AMMONIA RELEASE FAULT TREE STUDY VANCOUVER, BRITISH COLUMBIA

Similar documents
ELECTRIC SHOCK FAULT TREE STUDY VANCOUVER, BRITISH COLUMBIA

MU064: Mechanical Integrity & Reliability in Refineries, Petrochemical & Process Plant

Lessons Learned from the US Chemical Safety and Hazard Investigations Board. presented at

Procedure for Obtaining Verification of a Stormwater Manufactured Treatment Device from New Jersey Corporation for Advanced Technology

TERMS AND CONDITIONS. for the use of the IMDS Advanced Interface by IMDS-AI using companies

2001A. 200KHz Function Generator Instruction Manual. 99 Washington Street Melrose, MA Phone Toll Free

PRIMATECH WHITE PAPER COMPARISON OF FIRST AND SECOND EDITIONS OF HAZOP APPLICATION GUIDE, IEC 61882: A PROCESS SAFETY PERSPECTIVE

PixController, Inc. Wireless Vibration Sensor For Indoor and Outdoor Use

Instrumentation and Control

NOsparc! MHXAC1F120! MHXAC1F240! MHXAC1F480 PATENTS AND PATENTS PENDING. Contact Arc Suppressor

Sample Slip and Fall Prevention Program

Establishment of Electrical Safety Regulations Governing Generation, Transmission and Distribution of Electricity in Ontario

Circuit Breaker Finder

Operator s Manual. PP016 Passive Probe

LDO Regulators Glossary

Comfort 10S Wall Hardwire Installation and Operations Manual

ADDENDUM NO. 2 PROJECT: COURTLAND PUMP STATION CONTRACT: IFB NO COM.00030

Air Monitoring Directive Chapter 9: Reporting

Delineation and Regulatory Oversight of Processing Oil and Gas Midstream Facilities

Controlling Changes Lessons Learned from Waste Management Facilities 8

NOsparc User Manual IMPORTANT NOTES Arc Suppression Technologies. All rights reserved.

X80 Activator. User's Manual. Version 1.1.

For detailed specifications and ordering info go to

Agilent G1888 Network Headspace Sampler

SAP Dynamic Edge Processing IoT Edge Console - Administration Guide Version 2.0 FP01

Consideration of External Pressure in the Design and Pressure Rating of Subsea Equipment API TECHNICAL REPORT 17TR12 FIRST EDITION, MARCH 2015

SATELLITE NETWORK NOTIFICATION AND COORDINATION REGULATIONS 2007 BR 94/2007

AIA Continuing Education

10 Ton Pull Back Ram

Type Poles Contact configuration Rated voltage Model G7S-4A2B 24 VDC 3PST-NO, 3PST-NC

Switch Mode Power Supply

.2 Accompany all submissions with a transmittal letter, in duplicate, containing:.4 Specification Section number for each submittal

Low Voltage Brushed Motor System

Heating Ventilating Air Conditioning - Refrigeration COURSE SYLLABUS

4. Absolute Maximum Ratings (Note) (Unless otherwise specified, T a = 25 ) Symbol V RRM I F(DC) I FP. I 2 t. T j T stg TOR

41P Portable Calibrator User Manual

Installation Instructions

Medical Devices Calibration, testing, service and repair

SSM3J356R SSM3J356R. 1. Applications. 2. Features. 3. Packaging and Pin Assignment Rev.3.0. Silicon P-Channel MOS (U-MOS )

Bulk Metal Foil Technology RNC90Y and RNC90Z (Z-Foil) to MIL-PRF-55182/9

VT1586A Rack Mount Terminal Panel Installation and User s Manual

Keeping Your House in order?

