3
ISSUES & INSIGHTS 26 industrial automation asia | April 2007 www.iaasiaonline.com ISSUES & INSIGHTS he concept of a safety life cycle (SLC) has been specified in various standards, such as ANSI/ ISA-S84.01-1996 (replaced by ANSI/ ISA-84.00.01-2004), IEC 61508, and IEC 61511. The safety life cycle is essentially an engineering process or method for specifying, designing, implementing and maintaining safety instrumented systems so as to ac- hieve overall functional safety in a documented and verified way. This article discusses the benefits of SLC by providing low systematic failures, reduced risk, increased process up- time, decreased cost of engineer- ing, and design consistency. Finally, the impact of the SLC on the safety instrumented function (SIF) loop components, in particular final con- trol elements, will be thoroughly covered. The concept of frequent safety life cycle starts with an initial concept, progresses through design, implementation, operation and main- tenance to modification, and finally decommissioning. It does not end until decommissioning of the project when all the safety instrumented functions are no longer required for use. A complete safety life cycle can be categorised into three major phases consisting of the listed tasks: Analysis phase: Identify and estimate potential hazards and risks, Evaluate, if tolerable risk is within industry, corporate or regulatory standards, Check available layers of protection, If tolerable risk is still out of the limit then allow use of a safety instrumented system (SIS) with an assigned safety integrity level (SIL), Document the above into the safety requirement specifications (SRS). Realisation phase: Develop a conceptual design (for technology, architecture, periodic test interval, reliability, safety evaluation), Develop a detailed design for installation planning, commission- ing, start up acceptance testing, and design verification. Operation Phase: Validation planning, Start up review, operation and maintenance planning, SIS start up, operation & mainte- nance, periodic functional test, Modification, Decommissioning. Impact Of SLC On Field Devices As shown in Figure 1, a recent study from OREDA reports (Offshore Relia- bility Data Handbook) that 92 percent of all SIS failures occur in field devices such as final control elements and sensors. Following the SLC steps, a number of measures, listed below, can be used to minimise the number of dangerous failures in sensor component of SIF loop. The Safety life cycle approach offers significant benefits for increasing safety and up-time in process plants and considerably lowers operation and maintenance costs. By AF Stanley and Dr Kung Hun Koy. Implementation Benefits & Impact On Field Devices Safety Life Cycle: testing to improve the safety integrity level (SIL) and the mode and methods of testing will be discussed at length. Safety Life Cycle The safety life cycle is an engineering process intended to optimise design and increase safety. The safety life cycle approach applies to all design processes with the same fundamental steps: problems are identified and assessed; solutions are found and verified; and then the solutions are put into use to solve the identified problems. This is a closed-loop process approach as described in several functional safety standards, including IEC61508 and IEC61511. A www.iaasiaonline.com

ag4915167.pdf

Embed Size (px)

DESCRIPTION

issues and insights

Citation preview

Page 1: ag4915167.pdf

ISSUES & INSIGHTS

26 industrial automation asia | April 2007 www.iaasiaonline.com

ISSUES & INSIGHTS

he concept of a safety life cycle(SLC) has been specifi ed in various standards, such as ANSI/

ISA-S84.01-1996 (replaced by ANSI/ISA-84.00.01-2004), IEC 61508, and IEC 61511. The safety life cycle is essentially an engineering process or method for specifying, designing, implementing and maintaining safety instrumented systems so as to ac-hieve overall functional safety in a documented and verifi ed way. This article discusses the benefi ts of SLC by providing low systematic failures, reduced risk, increased process up-time, decreased cost of engineer-ing, and design consistency. Finally, the impact of the SLC on the safety instrumented function (SIF) loop components, in particular fi nal con-trol elements, will be thoroughly covered. The concept of frequent

safety life cycle starts with an initial concept, progresses through design, implementation, operation and main-tenance to modifi cation, and fi nally decommissioning. It does not end until decommissioning of the project when all the safety instrumented functions are no longer required for use.

A complete safety life cycle can be categorised into three major phases consisting of the listed tasks:

Analysis phase:• Identify and estimate potential

hazards and risks,• Evaluate, if tolerable risk is within

industry, corporate or regulatory standards,

• Check available layers of protection,• If tolerable risk is still out of the

limit then allow use of a safety instrumented system (SIS) with an assigned safety integrity level (SIL),

• Document the above into the safety requirement specifi cations (SRS).

Realisation phase:• Develop a conceptual design (for

technology, architecture, periodic test interval, reliability, safety evaluation),

• Develop a detailed design for installation planning, commission-ing, start up acceptance testing, and design verifi cation.

Operation Phase:• Validation planning,• Start up review, operation and

maintenance planning,• SIS start up, operation & mainte-

nance, periodic functional test,• Modifi cation,• Decommissioning.

