Microsoft Word - 476hernandez.docx


 CHEMICAL ENGINEERING TRANSACTIONS  
 

VOL. 43, 2015 

A publication of 

The Italian Association 
of Chemical Engineering 
Online at www.aidic.it/cet 

Chief Editors: Sauro Pierucci, Jiří J. Klemeš 
Copyright © 2015, AIDIC Servizi S.r.l., 
ISBN 978-88-95608-34-1; ISSN 2283-9216                                                                               

 

Overview on Dynamic Approaches to Risk Management in 
Process Facilities 

Valeria Villa*a, Nicola Paltrinierib, Valerio Cozzania  
aLISES – DICAM, Alma Mater Studiorum – Università di Bologna, via Terracini 28, 40131 Bologna, Italy  
bSINTEF Technology and Society, Safety Research, 7465 Trondheim, Norway 
valeria.villa4@unibo.it 

Nowadays hazard identification and risk assessment play an established and fundamental role for the 
prevention of major accidents in the process industries. Despite their proved effectiveness, many hazard 
identification and risk assessment techniques lack the dynamic dimension, which is the ability to learn from 
new risk notions, experience and early warnings. Nevertheless, recent major disasters have raised the need to 
go beyond the limits of conventional static methods for hazard identification and risk assessment. The 
necessity to address risk issues in a continuously evolving environment, coupled with improved information 
and communication technologies, led in the last few years to the development of several advanced dynamic 
techniques for hazard identification and risk assessment in process systems. Eventually dynamic approaches 
to risk have proved to be capable of identifying and assessing emerging and increasing risks throughout the 
lifetime of the process. Recent applications have shown the effectiveness of dynamic approaches to major 
accidents, as well as to maintenance activities. Despite the relevant differences among the mentioned 
approaches, all these dynamic methods aim at dealing with uncertainties, system complexity, real-time 
changing environments and real-time information from different sources with enhanced flexibility, in respect to 
conventional approaches. The present study addresses dynamic approaches to hazard identification and risk 
assessment in the process industry. These novel methods will be inserted in the broader framework of 
dynamic risk management. These techniques will be joined with representative applications based on real 
events. The results of the mentioned applications are used to show how risk can be assessed by means of 
continuous activities of monitoring and review, coupled with real time risk evaluation. The ability of such 
dynamic approaches to capture general failures and risk management deficits demonstrate their effectiveness, 
both in risk management and in the prevention of major accidents, providing a more robust decision-making 
within the process industry context. 

1. Introduction 

Hazard Identification and Quantitative Risk Analysis techniques have played a fundamental role in the process 
industry during the last 30 years, but they lack an important element in the interdependency of the risk function 
with time, that is the ability to learn from the process history. As a matter of fact, conventional Hazard 
Identification and Risk Analysis techniques consider only the major accidents or incidents, ignoring other 
abnormal events, as incipient faults and near misses, as well as new knowledge and systems’ variations, 
although they are at the base of computation for more complete and updated risk profile. Within the purpose to 
overcome this relevant limit, during the last decade several efforts have been devoted to the development of 
novel approaches to Hazard Identification, Risk Assessment and Management, which can include the dynamic 
evolution of conditions, both internal and external to the system, deeply affecting the final risk picture. 
Nowadays the mature development of standing-alone or combined dynamic methodologies and the 
encouraging results of their applications, both to study-cases and to real happened accidental events are 
settling a new pathway for Process Safety to prevent undesirable outcomes.  

