At REACh ChemConsult GmbH, we provide comprehensive advice on the application of LOPA and carry it out.

The new EU standard 61511-3 (2019) "Functional Safety" describes the determination of tolerable risk as well as "probabilistic" methods for analysing and controlling risks in technical processes and plants in the process industry through appropriate protection systems and the specification of their necessary reliability.

"Probabilistic" methods work with frequencies of occurrence of triggers and probabilities of failure of protective systems (Probability of Failure on Demand (PFD)). Of the methods described in EN 61511-3, the Risk Graph method and Layer of Protection Analysis (LOPA) are the easiest to define requirements for the reliability of protection systems (expressed by Safety Integrity Level (SIL) for "instrumented" (electrical/electronic) systems or Independent Protection Layer (IPL) for mechanical systems). The advantage of LOPA over the risk graph method lies in the differentiated traceability of risk reduction by a specific protective device.
The aim of risk minimisation is to comply with tolerance criteria, which are to be set up in the risk matrix for variously severe effects of damaging events. EN 61511-3 does not provide any numerical values for this.
LOPA is based on a risk matrix specified by the company and particularly critical individual scenarios from HAZOP studies.
The "deterministic" approach that has been common in Germany to date is based on the "presumption of safety" that the state of the art is achieved by complying with a large number of standards and directives and thus at least "sufficient" avoidance of hazards is achieved.

As traditional safety engineering is organised "sectorally" into plant & process safety, occupational safety, machine protection, fire protection, explosion protection and environmental protection, an overarching methodology (HAZOP/PAAG) is required to cover the residual risk beyond the safety requirements defined by regulations.

HAZOP is initially only based on the severity of a damaging event, but can be combined with the Risikograph method or LOPA, for example, to create specifications for instrumented systems (SIL) or for mechanical protective devices (IPL).

