Even Simple Mistakes Can Lead to Serious Incidents

Do you feel lucky, well do ya? Famous words uttered by Inspector Harry Callahan in one of my favorite Clint Eastwood movies is certainly no way to run a refinery, chemical plant or other hazardous operation. However, in real life we find operations relying on luck, tribal knowledge, personnel memory vs. standards and procedures and organizations trying to use technology to push the envelope too far. Some simply don’t know what they don’t know. These issues are not confined to small operations or organizations that have historically had poor reliability. Even the best of the best can be impacted by a simple mistake or gap in procedures resulting in a major incident.

A key concept to prevent incidents is to maintain a sense of vulnerability. One finding in both Space Shuttle disasters was that NASA had been so successful they had lost a sense of vulnerability and vision of the complexity of what they were doing. This blog will explore incidents where minor oversight resulted in loss of life, major injuries, equipment damage and crippling, costly litigation.

Becht does a significant amount of work solving complex problems and litigation work when the unexpected (but predictable) happens. This gives us visibility to the wide range of errors that have caused major incidents in the refining, petrochemical, power and nuclear industries. We hope this blog will heighten your sense of vulnerability and vigilance and help you thoroughly evaluate your actions as you design, operate and maintain plants in these industries.

The Six Keys to Reliability

My close friend and great mentor, Charlie Jackson, developed the six keys to reliability. When I first discussed this with him, I thought they were way too simple. However, over the years, I have come to realize Charlie had it right. Take care of the six keys to reliability and your plant will run well. Virtually any issue in a plant, falls in one of these buckets. We will show how adherence to the Six Keys to Reliability would have likely prevented the case history incidents.

1. Hire good people
2. Train ’em right
3. Use proven standards
4. Buy and test good equipment
5. Install it right
6. Run it right

Case Histories

The case histories outlined in the blog are on incidents resulting in injuries, fatalities and enormous cost of repair, years of litigation and in some cases, bankruptcy. The incidents fall in these categories.

1. Permitting errors
2. Incorrect parts application
3. Hazard recognition
4. Reactivity issues
5. Trusting the vendor with life critical operations
6. Pushing the envelope

Permitting Errors

The first day I reported to work starting my engineering career some 50 years ago, I was told there were two recent fatalities at the plant. Welders were making repairs on a “clean” tank. The tank was apparently not clean, and the resulting fire killed the two workers. The investigation revealed sludge was in the tank and under plates being welded. Clearly a hot work permit should not have been issued with the tank in that condition.

You may say that cannot happen today, however, that is not true. Accidents continue to happen under similar circumstances, including tank explosions and fires. Permitting errors can impact any job. For example, recently a worker doing maintenance on a small boiler was scalded to death trying to change a valve on a steam system that was complex and difficult to isolate.  However, a permit was issued to execute maintenance on what turned out to be a system that was not isolated and under pressure. A release of steam during maintenance operations resulted in a fatality. Hire good people, train ’em right, use proven standards, run it right.

Incorrect Parts Application

This accident resulted in a fatality, several injuries and damage to structures outside the plant. In this case a part was selected from warehouse stock for a critical hydrocarbon application. Unfortunately, the part did not meet code, company standards, recognized good practice and was the wrong material for the application. In addition, the design allowed for potential overpressure. This resulted in a fire and explosion, loss of life, injuries and bankruptcy. The lesson is the owner must rely on proven standards and trained personnel to select critical components.  They also must have competent personnel engaged in process design, PHA and HAZOPS.

The Flixborough explosion at a cyclohexane plant in England is a similar accident where a non-engineered mitered pipe was installed in a critical location, replacing a reactor taken out of service. The failure and explosion killed 28 and injured 36 of the 72 people in the plant. Hundreds of injuries occurred outside the plant as well as damage to 1800 homes and 170 businesses. Use proven standards, hire good people, train ’em right, install it right, run it right.

Hazard Recognition

An accident happened on an operating FCCU during rod out operations. At the time, plugged instrument lines purged with natural gas were subject to plugging. A procedure was in place to rod out the connection and when it broke free, an operator above the rod out would close a valve. While this had been done for years on the unit, one day when the line unplugged, the material in the line hit a steel platform, sparked and ignited. One operator was killed and the surviving operator was burned and suffered severe mental problems following the accident. Obviously, this was an unsafe act, but “tribal knowledge” and “get er done” attitude resulted in the accident. We have seen other accidents where obvious hazards were not recognized resulting in serious incidents. Both Space Shuttle disasters resulted from a failure to recognize hazards and breakdown of other management systems. Hire good people, train ’em right, run it right.

Reactivity Problems

We have been involved in several accidents resulting from runaway reactions. These include complete failure to recognize the device is actually a reactor, failure of mitigating systems, failure to follow procedures, poor cooling systems and scale ups resulting in pockets of highly reactive materials. The well-known 1990 Channelview, Texas accident is an example. A large tank was assumed to be generally in water service with some hydrocarbons but the materials in the tank also produced oxygen. A bad oxygen analyzer did not detect dangerous oxygen levels. When a compressor was started it provided energy for the subsequent explosion, killing 17 contract workers. Other examples include dryer and drum filling explosions.  Hire good people, train ’em right, use proven standards, run it right.

Trusting Vendors with Life Critical Operations

A multiple fatality accident happened during boiler entry at a gulf coast ethylene plant. The workers were using supplied air from a competent, well-recognized vendor, and test certificates were provided. However, there was excessive nitrogen in one or more bottles. The workers went down due to lack of oxygen and could not be revived. Procedures were changed company-wide to test all bottles regardless of vendor certificates. Buy and Test Good Equipment, Use Proven Standards.

Pushing the Envelope

New analytical tools allow us to continue to run our plants with deficiencies until a plant shutdown can be done to execute repairs. However, sometimes we use mathematics to trump common sense. For example, calculations might show the equipment can take the pressure stress, however, other issues like pipe strain or unexpected external events could jeopardize the integrity of the system. Also, the calculations may be made on less than current inspection data in highly corrosive services or thinning can be localized. Common sense and experience dictate a margin of error is needed in these situations. Hire good people, train ’em right, run it right.

The list of these incidents could go on and on. However, hopefully, after reading these incidents, you’ll give a second thought about standards, hazards recognition, pushing too far and other factors discussed in the blog. We see in most incidents, human factors and decision making play a critical role. Once the explosion and fire Genie is out of the bottle, it’s too late to think I should have done something else, stopped the work or done more evaluation of the hazards. We must maintain a sense of vulnerability and examine our actions every day to help prevent these incidents.

Becht can help with reliability problems. Contact us with questions.

contact becht