                                

 
 

 

 
   

                                                  
DOI: 10.3303/CET1543417 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Please cite this article as: Villa V., Paltrinieri N., Cozzani V., 2015, Overview on dynamic approaches to risk management in process facilities, 
Chemical Engineering Transactions, 43, 2497-2502  DOI: 10.3303/CET154341 

                                

 
 

 

 
   

                                                  
DOI: 10.3303/CET1543417 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Please cite this article as: Villa V., Paltrinieri N., Cozzani V., 2015, Overview on dynamic approaches to risk management in process facilities, 
Chemical Engineering Transactions, 43, 2497-2502  DOI: 10.3303/CET1543417 

2497



2. Dynamic Approaches to Hazard Identification and Risk Assessment for Process Systems 

Despite the fact that the first attempts to simulate the dynamic nature of system behavior date back to fifteen 
years ago (Swaminathan and Smidts, 1999), the first exhaustive Dynamic Risk Assessment methodology for 
process systems, termed as Dynamic Failure Assessment, has been developed by Meel and Seider (2006, 
2008). This approach aims at estimating the dynamic probabilities of accident sequences, including near 
misses and incident data (named as Accident Sequence Precursors – ASP) as well as real-time data from 
processes. The mentioned method proved its effectiveness in the application to several case studies, as 
CSTR reactor’s safety systems, Ethyl Benzene process (Meel and Seider, 2006, 2008). Following a different 
pathway Øien (2001) developed an organizational model based on indicators (RIFs – Risk Influencing 
Factors), that later gave rise to Risk OMT project, a Risk Modelling project for the offshore industry, aimed at 
dynamically integrate organizational, human and technical factors. (Vinnem et al., 2012) 
These pioneering approaches particularly influenced further Dynamic techniques development, whose most 
relevant contributions have been reported below.  

2.1 DyPASI  
The Dynamic Procedure for Atypical Scenarios Identification (DyPASI), whose flowchart has been reported in 
Figure 1, is a Dynamic Hazard Identification technique, based on the improvement of well-established bow-tie 
analysis (CCPS, 2008); DyPASI can enhance and update bow-tie results, through the inclusion of atypical 
accident scenarios, other way undetected, eventually revealed by the acquisition and systematic screening of 
emerging risk notions. (Paltrinieri et al., 2013a) This technique aims to produce complete and updated hazard 
identification. As a preliminary activity, DyPASI requires the application of a conventional bow-tie technique, 
followed by the retrieval from databases and search-systems of relevant information concerning undetected 
potential hazards and accident scenarios that may not have been previously considered. (Paltrinieri et al., 
2013b) Once the necessary information have been gathered, a prioritization process is carried in order to 
understand whether the data are significant enough to trigger further action and proceed with the process of 
Risk Assessment. Then, potential scenarios are isolated from the early warnings gathered and a cause-
consequence chain is developed, allowing the integration of the pattern of the atypical scenario with the bow-
tie technique. Eventually Safety measures, either safety barriers or generic safety functions, referred to 
atypical scenario outlined can be applied appropriately.  
The effectiveness of DyPASI approach in tackling atypical accidental scenarios has been proved by the 
application to Buncefield oil depot and Toulouse disaster (Paltrinieri et al., 2012) and to a Carbon Capture and 
Sequestration plant (Paltrinieri et al., 2014a).  
DyPASI procedure, whose nature is iterative, should not be considered only as a “stand-alone” technique, but 
lends itself to be integrated with other risk management tools providing a robust integrated framework, that 
address organizational and technical factors; a step forward in that direction may be given by coupling DyPASI 
technique with a Dynamic Risk Assessment method. (Paltrinieri et al., 2014b) 

