ARTICLE IN PRESS

Journal of Loss Prevention in the Process Industries xxx (2009) 18

Contents lists available at ScienceDirect

Journal of Loss Prevention in the Process Industries

journal homepage: www.elsevier.com/locate/jlp

Fuzzy logic for process safety analysis

Adam S. Markowski a, *, M. Sam Mannan b,1, Agata Bigoszewska a
a b

Process Safety and Ecological Division, Faculty of Process and Environmental Engineering, Technical University of Lodz, 90-924 Lodz, ul. Wolczanska 213, Poland Mary Kay OConnor Process Safety Center, Artie McFerrin Department of Chemical Engineering, Texas A&M University System, 3122 TAMU, College Station, TX 77843-3122, USA

a r t i c l e i n f o
Article history: Received 19 May 2008 Received in revised form 22 October 2008 Accepted 21 November 2008 Keywords: Process safety analysis Fuzzy logic Risk assessment Uncertainty Bow-tie model Fault tree analysis Event tree analysis

a b s t r a c t
Fuzzy logic deals with uncertainty and imprecision, and is an efcient tool for solving problems where knowledge uncertainty may occur. Such situations frequently arise in a quantitative fault and event tree analysis in safety and risk assessment of different processes. The lack of detailed data on failure rates, uncertainties in available data, imprecision and vagueness may lead to uncertainty in results, thus producing an underestimated or overestimated process risk level. This paper explores the application of fuzzy sets theory for basic tools used in process safety analysis such as fault and event tree methods which can be further used in the bow-tie approach for accident scenario risk assessment. In the traditional fault and event tree analyses, the input variables are treated as exact values and the exact outcome data are received by an appropriate mathematical approach. In the fuzzy method, all variables are replaced by fuzzy numbers in the process of fuzzication and subsequently using fuzzy arithmetic, fuzzy probability of the top event for fault tree, and fuzzy outcome probabilities for event tree are calculated. A single value for each of the outcome event result is obtained with the use of one of the defuzzication methods. A typical case study comprising a fault tree for rupture of the isobutane storage tank and the event tree for its consequences is performed and a comparison between the traditional approach and fuzzy method is made. 2008 Elsevier Ltd. All rights reserved.

1. Introduction Process and chemical plants, where large amounts of dangerous chemical substances are stored and handled, may be subjected to different types of hazards including natural hazards, process hazards as well as terrorist and criminal acts. A successful management of such facilities requires pertinent information and good judgment about the hazards posed by the activity of that facility. Such exercises called Process Safety Analyses (PSA) enable decisions concerning the selection of appropriate technical and organizational safety measures in order to manage the identied risk and to meet risk acceptance criteria as are required in some European countries. During the last few years researchers have developed measurement techniques and mathematical models to predict the process risk safety of a plant or a processing unit (PHA, QRA, LOPA, etc.) (Mannan, 2005). The key point of those analyses is a potential accident scenario, in majority determined by the bow-tie model, which is a fault tree (FT) and an event tree (ET) combined conception.

* Corresponding author. Tel./fax: 48 42 6313745. E-mail addresses: markowski@wipos.p.lodz.pl (A.S. Markowski), mannan@ tamu.edu (M.S. Mannan). 1 Tel.: 1 979 862 3985; fax: 1 979 458 1493. 0950-4230/$ see front matter 2008 Elsevier Ltd. All rights reserved. doi:10.1016/j.jlp.2008.11.011

The quality of those analyses is extremely important for major hazard industry. These analytical tools are based on traditional Boolean mathematical models where the classical two-valued logic is applied and all variables are assumed to have sharply dened boundaries. As a result, a single-valued or point estimate of risk is received. However, the variability of failure rates and other physical data as well as assumptions used for the analytical models are based on uncertain and subjective nature of the information analyzed, e.g. frequency calculations depend on the quality of the failure rates data used. They are notoriously difcult to collect and in many cases no sufcient information is available. They are an example of objective uncertainty. The other type of uncertainty encountered in PSA is related to the lack of knowledge and vagueness in interpretation of PSA models and it is called subjective uncertainty. In such a way, the risk point estimates represent only one of possible results belonging to a rather certain set with a characteristic risk distribution. Moreover, the single risk estimates are frequently quite conservative as a result of accumulation of various assumptions which are based on the principle to be on the safe side. These limitations contribute to the fact that results of PSA may not be considered as exact, precise and creditable. They may provide incorrect process risk level inuencing safety assurance. Therefore, it is important to look for the methods that may reduce the level of uncertainty in the description of process hazard

