Loading...

Please Wait...

 

AB  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  

A

Abnormal Condition: A deviation in the operation of a facility from that prescribed in the standard operating procedures, which, if not corrected, could result in a process safety incident.

Acceptable: Meeting defined criteria.

Accident: A sudden event in which harm is caused to a receptor such as people, property or the environment.

Accident Scenario: See Hazard Scenario.

Action Item: A recommendation from a study for which a decision has been made to implement it. They may be corrective measures to reduce risk or studies to develop needed information.

Active Failure: An event that results in the immediate initiation of a hazard scenario.

Active Safeguard: Equipment that is physically actuated in order to perform its function in response to a change in a measurable process parameter such as pressure, temperature, and level, or a signal from another source such as a push-button, switch, or control system, e.g. a deluge system.

Acute: Immediate, sudden, short-term.

Acute Effect: An adverse impact on a receptor which appears promptly after exposure to a hazard.

Acute Exposure: Conditions which develop rapidly and may cause harm to a receptor within a short time period.

Administrative Safeguard: A safeguard that is a policy / procedure, e.g. controlling hazardous material inventories, or reducing employee exposures by job rotation, varying work assignments, or taking time periods away from hazards.

Alarm Flooding: Too many alarms annunciate during a process upset and potentially overwhelm the ability of operators to respond.

Alarm Limits: Operating variable limits that trigger alarms when reached. They exceed normal operating limits.

Asphyxiant (simple): An inert vapor or gas that causes unconsciousness or death by suffocation (lack of oxygen) when it is present in high concentrations and displaces oxygen from air, e.g. nitrogen, argon. In low concentrations, they have no physiological effects.

Asphyxiant (chemical): An agent that prevents the delivery of oxygen from the bloodstream to cells, or that disables the biochemistry of cellular respiration even in the presence of adequate oxygen levels in the blood, e.g. carbon monoxide, cyanide.

Asphyxiation: Endangering life by causing a deficiency of oxygen.

At-Risk Factor (ARF): An enabler that accounts for the time period in which a process is at risk, e.g. runaway of a batch reaction can only occur during the time period when the reaction is being conducted. Also, the ratio of the time during which the enabler applies to the process operating time which is used to reduce the process risk appropriately.

Autoignition Temperature (AIT): The lowest temperature at which a fuel / oxidant mixture will spontaneously ignite.

Automated Safeguard: An engineered safeguard that acts without the need for human intervention, e.g. a relief valve.

Availability: The fraction of time a system is fully operational. 

B

Barriers: Prevention and mitigation safeguards.

Basic Cause: Directly and proximately results in an immediate cause. Provides an underlying reason for the immediate cause.

Basic Event: A fault tree event which is sufficiently basic that no further development is necessary.

Basic Process Control System (BPCS): Control system used to maintain the process within normal operating limits.

Battery Limits: The boundary between one area in a plant encompassing a processing unit or battery of units with their related utilities and services and another area.

Bias: Inclination or prejudice for or against something or someone.

Blast Wave: See Explosion.

Block Flow Diagram (BFD): A simplified schematic drawing showing the process. The primary purpose of the BFD is to show the major components of the process and flow direction. When necessary, temperatures and pressures may be shown for clarity.

Boiling Liquid Expanding Vapor Explosion (BLEVE): Used to describe the sudden rupture due to fire impingement on a vessel / system containing liquefied flammable gas under pressure. The pressure burst and the flashing of the liquid to vapor creates a blast wave and potential projectile damage, and immediate ignition of the expanding fuel-air mixture leads to intense combustion creating a fireball.

Brainstorming: The application of creative thinking in a group setting to generate new ideas by stimulating outside-the-box thinking, encouraging new perspectives, and overcoming mindsets.

Buoyant Gas: A gas that is lighter than the surrounding air. 

C

Cascade Failure: A failure in a system of interconnected components where the failure of a preceding component triggers the failure of successive components.

CAS Number: A unique designation that identifies a particular chemical. Assigned by the Chemical Abstract Service, a service of the American Chemical Society that indexes and compiles abstracts of worldwide chemical literature called “Chemical Abstracts.”

Catastrophic Release: As used by OSHA, a major uncontrolled emission, fire, or explosion, involving one or more highly hazardous chemicals, that present serious danger to employees in the workplace.

Causality: See Hierarchy of Causality.

Cause-Consequence Analysis: A method for illustrating the possible outcomes arising from the logical combination of selected input events or states. Uses Cause-Consequence Diagrams.

Cause-Consequence Diagram (CCD): An illustration of the possible outcomes arising from the logical combination of selected input events or states.

Cause / What If Question: See Initiating Event.

Cause-By-Cause (CBC) HAZOP Recording: Consequences, safeguards and recommendations are explicitly correlated with each cause of a deviation. Each cause has an independent set of consequences, safeguards, and recommendations relating to it. Compare with Deviation-By-Deviation (DBD) HAZOP recording.

Caustic: Something that strongly irritates, burns, corrodes, or destroys living tissue.

Certify: To acknowledge in writing that statements are true, accurate, and complete.

Charter: The purpose, scope, and objectives of a hazard analysis study.

Checklist: A list of topics or other items. Also, a method of hazard identification using a comparison with experience in the form of a list of failure modes and hazardous situations.

Chemical Interaction Matrix: A table in the form of a matrix that identifies the potential consequences of mixing binary combinations of chemicals. Used to manage incompatibilities of chemicals.

Chronic: Persistent, prolonged, recurrent or repeated.

Coarse HAZOP: The application of experienced judgement and examination of a facility from a broad perspective in a structured fashion to identify hazards.

Code: Standard practice, typically issued by national organizations as a rule or standard. If a code becomes adopted by a government agency then the code becomes a legal document which can be enforced by a regulatory authority.

Code of Federal Regulations (CFR): Rules promulgated under US law and published in the Federal Register.

Cognitive Bias: A systematic error in thinking that occurs when people are processing and interpreting information in order to make decisions and judgments. Often, cognitive bias is the result of the brain's attempt to simplify information processing. There are many different cognitive biases.

Combustible: Able to catch fire and burn.

Combustible Liquid: Combustible liquids are those having a flash point at or above 37.8 C (100 F), and below 93.3 C (200 F).

