Sistem Otomasi Proses

Sistem Otomasi Proses untuk Safety & Reliability

Strength in Reserve
EMERGENCY RESPONSE CONTAINMENT RELIEF SIS ALARMS BPCS

A U T O M A T I O N

BPCS - Basic process control System

Alarms - draw attention

SIS - Safety interlock system to stop/start equipment Relief - Prevent excessive pressure Containment - Prevent materials from reaching, workers, community or environment

Emergency Response evacuation, fire fighting, health care, etc.

Key Concept in process Safety: REDUNDANCY

SAFETY STRENGTH IN DEPTH !

Seriousness of event
RELIEF SYSTEM SAFETY INTERLOCK SYSTEM ALARM SYSTEM BASIC PROCESS CONTROL SYSTEM Divert material safely Stop the operation of part of process

Bring unusual situation to attention of a person in the plant

Four independent protection layers (IPL)

In automation

Closed-loop control to maintain process within acceptable operating region

PROCESS
3

Objectives of Process Automation Control

1. Safety
2. Environmental Protection 3. Equipment Protection 4. Smooth Operation & Production Rate 5. Product Quality 6. Profit 7. Monitoring & Diagnosis
4

We are emphasizing these topics

Basic Process Control System (BPCS)

First line of defense Process control maintains variables at set points, which are fixed at some desired values

Technology - Multiple PIDs, cascade, feedforward, etc. Guidelines

Always control unstable variables (Examples in flash?)

Always control quick safety related variables Stable variables that tend to change quickly (Examples?) Monitor variables that change very slowly Corrosion, erosion, build up of materials

Provide safe response to critical instrumentation failures - But, we use instrumentation in the BPCS?
5

Where could we use BPCS in the flash process?

F1

The pressure will change quickly and affect safety; it must be controlled.

The level is unstable; it must be controlled.

F1

2. Alarm System
Alarm has an anunciator and visual indication
- No action is automated! - require analysis by a person - A plant operator must decide. Digital computer stores a record of recent alarms Alarms should catch sensor failures

- But, sensors are used to measure variables for alarm checking?

2. Alarm System
Common error is to design too many alarms - Easy to include; simple (perhaps, incorrect) fix to prevent repeat of safety incident - One plant had 17 alarms/h - operator acted on only 8% Establish and observe clear priority ranking

- HIGH
- MEDIUM - LOW

= Hazard to people or equip., action required

= Loss of RM, close monitoring required = investigate when time available

Where could we use alarm in the Flash Process ?

F1

10

The pressure affects safety, add a high alarm

PAH

A low level could damage the pump; a high level could allow liquid in the vapor line.
F1

LAH LAL Too much light key could result in a large economic loss

AAH

11

3. Safety Interlock System

Automatic action usually stops part of plant operation to achieve safe conditions - Can divert flow to containment or disposal - Can stop potentially hazardous process, e.g., combustion Capacity of the alternative process must be for worst case SIS prevents unusual situations - We must be able to start up and shut down - Very fast blips might not be significant
12

3. Safety Interlock System

Also called emergency shutdown system (ESS)

SIS should respond properly to instrumentation failures - But, instrumentation is required for SIS?

Extreme corrective action is required and automated - More aggressive than process control (BPCS)

Alarm to operator when an SIS takes action

13

3. Safety Interlock System

The automation strategy is usually simple, for example,

If L123 < L123min; then, reduce fuel to zero

steam

PC LC

How do we automate this SIS when PC is adjusting the valve?

water fuel
14

If L123 < L123min; then, reduce fuel to zero

LS = level switch, note that separate sensor is used

s

= solenoid valve (open/closed)

fc = fail closed
15 psig

steam PC LC LS
s

water fuel
fc fc

Extra valve with tight shutoff

15

3. Interlock System
The automation strategy may involve several variables, any one of which could activate the SIS If L123 < L123min; or If T105 > T105max . then, reduce fuel to zero

Shown as box in drawing with details elsewhere

L123 T105 ..

SIS 100

16

3. Safety Interlock System

The SIS saves us from hazards, but can shutdown the plant for false reasons, e.g., instrument failure.
False shutdown
T100
1 out of 1 must indicate failure
s

Failure on demand

Better performance, more expensive

T100 T101 T102 Same variable, multiple sensors!

5 x 10-3

5 x 10-3

2 out of 3 must indicate failure

2.5 x 10-6

2.5 x 10-6

17

3. Safety Interlock System

We desire independent protection layers, without commoncause failures - Separate systems

BPCS and Alarms Digital control system i/o . i/o

SIS and Alarms associated with SIS

SIS system i/o

i/o

sensors

sensors

18

KEY CONCEPT IN PROCESS SAFETY REDUNDANCY!

What do we do if a major incident occurs that causes loss of power or communication a computer failure (hardware or software)

SAFETY STRENGTH IN DEPTH !

RELIEF SYSTEM SAFETY INTERLOCK SYSTEM ALARM SYSTEM BASIC PROCESS CONTROL SYSTEM Divert material safely Stop the operation of part of process

Bring unusual situation to attention of a person in the plant

These layers require electrical power, computing, communication, etc. Could these all fail due to a common fault?