2.2 DRA  
Dynamic Risk Assessment (DRA) has been developed by Kalantarnia et al. (2009, 2010), improving the 
mentioned pioneering contribution from Meel and Seider (2006, 2008): this approach integrates Bayesian 
failure mechanisms with consequence assessment. As highlighted by the flowchart reported in Figure 1, the 
novelty of DRA in comparison with conventional Risk Assessment techniques stands in the presence of two 
additional steps, which represent the key to dynamic approach: accident analysis and probability updating. 
Accident analysis step uses the event/ fault tree along with real time process data to estimate events’ 
probabilities. Then these probabilities can be updated using all available information and new data in the form 
of likelihood function, by means of Bayesian inference, which is indeed the straightforward application of 
Bayes’ theorem. Subsequently updated probabilities are applied in the re-estimation of the risk profile for a 
process facility following an iterative procedure, which mirrors real-time changes in the system. The 
effectiveness of the mentioned approach was proved by the application to real-case BP Texas Refinery 
accident (Kalantarnia et al., 2010) and to offshore drilling operations (Abimbola et al., 2014). The integration 
with established bow-tie technique proved to be an effective solution, as revealed by the application to a sugar 
refinery explosion. (Khakzad et al., 2012)    
A slight modification of Dynamic Risk Assessment, due to a two-stage Bayesian method, named for instance 
Hierarchical Bayesian Analysis (HBA), enlarged the field of application for DRA also to rare event. The 
feasibility of this approach has been witnessed by the application to BP Deepwater Horizon accident (Yang et 
al., 2013) and to offshore blowouts (Khakzad et al., 2014). Recently, the necessity to formalize and extend the 
DRA approach to complex situations with ensured flexibility led to the development of Bayesian Networks 
(BNs), that are directed acyclic graph, suitable for reasoning in uncertain situations. BNs results to DRA have 
been compared with the ones obtained by applying DRA to well-known techniques, as bow-tie (Khakzad et al., 

2498



2013a) and fault-tree (Khakzad et al., 2011). The potentiality of a fully-Bayesian approach to Dynamic Risk 
Assessment has been proved by many applications: Khakzad et al. (2013b) underlined the effectiveness of 
this approach in preventing off-shore blowouts, Khakzad et al. (2013c) showed the role of BNs in Risk-based 
Design Applications, while Khakzad et al. (2013d) suggested the applicability to domino accidents.  

2.3 Risk Barometer  
The Center for Integrated Operations in the Petroleum Industry has recently developed a “Risk barometer” 
technique (Okstad et al., 2013) aiming to continuously monitor risk picture changes and support decision 
makers in daily operations. Risk barometer steps are described in Figure 1. As a pre-requirement, the risk 
barometer needs to be performed on an existing Quantitative Risk Analysis (QRA) or a barrier analysis, in 
order to conduct sensitivity analysis and select the parameters that are mostly affecting the overall risk picture, 
other way included as single parameters in the analysis. In other words Risk Influencing Factors (RIFs) should 
be identified and linked to the correspondent parameters. A RIFs, following the definition given by Øien (2001) 
is an aspect of a system or of an activity that affect its risk level; for example a safety barrier that can 
influences one or more parameters of existing analysis. Moreover, indicators that assess the state of a RIF are 
to be introduced. These indicators should be easy to measure and there should be a proven link with the RIF. 
This approach is based on the availability of real-time data, e.g. regarding the safety barrier performance, and 
became cost-effective only recently, because of the extensive use of Information and Communication 
Technologies. Real-time Risk assessment can provide a basis for dynamic adjustments of inspection and 
maintenance plans or implementation of risk reducing measures while maintaining production. As 
strengthened by Pasman & Rogers (2013), Risk Indicators can be suitable for both the integration with well-
established techniques as bow-tie analysis and the application of Bayesian Networks. Nevertheless, due to its 
recent development, few applications have been carried out up to now; for instance Paltrinieri et al. (2014c) 
have applied Risk Barometer method to a generic offshore production process area, demonstrating its 
effectiveness. The distinct advantage of Risk Barometer technique in comparison with other dynamic 
techniques is the capability of effectively visualize the result of risk monitoring on process events (Paltrinieri et 
al, 2014c); this intuitive visualization of key information on barrier and safety function makes Risk Barometer a 
useful tool in supporting critical decision making processes. 

 
Figure 1: Flowcharts of dynamic methodologies for Hazard Identification and Risk Assessment. From top to 
bottom: DyPASI (Paltrinieri et al., 2013a), DRA (Kalantarnia et al., 2009), Risk Barometer (Okstad et al. 2013). 