Commissioning: Performing the necessary adjustments, tests, (including operational trials) and inspections to ensure a process or equipment is in full working order in accordance with the specified design requirements before the process or equipment commences normal operation for the first time.

Commission Error: An action is performed incorrectly (wrong equipment, location, sequence, time, etc.).

Common Cause Failure (CCF): The coincident failure of more than one component, item or system due to the same cause.

Common Mode Failure (CMF): The failure of components in the same manner.

Competence: The ability of personnel to perform tasks according to expectations. It requires the knowledge, skills, experience and other attributes to do a job properly and safely under all working conditions while meeting a defined performance standard.

Completeness: Not missing any items, usually in reference to hazard scenarios.

Component: A piece of equipment, part of a piece of equipment, or part of a system.

Compound Deviation: Two or more deviations that occur independently at the same time.

Condensed Phase Explosion: An explosion that occurs with a material that is present in the form of a liquid or solid.

Conditional Modifier: An enabler for consequences, e.g. probability that a flammable / explosive material will find an ignition source, probability that people will be present to be exposed to hazards, probability that harm will occur if exposure takes place.

Confined Explosion: An explosion of a fuel-oxidant mixture inside a closed system (e.g. vessel or building).

Consensus: General, although not necessarily complete, agreement. Everyone can live with the decision made.

Consequence: The result of a hazard scenario. Often expressed as impacts on people, property, the process, the environment, etc.

Consequence Analysis: An evaluation of the potential health and environmental impacts from a release of a hazardous material. This is determined by dispersion analysis and comparison of projected concentrations of released hazardous materials with potential impacts.

Consequence Endpoint: Form in which consequence is expressed, e.g. release quantity, dispersion distance / area to a specific material concentration; physical effects such as the magnitude of a fire, explosion or toxic exposure; impacts, e.g. the number of fatalities, value of damaged equipment, or cost of environmental remediation.

Consequence Impact: The effect of a hazard scenario on receptors.

Consequence Type: A categorization of the consequence of a hazard scenario according to the receptor impacted, e.g. people, property, the process, the environment, etc.

Conservative: Purposely low (or high) for the sake of caution.

Containment: The equipment in a process which contains hazardous materials. Also, the action of keeping a hazardous material from being released.

Containment Limits: The values of operating variables at which process containment is breached.

Continuous Release: The uninterrupted escape of a hazardous substance over a long period of time.

Contractor: A company or individual that provides services, labor, materials, and tools to perform specific work under contract or purchase order from the employer.

Contributing Cause: See Enabling Event.

Control: See Safeguard.

Control System: Means to ensure adherence to safe operating limits.

Core Team Member: A team member whose knowledge and expertise is needed in all study sessions.

Corrosion: The degradation of metals or alloys due to chemical reactions with their environment, accelerated by the presence of acids or bases; for example, the rusting of metal surfaces exposed to moist air or to impure water.

Corrosion Allowance: Amount of extra metal thickness added to a pipe or vessel wall over and above that required for to allow for future corrosion.

Corrosion Protection: Any of several methods used to alleviate corrosion, such as painting, plating, or cathodic protection.

Corrosive: Causing corrosion. Any substance that causes corrosion, especially one that has a greater than usual tendency to do this, e.g. hydrochloric acid.

Covered Chemical: A chemical covered by regulatory requirements for process safety.

Covered Process: A process subject to regulatory requirements for process safety.

Credible: Able to be believed. Possible even though rare.

Criteria: Qualitative or quantitative measures of acceptability.

Critical Action: An action that has been determined to be vital to preventing the occurrence of a hazard scenario.

Critical Equipment: Vessels, machinery, piping, alarms, interlocks, controls, etc. that have been determined to be vital to preventing the occurrence of a hazard scenario.

Criticality Ranking: See Risk Ranking.

Culture: See Safety Culture.

Cyclical Study: See Revalidation Study.

D

Damage: Physical harm impairing value, usefulness, or normal function.

Damage Mechanism: A mechanical, chemical, physical or other process that results in equipment or material degradation.

Damage Mechanism Review (DMR): A review of a process to determine potential damage mechanisms given the materials of construction and their environment.

Danger: The possibility of suffering harm, injury or damage.

Decommissioned: Permanent removal of equipment from active service. Decommissioned equipment may be idled but not dismantled.

Deductive Reasoning: Top-down reasoning. It starts with a premise and goes from the general to the specific.

Defect: Imperfections, damage, deficiencies, or deterioration in equipment.

Deficiency: A flaw such that a product, procedure, process, or system is not able to satisfy a specific requirement. Deficiencies may be discovered during testing, inspection, or preventive maintenance work, or during operations.

Deflagration: The chemical reaction of a substance in which the reaction front advances into the unreacted substance at less than sonic velocity.

Delayed Effects: See Latent Effects.

Delayed Ignition: A circumstance where a released flammable material does not ignite immediately.

De Manifestus Risk: The maximum tolerable level of risk.

De Minimis Risk: A level of risk that is too small to be concerned with. A virtually safe level that is perceived by most people to be broadly acceptable and does not require further reduction.

Delayed Effect: See Latent Effect.

Dense Gas: A gas whose density exceeds that of air at ambient temperature.

Dependency: See Dependent Events.

Dependent Events: Events such that the occurrence of one modifies the probability of the occurrence of the other. Thus, the conditional probability of event A, given that B has occurred, is different from the independent probability of A.

Design Intention: The way a process is meant to function.

Design Limits: The maximum intended values of operating variables that can be reached without system failure.

Design Representation: A description of the system under study that conveys aspects of its function, e.g. P&ID, procedure, plot plan.

Detonation: An explosion caused by an extremely rapid chemical reaction in which the reaction front advances into the unreacted substance at a velocity at greater than sonic velocity.

Deviation: A departure from an aspect of the design intent for a process. Used in hazard and operability (HAZOP) studies.

Deviation-By-Deviation (DBD) HAZOP Recording: Causes, consequences, safeguards, and recommendations are related only to the deviation. Specific cause / consequence / safeguard / recommendation relationships are not explicitly identified. Compare with Cause-By-Cause (CBC) HAZOP recording.

Devil’s Advocate: An individual who challenges and debates the views of others, regardless of whether they agree with them, in order to help determine their validity.

