Advanced process control system with MPC as a new approach for layer of protection analysis

Layer of protection analysis (LOPA) is a widely used method to support process safety in the chemical industries. In the LOPA, the process is classified into many layers, one of such layers considers the basic process control system (BPCS) which commonly uses PID controllers. This kind of controllers cannot deal with constraints. For this reason, the main purpose of this work is to provide a framework to enhance the control layer in the LOPA, which consists of a model predictive control (MPC) with safety features. These features include: sublayers in the controller system (such as real time optimization, target calculation, and MPC), safety constraints, and guarantee of stability by adopting an Infinite Horizon MPC (IHMPC). Here, we propose an approach for control-inspired view to process safety, replacing the BPCS by an Advanced Process Control System (APCS). Moving forward with these concepts, first, a literature review emphasizes the content, showing two perspectives for the APCS. The APCS is designed for two varieties of controllers, a basic IHMPC and IHMPC with zone control to compare the performance. In this framework, the first sublayer consists of a real time optimization (RTO) structure, that calculates the optimal operating condition for the process controller, which computes the control action. Besides, RTO has an additional constraint called the safety index, based on the protection of process operational. RTO and basic IHMPC communicate directly, while for IHMPC with zone control there is an inner sublayer called Target Calculation, it computes a feasible target to the controller, working as another safety strategy in APCS. After that, we demonstrate both structures applied to a CSTR reactor. From the case study, we compared both controllers, and evaluated the effect that the safety index constraint causes in the setpoints, outputs, and control actions. The use of safety constraint in RTO proved to be a safe strategy for the control layer, as well as IHMPC with zone control presented a safer profile than basic IHMPC. Furthermore, the results show that safety constraint affect the economic goal, decreasing its value.     

基于系统理论事故模型与过程的危险性分析方法

传统危险性分析方法将事故视为开始事件诱发的一连串事件所造成的不幸后果,适于处理相对简单或由物理组件构成的系统,但无法胜 任较为复杂的社会技术系统,有必要研究和探索推广性更好、更为有效的系统安全分析手段。系统理论事故模型与过程（STAMP）将安全视为系 统组件间交互的一种涌现特性,并认为事故起因除了组件失效,组件间交互失常而违背安全约束也是重要诱因。主张在系统开发、设计和运行 中通过加强控制和强化有关安全约束来预防事故。基于此,先引入了STAMP的基本概念,并介绍了其分析步骤,然后,以贴近真实的导弹拦截系 统危险性分析案例,阐述了基于STAMP的分析过程。该分析方法可为开发较高安全性水平的社会技术系统提供技术支持。     

An integrated safety management with construction management using 4D CAD model

This paper describes an integrated system for safety and construction management using the 4D CAD model. Safety is integrated with the construction management process throughout design, planning and control phases. Design information about building components and planning information about activities has been gathered to formulate the 4D CAD model. The rule-based system analyzes this combined information to automatically detect any working-at-height hazards and also indicates necessary safety measures in terms of activities and requirements. These safety measures are inserted into the construction schedule and visualized on the 4D CAD together with the other construction sequences. A prototype is developed and verified with a project case study. The results show that the developed system can be a collaboration tool for designers, project engineers, safety officers, and other project participants. It can raise safety awareness of the team and it leads to revisions of design and plan to be consistent with safety. Safety measures are apparently on the schedule; therefore, right resources are allocated, safety constraints are considered and alleviated ahead of time, and the safety control can explicitly refer to as well. This contributes to the success of safety management in the construction industry.     

中国民航行业可接受的安全水平研究

中国民航局提出持续安全理念,并正在制定国家航空安全方案,推动行业安全管理由目前基于规章符合性的安全监管逐渐转向规章符合性基础上的安全绩效监管,其中一项重要的工作是设定中国民航业可接受的安全水平,来衡量民航业是否满足持续改进安全的目标的要求。本文根据国际民航组织对可接受安全水平的设定指南,同时参考国外民航常用的事故指标,设计了一套中国民航行业可接受安全水平的指标体系,该指标体系包括安全评估指标、安全绩效评估指标和安全指数三层,并对该指标体系内事故率指标和事故征候率指标设定了未来10年的目标值。该指标体系及其目标值的设定不仅可作为衡量民航是否持续安全的标准,也可为航空运输企业设定自身的安全绩效考核指标提供参考。     