Please cite this article in press as: Adam S. Markowski, M. Sam Mannan et al., Fuzzy logic for process safety analysis, Journal of Loss Prevention in the Process Industries (2009), doi:10.1016/j.jlp.2008.11.011

ARTICLE IN PRESS
2 Table 1 Sources of uncertainties in PSA. Step of PSA Main goal Main tool Types of uncertainty Completeness Hazard analysis Identication and logic structure of representative accident scenario (RAS) Health, property and environmental consequences Modeling Wrong interaction between different contributors and variables in accident scenario models Complexity phenomena and inadequacy and imprecision of the models for source terms, dispersion and physical effects Wrong analysis of FT and ET leading to inadequate Minimal Cut Set (MCS) Inadequacy in selection of appropriate risk measures as well as of risk acceptance criteria Parameter Imprecision or vagueness in characteristic properties of contributors and variables Lack or inadequacy or vagueness in values for model variables A.S. Markowski et al. / Journal of Loss Prevention in the Process Industries xxx (2009) 18

HAZOP, PHA, FT and ET

Consequence models

Consequence assessment

Inability to identify of all contributions to risk and all RAS as well errors in screening of hazards Incorrectness in identication of all types of the consequences as well as of all interactions among consequences Wrong selection of events, safety function and number of accident outcome cases Limited assumptions in: external conditions, in number of accident outcome cases and incorrectness in interpretation of results

Frequency

Frequency of RAS

Risk estimation

Risk indexes or risk category

FTA and ETA (bow-tie model) QRA and LOPA

Lack of real time data for equipment failure rates and human errors Lack of real time data on weather conditions, ignition sources and population

risks. One of the promising methods for reduction of the uncertainties in safety and reliability assessment seems to be fuzzy logic (Zadeh, 1965), (Dubois & Prade, 1980). Fuzzy logic which is the collective name for fuzzy set analysis and possibility theory allows us to use imprecise and approximate data that are typically met in PSA. The present paper gives some results on the application of the fuzzy logic in the classical PSA such as fault and event tree which can be further used in the bow-tie approach for accident scenario risk assessment. The bow-ties enable identication of safety barriers implemented to prevent top event (TE) from taking place and/or to mitigate its effects. Preventive barriers mitigate top events and protective ones mitigate their consequences. Several levels of causes and effects can be described, depending on the level of details that is expected. The bow-ties are therefore an interesting representation of defense-in-depth. 2. Uncertainty sources in risk analysis Uncertainty is a term used in different ways in a number of elds, including philosophy, economics, engineering and science. In terms of risk analysis it applies to imperfect prediction of future accident scenario risk related to unwanted release of dangerous substance encountered in chemical processes. Such a prediction provides overlooked results usually in form of risk distribution that reects the uncertainty in data and models used in the risk analysis. There are two major concepts of uncertainty differentiated in PSA: 1. uncertainty due to physical variability, and 2. uncertainty due to lack of knowledge. Referring to the rst type of uncertainty (objective one) the random behavior of some parameters should be mentioned, e.g. variability in weather conditions, in properties of various variables, experimental data variability for basic events (BEs) and safety functions (SFs) frequency rates as well as variability in recorded observations of operating parameters from one sample to the next. On the other hand, uncertainty due to lack of knowledge (subjective uncertainty) is connected with vagueness, indeniteness or imprecision concerning the quality of PSA, especially in the accident scenario identication phase of risk assessment and consequence modeling. Knowledge uncertainty can be decreased in time (more knowledge we gain), whereas the physical variability always exists.

Unfortunately, we cannot eliminate it, we may only reduce such an uncertainty. In terms of PSA, consisting of some separate steps of analysis with different qualitativequantitative approaches in each step, it is convenient to make the other classication of uncertainty as follows (ANS and IEEE, 1983): 1. completeness uncertainty, 2. modeling uncertainty, 3. parameter uncertainty. The completeness uncertainty refers to the question whether all signicant phenomena and all relationships have been considered. This uncertainty is difcult to quantify but this type is a major contributor in a hazard identication. Modeling uncertainty refers to inadequacies and deciencies in formulation of accident scenario structure and other models used to assess accident scenario probabilities and its severity of the consequences, e.g. modeling of isobutane vapor cloud dispersion. Availability of these models may enable the interpretation of different degrees of belief in each model. This is a major type of uncertainty in consequence assessment. This is a subjective type of uncertainty or lack of knowledge elicited from experts, which is often incomplete, imprecise and fragmentary. The imprecision and inaccuracies in the parameters which are used as an input to PSA are called parameter uncertainties. Such uncertainties are inherent because the available data are usually incomplete and the inference process needs to be based on incomplete knowledge. However, there is an opinion that parameter uncertainty is the easiest to quantify. This type may exist in each step of PSA. It is not easy to separate all these types. Another problem is related to the propagation of these types of

