EXPLOSION IN TANK DURING MAINTENANCE

An explosion occurred in a wholesale and retail storage facility in 2001. Two contract workers were carrying out maintenance operations inside a 5,090 m³ atmospheric storage tank. The closed floating roof tank usually contained premium grade gasoline but it was emptied for the maintenance job. The event occurred during cleaning operations. The activity, performed by employees of an external company, consisted in removing residue from the tank bottom by means of scraping. The most plausible theory is that spark was created by one of the worker's tools (boot soles points, metallic scraper, steel snap hook, etc.). Within an explosive atmosphere, this could have caused an explosion. The two workers were seriously injured in the incident. The tank was not repairable and the operation of the storage facility was interrupted for approximately two months.
Key learning points
The distance of the floating roof from the tank bottom at the time of the accident was approximately 1.2 m. The working space in this situation was limited. The empty tank that exploded normally contained premium grade gasoline. The gasoline vapours which were still in the tank caused the explosion. The tank was equipped with only one manhole. Apparently, when the incident occurred not all the vents were open; it is likely that the atmosphere was not homogenous and that explosive pockets of vapour/air also existed. The ventilation system set up to evacuate gasoline vapours was shut down for the cleaning operations to take place. What is also not always recognised is that gasoline collects in welds, pontoons (of floating rooves), particularly if they are not well maintained, small pits and crevices on the surface of the steel, within the residues on the tank floor. This means that there is a continual production of vapours
even after the tank has been emptied. This means that explosive atmosphere measurements need to be regularly repeated as well as constant ventilation. Finally, the limited space of movement of the workers was also an adverse factor in their escape.

Source:IchemE 

Incident due to lack of conduct of operations

During a summer day a violent storm hit an ammonia production plant. The thunderstorm caused the failure of the external power supply and trip of the plant at 15:20. After safely isolating the affected unit, operators prepared the start-up during the night shift. First steam had to be imported to be able to start the primary furnace the following day.
However, at 00:55 the top fired reformer blew up. The procedure required many valves to be in the closed position and for these to be verified. The shift leader, however, did not ask the workers to check the valves because he was convinced that the valves were closed following his site walkaround. Even though the display in the control room showed that the valves were open, he insisted that the reading was wrong and continued the start-up. With that, he opened the natural gas supply valve, resulting in triggering a series of alarms and a minute later, the explosion occurred. The explosion injured two workers and destroyed the steam reformer.
Key learning points
The shift leader was convinced that the valves were closed and that was never double checked. To confirm that all safety critical equipment are in the correct position prior to start-up is a crucial step. It should be included in the operating procedures and those procedures should always be followed. There was no redundant system in place to prevent operators from introducing natural gas in the process while the valves were open. The investigation revealed that no log book entry indicated the positions of the valves and any readings from the display. The start-up procedure was used sometimes as a check list but no signature or approval was requested. It was, however, not used this time to check the valves for the arch burners. Lack of training and competence were also factors that could contributed to the accident. Start-ups are rare, and as such, regular refresher training is necessary. In case of emergency shutdown,
a risk assessment should be undertaken to understand any changes or issues prior to starting up. This may include a formal Management of Change.

Source:IChemE 

NOT FOLLOWING PROCEDURES CAN LEAD TO AN INCIDENT

 On September 5, 2023, at approximately 7:30 p.m., an accidental release of butadiene vapor occurred inside a decanting tank (“tank”) at a  facility in Illinois. The butadiene vapors ignited, resulting in a fire that seriously injured one employee.
The incident occurred in the latex production area during a maintenance shutdown. Employees were tasked with removing an internal part (a “baffle”) at the back of the horizontal tank (which was approximately five feet in diameter and nine feet in length). Company procedure stated that the tank should be cleaned using high-pressure water to remove any accumulated solids before entry. However, this procedure was not followed, and residual solids remained in the tank and potentially contained some butadiene. The work inside the tank disturbed these solids, which likely released about two pounds of butadiene vapor, creating a flammable atmosphere within a portion of the tank. In addition, while continual monitoring of the confined space was taking place during the entry, the end of the air monitor hose was not near the bottom of the tank where the solids were located, and this likely prevented the 5-gas detector from identifying the presence of flammable butadiene vapor.

