The safety and security of process facilities are an important part of a company’s operations. Worldwide petrochemical safety regulations, international security threats, and a company’s own PSM policies require that a hazard identification, process safety, and security analysis review of its existing and proposed operations be accomplished.

The worldwide petroleum and chemical insurance market estimates for the period 1993–2013 that there have been about 1,100 major insurance claims (i.e., major incidents), amounting to approximately $32 billion (for property damage and business interruption). Their analysis estimates that the worldwide risk has been constant over this period, that is, the average frequency and cost impact has been a constant trend, neither decreasing nor increasing. This equates on average to 110 losses totaling $2–3 billion per year. Additionally, these losses would fit a traditional loss incident ratio triangle (see Figure 1.1) with an ever-increasing number of losses as the magnitudes of the losses decrease (i.e., as the steps in the triangle widen).

Today, new projects are in the region of $50+ billion, which equates to the Deepwater Horizon incident loss (April 20, 2010), and the potential for even larger losses from a single incident is still a possibility. The industry must do more to prevent these incidents and improve safety so that this trend decreases.

Most incidents occur during periods of nontypical operations, such as maintenance activities, startup or shutdown, and drilling activities. This is when more attention, knowledge, and experience are required from personnel to safely manage the facility. Therefore, special attention needs to be applied to circumstances that are out of the normal operating mode of processes.

The limits of hazardous substances cited by both the US Occupational Safety and Health Administration (OSHA) and the Environmental Protection Agency (EPA) regulations dictate the application of PSM elements at almost all of a company’s facilities. These reviews are intended to reduce the probability and consequences of a major incident that would have a detrimental impact on employees, the public’s well-being, onsite or offsite properties, the environment, and most importantly to the company itself, its continued business operation and survival. It should also be noted that there may be a general adverse public reaction and therefore a company’s reputation may suffer. Hazard identification and process analysis reviews are not intended to identify the minor “slips, trips, or falls”; these are the responsibility of the company’s general safety requirements and can be analyzed with other tools (for example, Job Safety Analysis (JSA)).

In March 2003, the United States implemented Operation Liberty Shield to increase readiness and security in the United States, primarily due to international threats from nongovernment affiliated, self-motivated political and religious groups. One objective of this operation was to implement comprehensive process security management programs into existing OSHA, EPA, and FDA laws to address deliberate acts of threats of terrorism, sabotage, and vandalism. In April 2007, the Department of Homeland Security (DHS) issued the Chemical Facility Anti-Terrorism Standard (CFATS). DHS uses this document to help identify, evaluate, and ensure effective security at high-risk chemical facilities. Included in this responsibility is the requirement for chemical facilities handling chemicals above a threshold amount to submit an SVA for DHS review and approval along with a Site Security Plan (SSP). A potential fine of $25,000 per day, an inspection and audit by DHS, or an order to cease operations is stated for noncompliance. The type and amount of chemicals handled that require submission of screening review and SVA submittals are listed on the DHS website. Additionally, internal company security procedures, although confidential, would also require that an adequate security review be undertaken to identify and assess such risks. Because the methodology of conducting process security reviews are similar to existing process hazard analysis reviews, they can be adapted to fit within the parameters of existing procedures established for these analyses. Both API and AIChE have also issued their own guidelines to assist companies undertaking process security reviews. A major process safety consultant recently stated that statistics show that the use of outside security experts for protective services consultations has increased by 200% in the last 5 years. This is due to escalating concerns over workplace and domestic violence, privacy and security practices, and terrorist threats. Process security reviews are not intended to identify minor thefts or mishaps; these are the responsibility of the company’s general security requirements and can be examined with other financial auditing tools.

Recent cybersecurity attacks worldwide have emphasized the importance of software security for financial and operational applications within process entities. The National Institute of Standards and Technology (NIST) has recently released a document entitled “Framework for Improving Critical Infrastructure Cybersecurity.” This framework provides a structure that organizations can use to develop and improve cybersecurity programs. NIST was charged with putting the framework together under US Presidential Executive Order 13636 (February 2013), which calls for the development of a voluntary, risk-based cybersecurity framework.

The framework document is described as a living document that will need to be updated to keep pace with changes in technology, threats, and other factors, and to incorporate lessons learned from its use. The document describes three main elements: framework core, tiers, and profiles. The framework core presents five functions: identify, protect, detect, respond, and recover. Together, they allow an organization to understand and shape its cybersecurity program. Tiers describe the degree to which an organization’s cybersecurity program meets goals identified in the framework. Profiles help organizations improve their current cybersecurity programs.

The purpose of the safety and security evaluations described in this book is to identify the major risks facing the industry that have the potential for severe impacts. It identifies simple processes and procedures to apply these reviews in an easy, practical manner.

PHA, What-If, and HAZOP reviews are the most common industry qualitative methods used to conduct process hazard analyses, while SVAs are typically applied for process security analyses. It is qualitatively estimated that up to 80% of a company’s hazard identification and process safety analyses may consist of PHA, What-If, and HAZOP reviews, with the remaining 20% from Checklist, Fault Tree Analysis, Event Tree, Failure Mode and Effects Analysis, and so on. Chapter 5 highlights other reviews that are periodically utilized by the process industries.

An experienced review team can use the analyses described to generate possible deviations from design, construction, modification, and operating intent or from deliberate actions that define potential consequences. These consequences can then be prevented or mitigated by the application of the appropriate safeguards.

The reader is reminded that a PHA, What-If, HAZOP, or an SVA report is a living document for a facility. As changes are made to a facility or its procedures, the applicable review is to be updated to represent the current facility. PHA reviews are also required to be updated and revalidated every 5 years as a minimum according to US regulations (OSHA and EPA). Also, because terrorist threats still exist, threat assessment/vulnerability analysis needs to be continually reevaluated.

A completed review can be used to demonstrate to interested parties that a prudent analysis has been accomplished and all possible actions have been examined and implemented to eliminate major hazards or minimize the threat. The Chemical Safety and Hazard Investigation Board (CSB) routinely examines and reviews hazard analyses that have been performed on processes to ensure that they were performed adequately.

This document can also be referred to by review team members. It will serve as a reminder of their duties and responsibilities in the performance of the required reviews and report development.

The typical review is usually intended to be a formal audit review of an “essentially” complete project design or modification to ensure that the probabilities or consequences of major incidents have been eliminated or reduced to acceptable levels prior to being placed in service. Risk analyses should be continually conducted as part of the project design to avoid the identification of major concerns in later reviews. In fact, documentation from a design risk analysis should supplement the formal HAZOP, PHA, What-If, or SVA review.

Process safety and security reviews are not intended to replace or duplicate a project design review. Unusually complex or large projects may require several levels of a safety or security review during their design phase. These may be initiated at the conceptual design stage, preliminary design, detailed design, and at the final design. Such levels are usually encountered in multimillion-dollar offshore facilities, refineries, or chemical processing plant projects where major changes occurring later in the design would be severe in economic and schedule terms. These multilevel reviews start at a broad viewpoint and gradually narrow to specifics as the project design proceeds. Where operating procedures are not available during the design, a supplemental PHA, What-If, HAZOP, or SVA review may be considered for these documents. In fact, an initial review may recommend that subsequent final designs be again evaluated by a PHA, What-If, HAZOP, or SVA as a follow-up. It is essential that these follow-up reviews be completed because incidents investigated by the CSB have identified failure...