Safety is an inherently inconsistent concept

Some basic principles for philosophical definition work are introduced and then applied to safety and related concepts. Definitions are provided first for comparative safety concepts such as “safer than” and then for the monadic “safe”. It is shown that “safe” is an inherently inconsistent concept, i.e. it cannot be restored to consistency without giving up what we perceive as some of its central elements. The reason for this is that both absolute and relative conceptions of safety are entrenched in common usage of the term. In order to avoid the inconsistency a strategy of terminological ramification is proposed: We should distinguish between the two concepts “reasonably safe” and “absolutely safe”. Any usage of “safe” or “safety” simpliciter should be seen as an abbreviated reference to one of these two closely related, remarkably confusable, but still unmergable concepts.     

Approach enhancing inherent safety application in onshore LNG plant design

This study aims to provide the approach for inherent safety design of onshore LNG plants to be applied at the very early stages (concept definition phase) of the project development. Onshore LNG plant development project starts from the “Concept Definition” phase, where financial feasibility is estimated and major conditions, such as site location and plant foot print, are set.The inherent safety design basic criteria and design measures should be identified and selected when setting the basic conditions during the Concept Definition phase of the project development, such as the site location (relative location from populated areas), site condition (prevailing wind direction) and plant production capacity (number of process train, number of product tanks). The safety measures, which are usually not fully developed at the project early stages in the current design execution practices, are the emergency systems, which mitigate an accident escalation, the modularized plant and layout, and the tank selection.The inherent safety design measures discusses in this paper were identified based on the categories of plot plan, emergency system, and module plant application.The proposed approach will contribute to improve inherent safety design of onshore LNG plants and it will also yield schedule and cost benefits.     

Situational awareness and safety

This paper considers the applicability of situation awareness concepts to safety in the control of complex systems. Much of the research to date has been conducted in aviation, which has obvious safety implications. It is argued that the concepts could be extended to other safety critical domains. The paper presents three theories of situational awareness: the three-level model, the interactive sub-systems approach, and the perceptual cycle. The difference between these theories is the extent to which they emphasise process or product as indicative of situational awareness. Some data from other studies are discussed to consider the negative effects of losing situational awareness, as this has serious safety implications. Finally, the application of situational awareness to system design, and training are presented.     

Risk reduction concept to provide design criteria for Emergency Systems for onshore LNG plants

The functional safety requirement is widely applied in the process plant industry in accordance with the international standards, such as IEC and ISA. The requirement is defined as safety integrity level (SIL) based on the risk reduction concept for protection layers, from original process risk to tolerable risk level. Although the standards specify both, the Prevention System and the Emergency System, as level of protection layers, the standards specify in detail only the use of the Prevention System (i.e., Safety Instrumented System (SIS)). The safety integrity level is not commonly allocated to the Emergency System (e.g., Fire and Gas System, Emergency Shutdown System and Emergency Depressuring System). This is because the required risk reduction can be normally achieved by only the Prevention System (i.e., SIS and Pressure Safety Valve (PSV)). Further, the risk reduction level for the Emergency System is very difficult to be quantified by the actual SIL application (i.e., evaluated based on the single accident scenario, such as an accident from process control deviation), since the escalation scenarios after Loss of Containment (LOC) greatly vary depending on the plant design and equipment. Consequently, there are no clear criteria for evaluating the Emergency System design. This paper aims to provide the functional safety requirement (i.e., required risk reduction level based on IEC 61508 and 61511) as design criteria for the Emergency System.In order to provide clear criteria for the Emergency System evaluation, a risk reduction concept integrated with public’s perception of acceptable risk criteria is proposed and is applied to identify the required safety integrity level for the Emergency System design. Further, to verify the safety integrity levels for the Emergency Systems, the probabilistic model of the Emergency Systems was established considering each Emergency System (e.g., Fire and Gas System, Emergency Shutdown System and Emergency Depressuring System) relation as the Overall Emergency System. This is because the Overall Emergency System can achieve its goal by the combined action of each individual system, including inherent safe design, such as separation distance.The proposed approach applicability was verified by conducting a case study using actual onshore Liquefied Natural Gas Plant data. Further, the design criteria for Emergency Systems for LNG plants are also evaluated by sensitivity analysis.     