Direct Domino Effect: Occurs when a domino event results in an immediate escalation of the scenario consequences.

Dispersion: The movement of a released hazardous material through the surrounding environment, usually involving dilution of the material.

Dispersion Analysis: The evaluation of the ambient concentration of a released hazardous material as the material moves beyond the point of release, taking into account the physical and chemical properties of the hazardous material and the geographical, topographical, geological and meteorological characteristics of the environment through which it disperses.

Distributed Control System (DCS): A computerized control system for a process in which autonomous controllers are distributed throughout the process overseen by a central supervisory controller. The key attribute of a DCS is its reliability due to the distribution of the controllers throughout a process which mitigates single controller failure.

Diversity: The performance of the same function by a number of different and independent means.

Domino Effect: The triggering of secondary events such as toxic releases by a primary event such as an explosion such that the result is an increase in consequences or area affected. Generally only considered if this results in an escalation of the incident.

Domino Event: Any of the hazardous events that occur in the causal chain of domino effects.

Domino Scenario: A hazard scenario that involves domino effects.

Dust Explosion: An explosion that results from the ignition of a suspended mixture of finely divided combustible solids in the presence of an oxidant, e.g. air, in an enclosed area.

E

Effective: Accomplishes the intended purpose when correctly functioning.

Effects: The impact of an event or scenario on people, property, the environment, etc.

Electrical Classification: Categorization of areas in a facility according to the flammability of the various materials present and the probability of these materials being released from the normal containment system.

Electrical One-Line Diagram: A graphical depiction of the flow of electrical power in a process.

Emergency Condition: A situation where a significant hazardous material release is in progress or will occur because no measures would be effective to prevent a release.

Emergency Operation: Process operation under emergency conditions, such as pumping out part of the process where a leak has occurred or transferring liquid from an overfilled vessel.

Emergency Response: A response effort by employees from outside the immediate release area or by other designated responders (e.g., mutual-aid groups, local fire departments, etc.) to an occurrence which results, or is likely to result, in an uncontrolled release of a hazardous substance.

Emergency Shutdown System: A means by which the process can be safely and rapidly shut down in the event of an emergency.

Employee: An individual employed directly by a company.

Employer: A company that has obtained the services of an employee or contractor, typically with a contract or purchase order.

Enabler: See Enabling Condition and Enabling Event.

Enabling Condition: A condition that must be present or active for a hazard scenario to proceed. It makes possible another event.

Enabling Event: An event that must occur for a hazard scenario to proceed. It makes possible another event.

End Effect: See Impact.

Endorse Revalidation: No modifications are needed to the previous study.

Endpoint: See Consequence Endpoint.

Engineered Safeguard: A piece of equipment that acts as a safeguard, e.g. a relief valve.

Environmental Receptors: As used by EPA, natural areas such as national or state parks, forests, or monuments; Officially designated wildlife sanctuaries, preserves, refuges, or areas; Federal wilderness areas.

Episodic: Used to describe events with low frequency and high consequence (also known as Rare Events).

Equipment Failure: The inability of a piece of mechanical, structural, electrical, electronic, or other equipment to fulfill its intended function.

Equipment Status Chart: A figure that depicts the state of equipment (e.g. on /off, open / closed) for the steps in a batch process.

Ergonomics: The study of human characteristics for the appropriate design of living and work environments.

Erosion: The removal of material from a surface by a physical mechanism.

Event: An occurrence involving equipment performance or human action, or an occurrence external to the system, that causes or affects a system upset. An event associated with an incident either as the cause or a contributing cause of the incident or as a response to the initiating event of the incident.

Event Tree: A logic model that graphically portrays the propagation of an initiating event through the various possible combinations of events and consequences for a hazard scenario.

Explosion: A rapid release of energy which causes a pressure discontinuity or shock wave, which then moves away from the source at a rate determined partly by the pressure differential and partly by the properties of the medium through which the shock wave is propagated. This pressure discontinuity and subsequent shock wave are termed the blast wave.

External Event: An occurrence that originates outside a process but has an adverse impact on it including natural events, human-induced events, utility failures, and knock-on events. For example, an earthquake or flood or an interruption of utilities such as electric power or process air.

Extraneous Act: A non-required action is performed instead of or in addition to required action. 

F

Facilitator: Individual who guides the team in performing a study.

Facility: The land or buildings which contain one or more processes. Usually enclosed by a common security fence.

Facility Siting: The impact on hazard scenarios of the spatial relationship between the process hazards and the locations of people in the facility and the spacing of process units and equipment.

Fail-Safe Fault: A fault that results in no deterioration of safety.

Fail-to-Danger Fault: A fault that moves a process towards a dangerous condition or limits the ability of a protective system to respond to a dangerous condition.

Failure: A piece of equipment or a person does not provide the expected function when required to do so.

Failure Data: See Failure Rate Data.

Failure Frequency: The number of failure events that occur divided by the total elapsed time during which those events occur.

Failure Mode: The way a piece of equipment fails, e.g. off / on, open / closed, etc.

Failure Mode and Effects Analysis (FMEA): A hazard analysis method where all known failure modes of components or features of a system are considered in turn and undesired outcomes are noted.

Failure Rate Data: Numerical data for the frequencies of events and the probabilities of failures.

Fault: A higher-order event than a failure that results in a failure.

Fault Tree Analysis (FTA): A method for representing the logical combinations of various system states which lead to a particular outcome (top event).

Fire: A combustion process characterized by heat or smoke or flame or any combination thereof.

Fireball: A fire burning sufficiently rapidly for the burning mass to rise into the air as a cloud or ball.

Fire Brigade: An organized group trained in firefighting operations.

Flammable: Any substance that is easily ignited, burns intensely or has a rapid rate of flame spread. Flammable and inflammable are identical in meaning; however the prefix “in” indicates negative in many words and cause confusion. Flammable, therefore, is the preferred term.

Flammable Limits: See Flammable range.

Flammable Liquid: Any liquid having a flash point below 37.8 C (100 F).

Flammable Range: The difference between the lower and upper flammable limits, expressed in terms of the percentage of vapor or gas in air by volume. Also often referred to as the “explosive range”.

