Bayesian network based dynamic operational risk assessment

https://doi.org/10.1016/j.jlp.2015.11.024Get rights and content

Highlights

  • Proposed Bayesian network based Dynamic Operational Risk Assessment in the field of process safety.

  • Demonstrated a methodology for mapping the fault tree gates into the BN and DBN.

  • Incorporated sequential dependency of event occurrence using DVN for process safety application.

  • Described a method to transform a BN to DBN.

Abstract

The oil/gas, chemical, petrochemical, food, power, papermaking and other process industries consist of numerous equipment and unit operations, thousands of control loops, and exhibit dynamic behavior. Chemical process plants are subjected to different types of process risks in daily operations, which include risks due to reactivity, toxicity and mechanical hazards, fire and explosion risks etc. Failure to manage or minimize hazards can result in serious incidents. Therefore, it is very important to identify hazards, perform risk assessments, and take proper initiatives to minimize/remove hazards and risks; else a catastrophic accident may result. Dynamic characteristics such as stochastic processes, operator response times, inspection and testing time intervals, ageing of equipment/components, season changes, sequential dependencies of equipment/components and timing of safety system operation also have great influence on the dynamic processes. Conventional risk assessment methodologies generally used in oil/gas and petrochemical plants have limited capacity in quantifying these time dependent characteristics. Therefore, it is important to develop a method that can address time-dependent effects in risk calculation and provide precise estimation. This study proposes a risk assessment methodology for dynamic systems based on Bayesian network, which represents the dependencies among variables graphically and captures the changes of variables over time by the dynamic Bayesian network. This study proposes to develop dynamic fault tree for a chemical process system/sub-system. Then a procedure to map the developed dynamic fault tree to map into the Bayesian network and the dynamic Bayesian network is provided to demonstrate the dynamic operational risk assessment methodology. A case study on a level control system is provided to illustrate the methodology's ability in capturing dynamic operational changes in process due to sequential dependency of one equipment/component on others.

Introduction

Chemical process industries such as offshore and onshore oil and gas exploration, and production, pipeline transfer, refinery operation, production of different chemicals and petrochemicals, involve numerous equipment and unit operations, thousands of control loops, and exhibit dynamic behavior. It is very important to understand hazards and risks associate with the process; perform risk assessment to identify them and take proper actions to remove or minimize hazards and risks; else a catastrophic accident may result. For example, process facilities involve a large numbers of pumps, compressors, separators, complex piping system and storage tanks, etc. in a congested area. A small mistake by an operator or a problem in the process system may escalate into a disastrous event as the process area is congested with process equipment and piping systems, and has limited ventilation and escape routes. Case histories showed that catastrophic accidents have a significant effect on people, environment, and society as they involved fatalities and great financial loss. For example, a vapor cloud explosion occurred at the BP Texas City refinery in 2005 resulted in 15 fatalities, 180 injuries and $1.5 billion in losses (U.S. CSB, 2007). The investigation revealed that insufficient process safety and lack of risk reduction measures contributed to this catastrophic accident. The U.S. CSB investigation on natural gas explosion at the ConAgra foods processing facility in North Carolina in 2009 and the Kleen Energy Power Plant Connecticut in 2020, reported failure to adopt inherently safer method from fire and explosion hazard perspective led to explosions (Khakzad et al., 2011). In 2010, a fire and explosion, resulting from a blowout, at the Macondo well resulted in 11 deaths and 17 injuries (U.S. National Commission on BP accident, 2011). Also the continuous spill from the wellhead for 87 days had disastrous effects on the environment and wildlife surrounding the Gulf of Mexico. These accidents have significantly affected people's perception, and contributed greatly to raise concern to emphasize process safety. The U.S. Chemical Safety Board's (U.S. CSB) investigations of catastrophic accidents have reported insufficient process safety, inadequate management of change and lack of risk reductions measures as root causes of these accidents. It is explicit that effective risk assessment and adequate process safety management can prevent or reduce the severity of accidents. Therefore, continuous attention should be provided to improve available risk assessment methodologies. Also, it is important to develop new risk assessment techniques that can provide more information and flexibility to the industry for better risk management than the available techniques.

Process industries are complicated and dynamic in nature. Dynamic characteristics involve various time-dependent effects such as changes in seasons, ageing of process equipment/component, stochastic processes, human error, inspection and testing time intervals, hardware failures, process disturbances, sequential dependencies and timing of safety system operations. It is important to quantify risks arising from above stated time-dependent effects. Conventional risk assessment methodologies, i.e., HAZOP, What-if Analysis, Fault Tree, Event Tree, Bow-Tie Analysis, Layer of Protection Analysis have limited ability to quantify dynamic changes in processes. These methods can incorporate system's dynamic response to time, variations of process variables, operator actions and sequential dependencies in estimating risk with limited capacity. For example, a fault tree or event tree describes the relationship between the final outcome and different component/equipment failure, but hardly incorporate system's dynamic response to time, variations of process variables, operator actions, sequential dependencies, etc. Catastrophic accidents may result when critical process parameters exceed the safe operating region without being detected due to protective system failure, or timing of safety system operations (Yang and Mannan, 2010a, Yang and Mannan, 2010b). Hence, it is important to develop a method that has the ability to quantify risk arising due to different time-dependent effects.

