What Went Wrong Part 1 pptx

One of my tasks was to pass on to design and operating staff details of accidents that had occurred and the lessons that should be learned.. Many of the accidents I describe occurred on

F O U R T H E D I T I O N

1111, I

E

F

F O U R T H E D I T I O N

Case Histories of

“Most of the incidents are very simple No esoteric knowledge or detailed study was required to prevent them-only a

knowledge of what had happened before, which this book provides.”

-Treuor Kletz

Learn from the mistakes of others This invaluable and respected book examines the causes and aftermaths of numerous plant disasters-almost every one of which could have been prevented Case histories illustrate what went wrong and why it went wrong, and then guide you in how to circumvent similar tragedies

Twenty percent of the information in this fourth edition is brand new, with fifteen new figures and photos to help you better

recognize danger Extensive references are a hallmark of this trusted volume

New sections include:

Electrical isolation Heat radiation

Cooling coils Recent incidents Vacuum relief valves Accidents at sea Fires Problem sources Emulsion breaking Chimney effects Interlock failure

Choosing materials

Keep your plant running safely No

professional concerned with operating, maintaining, and designing process plants should be without this classic book

F O U R T H E D I T I O N

WHAT WENT WRONG?

To Denise, Who waited while I

“scorned delights and lived laborious days”

but never saw the results

WHAT WENT WRONG?

Case Histories of Process Plant Disasters

FOURTH EDITION

Copyright 0 1999 by Elsevier All rights reserved Printed in the United States of America This book, or parts thereof, may not be reproduced in any form without permission of the publisher

Originally published by Gulf Publishing Company,

Houston, TX

1 0 9 8 7 6 5

The publisher offers special discounts on bulk orders of this book

For information, please contact:

Manager of Special Sales

Acknowledgments , I xi Preface xiii Units and Nomenclature xix Chapter 1 Preparation for Maintenance 1