Precisly determined boundary

State fully belongs to the set

Fuzzy boundary

State partially belongs to the set

Safe state Classical set Unsafe state Unsafe state

Safe state Fuzzy set

Fig. 1. Classical set and fuzzy set for safe and unsafe state (Gentile, 2004).

Please cite this article in press as: Adam S. Markowski, M. Sam Mannan et al., Fuzzy logic for process safety analysis, Journal of Loss Prevention in the Process Industries (2009), doi:10.1016/j.jlp.2008.11.011

ARTICLE IN PRESS
A.S. Markowski et al. / Journal of Loss Prevention in the Process Industries xxx (2009) 18 3

Process Hazard Analysis (PHA)

Structure of FT

Structure of ET

BOW TIE MODEL Traditional part of the analysis MCSFT

Fuzzy probability of failure sets definition

MCSET

fPBE Fuzzy part of the analysis fPTE

Selection of fuzzy sets for BE in FT

Selection of fuzzy sets for SF in ET

fPSF

fPOE

fPSF

Fig. 2. Fuzzy bow-tie model analysis.

uncertainties through each step of risk analysis and combination of different uncertainties in order to provide an overall estimate of the uncertainty on risk. Table 1 gives a summary of the sources of uncertainties in PSA. 3. General methods to deal with uncertainty in PSA The accuracy of the absolute risk results in PSA depends on the following: 1. whether all signicant contributors to the risk have been analyzed, 2. the realism of the mathematical models used to predict failure characteristics and accident consequences phenomena, and 3. the uncertainty associated with the variation of input data, especially failure data for equipment and humans and imperfect other information. The achievable accuracy of absolute risk results is very dependant on the type of hazards being analyzed. In studies, where dominant risk contributors were supported by historical data, uncertainty can be reduced to a few percent (Mannan, 2005). However, many authors of published studies on risk analysis and other expert practitioners have recognized that uncertainties can be greater than 12 orders of magnitude in studies whose contributors are rare, catastrophic events. It stresses the importance of uncertainty analysis. There are many different approaches to uncertainty analysis: classical statistic, probabilistic, sensitivity analysis and possibility approach presented by Dubois (2006); Dubois and Prade (1988); Pate-Cornell (1996); Quiech and Cameron (1994); and Siler and Buckley (2005). It should be noted that there is no generally accepted mathematical procedure for uncertainty analysis in process risk analysis. In science, it is traditional to deal with uncertainty through the use of probability theory. This approach is frequently used for variable uncertainty connected with stochastic variability of different parameters or measurable quantity used for different PSA methods. It does not work with knowledge uncertainty especially encountered in the frequency analysis (FTA and ETA) and

consequence assessment. Knowledge uncertainty is generally more difcult to handle than physical variability. One of the current uncertainty theories devoted to the handling of incomplete information more precise and the simplest from mathematical point of view, is the possibility theory (Dubois, 2006; Dubois & Prade, 1988; Pate-Cornell, 1996; Quiech & Cameron, 1994; Siler & Buckley, 2005). This theory, which emerged from the fuzzy sets developed by Zadeh (1965), considers information on a particular linguistic variable with possibility being a matter of degree from 0 to 1. As a result of fuzzy sets arithmetics applied to a certain step in the PSA, the output variable (e.g. risk representing safety assurance level) is represented by a certain fuzzy set which allows to answer the question of safety: how safe is the plant?. This is a completely opposite approach to the typical risk evaluation method where the received risk level answers only to the question: is the plant safe? Answers no or yes are unrealistic, e.g. because of the presence of inherent risk in each chemical plant. Therefore, we feel that the safety assessment is a fuzzy issue and subsequently the fuzzy sets theory can be effectively included into process risk analysis to substantially reduce knowledge uncertainty (Gentile, 2004).

