Process Safety & Risk Management Systems

At aeSolutions, we believe the greatest influence over any project’s success or failure comes from teaming specialized personnel with our clients’ needs at the beginning – long before actual implementation begins. As a supplier of complete process safety systems and risk management solutions, we pride ourselves on providing engineers from industry with design, maintenance, operating, and process safety systems and backgrounds. Our process safety and risk management specialists understand process safety and risk management program implementation requirements and how plants operate because they have actually worked in covered processes and facilities. Our unequaled combination of standards and committee work, our formal training, and our extensive process safety and risk management experience mean we’re uniquely qualified to lead your project.

Process Risk Management

Process Safety Management/Risk Management Plan (PSM/RMP) Program Development & Implementation

Navigating the process of PSM/RMP Program Development and Implementation can be overwhelming.  aeSolutions can assist with developing and implementing all elements required by the Occupational Safety and Health Administration (OSHA), PSM Standard, 29 CFR 1910.119, and the United States Environmental Protection Agency (EPA), RMP Rule, Part 40 CFR 68.

aeSolutions has the knowledge and experience to assist with all levels of PSM/RMP development and implementation, from high level gap and applicability assessments to complete PSM/RMP site program development, including drafting procedures and creating mechanical integrity programs.

Our team has assisted many clients from global corporations to single unmanned sites with PSM/RMP program development and implementation.  We have experienced staff with industry experience who work closely with clients to customize programs to meet all their regulatory and internal expectations.

Compliance Audits (Process Safety Management (PSM), Risk Management Program (RMP), National Emphasis Program (NEP), Risk Based Process Safety (RBPS), Safety and Environmental Management Systems (SEMS), Recognized and Generally Accepted Good Engineering Practice (RAGAGEP), Client Internal Requirements)

Many companies have been required by PSM and/or RMP to audit their process safety performance for the last decade.  aeSolutions understands that our clients are looking for more than a yes/no evaluation of the regulatory requirements.  When properly executed, auditing provides you with the data needed to make informed decisions toward continuous improvement.  We provide a cross functional team of auditors that understand the interrelationships of the process safety and risk management elements to perform this essential part of the process safety lifecycle.

Our auditing team consists of chemical, mechanical, and electrical engineers with industry experience in design, maintenance and operations.  Many of our auditors are also part of our risk assessment team as facilitators.  Averaging 15 years of experience in process safety implementation and compliance, aeSolutions provides an integrated team of professionals experienced in all aspects of the process safety lifecycle.

Info Sheet



ISA84/IEC 61511 Gap Assessment

At aeSolutions, the combination of our Process Safety and Safety Instrumented Systems Engineering and Automation delivery capabilities enables us to perform a very thorough and pragmatic ISA84/IEC 61511 Gap Assessment. Our assessment team will evaluate your existing practices against the ISA-84.00.01-2004 (IEC 61511-Mod) standard and applicable elements from the OSHA’s PSM Standard, 29 CFR 1910.119. These standards are recognized and generally accepted good engineering practice (RAGAGEP) for the design and maintenance of safety instrumented systems. Our assessment team is experienced in the development and implementation of functional safety management systems and proficient in the technical execution of the engineering work products. Our lead gap assessors are professional engineers and/or certified functional safety experts that are detailed in their evaluations of procedures, documentation and practices in place. They are valued for their ability to work with our clients to identify gaps or areas for continuous improvement and provide sustainable recommendations for gap closure.

Process Hazard Analysis (PHA)

PHA studies are the core of process safety and risk management programs. They help companies identify hazard scenarios that could lead to a release of highly hazardous chemicals that can cause negative impact on people, the environment, and property.

PHA is required by OSHA’s PSM (29 CFR 1910.119) and EPA’s RMP (40 CFR 68) regulations in the US and process safety and risk management regulations around the world. Companies that handle or process highly hazardous chemicals have a responsibility to protect employees, the public and the environment from exposure to accidental releases.

aeSolutions specializes in various PHA methodologies, such as Hazard and Operability Studies (HAZOP), Control Hazard and Operability Studies (CHAZOP), Hazard Identification (HAZID), What-If, Checklist, Bowtie, and Failure Modes and Effects Analysis (FMEA) to meet regulatory and client requirements. Our experienced, trained facilitators specialize in the process safety lifecycle to fully integrate assessment, design, and operation of the facility.

aeSolutions has conducted PHAs for a wide variety of industries, including Oil and Gas, Refinery, Petrochemical, Specialty Chemical, Automotive, Fertilizer, Paint, Pharmaceuticals, Plastics, and Pulp and Paper Products.