Flash Fire: The combustion of a flammable vapor and air mixture in which flame passes through that mixture at less than sonic velocity, such that negligible damaging overpressure is generated.

Flash Point: The lowest temperature at which a liquid gives off enough vapor to form an ignitable mixture with air and produce a flame when a source of ignition is present.

Fractional Dead Time: The mean fraction of time in which a component or system is unable to operate on demand.

Fracture: The breaking open of a containment system by the propagation of a crack.

Frequency: How often an event is expected to occur. Usually expressed as events per year.

Frequency of Dangerous Failures (FDF): The frequency with which a protection system operating in continuous mode fails to perform its specified safety function.

Functional: Working normally. Not inactive, bypassed, disabled, or removed.

G

General Parameter: Represents an aspect of the design intent such as addition, reaction, mixing, that is not a specific parameter.

Generic PHA: A study performed to be representative of similar processes, e.g. water treatment facilities, that can be tailored for each facility to account for individual variations.

Given: As used in LOPA, a factor that is always part of a scenario, e.g. a boiler house that acts as an ignition source for a release of a flammable material versus hot work in the process which is an enabler for ignition of the release.

Global Node / System: A node or system that is used to represent the whole process or certain aspects of the whole process.

Global Safeguard: A safeguard that applies to an entire process or parts of the whole process, e.g. fire fighting.

Good Engineering Practice (GEP): Accepted written technical method that governs process operations. Sources include federal, state, and local laws and regulations, consensus codes and standards (e.g., the ASME Boiler and Pressure Vessel Code), and insurance carrier guidelines. GEPs include internal design, operation, and maintenance guidelines where appropriate.

Group Risk: The relationship between frequency and the number of people suffering from a specified level of harm in a given population from the realization of specified hazards.

Groupthink: A phenomenon in which a group of people share common but possibly false beliefs and think and make decisions in the same way, thus discouraging creativity. Usually, it occurs when people in the group have worked together for a period of time and evolved consensus views based on shared experiences, which become unrecognized assumptions. Alternatively, a phenomenon in which group members try to minimize conflict and reach a consensus decision without critical evaluation of alternative viewpoints by actively suppressing dissenting viewpoints and by isolating themselves from outside influences.

Guidewords: Prompts for HAZOP studies.They are combined with process parameters to generate deviations from design intent. Standard guidewords include No, More, Less, As Well As, Part Of, Reverse, and Other Than. 

H

Harm: Injury or damage to people, environment, property, process, company, etc.

Hazard: A situation or an intrinsic property of a material with the potential to cause harm. Also, the potential for an accident with undesirable consequences.

Hazard and Operability (HAZOP) Study: A hazard analysis method in which deviations from design intent are generated by applying guidewords to process parameters in order to identify initiating events that produce the deviations and the scenarios that result.

Hazard Identification (HAZID): Pinpointing of material, system, process, and plant characteristics that can produce undesirable consequences through the occurrence of an incident.

Hazard Register: A listing of the hazards posed by a process including a description of each hazard, its source, the consequence if the hazard were realized, and the prevention / mitigation measures provided.

Hazard Scenario: A specific, unplanned event or sequence of events that has an undesirable consequence resulting from the realization of a hazard.

Hazard Type: A nature of a hazard, e.g. toxicity, flammability, explosivity, etc.

Hazardous Condition: A process condition that triggers the operation of process safeguards.

Hazardous Event: An event that safeguards protect against, e.g. hazardous material release, runaway reaction, vessel rupture, pump cavitation.

Hazardous Material: A chemical that poses a hazard.

Hazardous Situation: An event that follows directly from a hazardous event and leads to a consequence impact.

Hazardous Substance: See Hazardous Material.

HAZOP: See Hazard and Operability Study.

HAZOP Deviation Matrix: A table that shows possible deviations for common process parameters.

Hierarchy of Causality: An order of scenario causes at increasing levels of detail, e.g. immediate, basic, underlying, root.

Hierarchy of Controls: A ranking of ways to control process risks in order of decreasing effectiveness. Typically, inherent safety, segregation and separation, passive engineered safeguards, active engineered safeguards, procedural safeguards, personal protective equipment, and emergency response.

Highly Hazardous Chemical (HHC): As used by OSHA, a substance possessing toxic, reactive, flammable, or explosive properties and specified in the standard.

Hot Work: Any operation that could cause a source of ignition in a hazardous area. A hot work permit is required for hot work.

Human-Equipment Interface: Areas of physical or perceptual contact between people and equipment.

Human Error (HE): Actions by or failures to act on the part of designers, operators, managers, or other individuals that may contribute to or result in accidents.

Human Factor (HF): A factor that influences the performance of people.

Human Factors Review: A review of a process to identify human factors that adversely impact the process.

Human Failure (HF): An act of omission or commission by people with regard to fulfilling their performance requirements to perform actions and tasks.

Human Failure Analysis (HFA): Used to identify failures people may make in their interface with a process. These failures and their rates are influenced directly by the human factors design of the process.

Human Recovery: The ability of people to recognize their failures and correct them.

Human Safeguard: A safeguard that relies on operators or other personnel to take action to prevent an undesired consequence, e.g. in response to an alarm.

I

Ignitable: Capable of being set on fire.

Ignition Source: A flame, tool spark, static electric charge, or electric spark that could cause a fire or explosion.

Immediate Cause: A direct cause of a scenario, i.e. the event that precipitates the scenario.

Immediately Dangerous to Life or Health (IDLH): Conditions such that an acute exposure will lead to acute or chronic health effects.

Imminent Danger: An impending or threatening dangerous situation that could be expected to cause death or serious injury to persons in the immediate future unless corrective measures are taken.

Impact: The ultimate result of a hazardous event. It may be expressed, for example, in terms of numbers of injuries or fatalities, environmental or property damage, or the cost of business interruption.

Importance Measure: An indicator used to represent the contribution of a component or system to total risk.

Incident: See “Accident”.

Incident Outcome: One of multiple events for a hazard type, e.g. jet fire, flash fire
pool fire. Also, see Consequence.

Incident Outcome Case: An incident outcome that can be further subdivided into cases differentiated by meteorological conditions, if they affect the consequences.

Independent Events: Events such that the occurrence of one does not modify the probability of the occurrence of the other. Thus, the probability of event A, given that B has occurred, is no different than the probability of A occurring by itself.

