Beruflich Dokumente
Kultur Dokumente
2
Agenda Overview
3
Various Discussion Points
4
Items for Further Thought (not really
covered today)
5
Items for Further Thought (not really
covered today)
6
What is a Safety Function?
A Primer
7
What is a Safety Function?
A Primer
H HH Flare/
PI
I
E Vent
PT A TT PT B
FFIC
S
IAS
FT 1
FT 2
FEED 2
IEC 61511 Allocation of safety functions
to protection layers
9
Protection Layers Graphic
Boom!
Process Operators
High Level
process value
Time
What is a Safety Function?
Systems Engineering
Physical Plant
Engineering Physical Environment
Project HSSE
Design Safety Instrumented Function
11
What is a Safety Function?
Simon’s Complexity Function
Complexity = 2N
where N = number of interfaces
12
SIS International Standards
History
15
IEC 61511Key Clause
16
Hazard Identification & PHA
no story is complete without a comment
18
Hazard Identification & PHA
try something different
21
Hazard Mitigation & Reliability Equations
22
Basic IEC 61511 Safety Function
Integrity Requirements
23
Hazard Mitigation & Reliability
Example
• PFDavg (availability)
– Proportional to failure rate X proof test interval
Unprotected Hazard Target Hazard Rate RRF SIL
Rate (1/yrs) (1/yrs)
1 in 10 1 in 100 10 1
1 in 10 1 in 1000 100 2
24
Control System Reliability
25
Graphical Derivation of Reliability
(PFDavg)
Reliability Equation
(simplified & no redundancy)
27
Certifications & Approvals
30
SIS International Standards
34
Plant Transitions
Startup & Shutdown
35
Terminology
38
Nice Day for a Proof Test
39
Identification of Unsafe combinations
how many are there?!
41
Chemical Processes
Explosives Ammonium Nitrate
42
Chemical Process
Ethylene Di-Chloride intermediate for vinyl chloride
43
Plant Transitions
Basic Message
44
Partial Stroke Testing
scared of big valves?
45
Partial Stroke Testing
scared of big valves?
46
Partial Stroke Testing
he is not scared of big valves!
47
Partial Stroke Testing
he knows it’s the smaller guys you worry about!
48
Partial Stroke Testing Example:
• The good:
– Devised SIS programming for carrying out PST
– Arrange for checking stroke times of trip valves for FAT
– PST point of 80% open or measured time delay
– Devise test procedure and sign-off at acceptance test with client
– Repeated checks & acceptance tests at Site
• The bad:
– Valve smaller than 4 inch were too fast even with relatively fast
SIS
• The ugly
– Operators did not allow PST to be commissioned
– What was assumed for PFDavg calculation?
49
Partial Stroke Testing Example:
Background
50
Partial Stroke Testing:
qualitative review PST effect on PFDavg
51
Partial Stroke Testing:
review simplified equations for PST effect on PFDavg
53
Partial Stroke Testing
54
SIL Verification:
55
SIL Verification:
the assumptions for the SRS
56
SIL Verification:
Example: Process Fluid and Connections
Process Connection
Steam (outside) X
Steam (inside) X
Soot Slurry X
Asphaltene X
57
Reliability/Failure Rate Data
another topic
60
Equipment Useful Life
When is reliability data valid (useful life)
Classical
Bathtub
Operating
Life (t)
Burn-in Useful Life Wear-Out
Ie. 10,000
Phase Phase Phase
cycles
Failure Rates, Plant Turnaround,
Proof Test Interval & Useful Life
• PFDavg = λd*T/2
• λd valid for only the useful life period (life time)
• Plant turnaround periods increasing
• Low Demand Mode
• Final elements “seizing/sticking”
• PFDavg = Cm*λd*T/2 +(1-Cm)*λd*LT/2
– Cm is proof test coverage factor (e.g.70%)
– LT is device life time
– Are devices being replaced after LT?
– How are devices being maintained
– Proof test does not equal maintenance
Stress Testing
Does it work?
• λd = λdu + λdd
• λdd depends on diagnostic coverage (DC)
• PFDavg = λdu*T/2 = (1-DC)*λd
– DC factor (e.g.70%)
– T proof test interval
– assume 100% coverage at proof test interval
• Improvement in RRF = 1/((Cm/n + (1-Cm))
• DC = 20% to 75%
– RRF improvement 25% to 300%
67
Diagnostics:
who wants them?
• Improvement in PFDavg
– Dangerous Detected versus Undetected
– Comparison transmitters from DCS
– Signal Fault diagnostics
• Automatic trip upon diagnostic detection
• Manual intervention upon diagnostic detection
– Assumed repair times
• Dangerous Times
– Shutdown
– Startup
– Upset conditions
68
Proof Test Intervals
discuss with Operations, Maintenance & Business
69
Proof Testing
• Checks by Operations
– 24/7
– Logs, inspections and walk downs
– Automatic valve closure & opening times
– Revision control of SIS s/w
– Example of pumping methanol in column sumps
– Comparison checks & logs of measurements
– Testing of duplicate offline trip valves
• Maintenance are typically fire fighters
– Regular checks are lower priority to keeping plant online
– Typical design of SIF does not take into account proof testing
– Asset Management System; who has completely implemented?
70
Do we have all the answers?
probably not, but!
72
The SIS Engineers are back;
are they going to disrupt my operations again?
Comments?
73
ISA Safety & Cyber Security
Webpage
74