TOSHIBA Original CMOS 16-Bit Microcontroller. TLCS-900/H Series TMP95C061BFG TMP95C061BDFG. Semiconductor Company

Shrinker and stretcher

Common Covered Task 408OP Inspect Cathodic Protection Rectifier

Model 5100F. Advanced Test Equipment Rentals ATEC (2832) OWNER S MANUAL RF POWER AMPLIFIER

NINTENDO S SUPER SMASH BROS. ULTIMATE THE NINTENDO KIOSK OFFICIAL RULES

Bulk Metal Foil Technology RNC90Y and RNC90Z (Z-Foil) to MIL-PRF-55182/9

TI Designs: Biometric Steering Wheel. Amy Ball TIDA-00292

AN4269. Diagnostic and protection features in extreme switch family. Document information

EMC Testing to Achieve Functional Safety

TCC/SHORE TRANSIT BUS MAINTENANCE FACILITY - PHASE II

SSM3K341R SSM3K341R. 1. Applications. 2. Features. 3. Packaging and Pin Assignment Rev.5.0. Silicon N-channel MOS (U-MOS -H)

34134A AC/DC DMM Current Probe. User s Guide. Publication number April 2009

Power Efficiency Optimization and Application Circuits Using Dual-power-supply LDO Regulators

Radio Remote Controls Manual K Series

Radio Remote Controls Manual K Series

30 Bending Brake. Model Assembly and Operating Instructions. Distributed exclusively by Harbor Freight Tools.

303139, Vishay Foil Resistors FEATURES INTRODUCTION. TABLE 1 - TOLERANCE AND TCR VS. RESISTANCE VALUE (- 55 C to C, + 25 C ref.

Switch Mode Power Supply

Vout SMNZ. Note RESISTANCE RATIO R1/R2 = 1 1 < R1/R < R1/R2 100

TOSHIBA INSULATED GATE BIPOLAR TRANSISTOR SILICON N CHANNEL IGBT GT30J322

Ordering Information. Stepping Relay Unit G9B. Model Number Legend

Gypsy Statement of Limited Warranty. Part 1 General Terms

Operating Manual * * Differential pressure transmitter. Table of Contents. 1 Safety guidelines. 1.1 General Information

SMN. Vishay Foil Resistors

Fiscal 2007 Environmental Technology Verification Pilot Program Implementation Guidelines

PROFESSIONAL COMPETENCE IN CURRENT STRUCTURAL DESIGN

Signal Isolation Module. Instruction Manual SIM

E3X-DRT21/SRT21/CIF11

KPM Process Measurements

DSMZ (Z-Foil) Vishay Foil Resistors FEATURES

IMPROVED PRODUCT. DSMZ (Z-Foil)

2015 RIGOL TECHNOLOGIES, INC.

Type Approval JANUARY The electronic pdf version of this document found through is the officially binding version

Veranda Decorative Lattice & Deck Skirting Special Order Catalog

TCK106AF, TCK107AF, TCK108AF

4. CONNECTIONS. Make sure all connections to and in your Universal Rectifier are tight.

E8EB-N0C2B E8EB-N0B2B

SECTION 16483D ADJUSTABLE FREQUENCY DRIVE - MICRODRIVE (MVX <10-HP)

3A, 8 mω Ultra Low On resistance Load Switch IC with Reverse Current Blocking and Thermal Shutdown function

A Guide to Establish an Arc Flash Safety Program for Electric Utilities

IR1011 Photovoltaic Infrared Sensor

Thermal Design to Maximize the Performance of LDO Regulators

Type Poles Contact configuration Rated voltage Model 3PST-NO, 3PST-NC 24 VDC

Electrical Severity Measurement Tool Revision 4

SSM3K357R SSM3K357R. 1. Applications. 2. Features. 3. Packaging and Pin Assignment Rev.2.0. Silicon N-Channel MOS.