BE

IE

TE

SF

OE

[FAULT TREE]
A BE1 IE1 B BE2

[EVENT TREE]
SF1 SF2...

YES

OE1 OE2

TE
C BE3 IE2 D BE4
... ...
AND/OR

YES NO NO

OE3

BEi

IEj

OEm

Fig. 3. General idea of bow-tie model.

Please cite this article in press as: Adam S. Markowski, M. Sam Mannan et al., Fuzzy logic for process safety analysis, Journal of Loss Prevention in the Process Industries (2009), doi:10.1016/j.jlp.2008.11.011

...

CONSEQUENCES

CAUSES

ARTICLE IN PRESS
4 A.S. Markowski et al. / Journal of Loss Prevention in the Process Industries xxx (2009) 18

Fuzzy number M

Degree of membership

0,5

complement. The foundations of fuzzy logic systems design are already well established (Dubois & Prade, 1980). The use of fuzzy logic (FL) in different aspects of safety and reliability analysis has been discussed in a number of papers (Bowles & Pelaez, 1995; Gentile, Rogers, & Mannan, 2003; Geymar & Ebecken, 1995; Karwowski & Mital, 1986; Kenatrangul, 1991; Kim, Ju, & Gens, 1996; Markowski, 2006; Misra & Weber, 1990; Quiech & Cameron, 1994; Singer, 1990; Solzano & Cozzani, 2006). There is no paper on fuzzy bow-tie although there were some works on a separate use of the fuzzy sets in a fault tree (Geymar & Ebecken, 1995; Kim et al., 1996; Singer, 1990) and an event tree (Kenatrangul, 1991; Markowski, 2006).

m
4.2. Development of fuzzy bow-tie model for PSA Process Safety Analysis (PSA) is an organized and systematic method to identify and analyze the signicance of potential hazards associated with the processing or handling of highly hazardous chemicals. The most important element of PSA concerning the identication of accident scenario is best determined by bow-tie model. It provides the mechanism of the scenario and allows the calculation of accident scenario probability. However, due to a number of uncertainties in that process, the nal result is imprecise and ambiguous. These issues are taken into account by fuzzy sets theory. The application of this theory to bow-tie accident model is presented in Fig. 2. This model consist of two parts: - traditional part, which is focused on the identication of the bow-tie model, - fuzzy part connected with calculation of probability of outcome event (fPOE). In the rst part the identication of representative accident scenarios (RAS) takes place where different PHA methods (PrHA, HAZOP, etc.) and fault tree (FT) and event tree (ET) analyses are used. Having the structure of RAS, the minimum cut sets of FT (MCSFT) and ET (MCSET) can be obtained by Boolean algebra with the use of VeselyFussells approximation (Fussell & Veseley, 1972). The basic for accident scenario logic is presented in Fig. 3. The left side of the bow-tie model (fault tree) identies the possible various parallel and sequential combination of faults, failures and errors (causes) that will result in the occurrence of predened accident scenario connected with the release of the hazardous substance and/or energy (top event TE). The right side of the bow-tie model (event tree) is used to develop the possible consequences of a top event in relation to safety function realized mostly by mitigation safeguards. Once a fault tree structure has been established, subsequently a quantitative analysis is carried out. For this purpose frequency or failure probability data for basic events (BEs) are required. However, these data are rather scarce and difcult to receive. A quantitative evaluation is largely based on the determination of the minimum cut sets (MCSs). This is a sequence of events leading to the top event (TE). Assuming the independence of BEs, the overall MCSFT can be expressed as follows:

Fig. 4. Notation for fuzzy number description.

4. Fundamentals of fuzzy logic for process safety 4.1. Fuzzy logic basic Fuzzy logic is a general name of fuzzy set analysis and possibility theory which can work with uncertainty and imprecision and is an efcient tool for applications where no sharp boundaries (or problem denitions) are possible. Fuzzy set A, dened as a collection of objects called universal set X, represents a class of objects with a continuum of grades of membership. Such a set is characterized by the membership function, mA(x) which assigns to each object a grade of membership ranging between zero (nonmembership) and one (total membership). In that way a fuzzy set is the set of pair:A fx; mA x; xX g, where mA : X /0; 1 is the membership function describing the degree of belonging to x in the set A. Fig. 1 illustrates the differences between a classical set and a fuzzy set for safe state. Classical fuzzy set with its crisp, precisely determined boundary sharply dissevers safe state from unsafe one. In contrary, fuzzy set shows smooth change from safe to unsafe state. The characteristic function, mA(x), in safety and reliability analysis, is dened by the typical convex functions of triangular, trapezoidal and gaussian type. The selection of a membership function shape depends on the characteristics of variables. In majority cases the shape of the membership function does not affect essentially the nal result. In this paper trapezoidal membership function is applied and according to our experience it reects the best the failure rates data. Fuzzy sets for each linguistic variable are dened on the universe of discourse. The number of the sets, called granulation, must fulll the principle of some degree of overlap between them to ensure a smooth transition between one set to the other. Typically, for safety and reliability issues a probability of failure, severity of consequences and risk index are taken into account. The fuzzy sets undergo similar mathematical operations as are used in the classical set theory, i.e. intersection, union and

