)?

Fault trees can become extremely large and complex; hard to ensure all failure modes are included; assumes hard failures with clear branches; results can vary with different inputs.

What is the difference between a VCE and BLEVE?

Vapour Cloud Explosion (VCE) is an unconfined explosion in open air; BLEVE is a Boiling Liquid Expanding Vapour Explosion, typically confined and involves a vessel rupture with violent venting and explosion.

What is a Dust Explosion and its key features?

Explosion due to dispersed combustible dust in air; requires fuel, oxygen, ignition source, dispersion, and confinement; common in industries like food, plastics, and metals.

What strategies are included under Fire Prevention?

Eliminate ignition sources, ground all equipment to prevent static, reduce flammable inventories, inert gas blanketing, proper process design to minimize fire risk.

Explain the difference between LOPA and ALARP in risk reduction.

LOPA evaluates whether enough protection layers exist and determines required risk reduction; ALARP is a broader principle for reducing risk to as low as reasonably practicable with cost-benefit judgments.

What are typical indicators used to monitor safety performance in Singapore and the UK (FAR, accident rates)?

Fatal Accident Rate (FAR) and various workplace accident metrics (injury rates, frequency rates, severity rates) are used to benchmark safety performance against targets.

What is the purpose of a Safety Integrity Level (SIS) and how does it relate to IEC 61511/S84?

SIS defines safety-related functions and their required performance; IEC 61511 (S84) provides lifecycle standards for safety instrumented systems in process industries.

What is the role of P&ID in the context of SIS and BPCS integration?

P&IDs show how sensors, logic solvers, and final elements are wired in SIS and how BPCS loops operate independently; diagrams illustrate independent protection layers and instrument interlocks.

Describe a simple SIS shutdown sequence (conceptual).

A high-level sequence where a sensor detects a fault, the logic solver determines an unsafe condition, and a final element (e.g., valve) acts to bring the process to a safe state, while allowing reset after conditions are restored.

What factors influence relief device sizing and why is data from API RP 520 important?

Flow type (liquid, vapour, two-phase), backpressure, set pressure, fluid properties (specific gravity, viscosity, molecular weight), and overpressure; API RP 520 provides standard sizing equations and coefficients.

What corrections do Kv and Kp provide in relief sizing equations?

Kv (viscosity correction factor) accounts for liquid viscosity effects on flow; Kp (overpressure correction factor) accounts for reductions in relief area due to overpressure effects.

What is backpressure correction factor Kb for vapour/gas relief sizing and when is it used?

Kb adjusts the required relief area to account for backpressure in the discharge line; used in conventional vapour/gas service sizing equations.

Explain the difference between a conventional spring-operated relief valve and a balanced bellows valve.

Conventional spring-operated relief valves can be affected by backpressure increasing the set pressure; Balanced bellows designs minimize backpressure effects, maintaining consistent set pressure.

What is a 5x5 risk matrix and how is it used in CP5101?

A grid mapping Likelihood (Rare to Almost Certain) against Severity (Negligible to Catastrophic) to categorize risk levels (Low, Medium, High) and prioritize risk controls.

What is the purpose of the 'Management of Change' (MOC) in relation to barriers and risk controls?

MOC ensures changes to processes, equipment, or procedures do not undermine existing barriers and risk controls by evaluating impacts and obtaining necessary approvals.

How does the CP5101 text suggest handling cost-benefit decisions in ALARP?

If the cost of the unwanted scenario exceeds the cost of improvement, the risk reduction is justified; otherwise, continue to seek cost-effective risk reduction to achieve ALARP.

What is a PSE initiation chain with examples of initiating events?

A Process Safety Event begins with a hazard; initiating events include process upsets, loss of utilities, runaway reactions, equipment failures, human error, management failures, containment failures, and external events.

Name a few common PSI (Process Safety Information) items used in HAZOP.

P&IDs, PFDs, process limits (pressure, temperature, flow), materials data, kinetics, SDS, safe work procedures, emergency response plans, codes/standards, relief design basis, fire protection design basis.

What is the practical purpose of a HAZOP study report?

To document hazards identified, safeguards, recommendations, implementation timetable, participants, and the basis for ALARP decisions to guide action and accountability.