2.4 Toward a Dynamic Risk Management framework 
Paltrinieri et al. (2014d) have recently proposed a dynamic approach to Risk Management - Dynamic Risk 
Management Framework (DRMF), developed from a set of well-known risk management and governance 
frameworks. (ISO, 2009) The DRMF aims at implementing the need of continuous improvement and updating 
in the risk management process, by applying Dynamic Techniques for Hazard Identification and Risk 

2499



Assessment. The framework, whose schematization has been reported in Figure 2, is composed by two 
general stages, 4 sequential phases and 2 continuous activities involving all the process. The first stage is a 
process of learning and understating and includes Horizon Screening, while the second phase deals with the 
Hazard Identification, carried out by Dynamic Methods (e.g. DyPASI). The second stage is the Decision 
process, which includes an assessment phase that addresses the dynamic estimation of the event frequency 
and consequence analysis. Eventually, the decision and action phase deals with decision-making process and 
subsequent implementation of regulatory and voluntary actions for unacceptable risks. Along with the risk 
assessment phases, there are two “continuous” activities that should be constantly performed: “monitoring, 
review and continuous improvement” and “communication and consultation”; this framework results to be open 
to external constraints and continuously reiterated in order to effectively take into account real-time changes in 
the process. 

 
Figure 2: Dynamic Risk Management Framework. (Paltrinieri et al., 2014d) 

3. Representative Application of Dynamic Approach 

A representative application of Dynamic Approach is given by the Risk Barometer and is presented to 
demonstrate its effectiveness in dynamically model and effectively visualize the risk profile. The case-study 
consider a sand-erosion problem for an offshore oil production system. The application starts from the 
development of the bow-tie reported in Figure 3, which consider as a top-event a material degradation, due to 
a combination of erosion and corrosion phenomena, related to the hazard of sand in formation. Then a 
reworking of the bow-tie technique has been carried out in order to show the existing interaction of the threats 
(e.g. excessive sand production rate, corrosive environment and sand under deposit) as well as which barriers 
are not active in the phenomena. Focus on the worst-case consequence, risk has been defined as the risk of 
loss of containment.  
The model defines the state of the causes and the performance of the barriers by means of specific indicators 
sets. For instance, the performance of each barrier is the result of a synergy of various systems, for which 
both technical and operational indicators are collected. The indicators are composed in a new weighted sum in 
order to define the overall performance of the barrier. The weighting process, that defines the relative 
importance of indicators, is based on expert judgment. 
This model that results is semi-quantitative model and combines both the assessment of the related causes 
and the performance of the barriers employed. The risk of loss containment is dependent on both the state of 
the causes and the performance of the barriers (which in turn should stop the causes). A dynamic sensitivity 
analysis has been carried out to gauge the change of risk as a function of the current barrier performance. The 
barrier improvement potentials can be introduced in order to understand which barrier has a greater impact at 
reducing the risk. 
 

2500



 
Figure 3: Bow-tie diagram as a starting point for representative example of Risk Barometer dynamic approach. 

The results of the application can be clearly visualized by means of two diagrams, reported in Figure 4: a plot 
of risk versus time, which highlights the risk trend and the risk barometer diagram, which is a circular diagram. 
Another relevant feature of the risk barometer is its capability to be calibrated. This feature gives more 
flexibility to the technique and allows complying with the tolerability standards used in different companies and 
installations; the values and marks of the indicators may be subjected to bias, and therefore they should be 
discussed among the interested audience. Eventually Risk Barometer shows how to benefit from indicators 
that can be automatically collected from the system, with the purpose to give a real-time response.  
 

 
Figure 4: Visualization of the results obtained by the application of Risk Barometer. From left to right side: risk 
barometer circular diagram and a plot of risk versus time. 