Chapter 3 Accidents Caused by Human Error 78

3.1 Introduction, 78

3.2

3.3

Accidents caused by simple slips, 79

Accidents that could be prevented by better training, 90

Chapter 4 Labeling 98

4.1 Labeling of equipment, 98

4.2 Labeling of instruments, 101

4.3 Labeling of chemicals, 104

4.4 Labels not understood 106

Chapter 5 Storage Tanks 108

Some common sources of leaks, 145

Leaks onto water, wet ground, or insulation, 159

Chapter 8 Liquefied Flammable Gases 165

8.1 Major leaks, 166

8.2 Minorleaks, 174

8.3 Otherleaks, 175

vi

Chapter 9 Pipe and Vessel Failures 679

9.1 Pipe failures, 179

9.2 Pressure vessel failures 195

Ghapter IO Other Equipment = 205

Chapter 11 Entry to Vessels = a 229

P 1.1 Vessels not freed from hazardous material, 229

P 1.2 Hazardous materials introduced, 23 1

11.3 Vessels not isolated from sources of danger, 233

1 1.4 Unauthorized entry, 236

11.5 Entry into vessels with irrespirable atmospheres 238

11.6 Rescue, 239

1 I .7 Analysis of vessel atmosphere, 241

1 1.8 What is a confined space?, 241

1 I 9 Every possible error, 242

Chapter 12 Hazards of Common Materials a 244

12.1 Compressed air, 244

12.2 Water, 246

12.3 Nitrogen, 248

12.4 Heavy oils (including heat transfer oils), 255

Chapter 13 Tank Trucks and Cars 262

13.1 Overfilling, 262

13.2 Burst hoses, 263

13.3 Fires and explosions, 265

13.4 Liquefied flammable gases, 266

13.5 Compressed air, 266

13.6 Tipping up, 267

13.7 Emptying into or filling from the wrong place, 268

13.8 Contact with live power lines, 270

vii

Chapter 14 Testing of Trips and Other Protective

Systems 272

14.1 Testing should be thorough, 272

14.2 All protective equipment should be tested, 275

14.3 Testing can be overdone, 279

14.4 Protective systems should not reset themselves, 279

14.5 Trips should not be disarmed without authorization, 281 14.6 Instruments should measure directly what we need

to know, 284

14.7 Trips are for emergencies, not for routine use, 285

14.8 Tests may find faults, 286

14.9 Some miscellaneous incidents, 286

14.10Some accidents at sea, 287

Chapter 15 Static Electricity

15.1 Static electricity from flowing liquids, 291

15.2 Static electricity from gas and water jets, 293

15.3 Static electricity from powders and plastics, 294

15.4 Static electricity from clothing, 296

Chapter 16 Materials of Construction ,

16.1 Wrong material used, 299

16.2 Hydrogen produced by corrosion, 303

16.3 Other effects of corrosion, 305

16.4 Loss of protective coatings, 305

16.5 Some other incidents caused by corrosion, 306

17.2 Clearing choked lines, 3 11

17.3 Faulty valve positioning, 313

17.4 Responsibilities not defined, 314

17.5 Communication failures, 3 15

17.6 Work at open manholes, 318

17.7 One line, two duties, 318

17.8 Inadvertent isolation, 319

17.9 Incompatible storage, 319

viii

17.10.Maintenance-is it really necessary?, 320

18.2 Reverse flow into service mains, 329

18.3 Reverse flow through pumps, 331

18.4 Reverse flow from reactors, 331

18.5 Reverse flow from drains, 333

18.6 Other deviations, 334

18.7 A method for foreseeing deviations, 335

18.8 Some pitfalls in hazop, 337

18.9 Hazop of batch plants, 338

18.10Hazop of tank trucks, 340

Chapter 19 I Didn’t Know That 343

19.1 Ammonia can explode, 343

19.2 Hydraulic pressure tests can be hazardous, 345

19.3 Diesel engines can ignite leaks, 346

19.4 Carbon dioxide can ignite a flammable mixture, 348

19.5 Mists can explode, 348

19.6 The source of the problem lay elsewhere, 350

Chapter 20 Problems with Computer Control 353

20.1 Hardware and software faults, 353

20.2 Treating the computer as a black box, 354

20.3 Misjudging the way operators will respond, 359

20.4 Other problems, 360

20.5 Unauthorized interference, 362

20.6 New applications, 363

20.7 Conclusions, 365

Chapter 21 Inherently Safer Design , 367

21.1 Bhopal, 368 2 1.2 Other examples of inherently safer design 372 2 1.3 User-friendly design, 377 Chapter 22 Reactions-Planned and Unplanned 380

22.1 Lack of knowledge, 381 22.2 Poor mixing, 383 22.3 Contamination, 385 22.4 Reactions with auxiliary materials 387 22.5 Poor training or procedures, 387 22.6 Use-by dates, 388 Appendix 1 Relative Frequencies of Incidents 392

Appendix 2 Final Thoughts 395

Appendix 3 Recommended Reading 397

Index 399

Acknowledaments

Thanks are due to the staffs of the companies where the incidents occurred for allowing me to describe their mistakes; to many colleagues, past and present, especially to Professor E P Lees for his ideas and advice; and to the UK Science and Engineering Research Council and the Leverhulme Trust for their financial support

xi

In 1968, after many years' experience in plant operations, I was appointed safety adviser to the heavy organic chemicals division (later the petrochemicals division) of Imperial Chemical Industries My

appointment followed a number of serious fires in the 1960s, and there- fore I was mainly concerned with process hazards rather than those of a

mechanical nature

One of my tasks was to pass on to design and operating staff details of accidents that had occurred and the lessons that should be learned This book contains a selection of the reports I collected from many different companies Although most have been published before, they were scat- tered among many different publications some with small circulations The purpose here is to show what has gone wrong in the past and tn

suggest how similar incidents might be prevented in the future Unfortu- nately the history of the process industries shows that many incidents are repeated after a lapse of a few years People move on, and the lessons are forgotten This book will help keep the memories alive

The advice is given in good faith but without warranty Readers should satisfy themselves that it applies to their circumstances In fact, you may feel that some of my recommendations are not appropriate for your com- pany Fair enough but if the incidents could occur in your company, and you do not wish to adopt my advice, then please do something else instead But do not ignore the incidents

To quote the advice of John Bunyan, written more than 300 years ago,

What of my dross thou findest there, be bold

To throw away, but yet preserve the gold

xiii

What if my gold be wrapped up in ore?

None throws away the apple for the core:

But if thou shalt cast all away as vain

You have been warned what will happen

You may believe that the accidents could not happen at your plant because you have systems to prevent them Many of the accidents I describe occurred on plants that had such systems, but the systems were not always followed The accidents happened because of various man- agement failures: failure to convince people that they should follow the systems, failure to detect previous violations (by audits, spot checks, or just keeping an open eye), or deliberately turning a blind eye to avoid conflict or to get a job done quickly The first step down the road to many a serious accident occurred when someone turned a blind eye to a missing blind (see Chapter 1)

The incidents described could occur in many different types of plants and are therefore of widespread interest Some of them illustrate the haz-

ards involved in activities such as preparing equipment for maintenance

and modifying plants Others illustrate the hazards associated with wide-

ly used equipment, such as storage tanks and hoses, and with that univer- sal component of all plants and processes: people Other incidents illus- trate the need for techniques, such as hazard and operability studies and protective devices, such as emergency isolation valves