Layers of Protection Analysis (LOPA)

LOPA is a semi-quantitative method of evaluating process safety risk to a facility.  The LOPA methodology considers higher consequence scenarios identified in the Process Hazard Analysis to ensure proper safeguards, or Independent Protection Layers (IPLs), are in place to reduce risk to a tolerable level.   aeSolutions will lead your LOPA team through this evaluation and provide final deliverables including LOPA study worksheets, IPL list, and Safety Integrity Level (SIL) target assignments.

Independent Protective Layer (IPL) and Safety Integrity Level (SIL) Selection

In certain cases, an additional and separate study beyond a LOPA is required to further define and refine selected IPLs.  This may be the case when PHA/ LOPA are performed together, not providing adequate time for IPL discussion.  If a process or Unit has never undergone a LOPA, then the IPL Select and Define activity may be required.  In any case, aeSolutions will facilitate the IPL Select Team meeting and provide deliverables including IPL list and SIL target assignments.  IPL Select and Define requires a unique skill set encompassing PHA facilitation experience coupled with IPL and SIS knowledge.  aeSolutions has the experts to handle this task.

Facility Siting

A Facility Siting Analysis is intended to evaluate the potential hazards and consequences of uncontrolled releases of flammable and toxic substances; to assess their potential for injuring the occupants of fixed and temporary structures on or offsite; to identify existing safeguards; and to determine measures to reduce the risk posed by these potential events. aeSolutions has trained facilitators to execute the hazard recognition and risk reduction process and experienced modelers that apply the appropriate methodology in line with API 752/753 and industry best management practices for Facility Siting. We provide results that allow your site leadership team to allocate resources more effectively to minimize facility siting risks.

Dispersion & Consequence Modeling

Consequence modeling is used to predict the toxic, flammable, or explosive impacts from the release of chemicals and their dispersion to the environment. aeSolutions has expertise in performing consequence modeling for a variety of industries and use this base of knowledge to provide guidance on how to select release scenarios and determine appropriate endpoints. Our project execution includes data collection, modeling, interpretation of the model output, and presentation of meaningful results in a format our clients can use to better understand their identified risks.

Quantitative Risk Assessment (QRA)

A QRA is a specialized approach to assess high consequence LOPA scenarios with large risk gaps to close.  Further “pencil-sharpening” in the QRA will verify the severity of the scenario through consequence modeling, as well as the frequency of the scenario through fault tree modelling.  Often conservative assumptions made in LOPA are revealed in QRA, which makes the solution to gap closure more practical.  QRA will handle conditional dependence among IPL(s) and the initiating cause(s).  aeSolutions utilizes commercially available software tools, along with in-house expertise, to facilitate QRAs.

Human Factors & Human Error Analysis

For a QRA involving a significant human error component as an input, a Human Reliability Analysis (HRA) may be needed to bring the analysis of the input in-line with the level of rigor required for a QRA.  HRA will provide qualitative insight to the human factors issues related to the error, and also provide a more accurate quantitative assessment than is found in standard LOPA tables for human performance credits.  The ability to model conditional dependence among operator tasks, as well as model potential human recovery factors from errors, makes the HRA a valuable tool.  For a typical HRA, a standard operating procedure (SOP) is broken down into discrete tasks.  Interviews with Operations are conducted, known as a “talk-through,” as well as a plant “walk-through” which covers the equipment of concern from the SOP.  PSFs (performance shaping factors) related to each task are discovered.  Dependencies among tasks are estimated.  Each of these will influence the HEP (human error probability) for each task.  Each task is to be modelled as a success or failure.  An HRA Event Tree is constructed, each identified task being a branch in the tree, and then solved;  the output of which is typically an input to a QRA.  aeSolutions has the Human Factors Reliability Experts to handle this task.

Inherently Safer Design Assessment

Inherently safer design is the design of chemical process and products with specific attention to eliminating hazards from the manufacturing process rather than relying on the control of these hazards. It is a way of thinking, a way of approaching technology design at every level of detail and a part of the daily thought process.

