This invention relates to safety analysis of a product or system. More particularly, it relates to a method for conducting an analysis of a product or a system to evaluate risk(s) to personnel or equipment and identify mitigating conditions that may control or avoid such risks.
A variety of different processes have been used in the past to determine safety of various systems. These processes are often introduced after the occurrence of a catastrophic event or after the occurrence of a consistent series of events resulting in harm to personnel.
Preliminary hazard assessment (PHA) had origins from a combination of generic industry hazard checklists. These checklists required identification of inherent hazards, which a test applicant must address specifically in a subsequent review session. One of the shortcomings of this process involves the task of addressing the risk that was left entirely to an applicantxe2x80x94in any style deemed appropriate to the applicant""s knowledge. Thus, the documentation of the approach and the results greatly varied and required additional time and resources to ensure completeness. Also, gathering information with respect to critical hazardous features and combinations depended on an initial reviewer""s expertise.
Hazard characterization and personal safety analysis involves examination of hazards associated with a job or a task. In this technique, workers are grouped so that risks and exposures experienced by any member of a group are representative of the group as a whole. Information about the nature of a workplace, equipment and materials used, and the tasks to be performed may be considered as the basis of this step.
In another approach, a preliminary assessment of hazards require a minimal effort to identify the inventory of hazardous materials to perform an initial hazard categorization. Reviewing basic facility information on intended facility operations and using estimates of materials may lead to an acceptable assessment. Hazard characterization also uses information from existing hazard analysis documentation such as, for example, safety analysis reports, process hazard analysis, job safety analysis (JSA), and the job hazard analysis.
Hazards are identified and resultant risks are assessed by considering probability of occurrence and severity of consequence. System safety is part of the overall program risk management decision process. Severity is an assessment of the worst potential consequence, defined by degree of injury or property damage, which could occur. For example, hazard severity may be categorized as: catastrophic, critical, marginal and negligible.
Factors for identification of hazards include, for example, (a) identification of hazardous components, (b) identification of hazardous operating conditions, (c) safety related interface considerations, (d) environmental constraints including operating environments, (e) training and certification pertaining to hazardous and safety critical operations and maintenance of hazardous and safety critical systems, etc.
Hazardous operations review analysis is performed to evaluate activities for hazards or risks introduced into a system by operational and support procedures and also to evaluate the adequacy of operational and support procedures that are used to eliminate or control identified hazards or risks. Typically, hazards are identified and evaluated by considering such criteria as plan system configuration and state at each phase of an activity; facility interfaces; supporting tools including software controlled automatic test equipment, to name but a few. Human factor(s) may be considered as an element of the total system, receiving both inputs and initiating outputs during the conduct of the analysis.
Safety efforts related to the hazardous operations review process focus primarily on the safe operation of a system. This process focuses on the operational phase of the system with specific emphasis on single-point failures. This process is not easily implemented for multiple system and multiple point failures.
There is a need for a structured, standardized and efficient methodology for conducting a thorough analysis of a single product or a complex system to evaluate risk(s) to personnel and equipment, and identify mitigating factors to reduce the identified risk(s).
The present invention provides a structured, standardized and efficient methodology for conducting a effective analysis of a product or a complex system to evaluate the risk to personnel and equipment safety. Further, the present invention identifies and implements mitigating factors to control possible risks to personnel and equipment.
The safety review process methodology of the present invention combines preliminary hazard assessment, hazardous operations review, and accident scenario review processes into a unique systemic series of actions. The present method further provides the flexibility to invoke and execute the safety review process at almost any stage in the development of a new product, or the use of an existing product.
Specifically, the present method analyzes, using a preliminary hazard assessment, a system or product to identify inherent hazards associated with the system or product. Of the inherent hazards, those hazards that are safety-comprising are identified in a hazardous operations review. Safety-compromising hazards are analyzed to rate the severity of the potential unsafe condition. Predetermined and established operating parameters of the product are considered, along with deviations from those established operating parameters. With respect to a deviation for an operating parameter, the possible safety consequences of the deviation are considered. This process is repeated until all the factors contributing to credible single-point failures and unsafe conditions are considered.
