Hazard Studies & Risk Assessment

Bow-Tie Risk Analysis

Barrier-based major-accident model — the lingua franca of modern safety-case argument

Start your projectBack to Hazard Studies
What this study delivers

Bow-Tie Risk
Analysis

Bow-Tie has matured from a Shell-developed visualisation aid in the 1990s into the dominant barrier-based risk model across upstream oil and gas, COMAH safety cases, and increasingly hydrogen, ammonia, and battery-storage operations. The CCPS Bow-Tie Guidelines (2018) and Energy Institute Bow-Tie Standard (2019, rev. 2024) codify the discipline — Threat → Preventive Barrier → Top Event → Mitigative Barrier → Consequence — with explicit treatment of escalation factors, degradation controls, and barrier effectiveness scoring. The technique's strength is communicating major-accident logic to non-specialists: directors, operators, and regulators see the same picture. Its execution risk is barrier inflation (claiming non-independent or non-effective controls), missing degradation factors, and disconnection from LOPA. A defensible Bow-Tie programme integrates with HAZOP findings upstream, with LOPA / SIL allocation in parallel, and with barrier-health KPIs and SCE (Safety Critical Element) performance standards downstream.

Bow-Tie Risk Analysis — Overview
Study execution

How the study is executed

A structured, facilitated process — from scope definition through close-out — producing defensible, actionable outputs.

MAH Register & Top Event Definition

Define Major Accident Hazard (MAH) set from HAZID / QRA; specify Top Events per loss-of-containment category (gas cloud, liquid spill, BLEVE, toxic release, fire); confirm Top Event definitions with physical-state taxonomy per Energy Institute Bow-Tie Standard (2019).

Threat Decomposition & HAZOP Alignment

Decompose each Top Event to its threat (cause) set with HAZOP deviation traceability; assign threat categories (hardware failure, human error, external event, corrosion / degradation); build Threat-Top-Event-Consequence chain for each MAH.

Barrier Classification & Effectiveness Scoring

Map preventive and mitigative barriers per EI / CCPS taxonomy (passive, active hardware, active human, instrumented); score each barrier against CCPS effectiveness criteria — independence, reliability, audit frequency, validation record; flag weak or uncredited barriers.

Escalation Factor & Degradation Control Mapping

Identify escalation factors (maintenance backlog, weather, MOC state, bypass) for each barrier; specify degradation controls (inspection intervals, proof-test regimes, impairment permits); link escalation factors to Bow-Tie barrier to create risk-pathway visibility.

SCE Designation & Performance Standards

Designate Safety Critical Elements (SCEs) per UK KP4 / PFEER / NORSOK S-001 criteria; specify performance standards (functionality, availability, reliability, survivability) per SCE; align LOPA SIF designations and SIL targets to SCE performance-standard requirements.

KPI Framework, MOC Integration & Software Package

Specify barrier-health KPI dashboard per API RP 754 Tier 3/4 leading indicators; build MOC impact assessment procedure for barrier-affecting modifications; export BowTieXP / RiskView files with version control; produce COMAH / CCPS RBPS-aligned safety-case deliverable.

Bow-Tie Risk Analysis — Scope
Study scope

What the study covers in full

Top-event definition discipline — Loss of Containment categories by physical state (gas, liquid, two-phase, BLEVE)
Threat (cause) decomposition with HAZOP-deviation traceability
Preventive barrier classification per Energy Institute — passive, active hardware, active human, instrumented
Mitigative barrier mapping for escalation control (detection, isolation, fire/blast protection, evacuation)
Escalation factor identification with degradation-control specification
Barrier effectiveness scoring against CCPS criteria — independence, reliability, audit, validation
SCE designation per UK KP4 with performance standards (functionality, availability, reliability, survivability)
Barrier-health KPI framework — leading indicators per API RP 754 Tier 3 / 4
Software-supported delivery (BowTieXP, RiskView, Audatex) with version control and MOC linkage
Cybersecurity-aware Bow-Tie for IACS-driven top events per IEC 62443
Why it matters

Outcomes of Bow-Tie Risk Analysis

Barrier Integrity & MAH Control
  • Surfaces the silent single-point barrier dependencies that incident reviews repeatedly cite
  • Builds the line-of-sight from operator action through to corporate MAH risk
  • Drives barrier-health KPIs that complement Tier 1/2 lagging indicators
  • Addresses the Texas City / Buncefield / Macondo escalation-control gaps
COMAH / CCPS RBPS Safety-Case Defence
  • Audit-defensible under COMAH / Seveso III / NORSOK S-001 safety-case examination
  • Aligns with HSE KP4 SCE designation and PFEER demonstrate-ALARP requirements
  • Supports OSHA PSM PHA recommendation-tracking with structured barrier evidence
  • Provides regulator-grade barrier-effectiveness logic for novel hazards (H₂, NH₃, BESS)
Barrier-Health KPI & MOC Governance
  • Translates engineering risk into language that operators, supervisors, and directors all understand
  • Aligns inspection, maintenance, and proof-test priorities to SCE criticality
  • Provides MOC reviewers with a clear barrier-impact view
  • Drives barrier-degradation reporting culture from the shop floor
Targeted Barrier Investment Value
  • Targets capex to genuinely weak barriers rather than across-the-board uplift
  • Defers SIS rebuild capex by demonstrating layered preventive barriers
  • Reduces underwriter loadings through visible barrier-management rigour
  • Cuts incident-driven retrofit cost — typically 5–10× the proactive Bow-Tie investment
Get Started

Ready to start your project?

Speak with our team to scope an engagement tailored to your facility, regulatory context, and lifecycle stage.

Start your projectView all services