User login


You are here


Adejugba Olusola's picture

This topic is a spin-off from my research into redundancy in the oil & gas industry. Thinking this would be a good forum to share from those with experience in the application of this concept.

Inherent Safety in Process Safety Management is a concept that was introduced to the Oil & Gas industry to engender inherently safer approach to managing major accident hazards. The adoption of inherent safety culture has been of benefit to the aviation industry.

However, not much information is available on the level of awareness and measure of the impact in the offshore/oil & gas industry. Trevor Kletz once suggested the need for a systematic and visible use in the application of the principles and for better awareness of the concept, practicalities and benefits of inherently safer approaches to hazard management.


faizakhatri's picture

 safety culture has  got widespread attention in recent time  specially when we talk about offshore plant from designing and commission, safety measures work as a key point for all the stages Inherent principles and concepts  are used in designing stage of a project before construction and it  was firstly introduces by Professor Kletz (1985, 1998)  it is a method involving basic design measures to achieve hazard elimination, prevention and reduction and using less quantify hazardous material , more complex structures to simple design and using such  material which is less corrosive ,making process Ease of control etc.  it is   incorporates  with  safety engineering  and managing risk assessment system for creating effective safety performance  I got a picture from internet

Faiza khatri

M.Sc oil and gas engineering 

Ikechukwu Onyegiri's picture

Inherent safety is a proactive approach to process risk management which has been in operation in diverse sectors considering the lifetime costs of a process and its operation hoping to derive a cost-optimal option. Lifetime costs include the fixed cost of the facility, as well as the costs for operations, maintenance and safety measures. Inherent safety can  be incorporated at any stage of process safety management design but best results are gotten from earliest stage applications. The inherent safety approach uses basic design measures to achieve hazard elimination, prevention and reduction.

Though when it comes to a practical approach inherent safety principles in process safety management is one which is considered a "stiff" road to follow especially in the oil and gas industry. In practice, such an ideal (inherently safe) process safety management system rarely exists and it will be likely to think of inherently safer process safety management. As formalized by Professor Trevor Kletz the five comonly used inherent safety principles include [1]:

1. Simplification: e.g making some safety principles non-negotiable in your process safety management design

2. Substitution: e.g creating alternative principles that enforce same level of safety standards

3. Moderation: e.g principles that aim at avoidance of known safety hazards (limitation effects)

4. Minimization: e.g principles that aim at reducing the impact of a known safety hazard

5. Elimination: e.g principles that seek to fully eradicate the occurrence of a safety hazard.

The main drive behind these guidelines is to help designers strike a balance between hazard avaoidance, prevention, control and mitigation.

In the oil and gas industry especially offshore these five widely acceptable principles are still finding acceptance and systematic tools for process safety managementis still to be properly quantified. Thanks to prescriptive approaches today, inherent safety is becoming more of a practical thing in process safety management.


[1]  Gupta, J.P & Edwards, D.W (2002). Inherently safer design - present and future, Process Safety and Environmental Protection, 80, 115-125

Henry Tan's picture

You may like to upload the photo image?

Craig Donaldson's picture

It should be noted that inherent safety can be presented using a few overarching principles as described by Ikechukwu but the names used to describe these vary widely depending on the source consulted, however the principles are more or less the same in all versions.

From the above it is important to point out that overall the aim is simplification, producing a process which has fewer hazards and therefore needs fewer control measures to contain those hazards. Often processes designed with inherent safety as a driving principle will be seen as less elegant and efficient than those designed from other viewpoints, they may have larger recycles because less extreme conditions lead to a lower conversion per pass, for example. As well as the reduced cost of control the opportunity of reducing the cost of the consequences and of potential accidents should be taken into account.

Inherent safety led process design is a change from traditional design where the process is designed and the safety elements are added to control the resulting hazards and reduce risk. When inherent safety is considered from the very beginning of the design process there should be a lot less "tacked on" safety elements which need to be included. This simplification may reduce the cost difference between traditional and inherently safer designs significantly.

Ikechukwu Onyegiri's picture

Thanks Craig for the clarification, different standards used across the industry for the implementation makes inherent safety guidewords "tricky" to translate. As Henry suggested I got a picture of a breakdown of the guidewords.


Ikechukwu Onyegiri's picture

Inherent safety approach in process safety management has been termed as a cost-optimal option with increasing views of its integral part in process safety management (PSM) though more effective linkages are required between the two concepts for the further use of inherent safety principles. 

Process safety management is the application of management principles and systems to the identification, understanding and control of process hazards to prevent process-related injuries and incidents (fire, explosion, toxicity etc) [2]

Frameworks have been developed to integrate principles of inherent safety (substitution, moderation, simplification.etc) within PSM and the route I would like to focus on include: process knowledge and documentation, capital project review and design procedures, process risk management, management of change, process and equipment and integrity and finally human factors.