Safety Critical Equipment Assessments

Safety critical equipment is essential to ongoing safe operations.  This equipment provides the means for controlling process safety risks associated with hazards from major incidents.  By identifying the key components and developing an effective Mechanical Integrity management program, major equipment failures can be averted.

aeSolutions personnel are experienced in developing the necessary mechanical integrity strategies for improving the Process Safety Lifecycle of a facility.  Our personnel specialize in identifying existing gaps in facilities’ various layers of protection against the impacts from major hazards and providing best in class solutions for closing the identified gaps in a facilities’ Safety Critical Equipment Mechanical Integrity Program.

Job Hazards Analysis (JHA)

Plant personnel must regularly interface with process equipment. In order to prevent injuries or possibly death, a job hazard analysis can be utilized to establish effective procedures protecting all affected employees.

A job hazard analysis is a technique that focuses on job tasks as a means to identify hazards before they occur. It focuses on the relationship between the worker, the task, the tools and the work environment.

By identifying hazards associated with specific jobs and tasks, a safer working environment for all employees can be achieved. aeSolutions offers expertise in leading cross functional teams in conducting JHAs. Our experience in developing Operational Level Procedures and Tasks contributes to a facilities’ overall goal of a safer work environment and culture.

Electrical Area Classification Studies

Facilities often have process or equipment changes which result in inaccurate drawings or the drawings may have been lost since the process was first built. aeSolutions provides electrical area classification studies for process facilities after equipment installation to document the following:

  • Equipment identification
  • Equipment location
  • Electrical area classification drawings
  • Site General Arrangements (G&As) compliant to API 500 and NEC article 500
  • Equipment drawings

Management of Change (MOC) Program Development & Implementation

Changes often occur in facilities that produce, use, handle and store hazardous materials.  Managing these changes to ensure that failures are not introduced are essential to ensuring the safety of the employees and functional systems of a facility.

aeSolutions can provide leadership in developing and improving your MOC system.  It is essential that leadership supports the MOC process and provides the necessary stewardship to ensure proper system integrity and ongoing regulatory compliance.

Combustible Dust Assessment

In facilities that generate or handle combustible dusts, an effective management program is essential. A combustible dust risk assessment is utilized to identify those scenarios with unacceptable consequences. It is further used to develop corrective action plans to reduce the likelihood of the unacceptable consequence.

Improved controls for limiting the likelihood of a combustible dust include but is not limited to the following:

  • Appropriate effective housekeeping
  • Proper application and use of PPE
  • Installation of proper electrically classified equipment
  • Properly designed engineering controls for explosion venting on dust collection equipment
  • Critical relief devices properly maintained
  • Adequate maintenance
  • Adequate Hot Work permitting
  • Means to dissipate static electricity such as bonding and grounding
  • Employee training and awareness of risks associated with combustible dust

Our organization has experienced assessors that can assist in identifying unacceptable risks and develop action plans for mitigation of those combustible dust hazards.

Safety Instrumented Systems (SIS) Engineering Services

Corporate SIS Project Standards Development

For clients who do not yet have standards and procedures for the implementation of Risk Assessment and SIS on your projects, aeSolutions can consult with your team to collect pertinent data and develop Risk Assessment Standards, SIL Selection Standards, Functional Safety Assessment Templates, and SIS Design and Implementation Standards. We have worked with many companies to enhance their existing standards, or develop new standards. We supplement the standards development with training of your staff at all levels – from executive management, to divisional management, to onsite management, operations, maintenance, and engineering staff.

Functional Safety Management Planning (FSMP)

Whether working on a major capital project or the day to day operations of SIS, functional safety management planning is critical to ensuring that each SIF is designed and operated correctly to obtain risk reduction. Creation of a functional safety plan will provide engineering, operations, maintenance, and auditing staff the road map to successful implementation of the safety lifecycle. In addition to detailing the roles and responsibilities of those involved in the safety lifecycle, it will provide the competency requirements for each role and auditing schedule throughout the lifecycle. aeSolutions has the experience with both execution of all sizes of projects and integrating with our clients within the engineering, operations, and maintenance staff to build this critical foundation for proper safety lifecycle execution.

Functional Safety Assessment (FSA) Facilitation

FSAs are formal audits, based on evidence, to judge the functional safety of an SIS. There are five stages of FSAs, that span the evaluation of Risk Assessment, design, installation, and operation of SISs. aeSolutions’ team of experienced professionals are capable of facilitating FSA, and assessing if the appropriate processes and procedures have been used to ensure that functional safety is achieved.