Leading up to the incident, two workers received a confined space permit and a safe work permit to remove the baffle with hand tools after the area was monitored with a gas detector. One of the workers entered the tank (“entrant”) while the other attended the confined space entry (“attendant”). The entrant could not remove the bolts holding the baffle in place with hand tools and switched to a battery-powered
tool, which likely ignited residual butadiene vapors and created a fire. The entrant suffered burn injuries from the fire but was able to escape and was escorted to a safe area by the attendant. The injured worker was transported and admitted to a hospital for medical treatment. Two other employees were able to put out the fire.

Probable Cause
Based on the copmany’s investigation, the CSB determined that the probable cause of the incident was performing work in a confined space containing a flammable atmosphere. Inadequate flammable gas monitoring, the use of a battery-powered tool, and employees’ being unaware that the company had a procedure requiring the tank to be cleaned before entry contributed to the incident.

Source:CSB.gov

ARE YOUR CRITICAL ALARMS SET CORRECTLY?

On March 14, 2023, at 11:40 a.m., approximately 1,000 pounds of flammable hydrocarbons were accidentally released from a pump seal and ignited (autoignition) at a Refinery in Texas, causing a fire.      The company estimated the property damage from the incident to be over $1 million.                        

During the unit startup approximately five days before the incident, the pump (a centrifugal pump) had operated with low suction (inlet) pressure for nearly two hours due to a low liquid level in the upstream equipment. The low suction pressure caused the pump to cavitate, which vibrated the pump and damaged the pump’s bearings. Five days later, on March 14, the damaged bearings and the resulting stress on the pump’s mechanical seal caused the seal to fail. The hot hydrocarbons within the pump were released into the atmosphere and ignited, causing a fire. The material was released at 590 degrees Fahrenheit (°F) and had an autoignition temperature of 484 °F.
 In addition, on March 11, two days after the unit startup, vibration from the damaged pump triggered a “High Priority Alarm.” The refinery’s usual responsive action to high-priority vibration alarms was to switch pumps. However, the company did not have another pump available and continued to operate the installed pump, as refinery employees believed the pump was still safe to operate. Employees anticipated that a replacement pump would be available on March 13, but the pump was not replaced before the incident on March 14.
Although the pump vibrations continued and worsened, they never triggered the “Critical High High” vibration alarm threshold because the alarm was programmed incorrectly. Had the vibration alarm been programmed correctly, the “Critical High High” alarm should have activated on March 12, two days before the incident.
The company's investigation found that the refinery operators mistrusted the pump vibration alarms due to past nuisance alarms, causing employees to normalize these alarms.

Probable Cause
Based on the company's investigation, the CSB determined that the probable cause of the incident was the release and ignition of hydrocarbons from a failed pump that had been damaged after it cavitated during a unit startup. Contributing to the incident were unit startup conditions that damaged the pump, incorrectly programmed alarms, and employee mistrust of alarms.

Source: CSB.gov

INCORRECTLY CONNECTED HOSE CAUSES INCIDENT

 On February 21, 2023, at 10:15 p.m., an unknown amount of propane was accidentally released, seriously injuring a temporary employee at a facility in California.
A temporary employee had moved a propane-fueled forklift to the facility’s filling station to refuel its tank. He connected the filling station’s hose to the forklift’s tank and opened the valve to start the propane flow. The hose connection was not secure, and propane immediately discharged into the atmosphere. The employee tried to either tighten or remove the hose during the release. As a result, the cold propane sprayed and cryogenically burned him. The temporary employee was not wearing personal protective equipment (PPE) that could have protected the employee from being exposed to cold propane.

There was no documentation that the temporary employee had been trained on safely filling propane tanks, although another employee stated that the temporary employee had been trained. The company's investigation found that site training on refilling propane fuel tanks did not include information on items to inspect before beginning the filling operation.
Probable Cause
Based on the company's investigation, the CSB determined that the probable cause of the accidental release of propane was not securing the hose connection before starting the filling operation. Not using personal protective equipment that could protect the employee from being exposed to cold propane contributed to the severity of the incident.

Source:CSB.gov