Quanlitative techniques for such a methodology include [2]:

1. Identification or development of a suitable protocol for any incident incorporating management functions of plan, do, check, act (i.e. continuous improvement cycle)

2. Use of inherent guidelines (as stated in previous post) and checklists at appropriate points in the protocol.

3. Validation of the inherent safety-based protocol via examples and case studies.

Although inherent safety is an attractive and cost-effective approach to risk management it has not been utilised as widely as other techniques such as HAZOP and quantitativve risk assessment.

Systematic tools in place so far include the INSET tool kit, the overall inherent safety index prototype by Edwards, integrated inherent safety index (I2SI) conceptual framework by Khan and Amyotte in 2003 [1].

[1]  R  & Khan, F.I (2003). Reduce dust explosions the inherently safer way. Chemical Engineering Progress, 98, 36-43

[2] Khan, F.I. &  Amyotte, P.R.  Incorporation of Inherent Safety Principles in Process Safety Management, AiChe, Wiley Interscience 2007

Craig Donaldson's picture

Why do you think it has not been utilised widely?

YAKUBU ABUBAKAR 51126107's picture

In line with what Faiza was saying about inherent safety in
process plant, the policy need to be implemented very early in the design stage
of the plant in order to identify the risk in the design and eliminate it
without causing much financial, safety and engineering problems.

They are classified as intrinsic properties of the process
that need to be avoided or totally remove not to be mange because they can
prove difficult later in the life of the plant. Limited information is
available on how to carry out the exercise on a plant which is a big challenge
to engineers managing obsolesce management.

Dows and Monds indices method are often used to estimate the
inherent safety in most of the petrochemical plant, but rarely used due to the mentality
of the people are used to old method of designing and never try it.

In a nut shell there is no specific format or formula of
removing inherent safety at the moment because while removing the identified
hazard sometimes another issues would result as a result of the modifications.




Adejugba Olusola's picture

The main application of inherently safe design is in the reduction of the consequences of hazards like fire & explosion, blast. Some examples of the application of the principles of Inherent Safety I could find commonly used today is the utilization of the plant facility layout or optimization of the topsides layout in offshore structures such as placing the Living quarters away from the effects of fire and explosion by the use of bridge linked installation or placing less hazardous modules between process areas and accommodation to act as buffer zones. This "Segregation" approach helps prevent the escalation and protects evacuation routes{1}.

The use of normally unmanned installations (NUI) is an inherently safe approach based on segregation of people from the prevalent hazards. However, this introduces other issues around maintenance of safety systems and availability & reliability of critical systems and safe-guarding the platform during personnel visits for maintenance.

The use of subsea wells and tie-backs in developing new discoveries is also inherently safe whilst it has the double advantage of optimizing/reducing costs, improving the economics of marginal fields and being environmentally friendlier than other offshore structures. Obviously, the flip side is it increases the size of the inventory to the facility to which the subsea well is tied to.

Any more examples are welcome. Crucially, ideas on the application of the principles are also welcome.



AEA Technology plc and Loughborough Consultants. “Improving Inherent Safety”. 1996.


Adejugba Olusola


Inherent safety could be divided into three levels which correspond to the three times improvement of human understanding on accidents causes. I type inherent safety phase is preliminary safety phase in which the main KPIs are technique and equipment reliability and environmental safety. II type inherent safety phase is norm safety phase in which the main KPIs are to achieve behavior norms, technique norms, management norms and legal norms. III type inherent safety phase is culture safety phase in which the main KPIs are to realize the harmony of safety philosophy, production system, safety system, management system and information system. In a word, inherent safety ought to be harmonious integration of preliminary safety, norm safety and culture safety.

sreehariprabhu's picture

The concept of inherent safety is becoming common in Offshore industry. In offshore, the hazardous materials and operations are in more close proximity with the personnel working onboard. During past time, the offhore industry was more focussed on active safety systems like shutting down plant and deluge systems to control the hazards. But after Piper Alpha Disaster, the industry changed the face of safety and is now focussing more on inherent safety. This is because, the active systems can fail which lead to not preventing the hazards.

There are two inherent safety principles. The first one is the reduction of inventories and the second one is simplification. These principles bring the advantage of reducing the topside weight and also reducing maintenance and operation requirements. Thus these concepts helps in minimizing the design considerations of offshore instalations and also improves the safety measures which minimizes the hazards. But this concept is still not widely used in offshore. It is high time that these concepts should be made to practice and also make personnels aware about using these concepts.

