Skip to main content

Guidelines for Initiating Events and Independent Protection Layers in Layer of Protection Analysis

Guidelines for Initiating Events and Independent Protection Layers in Layer of Protection Analysis

CCPS (Center for Chemical Process Safety)

ISBN: 978-0-470-34385-2

Dec 2014

384 pages

In Stock



The book is a guide for Layers of Protection Analysis (LOPA) practitioners.   It explains the onion skin model and in particular, how it relates to the use of LOPA and the need for non-safety instrumented independent protection layers. It provides specific guidance on Independent Protection Layers (IPLs) that are not Safety Instrumented Systems (SIS).  Using the LOPA methodology, companies typically take credit for risk reductions accomplished through non-SIS alternatives; i.e. administrative procedures, equipment design, etc.   It addresses issues such as how to ensure the effectiveness and maintain reliability for administrative controls or “inherently safer, passive” concepts.

This book will address how the fields of Human Reliability Analysis, Fault Tree Analysis, Inherent Safety, Audits and Assessments, Maintenance, and Emergency Response relate to LOPA and SIS. 

The book will separate IPL’s into categories such as the following:

  1. Inherent Safety
    • eliminates a scenario or fundamentally reduces a hazard
  2. Preventive/Proactive
    • prevents initiating event from occurring such as enhanced maintenance
  3. Preventive/Active
    • stops chain of events after initiating event occurs but before an incident has occurred such as high level in a tank shutting off the pump.
  4. Mitigation (active or passive)
    • minimizes impact once an incident has occurred such as closing block valves once LEL is detected in the dike (active) or the dike preventing contamination of groundwater (passive).

List of Data Tables xi

Acronyms and Abbreviations xv

Glossary xix

Acknowledgments xxv

Preface xxix

Introduction 1

1.1 Audience 2

1.2 Scope 3

1.3 Key Changes Since the Initial LOPA Concept Book 4

1.4 Recap of LOPA 6

1.5 Disclaimer 10

1.6 Linkage to Other CCPS Publications 11

1.7 Annotated Description of Chapters 13

Overview: Initiating Events and Independent Protection Layers 16

2.1 LOPA Elements: An Overview 16

2.2 Management Systems to Support LOPA 16

2.3 Scenario Selection 18

2.4 Overview of Scenario Frequency 20

2.5 Overview of Consequences 28

2.6 Risk Considerations 29

2.7 Conclusions 31

Core Attributes 34

3.1 Introduction to Core Attributes 34

3.2 Independence 35

3.3 Functionality 40

3.4 Integrity 47

3.5 Reliability 49

3.6 Auditability 52

3.7 Access Security 53

3.8 Management of Change 54

3.9 Use of Data Tables 55

Example Initiating Events and IE Frequencies 58

4.1 Overview of Initiating Events 58

4.2 Inherently Safer Design and Initiating Event Frequency 59

4.3 Specific Initiating Events for Use in LOPA 60

4.4 External Events 113

4.5 What if Your Candidate Initiating Event is Not Shown in a Data Table? 113

Example IPLs and PFD Values 116

5.1 Overview of Independent Protection Layers (IPLs) 116

5.2 Specific Independent Protection Layers for Use in LOPA 118

5.3 What if Your Candidate IPL is Not Shown in a Data Table? 263

Advanced LOPA Topics 268

6.1 Purpose 268

6.2 Use of QRA Methods Relative to LOPA 269

6.3 Evaluation of Complex Mitigative IPLs 275

6.4 Conclusions 277

Appendices 280

Appendix A: Human Factors Considerations 282

Appendix B: Site-Specific Human Performance Data Collection and Validation 300

Appendix C: Site-Specific Equipment Data Collection and Validation  310

Appendix D: Example Reliability Data Conversion for Check Valves 324

Appendix E: Considerations for Overpressure of Pressure Vessels and Piping 328