Identification of major accident hazard critical elements (MCEs)


The objective of identification of MCE’s is to identify all safety critical elements also referred as MAH critical elements connected to prevention of major accidents or mitigation of severity of consequences during occurrence of Top event in MAH management.

Gap analysis shall be carried out against the comprehensive requirement of safety critical elements in line with the international standards against the installed safety critical elements in terms of availability and effectiveness.

A workshop shall be conducted for validating recommendations as a result of gap analysis in terms of ALARP demonstration & CBA (Cost benefit analysis). The International standards used for references shall be Shell DEPs, NFPA, API, ASME, ANSI, IEC, IOGP, ISA, EEMUA, EI, CCPS, ISO, BS and other applicable International Standards as per Client requirement.

A baseline review shall be done for identification of MCEs. The necessary data and other information required for the MCE development shall be collected through HAZOP reports, SIL reports (LOPA), observation and discussion with Client. The collected inputs shall be structured as Bow Tie diagrams representing various scenarios of MAH management across various locations. The outcomes from Bow Tie workshop shall be captured in MCE list sourced from Bow Tie diagrams.

The available latest equipment master list shall be obtained from Client, which can also be used for mapping identified MCE list. Bow Tie diagrams shall be the final reference document regarding the role of each safety critical elements in MAH management.

The selection of MAH critical element is a structured and methodical approach. It addresses each major accident hazard in turn and specifically lists all MCEs required for each MAH.

Coordination meeting shall be scheduled with Client subject matter expert (SME) to comprehend the existing asset maintenance management system, its features and functionality.

MCEs were identified and classified as such after the identification of MAHs and their associated causes, consequences and escalation potential. And identification of the barriers in place to safeguard against realization of the causes, resultant consequences and/or escalation scenarios.

The criteria presented below shall be applied to the identified barriers to determine whether or not they are critical with respect to major accident hazard management. The following criteria shall be applied to determine if a design element is MAH critical,

  • The element prevents occurrence of a MAH.
  • The element detects the occurrence of a MAH and initiates or allows initiation of an action which reduces the impact of the MAH
  • The element controls or mitigates the consequences of a MAH after it has occurred
  • The element forms part of the emergency response following a MAH
  • The element is required to support operation of a MCE

Prior to the workshop, a training session for individual operational sector shall be conducted for nominated personnel from Client. The training session enumerates the importance of MCEs and its identification process.

The selected MCEs shall be assessed in Major Accident Hazard critical element Identification Workshop. The necessary data required for the MCE development process shall be collected from Client through interactive observations, examination of documents, interview of personnel and management, discussions, focused questions, grading, weighing the variable, quantifying the function and cascading the results.

Major Accident Hazard Critical Element Identification Workshop is conducted to present and discuss the draft list of identified MCEs for each of the production facilities / stations and operating units. Gap analysis is done for the selected draft MCE identification list and it is discussed in MCE identification workshop.

The workshop team comprised of Client nominees, Facilitator and Scribe.


Standalone MCE Identification guidelines document is produced detailing as a minimum:

The ALARP demonstration shall be done for all recommendations from MCE Identification workshop. For recommendation from workshop which does not fall under broadly acceptable region of the risk tolerability criteria or ALARP (As low as reasonably practicable) region shall follow below hierarchical approach for the identification of additional risk reduction measures where required as part of the ALARP demonstration:

  • Eliminate, to physically remove the hazard
  • Substitution to replace the hazard with a less hazardous substitute
  • Segregation from the hazard by distance or isolation
  • Prevention by engineering e.g. process detection, ESD depressurization
  • Mitigation by engineering e.g. fire and gas detection, active/passive fire protection
  • Prevention/mitigation by organization e.g. manning, training, procedures
  • Mitigation by intervention e.g. emergency response, maintenance
  • Personal protective equipment.


safety critical elements - hierarchy-of-control

The Cost-benefit analysis (CBA) demonstration study shall be done for MCE Identification workshop recommendations. Here, the cost and benefit of select recommendations from the MCE Identification is enclosed in order to aid decision-makers to execute the recommendation. The cost calculation in CBA analysis includes only the equipment / instrumentation cost. Cost associated with engineering, pipe work modification / addition, installation and commissioning man-hour cost, cost of adding nozzles, tapings, instrument cable, addition of IOs etc. are not included in CBA study.

The Cost Benefit Analysis is performed for all recommendations taken from MCE Identification workshop, except for the recommendations that meet the below mentioned criteria.

  • Basic engineering study is required to estimate the bill of material which in turn is required to carry out a cost benefit analysis.
  • Provision of High/Low, Deviation Alarm in existing DCS, changes in control logic without addition of any new instrument etc.
  • Logic modification of ESD interlocks without addition of any new instrument
  • Designating existing alarm as critical alarm
  • SOP updation, addition of dead zones for corrosion monitoring, increase in preventive maintenance frequency.
  • P&ID and other document corrections.
  • Studies including alarm audits.
  • Recommendations that are of very low cost such as providing NRVs, Blinds etc


The identification of MCEs report includes a detailed description of the specific MCE safety barrier, MCE group, definition of design intention, goal of each MCE, identification and description of key sub-elements of each MCE, definition of scope and boundaries of each MCE. The outcomes from the MCE identification work shop shall be recorded.

The MCE Identification Workshop report provides complete list of equipments. Identify and classify MCEs and include IPLs in the existing LOPA reports. Contains results of gap analysis of the obtained equipment data with respect to existing MCE categorisation philosophy. Includes a detailed description of the MCE safety barrier, MCE group, definition of the design intention / goal of each MCE, identification and description of key sub-elements of each MCE, definition of scope and boundaries of each MCE. It also addresses each major accident hazard in turn and specifically lists all the MCEs required for each MAH. The interrelationship between identified MCEs and MAHs is elucidated in MCE report. And a standalone Major Accident Hazard Critical Element Register is prepared. Recommendations are mapped against the CCPS PSM elements CBA and ALARP demonstration studies for all recommendations with execution strategy.

Carry out an MCE criticality ranking exercise aimed to categorise MCE inventory base into relevant categories and to create a criticality profile of each MCE in the asset maintenance management system, and critically rank and include criticality ranking of all generated actions from a risk based perspective. For traceability, the outcomes from meetings, workshop sessions, group sessions, and agreements shall be recorded in minutes of meeting. Excel based live action tracking workbook shall be prepared for all the generated actions that can be periodically updated. And also log any discrepancy noted in the operations, drawings / technical documents/ equipment data.