Impos -sible 1

Very Low

Low

Moderate

Fairly High

High

Very High

Degree of membership

0.5

MCSFT
10-5 10-4 10-3 10-2 10-1 100

n X n1

i Y i1

BEi ;

j Y j1

BEj ; .;

k Y k1

! BEk
n

(1)

0 10-6

Fig. 5. Normalized fuzzy scale.

The event tree of the bow-tie model starts from the top event provided by the fault tree and examine a possible sequence of outcome events (consequences) as a result of activity of safety

Please cite this article in press as: Adam S. Markowski, M. Sam Mannan et al., Fuzzy logic for process safety analysis, Journal of Loss Prevention in the Process Industries (2009), doi:10.1016/j.jlp.2008.11.011

ARTICLE IN PRESS
A.S. Markowski et al. / Journal of Loss Prevention in the Process Industries xxx (2009) 18 Table 2 Fuzzy probability numbers for the events in the bow-tie model. Events failure Basic events (BE) Safety functions (SF) 5

A (LIAH)
Linguistic term selected by expert H

B (PI)
H

C (HE)
FH

D (SV)
FH

E (DS)
FH

Failure to control immediate ignition (II) H

Failure to control late ignition (LI) VH

Data for design of the trapezoid membership functions m 0.25$100 Left boundary value n 0.75$100 Left top value Mean value m 101 n 0.25$101 Right top value m 0.75$101 Right boundary value

0.25$100 0.75$100 101 0.25$101 0.75$101

0.25$101 0.75$101 102 0.25$102 0.75$102

0.25$101 0.75$101 102 0.25$102 0.75$102

0.25$101 0.75$101 102 0.25$102 0.75$102

0.25$100 0.75$100 101 0.25$101 0.75$101

1 1 1 0.25 0.75

functions (SFs). The result at the end of each chain of events is then determined by overall minimum cut sets MCSET presented by Eq. (2).

MCSET TE$

m Y m1

well as a severity of the consequences assessment according to MCSFT and MCSET equations. As a result fuzzy probability of the output event is obtained. This approach follows the assumptions: 1. Probabilities of failures for BEs and SFs are expressed in words by linguistic terms, such as: Impossible (I), Very Low (VL), Low (L), Moderate (M), Fairly High (FH), High (H) and Very High (VH). For example term I expresses extremely low probability of failure and opposite term VH represents very probable event. 2. Each linguistic term is associated with a specic fuzzy number of L-R type, which is given by Eq. (3).

SFm

(2)

Eqs. (1) and (2) can be used quantitatively only if the probability of failure of BEs and SFs are known. Literature and data bases provide a number of reliability data that may be used for calculation of certain point estimates (Exida, 2005; Oreda, 1997). The second part of the analysis takes into account fuzzy sets theory. It concerns a quantication of probability of each RAS as

To effluent disposal system (DS)

PRCAL

Nitrogen
PI
LIAH

TI

SV

SV

Isobutane storage sphere

T=35C P=3,27 bar V=300 m3

Sample line To process

To sump
Fig. 6. Isobutane storage tank.

Please cite this article in press as: Adam S. Markowski, M. Sam Mannan et al., Fuzzy logic for process safety analysis, Journal of Loss Prevention in the Process Industries (2009), doi:10.1016/j.jlp.2008.11.011

ARTICLE IN PRESS
6 A.S. Markowski et al. / Journal of Loss Prevention in the Process Industries xxx (2009) 18

Basic event (BE)

Intermediate event (IE)

Top event (TE)

Safety function (SF)

Outcome event (OE)

C A Failure of LIAH

Human error Overfilling YES

Failure of BPCS

Pool fire

Immediate ignition

Failure of PI D Failure of SV
Failure of layer of protection

Rupture of tank

YES
Late ignition

Vapour cloud explosion / Flash fire

NO

E disposal system Dispersion

OE3
n

Failure of

NO

Fig. 7. The bow-tie model for rupture of tank.