Design support for the systematic integration of risk reduction into early chemical process design

Design for safety in the chemical industry is becoming a more explicit and well-organised process. However, it requires additional support tools to enable designers to pay attention to safety from the earliest conceptual design stage and through the subsequent detailing and to design more cost-effectively. This paper presents a more explicit approach called design for safety (DfS), which links with approaches already in use, such as layers of protection approach (LOPA). The method consists of two elements, a technology management environment (TME) aimed at supporting the interaction between the many contributors to safe design and a safety modelling language (SML). This provides a rigorous object-oriented language for conceptualising the requirements for risk control (barriers) and analysing their vulnerability to degradation or attack by other system elements or conditions. The method provides a focus for organising and applying existing knowledge about risk control and systematically learning from new knowledge to be gathered and supplied in supporting databases.     

A risk-based approach to design warning system for processing facilities

Alarm flooding is a major safety issue in today's processing facilities. Important recommendations are available for alarm management; however, they are often violated in practice, especially in the alarm systems implemented through the distributed control system. An effective process alarm prioritization and management system is desired for a safe and effective operation of a process facility.In present work, authors address two main issues related to an alarm system – the reliability and the prioritization of the alarms. The main objective is to deal with the alarm-flooding problem in process facilities. A multi alert voting system based on sensor redundancy approach is proposed to improve the reliability. A quantitative risk-based alarm management approach is proposed to address the flooding issue. In the risk-based approach, an integrated model consisting of the probability (P), the impact (I) of the potential hazards, and the process safety time is proposed to prioritize these raised alarms.The proposed approach is further explained by a reactor system with pressure and temperature variable monitoring and controls, where the hazards associated with two alerts caused by over high pressure and over high temperature are analyzed and integrated with response time for alarms generation and prioritization.     

利用模糊集理论评价公路客运站安全管理工作

利用模糊集理论建立一种模糊综合评价方法来评价交通运输系统内部的公路客运站安全管理工作。分别通过评价语言变量和权重语言变量将评价指标体系的定性指标和定量指标及权重全部转化成三角形模糊数,克服定性与定量指标不具有可比性的缺点,使评价更客观、精确。基于最优度概念,将权重模糊评价矩阵转化成模糊单一评价矩阵,避免传统模糊数之间比较的复杂性和不精确性。考虑到评价者在模糊评价环境下对风险的态度,将乐观系数引入评价的过程。采用TOPSIS方法计算出评价方案的综合评价分数并进行排序。结合桂林市10个客运站安全管理工作评价实例,通过改变权重值对评价结果进行敏感性分析。方法概念清晰,计算过程直观与简单,评价结果公正与合理,不但可在交通系统内推广,同样也可适合于其他各领域模糊环境下的评价问题。     

铁路提速列车技术安全监测系统评价方法研究

铁路安全保障系统是一个复杂系统 ,应具有线路维修、区域安全运行、日常和临时限速命令的控制、车站地面设备与机车上司机的信息传达、列车运行调车监督等功能。铁路提速列车的安全技术监督系统既要兼顾既有系统的技术、设备 ,又要按照列车提速的技术要求进行标准化、计量化、质量等方面信息和功能设计 ,因此 ,笔者给出一种根据实时动态跟踪数据对提速列车的设备进行评价和预警分析属性评价方法。通过快速数据采集处理系统获取列车安全的重要参数 ;构造每个参数等级标准属性函数 ,计算出多参数综合属性 ,给出运行系统安全状态属性识别的综合评价结果 ,并以机车安全属性为例进行说明。     

安全信息学视域下安全舆情演化及引导策略研究*

为正确引导和控制负面安全舆情,基于安全信息学与舆情理论,利用事故树分析方法研究安全舆情演化过程,计算负面安全舆情最小割集、最小径集和结构重要度,提出安全舆情引导方法。结果表明:利用最小割集得到负面安全舆情产生原因组合,利用最小径集得到避免负面安全舆情产生最低限度事件组合,通过结构重要度得到系统改进重点及优化顺序;在事故树中增加安全舆情审核和引导组织、安全事件亲自确认、专业意见领袖3个最小径集,以期减少负面安全舆情,促进公共安全。     