4. Conclusions 

The current contribution has been aimed at addressing the potentialities of Dynamic Hazard Identification and 
Risk Assessment approaches, which has recently raised attention as a direct consequence of the nowadays-
feasible real-time monitoring for process facilities. In particular three relevant approaches, DyPASI, DRA and 
Risk Barometer have been explored in their foundational contributions and applications and their role in the 
development of Dynamic Risk Management framework has been pointed out. These techniques have 
demonstrated their ability to go beyond the limits of conventional ones, as well to be versatile in tackling 
general failures and risk management deficits. A representative application of a relevant standing-alone 
Dynamic Approach, the Risk Barometer, made clear the enhanced intuitiveness in the presentation of results, 
the flexibility in mirroring real-time changes, and the ability to consider a systemic approach, that may 
eventually turn into a significant increase of process plants’ safety and a desirable reduction of major 
accidents.    
References 

Abimbola, M., Khan, F. I., Khakzad, N., 2014, Dynamic safety risk analysis of offshore drilling, Journal of Loss 
Prevention in the Process Industries, 30, 74-85. DOI: 10.1016/j.jlp.2014.05.002 

CCPS, 2008, Guidelines for Hazard Evaluation Procedures, AIChE, New York, USA. 
ISO, Geneva, Switzerland 2009. ISO 31000, Risk Management – Principles and Guidelines, ISO 31000:2009. 
Kalantarnia, M., Khan, F. I., Hawboldt, K., 2009, Dynamic risk assessment using failure assessment and 

Bayesian theory, Journal of Loss Prevention in the Process Industries, 22(5), 600-606. DOI: 
10.1016/j.jlp.2009.04.006 

2501



Kalantarnia, M., Khan, F. I., Hawboldt, K., 2010, Modelling of BP Texas City refinery accident using dynamic 
risk assessment approach, Process Safety and Environmental Protection, 88(3), 191-199. DOI: 
10.1016/j.psep.2010.01.004 

Khakzad, N., Khan, F. I., Paltrinieri, N., 2014, On the application of near accident data to risk analysis of major 
accidents. Reliability Engineering & System Safety, 126, 116-125. DOI: 10.1016/j.ress.2014.01.015 

Khakzad, N., Khan, F. I., Amyotte, P., 2012, Dynamic risk analysis using bow-tie approach. Reliability 
Engineering & System Safety, 104, 36-44. DOI: 10.1016/j.ress.2012.04.003 

Khakzad, N., Khan, F. I., Amyotte, P., 2013a, Dynamic safety analysis of process systems by mapping bow-tie 
into Bayesian network. Process Safety and Environmental Protection, 91(1-2), 46-53. DOI: 
10.1016/j.psep.2012.01.005 

Khakzad, N., Khan, F. I., Amyotte, P., 2013b, Quantitative risk analysis of offshore drilling operations: A 
Bayesian approach. Safety science, 57, 108-117. DOI: 10.1016/j.ssci.2013.01.022 

Khakzad, N., Khan, F. I., Amyotte, P., 2013c, Risk-based design of process systems using discrete-time 
Bayesian networks. Reliability Engineering & System Safety, 109, 5-17. DOI: 10.1016/j.ress.2012.07.009 

Khakzad, N., Khan, F. I., Amyotte, P., Cozzani, V., 2013d, Domino effect analysis using Bayesian networks. 
Risk Analysis, 33(2), 292-306. DOI: 10.1111/j.1539-6924.2012.01854.x 

Khakzad, N., Khan, F. I., Amyotte, P., 2011, Safety analysis in process facilities: Comparison of fault tree and 
Bayesian network approaches. Reliability Engineering & System Safety, 96(8), 925-932. DOI: 
10.1016/j.ress.2011.03.012 

Meel, A., Seider, W., 2006, Plant-specific dynamic failure assessment using Bayesian theory. Chemical 
engineering science, 61(21), 7036-7056. DOI:10.1016/j.ces.2006.07.007 

Meel, A., Seider, W., 2008, Real-time risk analysis of safety systems. Computers & Chemical Engineering, 
32(4-5), 827-840. DOI: 10.1016/j.compchemeng.2007.03.006 

Øien, K., 2001, A framework for the establishment of organizational risk indicators. Reliability Engineering & 
System Safety, 74(2), 147-167. DOI: 10.1016/S0951-8320(01)00068-0 

Okstad E. H., Hauge S., Tinmannsvik R. K., 2013, Proactive indicators for managing major accident risk in 
integrated operations. SINTEF F24087. SINTEF Technology and Society, Trondheim, Norway. 

