HAZOP (IEC 61882,), SIL (IEC 61511; IEC 61508), LOPA, fault tree and event tree analysis

The Hazard and Operability (HAZOP) technique is suitable for identifying deviations of system states and the underlying causes from the originally planned operations, which may cause further consequences to the plant or technology being investigated. HAZOP analysis is an internationally recognized method to be used in accordance with IEC 61882. HAZOP-based risk assessment identifies potential dangers and operational problems. The assessment is supported by equipment specifications, operating instructions, process descriptions and relevant P & Is. The assessment requires the involvement of a multidisciplinary team, where members know the technique of HAZOP analysis and have detailed knowledge of the design, operation and maintenance of the facility, regarding special areas, e.g. general-, electrical- and control engineering.

SIL (Safety Integrity Levels) means classifying defense (technical) elements with a safety function as defined by the IEC 61511 statute series. Different quantitative, semi-quantitative and qualitative procedures can be used to categorize into SIL:

• Risk graph;
• Consequence-based classification;
• Modified HAZOP (HAZard and OPerability) study;
• Safety Layer Matrix (SLM);
• Layers of Protection Analysis (LOPA).

The LOPA (Layer of Protection Analysis) calculation is a method for analyzing defense (technical) levels, according to the IEC 61511 standard. LOPA is a semi-quantitative risk assessment method that uses an order of magnitude estimation to determine the risks of selected hazardous event chains. As a semi-quantitative process, it needs numeric input values such as event frequencies and error probabilities that are necessary for conservative estimation of risks. Based on the results of the HAZOP analysis carried out, the estimated risk value of the LOPA calculation is compared with the tolerable risk value approved by the operator. The tolerable frequency value represents the tolerable rate of the occurrence of the given serious consequence (number of years, where the average eventual occurrence of an event is acceptable by the operator).

The risk graph approach is a method for analyzing defense (technical) levels, also regulated in the IEC 61511 standard. As a qualitative procedure, it needs numerical input values such as the extent of the event, the frequency and duration of the event, the likelihood to avoid danger and the efficiency factor (likelihood of unwanted occurrence) that are necessary for the conservative estimate of the risks.

Fault tree and event tree analysis

The error tree describes the logical connection of elemental error events that compromise the performance of a given system (Boolean algebra symbols) in graphical form.

Fault tree analysis is a process using a deductive model, where the assumed "faulty" system state and the evolving, contributing components are determined. Fault tree analysis is a tool for quantifying the probability of a peak event defined in the event tree. 

Event trees describe the consequences of initial events in a logically structured graphical form, showing the junctions representing the success or failure of intervention of the given systems, meaning the totality of the chain events.

The event tree process uses an inductive model, where a qualitative representation of the protecting functions triggered by a suspected initial event is provided.

The event tree analysis is a tool for quantifying the frequency of an accident scene.