Simulation-based approach to design of inherently safer processes

Safety of chemical processes and plants is a matter of high priority. The design of an inherently safer process is one of very beneficial ways of achieving this goal.The paper describes the method of designing an inherently safer process for a chosen set of equipment and materials involved by applying non-linear optimization. The optimization is aimed at finding an operational mode, which guarantees safety of the process under normal conditions and provides maximal attainable safety in case of one typical accident scenario – cooling failure. Discussion covers problem statement, choice of the optimization criteria, appropriate methods for defining control variables.An important practical challenge is stability analysis of the optimized process mode with respect to permissible deviations of control parameters and variables from the estimated values. The original method for the stability analysis of a non-stationary process is proposed. It comprises simplified preliminary evaluation method followed by the more detailed numerical optimization-based analysis.Several examples illustrate application of the methods proposed.     

The effect of a participative product design process on user performance

The use of hand tools can lead to accidents, overexertion injuries and discomfort. So, there is certainly room for better-designed hand tools, especially hand tools that contribute to better performance. In the literature, the benefits of a participative product design approach are clearly shown. However, the effect of this approach is hardly ever measured at the hand tool performance level.The goal of this project was to study the effect of a participative product design process on indicators of health, performance and comfort.Two sets of screwdrivers were tested. One set was developed by a participative product design approach and the control by a traditional approach.The study indicates positive effects of the participative approach. Some indicators for health and safety (discomfort in the hand and blisters) were significantly better for the test set compared with the control set. The effect on productivity is clearly shown (16% higher productivity) and the positive effects on comfort are also shown.It is discussed that it is plausible that in the long run some of the effects found in this study would still be seen under real working conditions, but long-term effects on health and safety still need to be studied.     

ALOHA在危险品公路运输应急决策支持系统中的应用

危险品道路运输量逐年增加,运输过程中一旦发生泄漏就会给人类安全健康、自然环境和社会带来巨大的危害.提出了危险品运输应急支持系统的设计构想,并从决策支持系统(DSS)中数据库和模型库两方面进行了分析,同时利用ALOHA和ArcGIS初步实现了系统的功能,为应急辅助决策提供一定的指导.     

残矿回采地压安全预警系统的构建方法与应用研究

为提高矿山的安全生产水平,针对地下矿山复杂环境下残矿回采过程潜在的安全问题,并基于安全系统工程的观点与粗糙集理论的属性约简功能,提出残矿回采地压安全预警系统的构成内容与构建流程,建立地压监测数据的神经网络灰色Verhulst算法组合预测模型和安全评价模型。据此,构建国内某矿山残矿回采中段的地压安全预警系统,该地压安全预警系统为本矿山的残矿回采过程提供了安全保障。残矿回采地压安全预警系统能指导矿山循序渐进的构建符合残采系统工程实际的安全预警系统。     

An approach for domino effect reduction based on optimal layouts

An approach to reduce the probability of producing a domino effect in process industry is developed in this work. It is assumed that optimal layouts should include appropriate analysis to reduce risk during the process design stage. The model developed for this approach combines the estimation of probability of damage due to overpressure, proposed by Mingguang and Juncheng (2008), and escalation threshold values defined by Cozzani, Gubinelli, and Salzano (2006). These equations are combined with other typical layout constraints as well as bounding the probability constraint, which has resulted in a highly non-linear MINLP problem. Solving a case study used by other authors provides evidence for reliability of the developed approach. In this way, layouts are designed to reduce the escalation probability yielding safe distributions.     

Method for identifying errors in chemical process development and design base on accidents knowledge

It has been claimed that the high accident rate in the chemical process industry is due to poor dissemination of accident knowledge that affects directly the level of learning from accidents. In response to this situation, this paper utilized past accident knowledge as a basis to develop a safety oriented design tool whereby the accident information were directly disseminated into plant design. The method was developed based on our previous accident analysis of design error in which the common design errors were ranked in accordance to their frequency and its origins during normal plant design project. Based on the design error ranking and its origin at a specific design phases, a method for design error detection is proposed. The method is expected to be able to identify the possible design error and its causes throughout chemical process development and design. The main objective is to trigger safe design thinking at the specific design phases so that appropriate action for risk reduction could be timely implemented. The Bhopal and BP Texas tragedies are used as case studies to test and verify the method. The proposed method can detect up to 74% of design errors.