DCS/SIS Segregation and Independence Assessment

During PHA and LOPA meetings, the team is making quick assessments on the independence of causes and protection layers. Independence is a critical requirement of credited protection layers within a LOPA, and, on brownfield sites, may require additional research to determine whether the segregation and independence requirements are being met. By leveraging aeSolutions’ experience in both Engineering Automation and SIS, we have a fully competent staff to review the corporate independence requirements and assess the systems used as a layer of protection against these requirements.

Independent Protection Layer (IPL) Validation of Credits

When applying protection layers to a LOPA scenario, it is important to validate these layers against the four requirements for all IPLs; specific, independent, dependable, and auditable. By performing and documenting how IPLs perform for each of these criteria, requirement gaps can be identified and closed. IPL validation will also bolster the auditability of the IPLs by providing auditors with the information required to confirm that an IPL is still performing at least as well as required by the LOPA. aeSolutions can provide you with a standard validation form and report, or work with you to customize the validation effort to be more specific to your corporate IPL requirements.

Safety Integrity Level (SIL) Verification

During the SIL Verification process, the type of equipment specified, voting architecture, diagnostics and testing parameters are verified by calculation, producing the Probability of Failure on Demand, and Spurious Trip Rate for each SIF. Additionally, we consider hardware fault tolerance (HFT) required. The SIL Verification calculation Reports are provided from all tools and calculations we perform. A Design Verification Report (DVR) details the calculation parameters, assumptions, limitations, and sources of data for SIL calculations performed. Recommendations for optimized SIF performance (taking into account both safety integrity and spurious trip evaluation), are also reported in this document.

aeSolutions’ SIS Engineers are trained and experienced in the fundamentals and the advanced parameters of SIL Verification Calculations. Our engineers, many of which have CFSE, CFSP, and ISA84 Expert certifications, work with our clients to evaluate the SIS options for optimized investment.

Safety Instrumented Function (SIF) Architecture Options Analysis (Redundancy, Diagnostics, Hardware Selection and Test Intervals)

The SIF List is a comprehensive list of all the Safety Instrumented Functions with their identification number, description, target, test intervals, and achieved RRF and IL. The SIF list encompasses sensor, logic solver, and final element voting, and provides a quick-reference to the Risk Assessment, SIL Verification Calculations, and Safety Requirement Specification data. aeSolutions provides this list as an efficient, single-document summary of safety functions. We also provide a BPCS IPL List for Basic Process Control System (BPCS) Independent Protective Layers (IPL), used generally in the same manner.

Cause & Effect Diagrams (C&Es)

C&Es depict, in a matrix format, the process deviation conditions that propagate logical interlock actions within (or between) safety systems, basic process control systems and hardwired systems. Our C&E templates have been developed from many years of experience to optimize ease-of-use for configuration, testing, operator training and turnover effectiveness. In cases where the functional complexity exceeds the capacity of C&Es, our staff is capable of selecting the most efficient alternate format.

Boolean Logic Diagrams/Process Logic Narratives

Similar to C&Es, Logic Diagrams and Narratives are often required to fully define the logical interaction between the sensors, logic solvers and final elements. Interaction between systems also can introduce extensive logic definition. These forms of logic definition are required when cause and effects cannot provide adequate and clear detail of the logic interactions within and between systems. They can also be used in conjunction with C&Es to provide the most complete and efficient documentation depicting process control and safety system logic for downstream users. The aeSolutions staff is capable of selecting the best format, or combination of formats, to best meet the requirements of our clients.

Fault Tree Analysis / Quantitative Risk Analysis for Complex Hazard Scenarios

Fault Tree Analysis is a top down, deductive failure analysis in which an undesired state of a system (also known as the “top gate”) is analyzed using Boolean logic in a graphical tree. The logic analyzes all possible failure combinations that lead to the top undesired event. Functions that involve complex sub-systems and inter-dependencies are modeled in Fault Trees. Quantitative Risk Analysis (QRA) takes Fault Tree Analysis to a higher level, modeling hazardous process initiating events while including enabling events and protective layers. The aeSolutions’ engineering staff utilizes Fault Tree Analysis and QRA when required, and is highly experienced in using this advanced calculation tool in meeting client Risk Assessment and SIL Verification requirements.

Safety Requirements Specification (SRS)

The SRS defines the integrity and functional requirements of SIFs aeSolutions provides a detailed SRS Datasheet for each SIF and a general SRS document for the project, logic solver, and/or facility. Together, they meet the requirements defined in Clause 10 of IEC 61511. Since many of our SIS Specialists have configuration, instrumentation, and operations experience, we have the expertise to specify feasible solutions to complex SIF implementation.

