security of the cp process - ti-cons · 2018-04-24 · hazop 分析 hazop...

Ti-Cons Dr. Bonath and Partner - Weiland and PartnerManagement Consultants

Ti-Cons

Security of the CP Process

2018 International Titanium Industry Green

Manufacturing and Material Conference

Jinzhou. April 25, 2018

Ti-Cons Dr. Bonath and Partner - Weiland and PartnerManagement Consultants

德国钛康公司

氯化钛白生产中的安全问题

2018 第二届国际钛产业绿色制造技术及原料大会2018年4月25日，中国锦州

© Ti-Cons

www.ti-cons.com


Issues

✓ Titanium tetrachloride (storage > 100 t)

✓ Chlorine ( ~ 1000 Nm³/h)

✓ Carbon monoxide ( ~ 5000 Nm³/h)

✓ Hydrochloric acid

✓ Sodium hydroxide

✓ Middle pressure (<20 bar)

✓ Middle to high temperature (<1100 °C)

© Ti-Cons

www.ti-cons.com


危险因素

✓ 四氯化钛 ( 储存 > 100 t)

✓ 氯气 ( ~ 1000 Nm³/h)

✓ 一氧化碳 ( ~ 5000 Nm³/h)

✓ 盐酸

✓ 氢氧化钠 (<20 bar)

✓ 温度及高温 (<1100 °C)

© Ti-Cons

www.ti-cons.com


Regulations (Europe)

✓ Seveso directive (Directive 2012/18/EU)

✓ Pressure equipment directive also called PED

(Directive 2014/68/EU )

✓ Safety analysis with, for example, the HAZOP

method

© Ti-Cons

www.ti-cons.com


欧盟的有关规范

✓ 塞维索指令 (Directive 2012/18/EU)

✓ 压力设备指令，即所谓PED (Directive

2014/68/EU )

✓ 安全分析, 比如采用 HAZOP 方法的危险与可操作性的分析

© Ti-Cons

www.ti-cons.com


Analysis - HAZOP

✓ HAZOP - HAZard and OPerability study

✓ Originally developed by ICI in the UK

✓ A structured and systematic examination of a

complex planned or existing process

✓ A HAZOP study is a team effort

✓ The team is composed of engineers (process

and automation) and operators

✓ The main principle is to look for deviations:

✓What happens when the

flow/temperature/etc. is too low or too high

✓What happens when the DCS fails

✓Etc.

© Ti-Cons

www.ti-cons.com


HAZOP 分析

✓ HAZOP – 危险与可操作性研究

✓ 最初由英国帝国化工集团（ICI）所开发

✓ 可以对一个相当复杂的设计或现有工艺过程进行有组织、有系统地分析考查

✓ HAZOP 分析需要一个团队来完成

✓ 分析团队大都由工艺及自控工程师以及操作人员组成

✓ 主要原则是要找出可能的异常：

✓当流量/温度太低或太高时应该怎么办

✓当DCS自控程序失效时应该怎么办

✓等等

© Ti-Cons

www.ti-cons.com


Safety Measures

✓ Organisational measures

✓Safety culture

✓Periodic safety briefings/training

✓Alarm plan, danger reaction plan…

✓Periodic inspections (pressure tests etc.)

✓ Technical measures

✓Process design

✓Equipment design

✓Mechanical protection

✓Automation

© Ti-Cons

www.ti-cons.com


安全措施

✓ 组织措施

✓建立企业安全文化

✓定期进行安全简训及安全培训

✓设计报警计划、危险反应计划等等

✓定期进行设备系统安全检查，如压力测试等等

✓ 技术措施

✓工艺安全设计

✓设备安全设计

✓机械安全保护

✓自控安全系统

© Ti-Cons

www.ti-cons.com


Safety Culture

✓ Hazard identification and remediation

✓ Recognize safe behaviour

✓ Document all accidents including the near

accidents

✓ Avoid the blame game

✓ Use positive consequences

✓ Build trust and relationships

✓ Build safety into daily processes

✓ Celebrate success often

✓ Total commitment, from management to

simple worker!