Impact Of SLC On Field DevicesAs shown in Figure 1, a recent study from OREDA reports (Offshore Relia-bility Data Handbook) that 92 percent of all SIS failures occur in fi eld devices such as fi nal control elements and sensors.

Following the SLC steps, a number of measures, listed below, can be used to minimise the number of dangerous failures in sensor component of SIF loop.

The Safety life cycle approach offers signifi cant benefi ts for increasing safety and up-time in process plants and considerably lowers operation and maintenance costs. By AF Stanley and Dr Kung Hun Koy.

Implementation Benefi ts & Impact On Field Devices

Safety Life Cycle:

testing to improve the safety integrity level (SIL) and the mode and methods of testing will be discussed at length.

Safety Life CycleThe safety life cycle is an engineering process intended to optimise design and increase safety. The safety life cycle approach applies to all design processes with the same fundamental steps: problems are identifi ed and assessed; solutions are found and verifi ed; and then the solutions are put into use to solve the identifi ed problems. This is a closed-loop process approach as described in several functional safety standards, including IEC61508 and IEC61511. A

www.iaasiaonline.com

Page 2: ag4915167.pdf

ISSUES & INSIGHTS

www.iaasiaonline.com April 2007 | industrial automation asia 27

• Use measurements that are as direct as possible. (Correct technology)

• Control isolation or bleed valves to prevent uncoupling from the process between proof tests. (Installation and maintenance)

• Use good engineering practice and well proven techniques for process connections and sample lines in order to prevent blockage, sensing delays, etc. (Correct specifications)

• Use analogue devices (transmitters) rather than digital (switches). (Better design equipment selection)

• Use appropriate measures to protect the process connections and sensors against effects of the process such as vibration, corrosion, and erosion. (Operation and maintenance)

• Monitor the protective system process variable measurement (PV) and compare it against the equi-valent control system PV, either by the operator or the control system. (Design, specification and operation)

• Ensure integrity of process con-nections and sensors for contain-ment, such as sample or impulse lines. Instrument pockets are often a weak link in process containment measures. (Better maintenance and modification plan)

Final Control ElementsThe ‘final control elements’ are frequently the most unreliable part of the SIF loop. The reason is that final control elements have moving parts and are the mechanical portion of the SIF loop. Also, the final control element is downstream of the logic solver and receives commands from it. If it does not operate on ‘demand’, it can cause a

hazardous situation to occur. Sensors, on the other hand, are on the upstream side of the SIF loop and, when the analogue type is used, they allow easy read back by the logic solver to detect system faults.

Final control elements consisting of valves (shutdown, isolation, block and bleed), pilot valves, valve actuators, positioners, accessories, power supplies and utilities which are required for the actuator to perform its safety function, should all be adequately reliable. A measure of their reliability is used in confirming the integrity level of the protective system. This measure should take into account the proportion of failures of the final control element under the relevant process conditions leading to dangerous failures.

Fail SafelyDangerous failures of final control elements of SIF loop can be minimised by a number of measures such as:• Use of ‘fail-safe’ principles so that

the actuator takes up the Safe state on loss of signal or power (electricity, air etc); eg: use of a spring return actuator; (De-energise to trip) [Proper Specifications during SRS]

• Provision for uninterruptible power or reservoir supplies of sufficient capacity for essential power; (Ener-gize to Trip) [Proper Specifications during SRS]

• Failure detection and performance monitoring (valve travel diagnostics, limit switches, time to operate, torque, etc) during operation; (Online Testing & Diagnostics) [Operation and Maintenance]

• Exercising actuators or performing partial stroke shutoff simulation

during normal operation in order to reveal undetected failures or degradation in performance. Note that this is not proof testing but it may reduce the probability of failure by improved diagnostic coverage; (Partial Stroke Test) [Testing and inspection]

• Overrating of equipment; (Safety factor) [Design and Specification]

In recent times, tough competitive pressures have not allowed industries to make normal plant turnarounds. Process Industries are extending their plant shutdowns from the usual two years to a 5-year period. This puts pressure on final control elements to remain untested for an extended period of time. Digital valve controllers (smart positioners) have come to the rescue to allow testing of the valves on line and in service, as well as to provide diagnostics information.

Online TestingPer the SLC steps, testing of the final control element is required at each stage, whether it is validation, com-missioning, plant start up, operation, maintenance, modifications, etc. Digital valve controllers are communicating, microprocessor-based devices and have the capability to perform online partial stroke testing of final control elements in the SIF loop. The test can be done locally at the device or remotely, either directly from the logic solver or by companion software.

Because the digital valve controller provides diagnostic (output pressure) as well as positioning (travel) informa-tion, the valve status and response time can be monitored during the test (See Figure 2).