Independent Protection Layer (IPL): A device, system or action that acts to prevent a scenario from proceeding to its undesired consequence regardless of the initiating event for the scenario, or the action or failure of any other protection layer associated with the scenario, or any other element of the scenario.

Indirect Domino Effect: Occurs when a domino event causes an impact that leads to escalation.

Individual Risk: The frequency at which an individual may be expected to sustain a given level of harm from the realization of specified hazards.

Inductive Reasoning: Bottom-up reasoning. It starts with a probable conclusion and induces premises.

Information Need: A piece of information needed to complete a study.

Inherent Safety: Process design that eliminates or reduces the magnitude of a hazard using a means that is permanent and inseparable from the process, e.g. replacing a hazardous material with one that is not hazardous. Inherent safety practices help to avoid the need for elaborate safety systems.

Inherent Safety Review (ISR): Review of a process to identify inherent safety practices that can be used to reduce risk.

Initiating Event (IE): The event that initiates a hazard scenario. It may be an equipment failure, human failure or external event.

Injury: Physical harm or damage to a person resulting from an exchange of mechanical, chemical, thermal, or other environmental energy that exceeds the body’s tolerance.

Instantaneous Release: The escape of a hazardous material over a short time span, typically a few seconds.

Intention: See Design intention.

Interlock: A device that makes the operation of an item of equipment dependent on the fulfilment of predetermined conditions by another item of equipment, e.g. an interlocked machine guard will prevent the machine from operating unless the guard is in its proper place.

Intermediate Event: An event in a hazard scenario that helps to propagate the incident or helps to prevent the accident or mitigate the consequences. Responses to the initiating event from the process control system, safeguards, and operators.

J

Jet fire: The combustion of material emerging from an orifice with significant momentum.

Job Hazard Analysis: A study of a process to identify the presence of hazards and the ways they may affect the safety of personnel performing work.

Job Safety Analysis: see Job Hazard Analysis.

K

Knock-on Effect: See Domino Effect.

L

Latent Condition: See Latent Failure.

Latent Effect: An effect that does not arise immediately after exposure. Also called Delayed Effect.

Latent Failure: A failure that does not cause adverse effects when it occurs but does so in combination with one or more events that occur later, e.g. an alarm in a failed state. A latent failure lies dormant and often hidden until conditions arise where it contributes to a hazard scenario.

Layers of Protection Analysis (LOPA): A form of risk assessment which is simplified by taking account of only those safeguards that are independent protection layers.

Legend Sheet: See Master Sheet.

Level of Causality: Depth to which causes are determined: e.g. immediate, basic, underlying, root.

Likelihood (L): How often a hazard scenario is expected to occur. Often expressed as a category, e.g. 1, 2, 3, ...

Limiting Conditions for Operation (LCO): Specifications for critical systems that must be operational and critical resources that must be available to start a process or continue normal operation. Critical systems include fire protection, flares, scrubbers, emergency cooling, thermal oxidizer, etc. Critical resources include staffing levels, fire water supply, etc.

Line-by-line HAZOP: A HAZOP study using nodes that are lines and vessels.

Line Designation: Piping information provided on a P&ID including the size of the pipe, the letters that stand for the material in the pipe, and an identifying number, usually associated with the pipe’s point of origin.

Line Number: A number assigned to represent a length of piping uniquely. It may have letters as a prefix defining the material flowing through the pipe.

Line Schedule: A block of information on a P&ID providing the pipe line number, material flowing through the pipe, where the stream is coming from and flowing to, and specification, size, material of construction, and, if insulation or tracing is on the pipe.

Localized Incident: An incident whose effect zone is limited to a plant area, and does not extend into the off-site surrounding community.

Logic Diagram: A representation of the sequence of events leading to or from a specified state.

Loss Event: See Hazardous Event.

Loss Prevention: The use of safety analysis to minimize financial losses.

Lower Flammable Limit (LFL): The concentration in air at ordinary ambient temperatures of a gas or vapor expressed in percent of the gas or vapor in air by volume below which combustion will not propagate.

M

Maintenance Regime: The way in which a process is maintained.

Major Hazards: Explosivity, flammability, reactivity, and toxicity.

Management and organizational factors: Aspects of how an organization is managed and structured that influence its performance.

Management system: A set of policies, procedures, practices, etc. used by an organization to ensure that it can accomplish the tasks needed to achieve its objectives.

Master Sheet: Part of the P&IDs that defines the symbols used and provides line identifications. Also called the Legend Sheet.

Maximum Allowable Working Pressure (MAWP): The maximum pressure at which a vessel is designed to operate safely. Typically, vessels are operated at pressures significantly below the MAWP to provide a margin of safety.

Mindset: An assumption held by an individual which is so established that the individual does not recognize it exists and continues to accept prior choices as valid making it difficult to see situations in a fresh light.

Mitigated Event Frequency (MEF): The frequency at which a hazardous event is expected to occur considering the independent protection layers present. It is the product of the Unmitigated Event Frequency and the product of the probabilities of failure on demand for the independent protection layers including their enablers.

Mitigation: The act of causing a consequence to be less severe.

Mode of Operation: A state of a process during its life cycle, e.g. startup, normal operation, shutdown, emergency shutdown.

Mothballing: Taking a plant out of commission and placing it in a state where it can be re-commissioned at a later time.

Multiple Failure: Two or more events occurring together. They may be equipment failures, human failures, external events, or combinations thereof.

N

Near Miss: An incident where serious consequences did not occur, but could have if one or more controls had failed.

Node: A line or vessel examined in a HAZOP study.

Node Intention: Relevant aspects of the process design intention for each node for each mode of operation.

Non-Routine Task: A task that is performed infrequently or for the first time.

Normal Operating Limits: Operating variable limits that are maintained by the control system. 

O

Objectives: The types of hazards and the types of consequences to be addressed in a study.

Occupancy Factor: Fraction of time personnel are in an area.

Omission Error: An action is not performed.

Operability: The capacity of the process to function.

Operability Scenario: A scenario that impacts operability.

Operating Envelope: The intended operating ranges of process variables.

Operating Regime: The way in which a process is operated.