Closed-loop control to maintain process within acceptable operating region

PROCESS
19

4. Safety Relief System

Entirely self-contained, no external power required

The action is automatic - does not require a person

Usually, goal is to achieve reasonable pressure - Prevent high (over-) pressure - Prevent low (under-) pressure

The capacity should be for the worst case scenario

20

RELIEF SYSTEMS IN PROCESS PLANTS

Increase in pressure can lead to rupture of vessel or pipe and release of toxic or flammable material - Also, we must protect against unexpected vacuum! Naturally, best to prevent the pressure increase - large disturbances, equipment failure, human error, power failure, ... Relief systems provide an exit path for fluid Benefits: safety, environmental protection, equipment protection, reduced insurance, compliance with governmental code
21

Location of Relief System

Identify potential for damage due to high (or low) pressure (HAZOP Study) In general, closed volume with ANY potential for pressure increase - may have exit path that should not be closed but could be - hand valve, control valve (even fail open), blockage of line Remember, this is the last resort, when all other safety systems have not been adequate and a fast response is required!

22

Standard Relief Method: Valves

BASIC PRINCIPLE: No external power required self actuating - pressure of process provides needed force! VALVES - close when pressure returns to acceptable value - Relief Valve - liquid systems - Safety Valve - gas and vapor systems including steam - Safety Relief Valve - liquid and/or vapor systems Pressure of protected system can exceed the set pressure.

23

Standard Relief Method: Rupture Disk

BASIC PRINCIPLE: No external power required self acting RUPTURE DISKS OR BURST DIAPHRAGMS must be replaced after opening .

24

Relief Valves
Two types of designs determine influence of pressure immediately after the valve

- Conventional Valve -pressure after the valve affects the valve lift and opening - Balanced Valve - pressure after the valve does not affect the valve lift and opening

Conventional

Balanced

25

Some Information about Relief Valves

ADVANTAGES
- simple, low cost and many commercial designs available - regain normal process operation rapidly because the valve closes when pressure decreases below set value

DISADVANTAGES
- can leak after once being open (O-ring reduces) - not for very high pressures (20,000 psi) - if oversized, can lead to damage and failure (do not be too conservative; the very large valve is not the safest!) 26

Rupture Disk/Burst Diaphragm

ADVANTAGES - no leakage until the burst - rapid release of potentially large volumes - high pressure applications - corrosion leads to failure, which is safe - materials can be slurries, viscous, and sticky DISADVANTAGES - must shutdown the process to replace - greater loss of material through relief - poorer accuracy of relief pressure the valve
27

Symbols used in P&I D

Spring-loaded safety relief valve

To effluent handling

Process

Rupture disc

Process

To effluent handling

28

Add Relief to the Following System

F1

29

Add Relief to the Following System

The drum can be isolated with the control valves; pressure relief is required. We would like to recover without shutdown; we select a relief valve.

F1

30

Add Relief to the Following System

Positive displacement pump

31

Add Relief to the Following System

Positive displacement pump

The positive displacement pump will be damaged if the flow is stopped; we need to provide relief. We would like to recover without shutdown; we select a relief valve.
32

Add Relief to the Following System

Why are all those valves in the process?

33

Add Relief to the Following System

The extra hand`valves enable us to isolate and remove the heat exchanger without stopping the process.

The shell side of the heat exchanger can be isolated; we need to provide relief.
We would like to recover without shutdown; we select a relief valve.

34

In some cases, relief and diaphragm are used in series WHY?

What is the advantage of two in series? Why not have two relief valves (diaphragms) in series?

Why is the pressure indicator provided? Is it local or remotely displayed? Why?

35

In some cases, relief and diaphragm are used in series WHY?

Why is the pressure indicator provided? If the pressure increases, the disk has a leak and should be replaced. Is it local or remotely displayed? Why? The display is local to reduce cost, because we do not have to respond immediately to a failed disk - the situation is not hazardous.

What is the advantage of two in series? The disc protects the valve from corrosive or sticky material. The valve closes when the pressure returns below the set value.

36

Vents required to control or direct vapour/dust explosion effect

Structure

vent closed

Structure explosion

37

Materials from relief must be process or dispose safely

To environment
Holding for later processing
From relief

Vent steam, air

Waste water treating

Recycle to process

Fuel gas, fuel oil, solvent

Recover part to process

Immediate neutralization

Flare, toxic materials

38

5. Containment
Use to moderate the impact of spill or an escape

Example
Bund containment for storage tanks Location of relief valves and vents diversion to temporary storage /drain system (following breakage of rupture disk) Safety management in containment areas. Containment building (if applicable)

6. Emergency Response Management

Also used to moderate impact on incidents

All plants should ERP (emergency response plan)

Assembly, head-counts, evacuation etc

Summary
EMERGENCY RESPONSE CONTAINMENT RELIEF SIS ALARMS BPCS

1. Inherent design starts at project conceptualization 2. Three main strategy Substitution Intensification Attenuation 3. Six Layers of Protection

Safety Aspects in Gas Operation

Introduction to

42

Daftar Pustaka
In Jumanda Petruzella, Frank D, 1996. Industrial Electronics.Glencoe: McGraw-Hill. Pitowarno, Endra, 2005. Serial Buku Robotik: Teknik Disain. Surabaya Tcahjono Anang, Ir, 1997. Pelatihan PLC untuk Instruktur Politeknik seIndonesia. Surabaya: PENS-ITS. OMRON, 1990.Users Manual for C20 Programmable Controller.Jakarta:Kerjasama CEVEST dan JICA. OMRON, 1991.Training Manual for Mini H-type Programmable Logic Controllers.Singapura: May Edition.

OMRON, 1993.Operation Manual for Mini HType Programmable Logic Controllers.

Japan: Revised Edition. OMRON, 1997.Training Manual for CPMI Programmable Logic Controllers. Jakarta: Omron Indonesia Representative Office. Siswo Cahyono, Ir dan Tresna Umar Syamsuri, Drs, 1996. Petunjuk Praktikum SistemKontrol Pneumatik. Bandung: PPPP Dirjen Dikti Depdikbud.