PT Notes
What Distinguishes a Barrier from a Control in Bow Tie Diagrams?
PT Notes is a series of topical technical notes on process safety provided periodically by Primatech for your benefit. Please feel free to provide feedback.
Bow tie analysis (BTA) involves the construction of diagrams that depict how prevention and mitigation barriers and controls (i.e. safeguards) protect against threats (i.e. initiating events) that can cause hazardous events, and the adverse consequences that can arise from them. The focus in BTA is on the barriers and controls.
Barriers are measures that prevent or mitigate top events. They appear on the main pathways in a bow tie diagram. Prevention barriers appear between threats and the hazardous event (called the top event in BTA). Mitigation barriers appear between the top event and its consequences. In formal BTA, barriers must meet validity requirements that are similar to those for independent protection layers (IPLs) in layers of protection analysis (LOPA).
First, barriers must be judged to be effective. They must perform their intended function when demanded and to the standard intended. Prevention barriers must be able to completely stop the threat from leading to the top event and mitigation barriers must be able to eliminate or reduce the consequence.
Second, barriers must function independently of the threat, the top event, and other barriers on the same pathway. The possibility of common cause failures must be considered as multiple barriers may fail for the same reason.
Third, barriers must be capable of being audited. The adequacy of and adherence to the design, installation, inspection, maintenance, testing, and operation practices used to achieve the other validity requirements must be verifiable by inspection of relevant information, documents, and procedures.
Fourth, active barriers must provide all the elements of detect-decide-act functionality. They must detect the condition that requires the barrier to function, decide what action needs to be taken, and then take the necessary action.
Often, practitioners place safeguards that do not meet the validity criteria for barriers on a main bow tie pathway. This practice gives a false sense of safety as it appears to the casual observer that multiple barriers protect against the top event and the consequences when that is not the case. A corrected bow tie diagram would show clearly that they are not adequately protected.
Often, such safeguards, for example, training, preventive maintenance, and audits, are actually controls that support main pathway barriers against possible degradation factors, which are conditions that can reduce the effectiveness of a barrier, for example, unauthorized bypass of a safety system. Degradation controls support main pathway barriers against a degradation factor, for example, training and audits protect against the unauthorized bypass of a safety system.
Controls are placed in a bow tie diagram along a degradation pathway from the degradation factor to the barrier impacted. They do not directly prevent or mitigate the top event. However, the failure of a single control can cause failure of the barrier it supports. Therefore, they must be treated seriously.
You may contact Primatech for further information by clicking here.
To comment on this PT Note, please click here.
Copyright © 2019, Primatech Inc. All rights reserved.