A safety evaluation framework for process hazards management in chemical facilities with PES-based controls


  • Elisabeth M. Drake,

    1. MIT Energy Laboratory, Cambridge, MA 02139
    Search for more papers by this author
    • American Institute of Chemical Engineers/Center for Chemical Process Safety Staff Coordinator for their Process Control Safety Subcommittee. This subcommittee is about to complete a new book—Guidelines for Safe Automation of Chemical Processes.

  • Clark W. Thurston

    1. Union Carbide Corp., South Charleston, WV 25303
    Search for more papers by this author


The chemical industry today is in transition, with increasing emphasis on total quality control along with needs to meet ever more stringent levels of health, safety, and environmental management. Fortunately, these needs are being met by tremendous strides in process monitoring and control instrumentation. Microprocessor-based process sensors, programmable electronic systems (PESs), and precision throttling valves now improve the implementation and maintenance of complex process control strategies, with operators interacting with the process through modern human/machine interfaces. Sophisticated graphical displays and powerful control algorithms aid the operators in their work. Many formerly manual tasks are being automated. Some sources of human error are reduced by the use of PES controls, but these systems introduce new and different potential sources of error, leading to new implementation considerations.

Many of the hazard identification and risk assessment methodologies used today are based on techniques that assume independence of failures. However, possibilities for common mode failures and covert faults are greatly increased in process control systems that make use of PES technology. PES controls are interconnected through data highways; use common hardware and software functions in many modules; and may depend on central supervisory control computers for some critical control data. Today, achieving plant safety is a systems issue, requiring an integrated analysis with inputs from each of the disciplines involved in design and operation, as well as the guidance of safety and risk specialists. This article presents a systematic, semi-quantitative approach to total system safety design in which modern programmable electronic monitoring and control systems are integrated with traditional administrative and engineering controls to achieve acceptable levels of operating risk. The philosophy presented is a reflection of the consensus of a group of experienced control system specialists from some ten leading companies.