DNVGL-CP-0338 Edition October 2015

303133, , , , ,

THE USE OF A SAFETY CASE APPROACH TO SUPPORT DECISION MAKING IN DESIGN

TC75S56F, TC75S56FU, TC75S56FE

Ultra-Small Footprint P-Channel FemtoFET MOSFET Test EVM

(R) Aerospace First Article Inspection Requirement FOREWORD

SSM3K339R SSM3K339R. 1. Applications. 2. Features. 3. Packaging and Pin Assignment Rev.1.0. Silicon N-Channel MOS

TC4001BP, TC4001BF, TC4001BFT

Resistance WIREWOUND. Wiper Travel. STANDARD RESISTANCE VALUES (in Ω) (1) 20, 50, 100, 200, 500, 1K, 2K, 5K

Radio Remote(s) (Installation Manual)

SSM6J507NU SSM6J507NU. 1. Applications. 2. Features. 3. Packaging and Pin Assignment Rev Toshiba Corporation

Grid Radar Installation Manual

Soil Moisture Smart Sensors (S-SMx-M005)

Transcription:

AMMONIA RELEASE FAULT TREE STUDY Final Report Date Issued: July 31, 2018 Prepared for: Technical Safety BC Prepared by: Jeff Dancey VANCOUVER, BRITISH COLUMBIA Date of Workshop April 30-May 1, 2018 BakerRisk Project No. 01-06563-001-18 BAKER ENGINEERING AND RISK CONSULTANTS, INC. 5575 N Service Rd, Ste 103 Burlington, Ont, L7L 6M1 Canada Tel: (289) 288-0100 Fax: (289) 288-0094 www.bakerrisk.com

Notice Baker Engineering and Risk Consultants, Inc. (BakerRisk ) made every reasonable effort to perform the work contained herein in a manner consistent with high professional standards. The work was conducted on the basis of information made available by the client or others to BakerRisk. Neither BakerRisk nor any person acting on its behalf makes any warranty or representation, expressed or implied, with respect to the accuracy, completeness, or usefulness of the information provided. All observations, conclusions and recommendations contained herein are relevant only to the project, and should not be applied to any other facility or operation. Any third party use of this Report or any information or conclusions contained therein shall be at the user's sole risk. Such use shall constitute an agreement by the user to release, defend and indemnify BakerRisk from and against any and all liability in connection therewith (including any liability for special, indirect, incidental or consequential damages), regardless of how such liability may arise. BakerRisk regards the work that it has done as being advisory in nature. The responsibility for use and implementation of the conclusions and recommendations contained herein rests entirely with the client.

EXECUTIVE SUMMARY Baker Engineering and Risk Consultants, Inc. (BakerRisk ) conducted an ammonia release fault tree workshop on April 30-May 1, 2018 at the offices of Technical Safety BC (TechSafeBC). During the course of this workshop, a fault tree was developed to identify potential causes of ammonia releases from industrial refrigeration systems used in arenas and food storage facilities. Recommendations were made to address the key causal factors behind those causes, as identified in the fault tree. The generated fault tree for ammonia release appears as an attachment in Appendix A. Due to the size of the fault tree, it is not included in the main body of the report. There were twelve recommendations made by the working group for further action after the fault tree was generated. These recommendations appear in full in Section 3 of this report. There were two key causal factors that were identified during the fault tree sessions: 1. It was observed during the workshop that there was a lack of knowledge and engagement on the part of some facility owners and operators regarding the risks associated with operation of an ammonia refrigeration facility. The level of understanding and support from these owners/operators to allow strong management systems to be developed and maintained was perceived to be lacking by the workshop participants. The majority of the recommendations were made to strengthen the understanding of asset owners and operators of their responsibilities and duties. 2. The existance of multiple levels of certification (Refrigeration Operator, 4 th Class Power Engineer, Ice Facility Operator, Refrigeration Safety Awareness certification, as well as trades used for maintenance) to allow operation of these facilities was observed to be a potential source of risk by the workshop participants. The capabilities and limitations associated with each type of certification are different, and the work that should be delegated to each type of worker is potentially different. A recommendation was made to perform a gap analysis on the different certifications available to allow the regulator to address any deficiencies in currently available and accepted training and certification programs. i