8 > 0; > > > > xm > > > ; > > n > < m mM x 1; > > > > mx > > ; > > mn > > > : 0;

x m n n m

9 > > > > > > > x n> > > > = x n > > > > > x m > > > > > > ; x

5. The calculations of fuzzy probability of outcome events (fPOE) use arithmetical operations on fuzzy numbers (Dubois & Prade, 1980). Final calculation of fuzzy probability of outcome event (fPOE) follows an appropriate equation for minimum cut set (MCS) for particular structure of the bow-tie model representing an accident scenario (see Eq. 4 and 5).

(3)

fPTE

n X n1

i Y i1

fPBE i ;

j Y j1

fPBE j ; .;

k Y

! fPBE k (4)

k1

The fuzzy number is symbolically written: M x; m ; n ; n; m, whereas the graphical presentation of that number is given in Fig. 4 (Dubois & Prade, 1980). 3. The universe of discourse is X C106 ; 100 D as it is most suitable for the range of the probabilities of failure rates encountered in the industry. Within the universe of discourse X fuzzy numbers scale is formulated as is shown in Fig. 5. 4. The selection of an appropriate linguistic term that represents the value of failure probability rate, from normalized fuzzy scale for each BE and SF involved, is undertaken by an expert. In the example of isobutane storage tank for all basic events and safety functions determined in bow-tie model, fuzzy linguistic terms were selected, for instance for Human Error term FH (see Table 2 below).
Table 3 Fuzzy probability result numbers. Top event, TE fPTE m n m n m PTEdeff

fPBE1 1/1fPBEi 1 4/4fPBE1 1/1fPBEk n fPOE fPTE 1

m Y m1

fPSF $P n1 P m

fPTE 1 fPSF1 $P n1 P 1 1/1fPSFm $P n1 P m (5)

5. Bow-tie case study Fig. 6 shows a typical isobutane storage tank which was selected for this study. Process Hazard Analysis (PHA) identied 10 different representative accident scenarios (RAS), among them rupture of the

fPTE 1
Degree of membership

TE Rupture of 1.00E03 2.40E03 4.20E03 6.60E03 9.50E03 4.40E03 tank Outcome event, OE fPOE m n m n m POEdeff

0,5

crisp value traditional value

OE1 PF 0.00 1.59E04 3.87E04 7.38E04 1.30E03 4.37E04 OE2 VCE/FF 2.40E06 1.20E05 3.87E05 9.23E05 1.91E04 4.98E05 OE3 Dispersion 2.60E07 1.33E06 4.20E06 1.02E05 2.13E05 5.53E06

0 10-3

10-2
Fig. 8. Fuzzy probability of top event (TE).

Please cite this article in press as: Adam S. Markowski, M. Sam Mannan et al., Fuzzy logic for process safety analysis, Journal of Loss Prevention in the Process Industries (2009), doi:10.1016/j.jlp.2008.11.011

OE2

OE1

ARTICLE IN PRESS
A.S. Markowski et al. / Journal of Loss Prevention in the Process Industries xxx (2009) 18 7

fPOE1

fPOE2

fPOE3

Degree of membership

0,5

0 10-5

10-4

10-3

10-2 10-6

10-5 crisp value

10-4

10-3 10-7

10-6

10-5

10-4

traditional value

Fig. 9. Fuzzy probabilities of outcome events (OE1, OE2, OE3).

tank due to overlling. Based on the outputs from PHA, the bowtie model was constructed as is presented in Fig. 7. In the bow-tie model of the isobutane storage tank is shown that both overlling and failure of layer of protection cause the rupture of the tank. If there is no ignition, ammable isobutane cloud will disperse, otherwise pool re (PF) or vapor cloud explosion (VCE)/ash re (FF) may appear. The major hazard due to PF and the VCE/FF will be concerned in further study. 5.1. Development of frequency data The fuzzy probabilities for particular BEs and SFs were arbitrarily selected by process engineer based on the normalized fuzzy scale and they are shown in Table 2. 5.2. Basic equations for calculations Probability of top event (rupture of tank)

