Figure 2: Line of Defence / Layers of
Protection in Process Safety
vessel contents to the environment. Although
this results in a “loss of containment,” the fluid is
discharged at an appropriate/minimum quantity
and to a specific safe location. The aim of relieving
the system is to avoid the catastrophic rupture of
the system by depressurising it.
As depicted via the example of a relief system,
the layers of protection basically employ actions
to minimise the impact of a loss of containment
event. Such layers of protections limit the extent of
the loss event. There are common cases in which
process plants provide secondary containment
or diking for flammable tank areas to ensure only
small areas are affected due to any discharge
of hazardous and environmentally unfriendly
material. The mitigation action also includes
installation of fire water systems which consist of
deluge systems or water curtains and long-range
water cannons.
Another layer of protection is provided when
operations are fully prepared for an emergency.
There must be an effective emergency response
plan which requires reliable communication
from the detection of loss of containment to the
discharge of the released gas to warn surrounding
areas of potential problems and to trigger-start
early and proper responses to minimise the impact
of the loss event.
As highlighted earlier, process safety is to
prevent and mitigate accidental or unintentional
loss of containment of hazardous materials. The
implementation of layers of protections provide
barriers to prevent undesired impact events from
reaching people, the environment, or equipment
thereby accomplishing process safety objectives.
Why Accidents still happen
Some recent process safety accidents include
the Texas City (2005) and Buncefield (2005)
explosions. Even though the layers of protections
system may have been implemented for many
decades and as a result most hazardous, out
of control conditions are known and protected,
serious accidents still happen today. And one can
therefore ask oneself, why do these accidents still
happen?
The occurrence of these accidents was not due
to unknown physical or chemical process hazards.
The Buncefield explosion, for example, was due
to the ignition of a vapour cloud emanating from
spilled gasoline due to overfilling a storage tank
[6]. And it has long been recognised that fires or
vapour cloud explosions can occur as a result
of spillage of flammable materials from aboveground storage tanks in tank farms. Common
causes that could unleash spills include overfilling,
leaking from worn-out and corroded containment,
and loss of containment due to pipeline ruptures.
In the Buncefield incident, investigators said faulty
gauges and safety devices led to overfilling a fuel
73