Table of Contents EXECUTIVE SUMMARY... I 1 INTRODUCTION...1 2 FAULT TREE ANALYSIS...2 2.1 History... 2 2.2 Basic Method... 2 3 RECOMMENDATIONS...4 4 SUMMARY...6 Appendices Appendix A. Fault Tree... A-1 Appendix B. Original Fault Tree... B-1 Appendix C. Causal Factors... C-1 List of Figures Figure 1. Logic Gate Symbols... 2 Figure 2. Fault Tree Example Light Bulb Fails to Light... 3 ii

1 INTRODUCTION On April 30 May 1, 2018, a two-day workshop was conducted by BakerRisk with TechSafeBC personnel to create a fault tree that identified the risks associated with ammonia releases in British Columbia. This workshop was a follow-up to a fault tree that had been internally generated by TechSafeBC in 2017, and the third of four workshops conducted by BakerRisk in 2018 covering four different risk topics of interest to TechSafeBC: escalator operation, electrical shock, ammonia exposure and carbon monoxide exposure. At the beginning of the ammonia session, the working group defined the final event to be analyzed as an ammonia release from containment. Specific release sizes or human impacts were not specified. The fault tree generated during this study is included in Appendix A. The original fault tree created in 2017 is included in Appendix B. A table summarizing all of the causal factors identified in the ammonia fault tree is shown in Appendix C. Section 2 of this report includes a brief overview of the fault tree methodology. Section 3 includes a full listing of the recommendations made by the working group, and Section 4 provides the summary and conclusions for the project. 1

2 FAULT TREE ANALYSIS 2.1 History Fault tree analyses were first created and performed in the 1960 s by Bell Laboratories in the U.S. in order to evaluate the risks associated with the potential inadvertent launching of Minuteman missiles and the potential unauthorized arming of nuclear devices. In the 1970 s, the fault tree system was adopted by the U.S. nuclear industry as a method to evaluate the reliability of reactor safety, including potentials for reactor runaway, and the release of radioactive materials. It is still used in the U.S. nuclear industry to analyze risks and failure rates of critical systems. Through the 1980 s and beyond, fault trees have occasionally been used in chemical and petrochemical companies to provide detailed risk analyses where less detailed methods such as hazard and operability studies (HazOps) have not provided a clear resolution to risk decisions. 2.2 Basic Method A fault tree is generated by choosing a specific final event of interest such as a chemical release in a specific location, or an explosion from a reactor that leads to a fatality. After choosing the final event, the participants in the fault tree study work backwards to identify all of the causes that could lead to that particular event happening. In most fault tree studies, each initiating cause that is identified is assigned a specific probability, allowing the organization creating the fault tree to identify the dominant causes or groups of causes that led to that final event, so that they can be addressed. Fault trees use logic gates to create a map of sub-causes from the original event to the multiple potential root causes for that event. In Figure 1, the logic gate symbols used in fault trees are shown. OR Gate AND Gate Basic Cause Figure 1. Logic Gate Symbols Figure 2 shows an example tree created to demonstrate a fault tree map that depicts the failures that could result in a light bulb not turning on. 2

TOP EVENT BULB FAILURE ELECTRICTY FAILURE BULB BURNED OUT BULB MISSING OR NOT SCREWED IN SHORT CIRCUIT FUSE BLOWN NO POWER SWITCH BULB NO-BULB SHORT FUSE POWER SWITCH Figure 2. Fault Tree Example Light Bulb Fails to Light 3