values of the outcome probabilities and their values representing single-point estimates obtained by the traditional approach. The crisp defuzzied value allows to display the percentage contribution of each outcome fuzzy probability number in fuzzy set representing fuzzy probability range. The results are shown in Table 4 whereas Fig. 10 illustrates the reading method used for this purpose. For example, in the one of major hazards VCE/FF (2nd outcome event), the crisp value POE2deff 4.98E05 indicates that the probability belongs to two sets: LOW (L) with the membership degree of 86% and VERY LOW (VL) in 14%. The distance from 100% belongings to the particular set is clearly evident. In comparison to the traditional method the following observations can be made: 1. the crisp value is about 10% lower than traditional one, 2. the contribution of each fuzzy set in outcome fuzzy probability could be provided, whereas in traditional analysis such contribution is unknown. Above statements conrm that the fuzzy method, which takes into account the uncertainty of the input data, provide outcome fuzzy probabilities more precisely. The nal results are determined more realistically in comparison to the traditional bow-tie calculation. It enables better assessment of the accident scenarios, proper calculation of the risk index and more appropriate selection of safety measures required to meet risk acceptance criteria.

fPTE fPA 1fPD 4fPB 1fPD 4fPC 1fPD 4fPA 1fPE 4fPB 1fPE 4fPC 1fPE
Probability of outcome event 1 (pool re)

(6)

fPOE1 fPTE 1fPII $P

Probability of outcome event 2 (VCE/FF)

(7)

fPOE2 fPTE 1fPII $1 P1fPLI $P

Probability of outcome event 3 (dispersion)

(8)

6. Conclusions 1. Process Safety Analysis (PSA), being a basis for decision-making process in chemical industry is a very complex task, representing a number of uncertainties connected with information shortages which may lead to the important overlooking of the safety assurance of plants. 2. The bow-tie models consisting of the fault tree and event tree for a particular accident scenario are knowledge-acquisition structures and therefore they require special treatment of

fPOE3 fPTE 1fPII $1 P fPLI $1 P

5.3. Results

(9)

The calculations were carried out receiving fuzzy probabilities of top event and outcome events, expressed by fuzzy numbers. The mapping of fuzzy number into a crisp value (nonfuzzy) was performed with the use of centroid method (Yen & Langari, 1999). The nal results are presented in Table 3. Figs. 8 and 9 provide graphical illustrations and show the comparison between the crisp

fPOE2

Table 4 Fuzzy probabilities of outcome events percentage contribution. Outcome event, OE OE1 OE2 OE3 PF VCE/FF Dispersion Fuzzy method POEdeff 4.37E04 4.98E05 5.53E06 Membership M 78% L 86% VL 100% L 22% VL 14% I 0% Traditional method POE 3.87E04 3.87E05 4.20E06

Degree of memebership

1I 0.86 0.5 0.14 0 10-6

VL

FH

VH

10-5

POE2deff

10-4

10-3

10-2

10-1

100

Fig. 10. Fuzzy probability of outcome event 2 on normalized fuzzy scale.

Please cite this article in press as: Adam S. Markowski, M. Sam Mannan et al., Fuzzy logic for process safety analysis, Journal of Loss Prevention in the Process Industries (2009), doi:10.1016/j.jlp.2008.11.011

ARTICLE IN PRESS
8 A.S. Markowski et al. / Journal of Loss Prevention in the Process Industries xxx (2009) 18

