The Hazard and Operability (HAZOP) review is a systematic way to identify hazards to staff, facilities, and the environment. This method was first developed in Great Britain at ICI in 1964 and has been refined several times since.
The HAZOP technique involves the use of “Guide Words” to stimulate an imaginative yet systematic search by the investigative team for possible hazards and operational difficulties. This is typically done in a series of “Examination Sessions” where P&IDs, Sequence of Operations and other detailed process specification documents are reviewed for hazards by asking questions such as what would happen in the event of “higher than expected flow”, “lower than expected flow”, “no flow”, or “reverse flow”.
HAZOP techniques were developed for the chemical and processing industry but now the technique extends to identifying safety-critical risks in the software engineering process. One method in identifying the safety requirements that need to be incorporated into software is the HAZOP analysis. These safety requirements add constraints to the software design in methods such as prevention (not allowing the system to enter hazardous states), detection (spot when the system has entered dangerous state(s)) and correction (move the system from a dangerous state).
Other hazard analysis techniques include Fault-Tree Analysis, FME (Failure Mode and Effects) Analysis and HAZID analysis. See R2A site for a comprehensive survey of hazard techniques.