© Ti-Cons

www.ti-cons.com


企业安全文化

✓ 危害识别和修复

✓ 建立安全行为意识

✓ 书面记录所有事故，包括最近发生的事故

✓ 避免责骂文化

✓ 采用积极的实例结果

✓ 建立信任关系

✓ 将安全工作纳入日常工作

✓ 经常性地表扬成功经验

✓ 建立从工人至管理人员的各级负责制度

© Ti-Cons

www.ti-cons.com


Safety briefings and Training

✓ Train all people with standard safety training

✓ Train people on the special threats:

✓of the plant/process

✓of their job

✓ Train on a regular base!

✓ Refresh the trainings regularly!

✓ Before starting work do short safety briefing

© Ti-Cons

www.ti-cons.com


安全简训及安全培训

✓ 对全体员工进行规范安全培训

✓ 对特定员工进行专项安全培训：

✓工厂或工段的现场安全培训

✓针对所从事的职业安全培训

✓ 常规基础培训!

✓ 经常更新培训内容!

✓ 正式实地工作前，需做安全简训

© Ti-Cons

www.ti-cons.com


Documentation

Emergency Exit Explosible Region

Fire Extinguisher Intercom

Fire Alarm Corrosive

Emergency

ShowerFlammable

Eye Bath Station Harmfull/Irritant

✓ Clear Documents

✓ Clear Information

© Ti-Cons

www.ti-cons.com


技术文档

紧急出口易爆区域

灭火装置对讲设备

防火报警腐蚀介质

紧急冲洗装置可燃介质

洗眼站伤害或刺激性介质

✓ 清晰的技术文档

✓ 清晰的安全信息

© Ti-Cons

www.ti-cons.com


Danger Reaction Plan

© Ti-Cons

www.ti-cons.com


危险反应计划

© Ti-Cons

www.ti-cons.com


Inspection

✓ Inspection of all safety equipment

✓Process

✓Equipment

✓Health

✓ On a regular base, once a year at least

✓ Documented with reports

✓ Reports signed

© Ti-Cons

www.ti-cons.com


定期检测

✓ 所有安全设备的定期检测

✓工艺检测

✓设备检测

✓健康检测

✓ 在定期基础上进行，至少一年一次

✓ 必须形成书面文件或报告

✓ 报告必须由责任人签署

© Ti-Cons

www.ti-cons.com


Periodic Inspection Report

© Ti-Cons

www.ti-cons.com


定期检测报告实例

© Ti-Cons

www.ti-cons.com


Safety by Operation

✓ Clear operation instruction

✓ Clear command structure

✓ Excellent maintenance

© Ti-Cons

www.ti-cons.com


操作安全

✓ 非常明确的操作指令

✓ 非常明确的指令结构

✓ 非常到位的维护工作

© Ti-Cons

www.ti-cons.com


Safety by Process

✓ Use clear process structures

✓ Don’t use process steps which create off-

normal situations

✓ Design the process which enables simple

detection of off-normal situation. E.g. pH too

low/high.

✓ Avoid media which react vigorously with TiCl4

✓ Isolate TiCl4 with vigorously reacting media

© Ti-Cons

www.ti-cons.com


工艺的安全设计

✓ 采用十分明确的工艺步骤

✓ 不要采用会产生异常情况的工艺步骤

✓ 设计时必须考虑用简单的方式测到异常值，例如pH值超高/超低值的测定

✓ 避免采用与四氯化钛会发生剧烈反应的介质

✓ 将四氯化钛与会产生剧烈反应的介质进行隔离

© Ti-Cons

www.ti-cons.com


Safety by Equipment

✓ Closed building with controlled ventilation

✓ Safe escape ways, e.g. staircase outside

✓ Use of high end material with certificates

✓ Equip with certified and well-know brands

✓ Equipment suppliers with references

✓ Encapsulated pumps

✓ State of the art sealing systems

✓ And many more (confidential know-how)

© Ti-Cons

www.ti-cons.com


设备的安全设计

✓ 采用封闭式厂房，厂房内备有风机通风

✓ 设计安全逃逸通道，例如：楼梯间设在厂房之外

✓ 设备设计必须采用有资质证明的最终材质

✓ 采购有资质、行内有声誉的设备

✓ 设备制造商必须有资质、有业绩

✓ 泵体需封装

✓ 先进的密封系统

✓ 其他事项及细节 (部分为技术诀窍)