subjective uncertainty. The application of fuzzy sets may improve data acquisition process. 3. The calculation methodology for output events representing major hazards accident scenarios with the help of fuzzy sets was proposed and veried for a simple case study. The received data conrm that the nal results are more realistically determined and offer an advantage with respect to the traditional single-point estimations. 4. The success of this method depends on quality of failure data collection of process components as well as on the cooperation with plant operation staff. References
Bowles, J. B., & Pelaez, C. E. (1995). Application of fuzzy logic to reliability engineering. Proceedings of the IEEE, 83(3), 435449. Dubois, D. (2006). Possibility theory and statistical reasoning. Computational Statistics & Data Analysis, 51, 4769. Dubois, D., & Prade, H. (1980). Fuzzy sets and systems Theory and applications. Academic Press. Dubois, D., & Prade, H. (1988). Possibility theory An approach to computerized processing of uncertainty. New York: Plenum Press. Exida. (2005). Safety equipment reliability handbook (2nd ed.). USA: Exida.com L.L.C. Fussell, J. B., & Veseley, W. E. (1972). A new methodology for obtaining cut sets for fault trees. Transactions of the American Nuclear Society, 15(1), 262263. Gentile, M. (2004). Development of a hierarchical fuzzy model for the evaluation of inherent safety. Texas A&M University. Gentile, M., Rogers, W. J., & Mannan, M. S. (2003). Development of an inherent safety index based on fuzzy logic. AIChE, 49(4), 959968. Geymar, J. A. B., & Ebecken, N. F. F. (1995). Fault tree: a knowledge engineering approach. IEEE Transactions on Reliability, 44(1), 3745. Karwowski, W., & Mital, A. (1986). Potential application of fuzzy sets in industrial safety engineering. Fuzzy Sets and Systems, 19, 105120. Kenatrangul, R. (1991). Event tree analysis by fuzzy probability. IEEE Transactions on Reliability, 40(1), 120124. Kim, C. E., Ju, Y. J., & Gens, M. (1996). Multilevel fault tree analysis using fuzzy numbers. Computers and Operations Research, 23, 695703. Mannan, M. S. (2005) (3rd ed.).Leess loss prevention for the process industries, Vols. I III Burlington: Elsevier Butterworth-Heinemann. Markowski, A. S. (2006). Layer of protection analysis for the process industry. Polish Academy of Science (PAN) Branch Lodz, ISBN 83-86-492-36-8. Misra, K. B., & Weber, G. G. (1990). Use of fuzzy set theory for level-1 studies in probabilistic risk assessment. Fuzzy Sets and Systems, 37, 139160. ANS and IEEE (1983). PRA Procedures Guide: a guide to the performance of probabilistic risk assessments for nuclear power plants, NUREG/CR-2300. U.S. Nuclear Regulatory Commission. Washington, D.C. Oreda. (1997). Offshore reliability data (3rd ed.). Norway: Sintef Industrial Management. Pate-Cornell, M. E. (1996). Uncertainties in risk analysis: six level of treatment. Reliability Engineering and System Safety, 54, 95111. Quiech, J., & Cameron, J. T. (1994). Uncertainty representation and propagation in quantied risk assessment using fuzzy sets. Journal of Loss Prevention in the Process Industries, 7, 463473. Siler, W., & Buckley, J. J. (2005). Fuzzy expert system and fuzzy reasoning. J. Wiley. Singer, D. (1990). A fuzzy set approach to fault tree and reliability analysis. Fuzzy Sets and Systems, 34, 145155. Solzano, E., & Cozzani, V. (2006). A fuzzy set analysis to estimate loss intensity following blast wave interaction with process equipment. Journal of Loss Prevention in the Process Industries, 19, 343352. Yen, J., & Langari, R. (1999). Fuzzy logic: intelligence, control and information. New York/Upper Saddle River: Prentice Hall PTR. Zadeh, L. (1965). Fuzzy sets. Information and Control, 8, 338353.

Abbreviations and symbols

Bow-tie analysis: ET: event tree FT: fault tree MCS: minimum cut set Events, E: BE: basic event IE: intermediate event OE: outcome event SF: safety function TE: top event Fuzzy number parameters: m: mean value m : left boundary value m: right boundary value n : left top value n: right top value Hazards: FF: ash re II: immediate ignition LI: late ignition PF: pool re VCE: vapor cloud explosion Installation elements: DS: disposal system HE: human error LIAH: level indicating alarm high PI: pressure indicator PRCAL: pressure recording controller with alarm low SV: safety valve TI: temperature indicator Linguistic terms: FH: fairly high H: high I: impossible L: low M: moderate VL: very low VH: very high PHA methods: ETA: event tree analysis FTA: fault tree analysis HAZOP: hazard and operability study LOPA: layer of protection analysis QRA: quantitative risk analysis PHA: process hazard analysis PSA: process safety analysis Probabilities: fPE: fuzzy probability of failure of E event P: probability of failure of safety function PE: probability of failure of E event for traditional approach PEdeff: probability of failure of E event after defuzzication Subscripts: i,j,.k: number of basic events in minimal cut set in FT m: number of outcome events in ET n: number of minimal cut sets in FT

Please cite this article in press as: Adam S. Markowski, M. Sam Mannan et al., Fuzzy logic for process safety analysis, Journal of Loss Prevention in the Process Industries (2009), doi:10.1016/j.jlp.2008.11.011