Siu (1994) summarized different methods available for performing dynamic process systems risk assessment. Markov modeling is one of the widely accepted methods for dynamic risk analysis. State transition diagram is constructed to represent possible system states and transition from one state to another. One of the limitations of the Markov process is that the number of states increases with the increase of the system size. It makes construction of the system state transition diagram and computation complex (Reliability Analysis Center, 2003). Also, the Markov theory based models do not consider the effect of inspection on system-state transitions. Dynamic Logical Analytical Methodology (DYLAM) approach was proposed by Cacciabue et al. (1986). Nivolianitou et al. (1986) demonstrated the application of DYLAM approach for reliability analysis of chemical processes. This method has the ability to quantify different time dependent effects by incorporating dynamic aspects of a process. The DYLAM has limited ability to treat large number of scenarios and scenario calculations can be time consuming and costly (Siu, 1994). In the dynamic event tree (Acosta and Siu, 1993), branching is allowed to take at different points in time, and it can be applied for accident sequence analysis. Yang and Mannan, 2010a, Yang and Mannan, 2010b proposed a semi-markovian approach named dynamic operational risk assessment (DORA) methodology, with the ability to quantify risks for component failure and component's abnormal events, and also incorporated inspection/testing time schedule to understand its effect on risk. Monte Carlo simulation was performed to understand the system abnormal condition due to each individual component's transition from one state to another, and then prolonged simulation was performed to understand the effect of inspection and testing time on the probability of component abnormal event.

In recent years, Bayesian network (BN), a graphical model based on application of Bayes' theorem for probability reasoning to quantify complex dependencies, are being applied in engineering applications. A Bayesian network describes causal influence relations among variables via a directed acyclic graph. It represents a set of random variables in nodes and their conditional dependencies by drawing the edges from one node to another (see Fig. 1).

In a binary network, nodes and arcs represent variables and causal relationships among different nodes. Conditional probability tables or defined probabilistic relationships among nodes represent how one variable is linked another one or multi-variables. The nodes that influence other variables and have unconditional probability are called parent or root nodes. Nodes that are conditionally dependent on their direct parents are called intermediate nodes. The end node is defined as a leaf node.

  • Let N=(G,P) be a Bayesian network, where

  • G=(V,E) is a directed acyclic graph (DAG); V (random variables) represents nodes; and E represents edges between pairs of nodes of DAG.

P represents probability distribution over V and V={X1,X2,,Xn} can be either discrete or continuous random variables (Donohue and Dugan, 2003). These random variables are assigned to the nodes and the edges. Bayesian networks can be represented by the joint probability distribution, P(V);P(V)=XVP{X|pa(X)}=P(X1,X2,,XN)=i=1nP{Xi|pa(Xi)}Here pa(Xi) = parent nodes of Xi.

A general Bayesian network is static in nature, i.e., the joint probability distribution is usually a representation of a fixed point or an interval of time (McNaught and Zagorecki, 2010). A dynamic Bayesian network describes the evolution of joint probability distribution over time and thus extends the general Bayesian network. Discrete time modeling represents the progression of time in the dynamic Bayesian network was proposed by Dean and Kanazawa (1989). In a dynamic Bayesian network, arcs links nodes from previous time slice to that of the next time slice to represent temporal dependencies among them. Kjaerulff (1995) demonstrated that Markov assumption can be held true for the dynamic Bayesian network if the variable state at future time slice ‘(n + 1)-th’ time slice is independent of past given the present ‘n-th’ time slice. Bayesian network (BN) has the ability to calculate the probability unknown parameters as well as to update the probability of known variables using conditional probability. Therefore, the application of Bayesian network (BN) would provide more flexibility for risk analysis.

Weber et al. (2012) provides a summary of the Bayesian network's application in the field of dependability, risk analysis and maintenance. Bobbio et al. (2001) described method to map the fault tree into the Bayesian network in the area of dependability and performed an analysis of dependable systems. Also, Boudali and Dugan (2005) demonstrated sequential dependencies of events and Montani et al. (2005) included temporal aspects in performing reliability analysis to demonstrate capabilities of Bayesian network in dependability analysis. Delic et al. (1995) stated potential application of Bayesian network in software safety cases as a part of Safety of Hazardous Industrial Processes project (Gran, 2002). Later, it was applied for software safety assessment in different researches at the Center for Software Reliability at the City University and Queen Mary University in London (Gran, 2002). It has not been long that the researchers have started exploring the advantages of applying Bayesian network for chemical process safety and risk assessment. Pasman and Rogers (2011) described incorporation of Bayesian network in Layer of Protection Analysis. Khakzad et al. (2011) demonstrated a mapping procedure of the fault tree into the Bayesian network in the field of process safety based on a method proposed by Bobbio et al. (2001). These two studies are static in nature. Khakzad et al. (2013) described a dynamic method by mapping bow-tie analysis in the Bayesian network and demonstrating the probability adapting to update probability in presence of new information. The limitation of this study is that it did not consider the sequential dependency and the effect of time in the model. Khakzad et al. (2012) explained an interval based approach for risk based process system design using discrete time Bayesian network.