Sreehari Ramachandra Prabhu 

farman oladi's picture

Changes should be made to design process if inherent safety in process is a requirement. Presently Intensive safety studies usually take place at the later stage of the design where use of protective equipments are  a mean to avoid hazards, while  studies show two big factors should be taken into consideration at the early stages of the design as a practical approach to manage Inherent Safety are :  ·         Chemical Inherent Safety Index based on possible side reaction, flammability, explosively, toxicity and other major factor should be considered for the chemicals involved in the process.  ·        Process Inherent Safety Index to consider all sub-indexes to maximize equipment safety and process safety. 

·        Alternative Process conditions should be evaluated based on Safety, Environment and economy as main elements to tackle the practical approach.

Manuel Maldonado's picture


The role of Inherent safety within the process safety management has not been well recognised possibly due to lack of awareness of its benefits or knowledge of its principles, which has limited a truly implementation of its role. On the other hand process safety management being a very well recognised practice in the oil industry only has focused its efforts on ensuring that processing plants (chemical plants, refineries, gas plants or offshore platforms) are operated safely. The Process Safety Management is addressed by specific standards and rules supported by regulatory agencies.

Although the implementation of new facilities such as hydrocyclones, subsea developments, subsea multiphase pumps among any other, has been seen as an application of some of the inherent safety principles to the engineering design, it may has only been just a coincidence. Most of those technologies have had other business drivers such as development of new alternatives for oil production or oil processing. Inherent safety principles have been seen sometimes as part of the initial technical design and not being well applied and reinforced as a "Must Do" or due process. This then leads to technical safety issues related engineering and design decisions to be supported by other processes such as hazzop reviews within the formal safety assessment processes leaving inherent safety process aside.

Certainly the inherent safety process is a very important piece of an engineering process but still needs more efforts to be taken as a regular practice. As a practical approach the inherent safety process within the process safety management needs to continue creating awareness. It also needs to be promoted by the regulatory agencies and reinforced by the good leadership and corporate policies within the organizations. Obviously, some efforts are required by organizational leaders, researches and regulatory agencies to demonstrate the value and benefits of implementing inherent safety in the process safety management. Cost-benefit analyses, potential capital and operating costs savings and the main benefits to safety, the practical implementation and/or standardization of the inherent safety process can bring to the whole field development process should be discussed and published. This is our job and the job next generations.

Azeezat's picture


An Inherent safety
approach to hazard management is one that avoids or eliminate hazards or reduce
the magnitude, severity or likely hood of occurrence, by careful attention to
the fundamental design and layout. While inherently safer design is one that
avoids hazards instead of controlling them, particularly by reducing the amount
of hazardous material and the number of hazardous operations in the plant

Considering the lifetime costs of a process and its
operation, an inherent safety approach can lead to a cost-optimal option. Because
of its attractive and cost-effective approach, the inherent safety methodology
is now increasingly used in most engineering applications to reduce risk and
cost at the early stage of designs to avoid costly late design changes. Many
reasons have been attributed its widespread usage; the availability of
systematic principles for the application of inherent safety is perhaps the
most important reason.

Professor Trevor Kletz
(Kletz, 1985) was the first to formalize the principles of inherent
safety. He stated that there are five commonly used inherent safety principles
or guidewords (elimination, minimization, substitution, moderation, and
simplification) which are considered to be the most general and widely

In practice, an
ideal plant or process rarely exists as it is often the very reactive/special
nature of materials that makes them useful in industry. It is therefore more
helpful to think in terms of inherently safer plants or processes
in lieu of inherently safe plants or processes. Inherently safer processes
or plants pose less inherent risk as compared to conventional process/plant.

An advantage of this approach is that the hazards at source
can reduce the risk to personnel in the vicinity of the hazard as well as those
in the more distant/protected controls.  For example, by relying on segregation and
firewall wall may reduce the risk to the majority on the installations but do
nothing to limit the likelihood and consequence of the initial hazard and the
potential for injury and fatality for those on the plant.

The role of inherent safety is also stressed in the UKOOA guidelines
on fire and explosion Hazard management, which devotes an entire chapter to
inherent safety and hazard prevention. The guide explicitly states a preference
for prevention rather than control and mitigation, but recognises that in
practice an integrated approach combining prevention, control and mitigation is
needed to give defence in depth against hazards which cannot be avoided. It
also notes to be considered early in the design process.


Savitha Haneef's picture

Concept of Inherent safety is described as those aspects in fundamental design to prevent, control or mitigate hazards.This measures have the advantage of using existing equipments ,redesigning them to mitigate hazards at source and thus prevent any expensive 'add-ons' which can fail.Techniques such as process intensification and simplification offer inherently safer performance as mentioned in previuos posts .  This also results in reduction of weight and space requirements,need of maintenance and personnel and hence reduce the operating costs.