Application Program Requirement Specification Development

The Application Program Requirement Specification is an extension of the SRS, and includes requirements for software applications onboard manufacturers’ equipment, most prominently logic solvers. These requirements include application program self-monitoring for faults, actions taken on faults, enabling of testing, CPU capacity, scan time, bandwidth, and the monitoring of field devices. This document, compiled by aeSolutions, supplements the SRS, the SRS Datasheets, and logic diagrams to provide the configuration team a comprehensive SIF and SIS requirement specification.

Online/Offline Proof Test Philosophy & Design

The Testing Philosophy is a collaborative document including input from the client’s process experts and maintenance team. It defines the approach to testing SIFs including online/offline limitations, data collection requirements, proof test coverage and acceptable bypassing practices.

A section for Proof Test Coverage (PTC) is included in the Testing Philosophy. It details the methodology used to determine proof test coverage and defines the type of testing required to achieve the specified PTC.

aeSolutions’ experts have the field experience to discuss the testing requirements, site practices and available technologies to determine and document a comprehensive testing philosophy and achieve the highest possible proof test coverage. It is important the testing philosophies are collaborated up front in the project, because the methodologies of testing need to be known and incorporated into the development of the SRS.

Test Procedures include detailed test steps to fully test for undetected failures for either a full function or for the individual devices that comprise that function, depending on customer requirements. The limitations and constraints of testing are explored and documented during the development of the Proof Test Philosophy and taken into account in the SRS.

aeSolutions has a library of proven proof test procedures to choose from when providing a testing package, and we have the expertise to work with clients to implement effective testing, failure classification, and feedback mechanisms to validate reliability data claimed in Risk Analysis and SIL Verification.

Factory Acceptance Test (FAT) & Site Acceptance Test (SAT) Plan Development

The FAT and SAT plans provide a holistic approach to testing the logic and installed field instrument system.  Detailed steps are documented for each test plan.  At this stage of the project, the system design will be coming together for the first time and may have multiple contractors working together on a tight schedule. aeSolutions understands how crucial it is to execute these tests with a solid plan and thorough, yet concise, testing steps. aeSolutions SIS engineers have the experience to develop these plans, oversee their execution as an independent 3rd party, or execute these tests.

SIS/SIF Equipment Specifications

The solicitation of quotes and procurement without knowing all of the equipment requirements can be very costly. aeSolutions works with clients and multiple manufacturers to assure that all equipment manufacturers know their requirements in meeting the Safety Lifecycle standards, regulations, and codes that may apply. We assist in identifying these requirements and develop specifications to be used in comparison of competitive quotes to ensure compliance with project requirements, standards and code compliance. As an additional benefit to our clients, we provide code assessment services.

Estimating Process Safety Times and Safety Function Response Times

The effectiveness of a SIF is dependent on its ability to respond to a hazardous process excursion quickly enough to prevent a catastrophic consequence from ever occurring. Estimating the shortest credible elapsed time from a hazard scenario’s initiating event to the time when the consequence can no longer be averted, and estimating a safety function’s maximum response time, are both crucial in the design of robust SIFs. aeSolutions has the experience and tools to model the dynamics of typical hazard scenarios and safety functions and, together with our client’s engineering staff, will facilitate the calculation and documentation of these safety-critical time parameters. Our experience has sensitized us to the importance of these analyses being performed early enough in the life of a project for the correct and timely specification of the field instrumentation which will ensure a plant’s safety.

Lifecycle Cost Analysis/Benefit-to-Cost Ratio

Assessment of the overall SIF lifecycle cost, including the initial costs (design, installation, commissioning) and long-term costs (maintenance and testing) is performed for the various options of SIF design. A subsequent analysis utilizes the Lifecycle Cost Analysis, risk criteria, and the costs of spurious to determine the benefit-to-cost ratio. The analysis allows the end user to identify the best architectural and testing options for SIS investment.

SIS Training

The design and operation of Safety Instrumented Systems (SIS) requires an understanding of instrumentation failure characteristics, the Safety Lifecycle, probability mechanics, and the relevant international standards.

aeSolutions offers instruction in all SIS areas including: Safety Requirements Specification (SRS), Calculations of the Probability of Failure on Demand (PFD), Fault Tree Analysis, Determination of Architectural Constraints, Identifying and Modeling for Common Causes of Failure, Degraded Voting, and Failure Rate Estimation.

aeSolutions has developed training courses designed to build these skills and is an authorized provider of several SIS-related ISA courses.