You will notice that most of the incidents are very simple No esoteric knowledge or detailed study was required to prevent them-only a knowledge of what had happened before, which this book provides Only a few incidents started with the sudden failure of a major compo- nent Most started with a flaw in a minor component, an instrument that was out of order or not believed, a poor procedure, or a failure to follow procedures or good engineering practice For want of a nail, the battle was lost

Many of the incidents described could be discussed under more than one heading Therefore, cross-references have been included

If an incident that happened in your plant is described, you may notice that one or two details have been changed Sometimes this has been done

to make it harder for people to tell where the incident occurred Some- times this has been done to make a complicated story simpler but without affecting the essential message Sometimes-and this is the most likely

xiv

reason-the incident did not happen in your plant at all Another plant had a similar incident

Many of the incidents did not actually result in death, serious injury, or serious damage-they were near-misses But they could have had much more serious consequences We should learn from these near-misses as well as from incidents that had serious results

Most of the incidents described occurred at so-called major hazard plants 01 storage installations-that is, those containing large quantities

of flammable explosive, or toxic chemicals The lessons learned apply particularly to such plants However, most of the incidents could have occurred at plants handling smaller quantities of materials or less haz- ardous materials, and the consequences, though less serious, would be

serious enough At a major-hazard plant, opening up a pump that is not

isolated could cause (and has caused) a major fire or explosion At other plants this would cause a smaller fire or a release of corrosive chemi- cals-still enough to kill or injure the employee on the job Even if the contents of the plant are harmless, there is still a waste of materials The lessons to be learned therefore apply throughout the process industries

For the second edition of this book I added more incidents, extended the sections on Bhopal and Mexico City, and added chapters on some lit- tle-known but quite common hazards and on accidents in computer-con- trolled plants

For the third edition, I added sections or chapters on heat exchangers,

furnaces, inherently safer design and runaway reactions, and extended many other chapters Although I have read many accident reports since the first edition appeared, most have merely reinforced the messages of the book, and I added only those incidents that tell us something new

For this fourth edition, I have added further incidents to every chapter

This book is concerned with the immediate technical causes of acci-

dents and the changes in design and procedures needed to prevent them from happening again The underlying causes-management weaknesses such as failures to learn the lessons of the past failures to audit, and

superficial investigation of incidents-are discussed in some of my other

books such as Lessons fronz Disaster: Hoiri Or-ganisatioiis Have N o

Mentory and Accidents Recur (Institution of Chemical Engineers/Gulf

Publishing Co 1993) and Learningfionz Accidents, 2nd edition (Butter- worth-Heinemann, 1994)

xv

Most of the incidents described were the result of not following good engineering practice Some violated the law, and many more would if they occurred today In the United States, they would violate OSHA 1910.147 (1990) on The Control of Hazardous Energy (Lock Out/Tag Out) and the Process Safety Management (PSM) Law (OSHA 1910.119, in force since 1992) which applies to listed chemicals above a threshold quantity The PSM Law requires companies to follow good engineering practice, codes, industry consensus standards, and even the company’s own standards OSHA could view failure to follow any of these as violations

In the United Kingdom, the Health and Safety at Work Act (1974) and regulations made under it require “occupiers” to provide a safe plant and system of work and adequate instruction, training, and supervision In the European community, occupiers of major hazard sites are required to produce a “safety case,” which describes how hazards have been assessed and are kept under control Many other countries have similar legislation, though standards of enforcement vary

As a result of OSHA 1910.119 and similar legislation, there has been a growth of interest in process safety management systems and publications

on them This is welcome, but we must not forget their limitations Some managers seem to think a good system is all that is needed to ensure safe-

ty However, all a system can do is harness the knowledge and experience

of people If knowledge and experience have been downsized away, the system is an empty shell Knowledge and experience without a system will achieve less than their full potential Without knowledge and experi- ence a system will achieve nothing We are not going to prevent down- sizing, but we can ensure that the lessons of the past are not forgotten The book tries to contribute to the achievement of that aim

HOW TO USE THIS BOOK

1 Read it right through As you do so, ask yourself if the incidents

could occur in your plant, and, if so, write dowz what you intend to

do to prevent them from occurring

2 Use it as a deskside book on safety Dip into it at odd moments or pick a subject for the staff meeting, the safety committee or bulletin,

or the plant inspection

3 Refer to it when you become interested in something new as the result of an incident, a change in responsibility, or a new problem in design However, this book does not claim to comprehensively

xvi