A system or product is also evaluated for a multi-system or multi-point failure using an accident scenario review, if an identified unsafe condition is of sufficient severity, is associated with a plurality of components of the system or is associated with various distinct systems. In this case, a thorough analysis of mitigating factors is performed to stop progression of the risk(s). Additional control measures are adopted to further reduce the likelihood of potential hazards from occurring. This process is repeated until the overall risk level is found to be acceptable.
An embodiment of the present invention is a method for analyzing a system for safety to personnel or other systems, said method comprising: a) segmenting a product into subcomponents for hazard review; b) identifying at least one operating parameter of a first subcomponent of said product; c) identifying an inherent hazard of said first subcomponents based on an analysis of the at least one operating parameter; d) identifying features of the structure or operation of the subcomponent corresponding to the inherent hazard; e) identifying modifications or controls for the identified features which would mitigate the inherent hazard; f) prioritizing the identified features with respect to the effect that each of said features has on safety of the product; g) identifying current documentation that defines the structure or operation of the subcomponent; h) including in the current documentation, a safety audit procedure that identifies one or more of said prioritized features for inspection, and i) determining whether an unsafe condition could result from the inherent hazard after step (e).
This embodiment of the invention may further include a method, wherein an unsafe condition has been determined, for conducting a hazardous operation review comprising: j) identifying at least one contributing factor to the unsafe condition, where said factors are selected from a group comprising at least one of: a design deviation of the subcomponent, an operating mode of the subcomponent, and a mode of personal interaction with the subcomponent; k) generate a matrix correlating the identified features and the contributing factors, wherein the matrix identifies the at least one contributing factor corresponding to each of the identified features; 1) create a hazardous operation table that identifies for each of said identified features a cause of the corresponding contributing factor and the modifications and controls to mitigate the hazard; m) determining a risk of the hazard based on a severity level of the unsafe condition corresponding to the hazard and a likelihood of an occurrence of the hazard; n) if the risk exceeds a predetermined level, identifying further modifications or controls for the identified features which would mitigate the inherent hazard, and then repeating the determination of risk step until the risk is no greater than the predetermined value or no further modifications or controls are identifiable.
The embodiment of the invention may further include a method further comprising an accident scenario review, if after step (n) the possible severity exceeds the predetermined level, said accident scenario review comprising: o) identifying one or more of the inherent hazards contributing to the unsafe condition; p)generating a logical path of steps leading from the identified inherent hazards to an accident occurring due to the unsafe condition, wherein the logical path is generated using the hazardous operations table; q)identifying the steps of the logical path that, if avoided, would prevent the accident; r) for each identified step, assign a likelihood level of a probability that the step will occur, and s) if the likelihood level for the identified step exceeds a predetermined threshold, identifying modifications or controls which would mitigate the inherent hazard.
A second embodiment of the invention is a method for analyzing a system for safety to personnel or other systems, said method comprising: a) segmenting a product into subcomponents for hazard review; b) identifying an inherent hazard of a first subcomponents; c) determining whether an unsafe condition may result from the hazard and assigning a severity level to the unsafe condition; d) determining a risk of the hazard based on the severity level of the unsafe condition corresponding to the hazard and a likelihood of an occurrence of the hazard; e) issuing control actions to mitigate the identified hazard; f) terminating the method if the determined severity level is no greater than the predetermined severity level; g) devising an accident scenario based on the unsafe conditions and the identified hazard; h) repeating steps (a) to (g) until the determined risk of the hazard leading to an unsafe condition and resulting harm is within predetermined levels.
A third embodiment of the invention is a method of evaluating a product for safety, said method comprising: a) determining if the product can be analyzed as a single component, and if true; b) identifying single-point failures likely to cause a hazard; c) reviewing product design features likely to cause the hazard; (d) identifying unsafe conditions contributing to the hazard; (e) assigning a severity level to each of the unsafe conditions of the hazard; (f) completing the method if the severity level of each of the unsafe conditions is no greater than a predetermined threshold severity level; (g) if one or more of the severity level of one or more of the unsafe conditions is greater than the threshold severity level, performing an accident scenario review; and h) identifying and issuing mitigating actions to prevent one or more of the unsafe conditions.
The third embodiment may further include: determining overall risk level of the product; comparing the overall risk level with predetermined risk level value; and storing risk related data if the overall risk level is within predetermined risk level value.