Overpressurization: Exposure of equipment to pressures in excess of the design pressure.

P

Parameter: As used in HAZOP studies, an aspect of design intent. It describes a process physically, e.g. flow, chemically, e.g. composition, in terms of what is happening, e.g. addition, or in any other way, e.g. a specification.

Parameter Intention: The range of allowable values for a parameter, e.g. 100 - 150 degrees C for the parameter Temperature, or a specification of what should occur for a parameter, e.g. sulfur trioxide with less than 0.1% water for the parameter Composition.

Part: Section of a system that is subject to study, e.g. node, system or subsystem. It may be physical (e.g. hardware) or logical (e.g. a step in a procedure).

Partial Failure: A degradation in performance short of a full failure.

Passive Safeguard: Equipment that is not physically actuated in order to perform its intended function, e.g. a blast wall.

Periodic Study: See Revalidation Study.

Personal Protective Equipment (PPE): Devices worn by workers to protect against hazards in the working environment.

Phase of Operation: See Mode of Operation.

Piping and Instrumentation Drawing (P&ID): A detailed diagrams including legends and citations of referenced documents showing every item of equipment including its identification number; every pipe including size, flow direction, identification number and indication of ANSI piping specification and break between piping specifications, etc. Instrumentation including such details as tie-in points, instrument numbers, control valve numbers, and panel or local control mounting details are shown. A P&ID, being a schematic drawing, is not drawn to scale. However, relative sizes and locations of equipment may be depicted.

Plant-Specific Failure Data: Failure rate data generated from collecting information on equipment failure experience at a specific plant.

Plot Plan: A drawing showing the geographical location of the major items of equipment in a process.

Plume: The gas cloud resulting from a continuous release.

Pool Fire: The combustion of material evaporating from a layer of liquid at the base of the fire.

Pressure Burst: The rupture of a system under pressure, resulting in the formation of a blast wave and projectiles which may have the potential to cause damage.

Prevention: Causing an event not to happen.

Preventive Maintenance (PM): Regular maintenance that is performed on a piece of equipment to lessen the likelihood of it failing.
Previous Incident: An incident that already occurred.

Prioritization: The process of establishing relative priorities.

Probability: An expression for the likelihood of occurrence of an event during an interval of time or the likelihood of the success or failure of an event on test or on demand. Expressed as a dimensionless number ranging from 0 to 1.

Probability of Failure on Demand (PFD): The probability that a protection system will fail to perform its specified function when a demand is placed on it. The number of failure events that occur divided by the total number of demands.

Propagating Failure: See Cascade Failure.

Procedural Safeguard: A procedure that acts as a safeguard such as an emergency shutdown procedure.

Process (OSHA): Any use, storage, manufacturing, handling, or the on-site movement of a covered chemical, or any combination of these activities. For the purposes of this definition, any group of vessels which are interconnected and separate vessels which are located such that the covered chemical could be involved in a potential release are considered to be single process.

Process Boundary: Limits of equipment, procedures, control systems etc. that are included in a study.

Process Chemistry: The chemical reactions that occur or could occur within a process under normal, abnormal, and emergency conditions, including information on raw materials, intermediates, products, by-products and waste products.

Process Control System: See Basic Process Control System.

Process Drawings: Documents such as P&IDs, PFDs, and a plot plan.

Process Flow Diagram (PFD): A schematic drawing of the process. The primary purpose of this drawing is to show the heat and material balances of the process. Main valves, pressures, temperatures, and flows may be shown. Utilities may be shown for clarity. Pump and vessel capacities may also be indicated.

Process Hazard Analysis (PHA): An organized and systematic effort to identify possible hazard scenarios.

Process Hazard Review (PHR): See Process Hazard Analysis.

Process Intention: A statement of what the process involves.

Process Safety Information (PSI): As used by OSHA, information pertaining to the hazards of the highly hazardous chemicals used or produced by the process, the process technology, and the process equipment.

Process Safety Target Level: See Risk Tolerance Criteria.

Process Safety Time: The period of time between a failure occurring in a process and the occurrence of a hazardous event if a safety function is not performed.

Programmable Logic Controller (PLC): A computer that monitors inputs and outputs and makes logic-based decisions for automated processes.

Projectile: Fragment or piece of equipment that is projected due to absorption of energy from an energy release, e.g. in an explosion.

Protection Layer: See Safeguard.

Protective Measure: See Safeguard.

Public Receptor: As used by EPA, offsite residences; institutions (e.g. schools, hospitals); industrial, commercial, and office buildings; parks, or recreational areas inhabited or occupied by the public.

Purpose: The reason a study is conducted.

Q

Quality Control (QC) Checklist: A list of questions used to ensure that a study meets a defined performance standard.

Quantitative Risk Analysis (QRA): The numerical evaluation of both accident consequences and probabilities and their combination into an overall measure of risk.

Quantitative Risk Assessment (QRA): The process by which Quantitative Risk Analysis results are used to make decisions by comparing quantitative risk estimates with risk tolerance criteria.

R

Random Failure: A failure that occurs at a random time.

Rare Event: See Episodic.

Raw Risk: Risk estimate without the consideration of existing safeguards.

Reactive Chemical: A chemical that poses a reactive hazard.

Reactivity Excursion: See Reactivity Incident.

Reactive Hazard: Reactive properties and handling conditions of a chemical or mixture that may generate heat, energy, and gaseous byproducts that have the potential to cause harm.

Reactivity: The nature of a material that enables it to produce a reactivity incident under the right conditions.

Reactivity Incident: Sudden event involving an uncontrolled chemical reaction with significant increases in temperature, pressure, and/or gas evolution.

Realistic Deviation: One with credible causes.

Receptor: Entity that is harmed by an incident.

Recognized and Generally Accepted Good Engineering Practices (RAGAGEP): Practices that are the basis for engineering, operation, or maintenance activities for a process and are themselves based on established codes, standards, published technical reports, recommended practices, or similar documents.

Recommendation: A suggestion for a measure to reduce risk.

Recovery Factor: Feedback from a process in response to a human error that enables the human to limit or prevent the undesirable consequences of the error.

Redline: Mark up a document in red to show changes.

Redo Revalidation: See Replace Revalidation.

Redundancy: The performance of the same function by identical but independent multiple means.