© Ti-Cons

www.ti-cons.com


Safety for Operators

✓ Emergency showers (eye and all)

✓ PPE (Personal Protective Equipment):

✓Hard hat

✓Safety boots

✓Safety goggles

✓Ear protection

✓Gas mask

✓Respirator

✓Personal gas detector (CO)

© Ti-Cons

www.ti-cons.com


操作人员的安全

✓ 紧急清洗装置（包括洗眼及冲淋）

✓ 个人保护装置:

✓硬壳安全帽

✓安全工作鞋

✓护目镜

✓护耳罩

✓防毒呼吸罩

✓呼吸器

✓个人一氧化碳气体检测仪

© Ti-Cons

www.ti-cons.com


Safety by Automation

✓ Ambient air monitoring

✓ Video monitoring

✓ Emergency stop

✓ Equipment and operator protection

✓ Intercom

✓ High degree of automation

✓ Total integration of all systems

© Ti-Cons

www.ti-cons.com


自控系统的安全设计

✓ 环境空气监测

✓ 现场视频监控

✓ 紧急停车机制

✓ 设备和操作人员保护

✓ 对讲系统

✓ 高度自动化操作

✓ 所有系统的全面集成

© Ti-Cons

www.ti-cons.com


Automation Structure

✓ DCS (Distributed Control System) - The main

operating and automation system

✓ SIS (Safety Instrumented System) - Safety

related automation system

✓ PLC (Programmable Logic Controller) -

Package unit automation system, e.g. filter

presses

© Ti-Cons

www.ti-cons.com


自控系统结构

✓ DCS (分布式控制系统) – 作为操作与自控的主系统

✓ SIS (仪器仪表安全系统) – 与安全有关的自控系统

✓ PLC (现场逻辑控制系统) – 通常为设备包所带的单元自控系统，如：压滤机本身的控制系统

© Ti-Cons

www.ti-cons.com


Automation Structure

DCS SISPLC

Sensors/Actors

© Ti-Cons

www.ti-cons.com


自控系统结构

DCS SISPLC

传感器/执行器

© Ti-Cons

www.ti-cons.com


Safety Integrity Level

✓ Safety integrity level (SIL) is the level of risk-

reduction provided by a safety function.

✓ According IEC 61508

✓ Four Levels (SIL 1 to SIL 4)

✓ SIL determinates the requirement for number

and quality of the equipment

✓ Without SIL determination no secure

implementation of equipment possible

© Ti-Cons

www.ti-cons.com


安全完整性等级

✓ 安全完整性等级（SIL）是安全功能提供的降低风险等级。

✓ 根据国际电工委员会（IEC）规范 61508设计

✓ 共有四个设计等级 (SIL 1 至 SIL 4)

✓ 由安全完整性等级来确定所需设备的数量和质量

✓ 没有安全完整性等级的确定，就无法实施设备安全的可能

© Ti-Cons

www.ti-cons.com


SIL - Risk Graph

a

1

2

3

4

b

---

1

2

3

4

a

---

---

1

2

3

a

W1 W2 W3

--- = No safety requirementsa = No special safety requirementsb = A single equipment is not sufficient1, 2, 3, 4 = SIL Level

Starting

PointPA

PB

PA

PB

PA

PB

PA

PB

FA

FB

FA

FB

FA

FB

CA

CB

CC

CD

C = Consequence parameter

F = Frequency and exposure time parameter

P = Posibility of Avoiding Hazard

W = Probability of Occurence

© Ti-Cons

www.ti-cons.com


安全完整性等级 – 风险图

a

1

2

3

4

b

---

1

2

3

4

a

---

---

1

2

3

a

W1 W2 W3

--- = 无安全需求

a = 无特殊安全需求

b = 单一设备不够

1, 2, 3, 4 = 安全完整性（SIL）等级

起始点PA

PB

PA

PB

PA

PB

PA

PB

FA

FB

FA

FB

FA

FB

CA

CB

CC

CD

C = 结果参数

F = 频率和曝光时间参数

P = 避免危险的可能性

W = 发生概率

© Ti-Cons

www.ti-cons.com


Analysis - Risk Graph

Consequence Parameter:CA Minor injury

CB Severe irreversible injuries or death to one or more persons or death

of a person, 0.01 to 0.1 probable fatalities per event

CC Death of several persons

> 0.1 to 1.0 probable fatalities per event

CD Catastrophic consequences, multiple deaths

> 1 probable fatalities per event

Frequency and exposure time:

FA Seldom to relatively frequent, < 10% of time of operation

FB Frequent to continuous events, ≥ 10% of time of operation

Possibility of avoiding hazard:

PA Possible under certain circumstances, < 10% probability hazard

cannot be avoided

PB Hardly possible, ≥ 10% probability hazard cannot be avoided

Probabilty of occurence:

W1 Very low, incident < 1 in 30 years

W2 Low, 1 incident > 3 to 30 years

W3 Relatively high, 1 in > 0.3 to 3 years

© Ti-Cons

www.ti-cons.com


安全分析 – 风险图

结果参数:CA 造成轻伤CB 造成一个或多个人严重的不可挽回的伤害或一个人的死亡，每事件可能发生

的死亡率为0.01至0.1

CC 造成数人死亡每事件可能死亡率>0.1 to 1.0

CD 灾难性后果，多人死亡每事件可能死亡率 > 1

频率和曝光时间:

FA 很少至相对频繁, < 10% 的操作时间FB 频繁至连续事件, ≥ 10%的操作时间避免危害的可能性:

PA 在某些情况下是可能的, < 10% 可能出现的危害可以得到避免

PB 几乎不可能，, ≥ 10%可能出现的危害无法得到避免发生概率:

W1 非常低, 事故率 < 30年一次W2 低, 事故率 > 30年三次W3 相对高,事故率 > 三年 0.3 次

© Ti-Cons

www.ti-cons.com


Analysis - Risk Graph

Incident Detonation of Fuel (O2 Superheater)

Consequence (C) Death of several persons CC

Frequency (F) Frequent to continuous events FB

Probability of

Avoidance (P)

Hardly possible PB

Probability of

Occurrence (W)

Very low, incident W1

SIL 2

© Ti-Cons

www.ti-cons.com


安全分析 – 风险图

事故燃料爆炸(O2 预热器)

结果(C) 造成数人死亡 CC

频率 (F) 频繁至连续事件 FB

避免概率 (P) 几乎不可能 PB

发生概率 (W) 非常低, 事故 W1

安全完整性等级（SIL） 2

© Ti-Cons

www.ti-cons.com


Overpressure

Release

Pressure

Spring

✓ No classical safety valves possible for CO or Cl2

© Ti-Cons

www.ti-cons.com


Overpressure

✓ Release (CO, Cl2, etc.) to atmosphere not

possible

✓ Shut-down of all gases to the process

Redundant Pressure Sensors

Redundant Valves

© Ti-Cons

www.ti-cons.com


Overpressure

✓ Sensors and actors compliant to SIL level

✓ Redundant pressure measurements

✓ Redundant valves

✓ Realized with SIS

© Ti-Cons

www.ti-cons.com


Emergency Stop

✓ DCS not reactive (stalled)

✓ DCS wrong reaction

✓ Push buttons in all stair cases and the control

room are stopping the production


© Ti-Cons

www.ti-cons.com


紧急停车设置

✓ DCS不响应（停止状态）

✓ DCS 错误响应

✓ 在所有楼梯间和控制室内安装紧急停车开关，以便在紧急情况下停止整个生产系统

✓ 紧急停车开关需与安全系统 SIS连接

© Ti-Cons

www.ti-cons.com


Ambient Air Monitoring

✓ Sensors for CO

✓ Sensors for Cl2

✓ On site alarm with rotating beacon and horn

✓ Sensors and actors compliant to SIL level


✓ Alarm in the DCS

✓ Alarm acknowledge in the DCS (Total

integration)

© Ti-Cons

www.ti-cons.com


环境空气监测

✓ CO监测传感器

✓ Cl2监测传感器

✓ 现场带有旋转信标和喇叭的报警装置

✓ 按SIL等级选择传感器和执行器

✓ 与安全系统 SIS 连接

✓ 在自控系统 DCS 中设置报警

✓ 在自控系统 DCS中确认报警（全面整合）