A Systematic Approach to Hazard and Operability Study (HAZOP)

Abstract

A system safety assurance case aims to demonstrate that a system is reasonably safe within the parameters defined according to its intended use. A system safety assurance case involves the definition of a Safety Engineering Process and its execution for the particular system. An essential element in the Safety Engineering Process is hazard analysis. An often used version of hazard analysis is HAZOP. HAZOP identifies hazards and hazardous events in the system's design. Traditionally, HAZOP is performed based on the expertise of a multi-disciplinary team. This team uses a heuristic based approach that results in documented output that often does not include adequate traceability as to how the output results were obtained. This thesis proposes a systematic approach to HAZOP that was developed after performing detailed analysis on how traditional HAZOP is performed in industry. It aims to produce documented output in which the output results are traceable to interim steps in the process. We call this systematic approach HAZOP+, because it was designed to provide sufficient detail so that it can form the basis of a HAZOP metamodel created in Workflow+ - a relatively new model driven methodology for developing assurance cases. Workflow+ has well-defined semantics, and so we refer to HAZOP+ as formalizable. HAZOP+ has a number of benefits over traditional HAZOP, and these benefits are demonstrated by comparing a traditional application of HAZOP with the application of HAZOP+, both applied to a typical Lane Keeping Assist feature. A long term objective of system safety assurance is to be able to perform incremental safety assurance, for example, by updating the system safety assurance case after a modification to the system or its environment. Since the safety assurance case for a system depends on elements of the Safety Engineering Process, as well as the outputs of that process, the ability to perform an incremental hazard analysis after a modification to the system or environment can be a real benefit. This thesis further describes how HAZOP+ can be enhanced/extended to HAZOPdelta - an incremental version of HAZOP+.