Release: The discharge of energy or a hazardous material from its containment system.

Release Characteristics: Aspects of a release scenario, e.g. hole size, location, elevation, orientation, duration, delayed ignition, etc.

Release Conditions: Conditions at the time of a release, e.g. release characteristics such as hole size and location, and weather conditions such as wind direction and atmospheric stability class.

Relevant Parameter: A parameter with deviations that result in scenarios that are within the study scope and objectives.

Reliability: The probability that an item is able to perform a required function under stated conditions for a stated period of time or for a stated demand.

Replace Revalidation: A new study is performed from scratch.

Replacement in Kind (RIK): A replacement which satisfies the design specification.

Residual Risk: The remaining risk after all practicable risk reduction measures have been taken.

Resolution (of Study Recommendations): The process of deciding whether a recommendation will be implemented, developing an alternative to a recommendation, or justifying that a recommendation will not be implemented.

Retrofit Revalidation: see Revise Revalidation.

Retrospective Study: A study conducted for a process after construction.

Revalidation: Update to a study to account for changes to a process.

Revealed Failure: A failure that is made apparent by an alarm or other indication.

Revise Revalidation: The previous study is edited.

Risk (R): A measure of potential human injury, environmental damage, or economic loss in terms of the probability / frequency of the injury, damage, or loss occurring and the magnitude of the injury, damage, or loss if it occurs. The product of the severity (S) and likelihood (L) of harm occurring from a hazard scenario. R = S x L.

Risk Acceptance Criteria: See Risk Tolerance Criteria.

Risk Analysis: The qualitative or quantitative estimation of accident likelihoods and consequences.

Risk Assessment: The process by which risk analysis results are used to make decisions by comparing risk estimates with risk target levels.

Risk Class: A grouping of risk levels in a risk matrix that is assigned the same requirements for risk reduction.

Risk Contour: An line joining points of equal risk surrounding a facility (isorisk line).

Risk Criteria: See Risk Tolerance Criteria.

Risk Elevation: See Risk Escalation.

Risk Escalation: Notification of senior managers when time periods for implementation of action items are not met. Increasingly higher levels of management must sanction continued tolerance of increasingly higher levels of risk.

Risk Gap: The difference between estimated risk and the tolerable risk.

Risk Graph: A graphical tool used to determine the safety integrity level for safety instrumented functions by assigning values to risk parameters.

Risk-Informed Decision: A decision that is made incorporating consideration of the risk involved.

Risk Level: A value assigned to a cell in a risk matrix.

Risk Management: The identification, evaluation, and prioritization of risks followed by the application of resources to control and monitor them.

Risk Matrix: A graphical tool used to assign risk levels for events based on their consequence and likelihood of occurrence.

Risk Profile: Entries in the cells of a risk matrix showing the total number of scenarios for each risk level or the identifiers for the scenarios assigned to each risk level.

Risk Ranking: A process for qualitatively ranking the severity and likelihood of a hazard scenario to estimate the risk of the scenario. The risk ranking can be used to assist in making recommendations, and in prioritizing recommendations that have been made.

Risk Ranking Scheme: A specific risk matrix or set of risk matrices with decision criteria.

Risk Reduction Factor (RRF): The ratio of the estimated risk to the tolerable risk for a scenario or group of scenarios. It is the reciprocal of RRR and is a number greater than or equal to 1.

Risk Reduction Measure: A means of reducing risk, e.g. a safeguard.

Risk Reduction Required (RRR): The ratio of the tolerable risk to the estimated risk for a scenario or group of scenarios. It is the reciprocal of RRF and is a number less than or equal to 1.

Risk Register: A listing of risks posed by a process.

Risk Tolerance Criteria: Measures used to determine the tolerability of risk.

Risk Zone: See Risk Class.

Root Cause: A fundamental reason for the cause of a scenario or incident.

Runaway Reaction: A chemical reaction that becomes uncontrolled.

S

Safe: Acceptably free from danger, injury, or damage.

Safe Operating Envelope (SOE): The safe operating limits for a process.

Safe Operating Limits: Ranges of values established for critical operating parameters such as flow, temperature, pressure, and level for a process, based on a combination of equipment design limits and the dynamics of a process.

Safe Work Practice (SWP): A procedure for perform a hazardous task with minimum risk to people, property, and the environment.

Safeguard: Any device, system or action that either would likely interrupt the chain of events following an initiating event or that would mitigate the consequences. Safeguards help to protect a process when controls are inadequate or fail.

Safety: The state produced by the control of recognized hazards to attain an acceptable level of risk.

Safety Availability (SA): The probability of successful operation of a protection system when a demand is placed on it. SA = 1 – PFD.

Safety Critical Action (SCA): An action required by a procedure that has been determined to be vital to preventing the occurrence of a catastrophic release.

Safety Critical Equipment (SCE): Equipment such as alarms, interlocks, and controls determined to be vital to preventing the occurrence of a catastrophic release.

Safety Culture: The values, beliefs, perceptions and attitudes of individuals, groups and organizations that shape the behaviors they exhibit towards safety.

Safety Data Sheet (SDS): A document which describes the chemical and physical properties and the physical and health hazards of a substance. Previously known as a Material Safety Data Sheet (MSDS).

Safety Functions: Controls together with safeguards.

Safety Instrumented Function (SIF): A safety function that is part of a Safety Instrumented System with a specified Safety Integrity Level (SIL) which is necessary to achieve functional safety and which can be either a safety instrumented protection function (demand mode function) or a safety instrumented control function (continuous mode function).

Safety Instrumented System (SIS): A system composed of sensors, logic solvers, and final control elements for the purpose of taking the process to a safe state when predetermined conditions are violated. It responds to conditions that are hazardous in themselves or, if no action is taken, could eventually cause a hazardous event.

Safety Integrity Level (SIL): A performance criterion for a Safety Instrumented Function. It defines the probability or frequency of the SIF failing to perform its function and is used as a measure of the performance needed by the Safety Instrumented Function to control process risk to a tolerable level.

Safety Requirements Specification (SRS): A document that contains the functional and integrity requirements for each safety instrumented function in a safety instrumented system.

Safety Shutdown Limits: Operating variable limits that trigger the operation of safety shutdown systems when reached.