The purpose of this study is to develop a dynamic operational risk assessment method that can update risk with time, model sequential dependencies, demonstrate the effect of inspection and testing time intervals and incorporate other time dependent effects. This study has adopted Montani et al. (2005) methodology to demonstrate dynamic risk assessment methodology for chemical process safety and risk assessment using temporal reasoning with Bayesian network. The method described in this study has the ability to quantify operational changes due to sequential dependencies of equipment easily, which is one of the main advantages. This study has discussed the procedure to transform dynamic gates into the Bayesian network (BN) and subsequently to dynamic Bayesian network to perform the dynamic analysis of the system to capture changes in the values of different variables with time. By applying the Bayesian network, causal relationship between causes and effects have been described by assigning conditional probability, and then the Bayesian statistics has been used for probability estimation. Method of conditional probabilities development to describe the dependencies of difference variables is the main difference between this study and the method provided by Khakzad et al. (2012). This study described construction of conditional probability tables, which will be easier to apply in real life. This study demonstrates a quantitative dynamic operational risk assessment method for chemical process safety field. GeNIe (Decision Systems Laboratory, 2010), an open source software developed by Decision System Laboratory, University of Pittsburgh, has been used to exhibit the application of the model.

The framework of the study (see Fig. 2) and brief description of the dynamic gates are presented in Section 2. Procedure of conventional and dynamic fault tree gates mapping in Bayesian network is explained in Section 2.4. A case study is provided in Section 4 to describe the application of the method. Summary of the study and recommendations for future work are provided in Section 4.

Section snippets

Scope identification & system description

For developing dynamic operational risk assessment methodology based on the Bayesian network, it is important to identify the scope of work. It is also necessary to describe the system. According to the requirement, the scope can vary from small scale to large scale of the system. For system description, process information as process block diagram, process flow diagram (PFD), piping and instrumentation diagram (P&ID), equipment/components in the system and their failure modes should be stated.

Identification of the possible initiating event and component failure mode

Scope identification and system description: tank hold-up problem

A holdup tank problem is provided in Fig. 10 to illustrate the methodology. Similar types of holdup tank problem were studied bySiu (1994) and Hurdle et al. (2009). Under normal condition, the level of the system is maintained between ‘x1’ and ‘x2’. In normal circumstances, liquid flows out through the outlet valve, which is partially open. A primary pump supplies liquid to the system. Sensor, S1 sends signal to controller C1, to actuate valve-, V1 either to open to supply more liquid or close

Summary and recommendations

Application of Bayesian network in the field of chemical process safety and risk analysis offers number of advantages. Bayesian network can combine the expert judgment and quantitative knowledge to estimate risk. Also, it demonstrates changes of variables with time through the reasoning process. Application of Bayesian network is very much helpful for the area where the availability of data is limited.

This study demonstrates discrete time dynamic Bayesian network for dynamic operational risk

References (35)

  • X. Yang et al.

    The development and application of dynamic operational risk assessment in oil/gas and chemical process industry

    Reliab. Eng. Syst. Saf.

    (2010)
  • H. Boudali et al.

    A continuous-time Bayesian network reliability modeling, and analysis framework

    IEEE Trans. Reliab.

    (2006)
  • P. Cacciabue et al.

    Dynamic logical analytical methodology versus fault tree: the case of the auxiliary feedwater system of a nuclear power plant

    Nucl. Technol.

    (1986)
  • G. Celeus et al.

    Designing a Bayesian network for preventive maintenance from expert opinions in a rapid and reliable way

    Reliab. Eng. Syst. Saf

    (2006)
  • Center for Chemical Process Safety (CCPS)

    Layer of protection analysissimplified process risk assessment

    (2001)
  • T. Dean et al.

    A model for reasoning about persistence and causation

    Comput. Intell

    (1989)
  • Decision Systems Laboratory

    GeNIe (Graphical Network Interface and SMILE (Structural Modeling, Inference, and Learning Enginer), Version 2.0 Software

    (2010)
  • Cited by (126)

    • Dynamic risk analysis of evolving scenarios in oil and gas separator

      2024, Reliability Engineering and System Safety
    View all citing articles on Scopus
    View full text