3 RECOMMENDATIONS At the conclusion of the ammonia release workshop, the working group reviewed the fault tree that had been created and tried to identify the common causal factors that appeared in the tree; either factors that were repeated in numerous locations, or factors that were deemed critical by those participating. The group then held a brainstorming session to develop actions and recommendations that could be carried forward by TechSafeBC to attempt to reduce the risks associated with ammonia refrigeration systems. These recommendations appear in full, below: 1. Ammonia refrigeration systems in British Columbia are equipped with emergency discharge valves that allow the ammonia to be discharged directly to atmosphere. The code requirement to add these valves to refrigeration systems has been in place for decades, but with modern safety systems and controls, the workshop participants were of the opinion that it no longer serves a useful purpose. Instead, it now constitutes a potential source of release due to inadvertent operation. TechSafeBC should consider deleting the requirement for emergency discharge valve from refrigeration system design; note that in the 2015 CSA B52 code, this valve is now optional. 2. TechSafeBC should consider issuing a safety directive or other regulatory notice requiring the removal of the emergency discharge valve from existing facilities when system renovations are done, in order to eliminate one potential risk source. 3. Consider performing a gap analysis to identify inconsistencies between current Refrigeration Operator (RO) and 4 th Class Power Operator training and allowed scope of work, and undertaking regulatory and training changes to address identified gaps where ammonia refrigeration systems are involved. There is a concern on the part of workshop participants that operators may undertake work that they are not qualified to do, due to a lack of clear direction on what duties they are allowed to perform. 4. Consider developing additional guidance on seasonal shutdown of ammonia systems in ice arenas to determine whether a condition of non-supervision can be safely achieved on a seasonal outage. 5. Consider reviewing contractor licensing requirements and quality control manual requirements to develop improved maintenance and operational performance through the licensing system. 6. Consider developing improved guidance on methods of providing notification of relief through pressure safety valves, especially around nuisance alarming on current sensors potentially through a working group to identify best practices. The working group noted that small releases through pressure relief devices are not uncommon, and that existing sensors make it difficult to differentiate between a small release and a significant discharge. 4

7. Consider making refrigeration system design subject to professional engineering review, stamping, and registration in the province of British Columbia. Currently, there is no requirement for an engineering review of ammonia refrigeration system designs, despite the presence of a known hazardous chemical under pressure. 8. Consider developing a regulatory requirement to maintain minimum records for each operating shift; the current code requires that a log book be kept, but does not specify what should be tracked. Actual minimum data to be recorded (i.e., operator name/certification, actions taken, maintenance done, baseline and actual operating readings) should be specified to ensure that critical information is not overlooked due to a lack of awareness on the part of the operator. 9. Consider developing an owner education or awareness program addressing their responsibilities around CSA B52 as adopted in BC and pertaining to ammonia refrigeration systems, and the potential legal liabilities and implications of noncompliance. Topics that should be covered include change management, appropriate procedure development, capital replacement plans, maintenance plans, corrosion management, and insulation management. 10. Consider increasing the level of regulatory oversight that is in place for this type of operation; a lack of oversight of work being performed was cited as a causal factor multiple times during the fault tree development. Increasing oversight by the owner or operator of a facility is not directly within the purview of TechSafeBC, but an increase in regulatory oversight will drive increased oversight and compliance on the part of the operator. This could include an increased number of site visits or inspections, as well as a review of the current audit protocols and procedures to ensure that they are current, sufficiently detailed, and consistently applied. 11. Consider developing an education campaign focused on owners, operators, and contractors identifying key risks associated with operation of ammonia refrigeration systems to create engagement on the part of these groups. 12. Consider developing best practice documentation around piping insulation requirements, the importance of proper maintenance, and the impact that insulation has on corrosion risks through the corrosion under insulation mechanism (CUI). 5