Safety System: Equipment and/or procedures designed to prevent, detect, or respond to a hazard scenario, e.g., alarms, interlocks, detection devices, and suppression systems.

Scenario: An event or sequence of events that results in undesirable consequences.

Scope: The items to be addressed in a study.

Scribe: Individual who records a study.

Secondary Consequence: Additional consequence that may arise from a hazardous material, e.g smoke inhalation from fire scenarios.

Section: A subdivision of a process. See Subdivision.

Segregation: A hazard management strategy in which a physical barrier is established between the hazard area and an area to be protected.

Separation: A hazard management strategy achieved by the establishment of a distance between equipment and other equipment or a process and other processes.

Sequential Failure: See Cascade Failure.

Service Environment: The external and internal conditions to which a process is subjected during its life cycle.

Session: A period of time during which part of a study is performed.

Set Point: The desired value of a process variable such as pressure, temperature, level, etc.

Severity (S): The degree of impact of a hazard scenario. A measure of the scenario consequences. Often expressed as a category, e.g. 1, 2, 3, ...

Shock Wave: A pressure pulse formed by an explosion in which a sharp discontinuity in pressure is created as the wave travels through a fluid medium at greater than sonic velocity.

Significant Deviation: One with significant consequences.

Societal Risk: See Group Risk.

Source Term: The quantitative description of a release required as input to a consequence model, i.e., form, composition, quantity or release rate, concentration, temperature, etc.

Specialty Team Member: A team member who provides specialized knowledge and expertise needed only in one or a few study sessions.

Specific Parameter: Describes a physical or chemical aspect of the process materials, e.g., flow, temperature, pressure, composition.

Stakeholder: An individual, group or organization with an interest or concern in a specific matter.

Standard: Practice that is recommended either by an internal (company generated) or outside organization. Standards are prepared to record best practice to be used by design, operations, and maintenance personnel so that a level of safety and consistency is established and maintained.

Standard Operating Procedure (SOP): A set of step-by-step instructions for the normal operation of a process.

Starting Event: An initiating event, intermediate event, or loss event of a hazard scenario, as used in Event Tree Analysis.

Subdivision: Division of a process into sections, such as nodes or systems / subsystems, in order to focus the analysis and make it manageable.

Subjectivity: The influence of personal feelings, tastes, or opinions on a person’s judgment. Decision factors that are dependent on the human mind.

Subsystem: A subdivision of a system. See System.

Super Node: A node that is a combination of lines and vessels.

Support System: A system needed for the operation of a process, e.g. communication, evacuation alarm, access control, etc.

Swiss Cheese Model: A model of accident causation in which multiple successive barriers that act to prevent an incident from occurring have holes that represent latent and/or active deficiencies in the barriers. An incident occurs when the holes align.

System: A subdivision of a process. See Subdivision.

Systematic Failure: A failure that is related in a deterministic way to a certain cause.

T

Tag Number: Identifier for a piece of equipment.

Task Analysis: The analysis of how a task is accomplished, including the identification of manual and mental activities.

Team Leader: See Facilitator.

Team Member: A person who participates in a study.

Terms of Reference (TOR): See Charter.

Thermal Radiation: The propagation of energy in the infra-red region of the electromagnetic spectrum, commonly called “heat”.

Threshold Quantity (TQ): As used by OSHA and EPA, the minimum quantity of a covered chemical that must be present in a process to cause the process to be covered under OSHA PSM and/or EPA RMP regulations.

Throughput: The rate of production of a defined system (e.g. an entire refinery or a process unit) over a stated period of time. For example, a refinery’s throughput is 200,000 barrels per day or the Fluid Catalytic Cracking Unit’s throughput is 80,000 barrels per day.

Time-At-Risk Factor: The fraction of time a risk is present, e.g. a process is in a particular mode, phase or step.

Tolerable Risk (TR): The level of risk for a facility that is deemed acceptable. The risk level that is accepted in a given context based on the values of individuals, groups of people and society.

Top Event: The selected outcome whose possible causes are analyzed in a fault tree.

Toxicity: The property of toxic substances that causes harm.

Toxic Substance: A material that can have an injurious effect when introduced into, or absorbed by, a person.

U

Uncertainty: Lack of full knowledge.

Uncertainty Analysis (UA): The determination of how uncertainties in input data and models for risk analysis propagate to produce uncertainties in the risk results.

Underlying Cause: Direct or contributing cause for a basic cause.

Unmitigated Event Frequency (UEF): The product of the initiating event frequency, multipliers for non-IPL enablers, and the probabilities of any conditional modifiers for a hazardous event. It provides a baseline measure of the scenario risk that is used in Layers of Protection Analysis to assess the importance of independent protection layers for the scenario.

Unrevealed Failure: A failure that lies dormant in a process, until discovered, with the process still operating.

Unsafe Act: See Human Failure.

Unsafe Condition: See Latent Condition.

Upper Flammable Limit (UFL): The concentration in air at ordinary ambient temperatures of a gas or vapor expressed in percent of the gas or vapor in air by volume above which combustion will not propagate.

Utility System: A system needed for the operation of a process, e.g. cooling water, electric power, instrument air, etc.

V

Vapor Cloud Explosion (VCE): An explosion in the open air of a cloud composed of a mixture of a flammable vapor gas with air. In practice, a VCE usually will be partially confined due to the presence of buildings, trees, etc.

Verification: Confirmation by examination and provision of evidence that specified requirements have been met.

Violation: An action that is prohibited or different from that prescribed.

Vulnerability: The probability that harm will occur if an individual is exposed to a hazard.

W

Weather Conditions: Wind direction, wind speed, air temperature, solar radiation, humidity, atmospheric stability class, precipitation, etc.

Worst-Case Consequence: A conservative (high) estimate of the consequences of the most severe incident identified. For example, the assumption that the entire contents of a contained volume of toxic material is released to the most vulnerable area in such a way (all at once or continuous) as to have the maximum effect on the public or employees in that area. The contained volume could be chosen as the containers and pipes between shutoff valves or the entire process unit but probably not the entire plant.

Worst-Consequence Scenario: The scenario with the highest consequence.

Worst-Risk Scenario: The scenario with the highest risk.

Worst Credible Case: The most severe incident considered plausible or reasonably believable.