Paltrinieri, N., Tugnoli, A., Buston, J., Wardman, M., Cozzani, V., 2013a, Dynamic Procedure for Atypical 
Scenarios Identification (DyPASI): A new systematic HAZID tool. Journal of Loss Prevention in the 
Process Industries, 26(4), 683-695.  DOI: 10.1016/j.jlp.2013.01.006 

Paltrinieri, N., Tugnoli, A., Buston, J., Wardman, M., 2013b, DyPASI Methodology : from Information Retrieval 
to Integration of HAZID Process. Chemical Engineering Transactions, 32, 433-438. DOI: 
10.3303/CET1332073  

Paltrinieri, N., Dechy, N., Salzano, E., Wardman, M., Cozzani, V., 2012, Lessons Learned from Toulouse and 
Buncefield Disasters : From Risk Analysis Failures to the Identification of Atypical Scenarios Through a 
Better Knowledge Management. Risk Analysis, 32(8), 1404-1419. DOI: 10.1111/j.1539-6924.2011.01749.x 

Paltrinieri, N., Wilday, J., Wardman, J., Cozzani, V., 2014a, Surface installations intended for Carbon Capture 
and Sequestration: Atypical accident scenarios and their identification. Process Safety and Environmental 
Protection, 92(1), 93-107. DOI: 10.1016/j.psep.2013.08.004 

Paltrinieri, N., Khan, F. I., Cozzani, V., 2014b, Coupling of advanced techniques for dynamic risk 
management. Journal of Risk Research, (July), 1-21. DOI: 10.1080/13669877.2014.919515 

Paltrinieri, N., Scarponi, G. E., Khan, F.I., Hauge, S., 2014c, Addressing Dynamic Risk in the Petroleum 
Industry by Means of Innovative Analysis Solutions. Chemical Engineering Transactions, 36, 451-456. 
DOI: 10.3303/CET1436076 

Paltrinieri, N., Khan, F. I., Amyotte, P., Cozzani, V., 2014d, Dynamic approach to risk management: 
Application to the Hoeganaes metal dust accidents. Process Safety and Environmental Protection. Article 
in Press. DOI: 10.1016/j.psep.2013.11.008 

Pasman, H.J., Rogers, W.J., 2013, How can we use the information provided by process safety performance 
indicators? Possibilities and limitations. Journal of Loss Prevention in the Process Industries, 30(1), 197-
206. DOI: 10.1016/j.jlp.2013.06.001. 

Swaminathan, S., Smidts, C., 1999, Identification of missing scenarios in ESDs using probabilistic dynamics. 
Reliability Engineering & System Safety, 66(3), 275-279. DOI: 10.1016/S0951-8320(99)00024-1 

Vinnem, J.E., Bye, R., Gran, B. A., Kongsvik, T., Nyheim, O. M., Okstad, E. H., Seljelid, J., Vatn, J., 2012, 
Risk modelling of maintenance work on major process equipment on offshore petroleum installations. 
Journal of Loss Prevention in the Process Industries, 25(2), 274-292. DOI: 10.1016/j.jlp.2011.11.001 

Yang, M., Khan, F.I., Lye, L., 2013, Precursor-based hierarchical Bayesian approach for rare event frequency 
estimation: A case of oil spill accidents. Process Safety and Environmental Protection, 91(5), 333-342. 
DOI: 10.1016/j.psep.2012.07.006 

2502