4 SUMMARY On April 30-May 1, 2018, a working group formed by Technical Safety BC met to update the fault tree analysis done in 2017 on ammonia refrigeration system risks in the province of British Columbia. During this workshop, the working group generated a fault tree to identify the causal factors associated with ammonia releases. At the conclusion of the two-day workshop, twelve recommendations to address the common or critical causal factors identified in the fault tree were made, as outlined in Section 3. The critical factors identified during this workshop were largely associated with the proper operation and maintenance of the systems, and what appears to be a high level of risk tolerance on the part of some owners and operators, based on opinions and observations put forth by participants. There were multiple indicators of this high level of risk tolerance within the workshop. It was noted numerous times by workshop participants that owners and operators frequently adopt a run to failure approach for maintenance, which is not advisable when dealing with a system containing a hazardous chemical. The practice of monitoring brine for ammonia build-up rather than staying ahead of the maintenance curve is also indicative of this risk acceptance. Operators also expressed a concern about the need to report small PSV leaks, which they considered frequent events, with some participants noting that releases occurred several times per month. Appropriately designed and maintained pressure relief devices should not leak to atmosphere at all under normal operation. Small leaks from these types of devices are frequently indicators of abnormal operation. Accepting that they are common and designating them as nuisance issues is normalization of a deviation : defined as a substandard or deviant operation that has existed for long enough that it is perceived as normal by those operating the system. Additionally, workshop participants indicated that the PSVs used in this industry are most commonly designed to be removed and replaced after reaching the end of service life, rather than being repaired and re-installed. Although the use of this type of disposable PSV is acceptable practice, the workshop participants indicated that it was not common practice to subject these devices to performance testing after removal. Even though there is no intent to repair and re-use these devices, a representative sample should always be sent for function testing after removal to ensure that they are still functional at the time of removal. Without this testing and verification, the operator runs the risk that hidden failures are developing near the end of service life. Because of the high level of hazard that is associated with this industry, the author of this report recommends that further actions be taken to improve and strengthen oversight of this field. Shifting a large cultural bias is difficult and unlikely to be done by information sessions and awareness programs alone. 6

In the author s opinion, TechSafeBC should consider developing a program that requires ammonia facilities to employ third party audits on a regular basis. A properly designed third party auditing system could ensure that operators are meeting regulatory standards and conforming to good maintenance and operational practices. External examples that could be looked to for reference include the U.S. OSHA PSM program, which requires an external audit to ensure regulatory compliance every three years, or the Ontario Technical Standards and Safety Authority s Risk and Safety Management Plan governing propane distributors in that province. 7

APPENDIX A. FAULT TREE Due to the large size, the fault tree created during this workshop is attached as a.pdf file to this report. The file name is Ammonia Release.pdf. A-1

APPENDIX B. ORIGINAL FAULT TREE The original fault tree developed by TechSafeBC is attached as a Microsoft Visio file. The file title is Event Tree Ammonia Release v5 B-1

APPENDIX C. CAUSAL FACTORS C-1

Causal Factor Number of Appearances Corporate Culture/Accountability 20 Lack of Duty Holder Oversight 18 Code Gap 16 Lack of Process/Procedure 16 Cost/Time Constraints 12 Multiple Certification Management 11 No Certification Required 11 Lack of Knowledge/Training 10 Employee Turnover 7 Failure not Identified 7 Cost Constraints 6 Lack of Replacement Strategy 6 Long Service Interval 6 Poor Communications 6 Risk Tolerance/Complacency 6 Specification Availability 6 Manufacturing Defect 5 Qualification Issues 5 Service Wear 5 Lack of Change Management 3 Lack of Practice 3 Treatment Program Inadequate 3 Lack of Hazard Awareness 2 Lack of PM/Inspection Program 2 Obsolescence 2 Parts Availability 2 Plugging/Fouling Issues 2 Poor Maintenance 2 Vandalism 2 3rd Party Parts 1 Air Contamination 1 Ambient Conditions 1 Certification Gap 1 Charge Present 1 Code Requirement not Followed 1 Competing/Unclear Priorities 1 Contactor Failure 1 Cost/Supply Constraints 1 Currency/Manpower Gap 1 Design Flaw 1 Frequent Start-ups 1 High System Velocities 1 Human Error 1 Intentional ESD 1 Lack of Design Registration 1 Lack of Filtration 1 Lack of Labeling/Control 1 Lack of Paint/Poor Quality Paint 1 Lack of Policy/Procedure 1 Lack of Regulatory Oversight 1 Liquid Entrainment 1 Misuse 1 Owner/Operator Pressure 1 Power Failure 1 Procedures Incomplete/Indadequate 1 Purchasing Control Issues 1 Receiving issues 1 Regulatory Gap 1 Reporting to Regulator 1 Time Constraints 1 Time/Production Pressure 1 C-2

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback