SafetyBarrierIViewer

SafetyBarrier

i

Viewer

ExampleProject.sbmx

Run-away reaction

Add Water 0.02 X Check recipe 0.1 X Dump water 0.02 X PRV on top 0.001 Wrong amounts in reactor 0.01 /y Mechanical Failure 0.01 /y Electrical Failure 0.001 /y No Power 0.01 /y No Mixing 0.021 /y Temperature rise 0.00142 /y Boiling in reactor 8.649E-5 /y Vessel Burst 8.649E-8 /y Release 8.641E-5 /y
Add Water 0.02 X Check recipe 0.1 X Recipe prepared by engineer Training of operators Dump water 0.02 X PRV on top 0.001 Preventive maintenance Test of PRV Wrong amounts in reactor 0.01 /y Mechanical Failure 0.01 /y Preventive maintenance Electrical Failure 0.001 /y No Power 0.01 /y No Mixing 0.021 /y Temperature rise 0.00142 /y Boiling in reactor 8.649E-5 /y Vessel Burst 8.649E-8 /y Release 8.641E-5 /y

Tank filling

Control of level indicator 0.01 High Level Alarm 0.05 Tank wall 0.001 Filling operation 52 /y Level exceeds normal fill level 0.52 /y Tank overflow 0.026 /y Tank bassin is partly filled 0.02597 /y Uncontrolled liquid spill 2.6E-5 /y
(This Diagram has no Measures assigned) Control of level indicator 0.01 High Level Alarm 0.05 Tank wall 0.001 Filling operation 52 /y Level exceeds normal fill level 0.52 /y Tank overflow 0.026 /y Tank bassin is partly filled 0.02597 /y Uncontrolled liquid spill 2.6E-5 /y

Project

NAME: ExampleProject.sbmx
DESCRIPTION
Example using the ARAMIS management factors and barrier types

Initial Event

NAME: No Power
Expected Frequency of Occurrence per Year: 0.01
DESCRIPTION

Intermediate Event

NAME: No Mixing
Expected Frequency of Occurrence per Year: 0.021
DESCRIPTION

Initial Event

NAME: Mechanical Failure
Expected Frequency of Occurrence per Year: 0.01
DESCRIPTION

MEASURE 1: Preventive maintenance
MEASURE 1 DESCRIPTION


MEASURE 1 MANAGEMENT ISSUE: 7th ARAMIS Item, Hard/software Inspection, Maintenance, and Replacement

Initial Event

NAME: Electrical Failure
Expected Frequency of Occurrence per Year: 0.001
DESCRIPTION

Intermediate Event

NAME: Temperature rise
Expected Frequency of Occurrence per Year: 0.00142
DESCRIPTION

Critical Event

NAME: Boiling in reactor
Expected Frequency of Occurrence per Year: 8.649E-5
DESCRIPTION

Consequence

NAME: Vessel Burst
Expected Frequency of Occurrence per Year: 8.649E-8
DESCRIPTION

Consequence

NAME: Release
Expected Frequency of Occurrence per Year: 8.641E-5
DESCRIPTION

Initial Event

NAME: Wrong amounts in reactor
Expected Frequency of Occurrence per Year: 0.01



NAME: Input til AndGate
Probability or Time fraction (<1): 0.1



NAME: Other input to AndGate
Probability or Time fraction (<1): 0.2



NAME: OutPut of AndGate
Probability or Time fraction (<1): 0.3826



NAME: Input to Or Gate
Probability or Time fraction (<1): 0.1



NAME: Another input to OrGate
Probability or Time fraction (<1): 0.3

Initial Event

NAME: Filling operation
Expected Frequency of Occurrence per Year: 52
DESCRIPTION

Intermediate Event

NAME: Level exceeds normal fill level
Expected Frequency of Occurrence per Year: 0.52

Intermediate Event

NAME: Tank overflow
Expected Frequency of Occurrence per Year: 0.026

Consequence

NAME: Tank bassin is partly filled
Expected Frequency of Occurrence per Year: 0.02597
DESCRIPTION

Consequence

NAME: Uncontrolled liquid spill
Expected Frequency of Occurrence per Year: 2.6E-5
DESCRIPTION

Barrier Diagram

NAME: Run-away reaction
DESCRIPTION
The project's first diagram
Boiling in reactor

OR Gate

NAME: Gate1

Barrier

NAME: Add Water
Probability of Failure on Demand (PFD): 0.02
DESCRIPTION

GENERIC BARRIER: Operator control operation
GENERIC BARRIER DESCRIPTION

BARRIER TYPE: 7 Activated Barrier - Manual (Human action triggered by active hardware detection)
BARRIER TYPE DESCRIPTION

COMMON ELEMENT 1: Single procesoperator
COMMON ELEMENT 1 DESCRIPTION

Barrier

NAME: Check recipe
Probability of Failure on Demand (PFD): 0.1
DESCRIPTION

BARRIER TYPE: 10 Activated Barrier - Procedural (Observation of local conditions not using instruments)
BARRIER TYPE DESCRIPTION

COMMON ELEMENT 1: Single procesoperator
COMMON ELEMENT 1 DESCRIPTION

MEASURE 1: Training of operators
MEASURE 1 MANAGEMENT ISSUE: 2nd ARAMIS Item, Competence and Suitability

MEASURE 2: Recipe prepared by engineer
MEASURE 2 DESCRIPTION


MEASURE 2 MANAGEMENT ISSUE: 5th ARAMIS Item, Procedures, rules, and goals

Barrier

NAME: Dump water
Probability of Failure on Demand (PFD): 0.02
DESCRIPTION

BARRIER TYPE: 5 Activated Barrier - Hardware on demand
BARRIER TYPE DESCRIPTION

COMMON ELEMENT 1: Single procesoperator
COMMON ELEMENT 1 DESCRIPTION

Barrier

NAME: PRV on top
Probability of Failure on Demand (PFD): 0.001
DESCRIPTION

GENERIC BARRIER: Pressure RV
GENERIC BARRIER DESCRIPTION

BARRIER TYPE: 5 Activated Barrier - Hardware on demand
BARRIER TYPE DESCRIPTION

MEASURE 1: Preventive maintenance
MEASURE 1 DESCRIPTION


MEASURE 1 MANAGEMENT ISSUE: 7th ARAMIS Item, Hard/software Inspection, Maintenance, and Replacement

GENERIC BARRIER MEASURE 1: Test of PRV
GENERIC BARRIER MEASURE 1 DESCRIPTION


GENERIC BARRIER MEASURE 1 MANAGEMENT ISSUE: 7th ARAMIS Item, Hard/software Inspection, Maintenance, and Replacement

Barrier Diagram

NAME: Tank filling
DESCRIPTION
Tank filling operation

Barrier

NAME: Control of level indicator
Probability of Failure on Demand (PFD): 0.01
DESCRIPTION

 

BARRIER TYPE: 10 Activated Barrier - Procedural (Observation of local conditions not using instruments)
BARRIER TYPE DESCRIPTION

Barrier

NAME: High Level Alarm
Probability of Failure on Demand (PFD): 0.05
DESCRIPTION

BARRIER TYPE: 7 Activated Barrier - Manual (Human action triggered by active hardware detection)
BARRIER TYPE DESCRIPTION

Barrier

NAME: Tank wall
Probability of Failure on Demand (PFD): 0.001
DESCRIPTION

BARRIER TYPE: 2 Permanent Passive Barrier
BARRIER TYPE DESCRIPTION

Measure

NAME: Test of PRV
DESCRIPTION


MANAGEMENT ISSUE: 7th ARAMIS Item, Hard/software Inspection, Maintenance, and Replacement
DESCRIPTION

Measure

NAME: Preventive maintenance
DESCRIPTION


MANAGEMENT ISSUE: 7th ARAMIS Item, Hard/software Inspection, Maintenance, and Replacement
DESCRIPTION

Measure

NAME: Training of operators
MANAGEMENT ISSUE: 2nd ARAMIS Item, Competence and Suitability
DESCRIPTION

Measure

NAME: Recipe prepared by engineer
DESCRIPTION


MANAGEMENT ISSUE: 5th ARAMIS Item, Procedures, rules, and goals
DESCRIPTION

Consequences

Barrier Diagram Consequence Prob./Expected Freq. (Unit) Severity
Run-away reaction Vessel Burst 8.649E-8 Expected Frequency of Occurrence per Year 4: Serious Consequences
Run-away reaction Release 8.641E-5 Expected Frequency of Occurrence per Year 1: Insignificant Consequences
Tank filling Tank bassin is partly filled 0.02597 Expected Frequency of Occurrence per Year 1: Insignificant Consequences
Tank filling Uncontrolled liquid spill 2.6E-5 Expected Frequency of Occurrence per Year 4: Serious Consequences

Critical Events

Barrier Diagram Critical Event Prob./Expected Freq. (Unit)
Run-away reaction Boiling in reactor 8.649E-5 Expected Frequency of Occurrence per Year

Risk Matrix

Expected Frequency of Occurrence per Year 0: No Consequences 1: Insignificant Consequences 2: Noticeable Consequences 3: Significant Consequences 4: Serious Consequences 5.1: Major Accident - <10 fatalities/limited damage to the environment 5.2: Major Accident - >10 fatalities/extensive damage to the environment
Frequent More likely than: 0.001 Tank bassin is partly filled
Probable Less likely than: 0.001 Release
Unlikely Less likely than: 3.16228E-5 Uncontrolled liquid spill
Improbable Less likely than: 1E-6 Vessel Burst
Very Improbable Less likely than: 3.16228E-8

Barriers

Barrier Barrier Diagram Generic Barrier Barrier Type PFD Description 1st ARAMIS Item, Manpower Planning and Availability 2nd ARAMIS Item, Competence and Suitability 3rd ARAMIS Item, Commitment, Compliance and Conflict resolution 4th ARAMIS Item, Communication and Coordination 5th ARAMIS Item, Procedures, rules, and goals 6th ARAMIS Item, Hard/software purchase, build, interface, install 7th ARAMIS Item, Hard/software Inspection, Maintenance, and Replacement 0th ARAMIS Item, Safety Culture
Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating
Add Water Run-away reaction Operator control operation 7 Activated Barrier - Manual (Human action triggered by active hardware detection) 0.02 Operator control operation; Routine operation to add water to reactor when temperature reading gets outside normal operation envelope Instrument reading does not depend on external power supply. Water is obtained from normal water supply which is normally pressurised even in case of a power failure. A possible common cause failure of water supply and power failure need to be accounted for. The temperature that triggers action needs to be indisputable (fixed, documented and informed). Water needs to be injected with sufficient momentum to obtain mixing even when stirring mechanism has failed. Common Element: Single procesoperator
Check recipe Run-away reaction 10 Activated Barrier - Procedural (Observation of local conditions not using instruments) 0.1 The process operator checks that the amount of substances fed into the reactor correspond with the prescribed recipe
Dump water Run-away reaction 5 Activated Barrier - Hardware on demand 0.02 Activated Barrier - Hardware on demand A mechanic heat sensor will open the valve from a tank filled with X m3 water above the reactor. The water will flow to the tank by gravity (air will be let out by the open vent pipe). Attention has to be paid that sufficient mixing is obtained to stop the reaction Common Element: Single procesoperator
PRV on top Run-away reaction Pressure RV 5 Activated Barrier - Hardware on demand 0.001 Generic Pressure Relief Valves 0.5 0 0.5 0
Control of level indicator Tank filling 10 Activated Barrier - Procedural (Observation of local conditions not using instruments) 0.01 Control of level indicator and manual stop of filling operation
High Level Alarm Tank filling 7 Activated Barrier - Manual (Human action triggered by active hardware detection) 0.05 Alarm with lamp marked "tank overfill", and sound signal. The operator has to stop the filling operation manually 7 Activated Barrier - Manual (Human action triggered by active hardware detection) 0.05 0 0.2 0.7 0.05 0.6 0.1 0.6 0.3 0.9 0.1 0.9 0.2 0.75
Tank wall Tank filling 2 Permanent Passive Barrier 0.001 Tank wall around tank, can contain the contents of the tank plus the contents of the delivery truck 2 Permanent Passive Barrier 0.7 0.8 0.3 0.7

Generic Barriers

Generic Barrier Barrier Type PFD Description 1st ARAMIS Item, Manpower Planning and Availability 2nd ARAMIS Item, Competence and Suitability 3rd ARAMIS Item, Commitment, Compliance and Conflict resolution 4th ARAMIS Item, Communication and Coordination 5th ARAMIS Item, Procedures, rules, and goals 6th ARAMIS Item, Hard/software purchase, build, interface, install 7th ARAMIS Item, Hard/software Inspection, Maintenance, and Replacement 0th ARAMIS Item, Safety Culture
Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating
Pressure RV 5 Activated Barrier - Hardware on demand 0.001 Generic Pressure Relief Valves 0.5 0.8 0.5 0.9
tank wall 1 Permanent Passive (Control) 0 1 Permanent Passive (Control) 0.8 0.8 0.2 0.7
Operator control operation 7 Activated Barrier - Manual (Human action triggered by active hardware detection) 0.01 Type: Activated Barrier - Manual (Human action triggered by active hardware detection) Normal control operation in response to instrument reading - highly routine operation (rule based) 0.05 0 0.2 0.7 0.05 0.6 0.1 0.6 0.3 0.9 0.1 0.9 0.2 0.75

Barrier Types

Barrier Type Description 1st ARAMIS Item, Manpower Planning and Availability 2nd ARAMIS Item, Competence and Suitability 3rd ARAMIS Item, Commitment, Compliance and Conflict resolution 4th ARAMIS Item, Communication and Coordination 5th ARAMIS Item, Procedures, rules, and goals 6th ARAMIS Item, Hard/software purchase, build, interface, install 7th ARAMIS Item, Hard/software Inspection, Maintenance, and Replacement 0th ARAMIS Item, Safety Culture
Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating
1 Permanent Passive (Control) Detection: none; Diagnosis: none; Activation: hardware. Passive controls are those elements in a process system that are necessary for the system to operate, and essential to avoid the hazardous situations. Typical examples are tanks (tank walls) pipes (pipewalls), anticorrosion paint, floating tank lids, viewing ports in vessels 0.8 0.8 0.2 0.7
2 Permanent Passive Barrier Detection: none; Diagnosis: none; Activation: hardware. Passive Barriers are elements in a system that are constantly present (i.e. they do not need to be activated), and that are installed with the only reason to avoid or limit hazardous situations (i.e. the installation can in principle operate without those barriers). Typical examples are tank bunds, dyke, blastwalls, fire protection, drainage sump, fence, lightning conductors 0.7 0.8 0.3 0.7
3 Temporary Passive Barrier Detection: none; Diagnosis: none (must be put in place); Activation: hardware. Barriers temporary put in place such as barriers round repair work, blind flanges over open pipes, spades in pipes, inhibitors in substances
4 Permanent Active Barrier Detection: none; Diagnosis: none (need operator activation in some conditions); Activation: hardware.These barriers are constantly present, but need an energy source to work, such as ventilation, active corrosion protection, inerting, heating or cooling.
5 Activated Barrier - Hardware on demand Detection: hardware; Diagnosis: hardware; Activation: hardware. Barriers and controls that by hardware take action: Pressure relief valves, interlock systems with logic, sprinkler installation (barriers). Pressure/temperature/level control (controls or barriers) 0.5 0.8 0.5 0.9
6 Activated Barrier - Automated Detection: hardware; Diagnosis: software; Activation: hardware. Programmable automated device, control system or shutdown system
7 Activated Barrier - Manual (Human action triggered by active hardware detection) Detection: hardware; Diagnosis: behaviour (Rule, Skill or Knowledge based); Activation: Behaviour with possible hardware assist. Actions of operators in response to instrument reading, signals or alarms, e.g. Manual shutdown or adjustment, evacuation, donning breathing apparatus or calling fire brigade on alarm, action triggered by remote camera, drain valve, close/open (correct) valve 0.05 0 0.2 0.7 0.05 0.6 0.1 0.6 0.3 0.9 0.1 0.9 0.2 0.75
8 Activated Barrier - Warned (Human Action based on passive warning) Detection: hardware; Diagnosis: behaviour (Skill or Rule); Activation: behaviour. Donning persinal protection equipment in danger area, refraining from smoking, keeping within white lines, opening labelled pipe, keeping out of prohibited areas
9 Activated Barrier - Assisted (Software presents diagnosis to operator) Detection: hardware; Diagnosis: Software/Behaviour (Rule or Knowledge based); Activation: Behaviour with possible hardware assist. Using an expert system or other software that determines the plant state based on some combination of inputs
10 Activated Barrier - Procedural (Observation of local conditions not using instruments) Detection: Human; Diagnosis: Behaviour (Skill or Rule based); Activation: Behaviour with possible hardware assist. (Correctly) follow start up/shutdown/batch process procedure, adjust setting of hardware, warn others to act or evacuate, (un)couple tanker from storage, empty purge line before opening, drive tanker, lay down water curtain
11 Activated Barrier - Emergency (Ad-hoc observation of deviation and improvised response) Detection: Human; Diagnosis: Behaviour (Knowledge based); Activation: Behaviour with possible hardware assist. Response to unexpected emergency, e.g. improvised jury-rig during maintenance, fight fire

Common Elements

Barrier Element PFD Description 1st ARAMIS Item, Manpower Planning and Availability 2nd ARAMIS Item, Competence and Suitability 3rd ARAMIS Item, Commitment, Compliance and Conflict resolution 4th ARAMIS Item, Communication and Coordination 5th ARAMIS Item, Procedures, rules, and goals 6th ARAMIS Item, Hard/software purchase, build, interface, install 7th ARAMIS Item, Hard/software Inspection, Maintenance, and Replacement 0th ARAMIS Item, Safety Culture
Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating Weight Rating
Single procesoperator 0.002 The process i run by a single process operator, who has several safety critical tasks

Gates

Gate Barrier Diagram Gate Type Description
Gate1 Run-away reaction OR Gate

Conditions

Condition Condition Type Freq. or Prob. Unit Description Severity
No Power Initial Event 0.01 Expected Frequency of Occurrence per Year General power failure during critical phase of reaction; Power failures longer than a few minutes happen once per year. Reaction is in critical phase about 1% of time. Start of batch process is hard-locked with availability of power and cooling
No Mixing Intermediate Event 0.021 Expected Frequency of Occurrence per Year No mixing in the reactor or no cooling at the reactor wall
Mechanical Failure Initial Event 0.01 Expected Frequency of Occurrence per Year Mechanical failure of either cooling system or stirring mechanism.
Electrical Failure Initial Event 0.001 Expected Frequency of Occurrence per Year Electrical failure during operation in the control and power system of stirring mechanism or cooling pump
Temperature rise Intermediate Event 0.00142 Expected Frequency of Occurrence per Year If there is no mixing or cooling, the reaction heat will increase the temperature, at least locally inside the reactor.
Boiling in reactor Critical Event 8.649E-5 Expected Frequency of Occurrence per Year If no cooling or no mixing, the reaction may develop exponentially, and the heat production can cause the contents to start boiling
Vessel Burst Consequence 8.649E-8 Expected Frequency of Occurrence per Year Burst of reactor vessel in the reactor hall total release of whole contents in the hall. The operator in the hall is likely to be fatally injured 4: Serious Consequences
Release Consequence 8.641E-5 Expected Frequency of Occurrence per Year Release of toxic material from the vent line to the atmophere 1: Insignificant Consequences
Wrong amounts in reactor Initial Event 0.01 Expected Frequency of Occurrence per Year
Input til AndGate Not used in any diagram 0.1 Probability or Time fraction (<1)
Other input to AndGate Not used in any diagram 0.2 Probability or Time fraction (<1)
OutPut of AndGate Not used in any diagram 0.3826 Probability or Time fraction (<1)
Input to Or Gate Not used in any diagram 0.1 Probability or Time fraction (<1)
Another input to OrGate Not used in any diagram 0.3 Probability or Time fraction (<1)
Filling operation Initial Event 52 Expected Frequency of Occurrence per Year Filling operation is performed every week
Level exceeds normal fill level Intermediate Event 0.52 Expected Frequency of Occurrence per Year
Tank overflow Intermediate Event 0.026 Expected Frequency of Occurrence per Year
Tank bassin is partly filled Consequence 0.02597 Expected Frequency of Occurrence per Year Tank bassin below the tank is filled with up to the capacity of the delivery tank's contents. Evaporation is possible 1: Insignificant Consequences
Uncontrolled liquid spill Consequence 2.6E-5 Expected Frequency of Occurrence per Year The material is flowing outside the tank bassin, possible pollution of nearby river 4: Serious Consequences

Measures

Measure Description Applies to: Barriers Applies to: Initial Conditions Management Issue
Test of PRV PRV's are tested every 6 months according to procedure XXX PRV on top 7th ARAMIS Item, Hard/software Inspection, Maintenance, and Replacement
Preventive maintenance Maintenance is performed every 12 months PRV on top Mechanical Failure 7th ARAMIS Item, Hard/software Inspection, Maintenance, and Replacement
Training of operators Check recipe 2nd ARAMIS Item, Competence and Suitability
Recipe prepared by engineer All recipes are prepared by an engineer Check recipe 5th ARAMIS Item, Procedures, rules, and goals

Management Issues

Management Issue Performance Description
1st ARAMIS Item, Manpower Planning and Availability 1 Manpower Planning covers allocating the necessary time (or numbers) of competent people to the tasks that have to be carried out, at the moment (or within the time frame) when they should be carried out. It also covers the process of planning and allocation of tasks over time, including coverage for: Holidays, Sick leave, Peak loads, Ensuring breaks and rest pauses, and Limiting overtime and fatigue. Personnel Availability ensures that personnell is available for all relevant tasks in relation to the functioning and management of barriers (operations, maintenance, emergency), including:Operating personnel, Maintenance personnel, Inspection, testing incl. general plantwalk-rounds, Supervision, and Back-up , emergency crews.
2nd ARAMIS Item, Competence and Suitability 0.86 Competence covers the knowledge, skills, and abilities of first-line and/or back-up personnel for the safe execution of safety-critical tasks related to barrier functioning or management. Competence covers the cognitive aspects of behaviour, which can be learned through training, experience and practice. They include: Job content/safety, e.g.: Plant process knowledge: - Operating procedures, critical tasks, action alternatives, skills - Boundary of safety operations - Hazards, safety consequences of actions, safety priorities - Safety responsibility/task boundaries Inspection & testing procedures: - Fault diagnosis & response - Emergency procedures - Maintenance diagnosis - Safe isolation and recommissioning - Equipment dismantling, repair, testing & reassembly Other skills: - Communications - Team work - Supervision/management - Issuing instructions Suitability covers physical attributes that are usually more permanent characteristics of an individual, though some can be modified or compensated for over the longer term. They include: Size, strength, dexterity, Physical condition, health, Visual acuity, colour blindness, and Hearing.
3rd ARAMIS Item, Commitment, Compliance and Conflict resolution 0.8 Commitment and conflict resolution are concerned with: - Information, training and discussion on what is important and has priority - Rapid confrontation and correction of deviations from the desired working method, state or condition - High (publicity) profile and reward for achievements on safety - Appraisal schemes with explicit attention to safety performance - Recurrent active attention to safety in meetings, discussions and actions - Procedure violations - Keeping to the prescribed operating envelope - Safety and production/time pressures e.g. production pressures reducing scheduled maintenance/inspection, operations which come under time pressure for implementation, reluctance to declare emergencies or shutdown plant because of loss of production - Safety critical maintenance priority over production - Balancing production targets, resource availability/costs and inspection and maintenance requirements via e.g. time schedules and budget setting - Safety budget (increased/decreased)
4th ARAMIS Item, Communication and Coordination 0.85 The communication and coordination concerns itself with: - Communication channels (phone, radio, minutes, reports, etc.) - Coordination methods (e.g. meetings, supervision) - Communication between: Different persons engaged on one task as team or working in sequence, and Shifts at changeover - Communication about: Work content Barrier/plant status Job instructions Priorities Who does what, where and when Need for action or (back-up) personnel and equipment - Communication systems for sharing operation/maintenance hazard concerns and experience
5th ARAMIS Item, Procedures, rules, and goals 0.8 The procedures, rules and goals delivery system is occupied with identifying tasks that need (detailed) written rules and procedures, and subsequently providing and promulgating these. This system also delivers output goals for tasks that do not need a detailed procedure. Procedures and rules are specific performance criteria, which specify in detail, usually in written form, a formalised 'normative' behaviour or method for carrying out an activity (checklist, task list, action steps, plan, instruction manual, fault-finding heuristic, form to be completed, etc.). Output goals are performance measures for an activity, which specify what the result of the activity should be, but not how the results should be achieved. They are objectives, goals or outputs. The procedures, rules and goals delivery system concerns itself with: Coverage (i.e. all safety situations), Accuracy, Readability/usability, Size/complexity/overload or rule sets, Clarity/ambiguity, Up-to-date, Indicating priorities.
6th ARAMIS Item, Hard/software purchase, build, interface, install 1 Management of barrier (and spares) purchase, construction, installation and adjustment deals with the management process for ensuring that the hardware/ software barriers and barrier elements in agreement with specifications are acquired, either by purchase from outside, or by construction on site, are put in place and adjusted and that the spare parts or replacements purchased and stored for the maintenance phase of their life cycle are the correct ones and are in good condition when used. The process should pay explicit attention to the human factors aspects of the interface between barrier elements and their users in the case of mixed barriers.
7th ARAMIS Item, Hard/software Inspection, Maintenance, and Replacement 0.8 Management of inspection, maintenance and replacement deals with the management processes for ensuring that the specified hardware/software barriers and barrier elements are kept in an effective state. It covers all hardware and software which has a function within any barrier designed to fulfill a safety function in the plant. It forms the part of the life cycle of these barrier elements from the point where they have been installed and adjusted and are ready for use. It covers all the activities which monitor the working of the barriers, detect the (chance of) deviation from the designed working and identify the need for work to be done to restore the functioning or replace the barrier (elements) with new ones. This process also manages small modifications which are carried out at the same time as, and under the same management as the maintenance activities. Where the modifications are of a more major type, which are (or should be) dealt with by a change management process, these are covered by the protocol on learning and change.
0th ARAMIS Item, Safety Culture 0.75 Safety culture can be assessed by questionnaire surveys of the personnel. Safety culture addresses the following issues: Learning and willingness to report: the employees' willingness / reluctance to report accidents and incidents, their perception of feedback from reporting and dissemination of lessons learned. Safety prioritisation, rules and compliance covering use of and familiarity with rules and instructions; the prioritisation of safety versus productivity and ease of work; the extent to which and the circumstances under which safety procedures may be violated. Leadership involvement and commitment concerns both the avowed involvement and commitment of management and supervisors and team leaders as well as employee perception of their commitment and involvement Risk and human performance limitation perception concerns management and employee awareness of hazards, risks and human error potentials (fatigue, automation etc.) relevant to their work. Felt responsibility concerns the employee's perception of who is responsible for safety at work including felt ownership of responsibility Trust and fairness involves management's trust in employees and, crucially, employees' trust in top management and their immediate leaders and employee perception of fairness in the workplace. Work team atmosphere and support comprises employees' perception of teamwork and the'spirit' in their respective teams; the extent to which the team gives its members support and help; and the extent to which respondents are willing to speak up and warn each other of dangers. Motivation, influence and involvement comprises (i) work as meaningful; (ii) own influence on work planning and execution; (iii) motivation and involvement; and (iv) feeling informed and finding work predictable

Barrier Diagrams

Diagram Name Number of: Barriers Number of: Gates Number of: Event Tree Branches Description
Run-away reaction 4 1 0 The project's first diagram Boiling in reactor
Tank filling 3 0 0 Tank filling operation

Event Tree Branches

Event Tree Branch Name Diagram Name Number of: Event Tree Branches Event Tree Branches & Probability Description