Inherent safety designs results in long term benefiits such as greater reliability, less operating costs and easy decommissioning. A study done by HSE shows that some leading safety specialists are familiar with the term 'inherent safety' and its principles. But many others only seemed to have a superficial understanding of the concept and its principles. The awareness of inherent safety need to be improved in the industry by training.


Ref: Improving Inherent Safety, D mansfield , L Poulter ,HSE books

Savitha Haneef

MSC Safety & Reliability Engineering

Uchenna Onyia's picture


In discussing safety in oil and gas industry, I feel it is
pertinent to talk about the failure modes in the industry as regards to hydrocarbon
process safety.  Metal fatigue is caused
by repeated cycling of the load below its static yield strength.  It is a progressive localised damage due to
fluctuating stresses and strains on the material and initiate and propagate in
regions where the strain is most severe. Fatigue process happens in 3 stages
–Initial crack initiation, progressive crack growth across part and final
sudden fracture of remaining cross section. 
All these factors must be taken into consideration in the design and
choice of materials of construction.  And
their reliability and maintainability covered in Reliability Centred Maintenance(RCM)
of the equipment or facility. 

uchenna onyia 51232632
MSc Subsea Engineering


Applying inherent safety principles in a practical manner implies that a whole
project team has a mandatory requirement to understand the generic hazards fully,
and to attempt to eliminate hazards and simplify plant in such a way that risks are

HAZID or Hazard Identification is appropriate at an early stage. This can be worked
up by the Safety engineer or by the whole team. HAZID is a form of qualitative risk
assessment. One way of helping that understanding is to construct a bow tie type
diagram showing what hazards exist and how the hazards materialize as events with
consequences. Particular areas of risk can then be assigned to specialists for reduction

This is also the time to do the first of a series of project HSE reviews, (or peer
reviews), using persons external to the project, (and who have skills relevant to the
type of project), to assess whether the risks appear to meet the Company’s risk criteria
and the plans to manage residual hazards will be acceptable to the Company.
This is also a form of qualitative risk audit.

At a later stage in a project detail drawings become available and the main equipment
has been specified. It is thus possible to do a full HAZOP to assess the risk of
any malfunction producing an unacceptable outcome. In America this is called a
“what if” study, but beware the difference; a “what if” study uncovers only what
the participants can envisage happening from their experience, whereas a formal
HAZOP seeks out all possible causes of - more of, less of, more than one of, part
of, none of , reverse of, for each physical parameter. HAZOP is systematic and can
thus reveal things beyond the experience of the individuals. A HAZOP is a form of
QUALITATIVE risk assessment.

It may be that there is sufficient uncertainty about reliability of particular items, or
proximity of one item to another, or impact of external forces (Eg weather), that
a Quantified Risk Assessment (QRA), may be called for. QUANTIFIED RISK
ASSESSMENT can be used at detail design, usually for limited plant items or groups
of items. The numerical accuracy of QRA is highly dependent on the validity of
the data and its applicability to the particular circumstance of the plant in question.
(Eg the number of leaks per mile of high pressure pipeline derived from a nuclear
database obtained in a benign environment must be applied with caution to similar
pipelines in an offshore environment). It also contains elements of subjectivity in
what factors to apply to the data. (Eg. If the data base shows that 50% of land based
gas pipeline leaks ignite what factor shall we impose on this for the gas riser on an
offshore platform in the windy North Sea where the riser is on the downwind side of
the installation).

This is not to say that QRA is not valuable but that it is highly valuable for comparing
options and somewhat less so for absolute figures of risk. Occasionally it is decided
to do a QRA of a complete plant – this is a highly expensive decision often costing
circa $1,000,000 so is not undertaken lightly, and normally only where legislation
demands. Finally, this would also be the time to do the second of a series of project

HSE reviews mentioned above.

Okechukwu Chukelu (51231798)

SanjayVyas's picture

The principle of Inherent safety is achieved through simplicity of design, robustness, reliability, practicality and quality of build. Inherent safety is a combination of the major decisions such as the concept selection and the smaller contributions including detailed design optimization and component quality.


The inherent safety culture should create a questioning attitude; ‘What is the hazard and what can I do to eliminate it?”


Adopting an inherently safe approach to design engineering allows for the identification and removal of potential hazards which are reasonably foreseeable at an early stage. Effective risk reduction shall concentrate on developing an inherent or intrinsically safe design using principles of ALARP. The primary means of risk reduction shall be the effective selection, use and application of codes and standards, proper specifications and conducting Hazid, Hazop, Safety Integrity Level and similar process hazard analysis (PHA), as applicable and implementing recommendations of such studies. The optimization of the layout for safety; and the quality standards and acceptance criteria applied to the design, construction, installation, maintenance and operation of plant and equipment etc. all contribute to the inherent safety in design approach.

Sanjay Vyas- (51234203)



More comments


Subscribe to Syndicate