Figure 1: Where in the loop do SIS faults happen? – OREDA

Logic Solver 8%

Final Element50%

Figure 2: Valve trending status

Sensor42%

www.iaasiaonline.com April 2007 | industrial automation asia 27

ISSUES & INSIGHTS

Page 3: ag4915167.pdf

ISSUES & INSIGHTS

28 industrial automation asia | April 2007 www.iaasiaonline.com

plant, but also affect equipment and interruption to production.

A digital valve controller can provide complete diagnostic health information on the fi nal control element, as well as itself. In addition, the digital valve controller can provide complete docu-mentation of any emergency event as well as documentation of all testing. Insurance companies will accept this documentation for proof of testing. Best of all, this documentation can be completely automated so that expensive operator time is not required. The safety life cycle process requires documentation of validation and verifi cation of each phase. A digital valve controller provides system audit documentation for comparison and future reference. This provides relief to the maintenance staff by making documentation available automatically and it provides the capability to cross check with past performance by comparing previous test results.

Users who like to retain their solenoid valve while adding the digital positioner for the additional diagnostics can use the digital positioner to verify that the solenoid valve vents actuator pressure during on-line testing without disturbing the process. This gives users the ability to now document that

the solenoid valve vented actuator pressure, as shown in Figure 4, when tested online in addition to checking for coil integrity.

A Safer PlantSafety life cycle implementation provides a safer plant with low sys-tematic errors. It decreases the cost of engineering and increases process up-time. It considerably lowers opera-tion and maintenance cost by selecting the right technology equipment with correct implementation, as well as providing proper guidelines for opera-tion, maintenance, modifi cations and decommissioning. This will not only reduce plant risk, but it will also provide overall design consistency.

The SLC process impacts com-ponents of the SIF loop. Following SLC guidelines, selecting a digital valve controller for the ‘fi nal control element’ of the SIF loop can reduce dangerous undetected failures of the fi eld devices. A digital valve controller allows online partial stroke testing while the process is running. It also provides remote testing capability allowing for fewer maintenance fi eld trips. In addition, it allows establishment of an automated test routine that can produce great savings in time.

Figure 3: Valve signature test

Digital Valve ControllersDigital valve controllers have the capability to alert the operator if a valve is stuck. As the valve begins the partial stroke, it continually checks the valve travel to see if it is responding properly. If it is not, it will abort the test and alert the operator that the valve is stuck. This will prevent the valve from slamming shut if the valve does eventually break loose. This will avoid spurious trips of the plant. Spurious trips are not only strenuous on the

Figure 4: Plot of the pressure drop across the solenoid value.

References were made to the paper ‘Safety life cycle – Implementation benefi ts and

impact on fi eld devices’, ISA 2005, by Riyaz Ali.

Stanley Amirthasamy is the

Marketing Manager for

Instruments and Software

with the Fisher division of

Emerson Process Manage-

ment Asia Pacifi c Pte Ltd. He has been

in the valve industry, with a focus on the

Fisher digital positioner offering for over

seven years.

ment Asia Pacifi c Pte Ltd. He has been

Dr Kung Hun Koy is a Plant-

Web and Diagnostics Spe-

cialist for Emerson Process

Management Asia Pacifi c

Pte Ltd, Fisher Division. He

has been a marketing and

support engineer for digital positioners

for six years.

10.0

0

–10.0

–20.0

–30.00:00:09 0:00:19 0:00:29 0:00:39 0:00:49 0:00:59

Time (min:sec)

Port A – Port B Pressure (psi)

200 ms 20 ms 50 ms

Po

rt A

– P

ort

B P

ress

ure

(psi

)

28 industrial automation asia | April 2007 www.iaasiaonline.com

ISSUES & INSIGHTSValve PerformanceValve performance trends are moni-tored and automatically analysed after each partial-stroke test so that poten-tially failing valves can be identifi ed long before they become inoperable. This procedure is in line with the op-erations phase of the safety life cycle as defi ned in IEC61511. A cycle coun-ter and travel accumulator will show the extent of valve movement.

The results of a valve signature test (See Figure 3) can be used to easily determine packing problems (through friction data), leakage in the pressurised pneumatic path to the actuator, valve sticking, actuator spring rate, and bench set. The digital valve controller can save the results of this data for printout or later use. Overlaying the results of the current signature test with those of previous tests can determine if valve response has degraded over time. This information increases valve availability and ensures that the valve responds upon demand. It also reduces the amount of scheduled maintenance on the valve, because the tests can be used to predict when the valve needs maintenance.


pdf akuntanasi2.pdf

pdf akuntanasi2.pdf

Documents
PDF (06_Appendix3.pdf)

PDF (06_Appendix3.pdf)

Documents
ประกาศผลสอบ.com/pdf/2561/1547182481.pdf · PDF file

ประกาศผลสอบ.com/pdf/2561/1547182481.pdf · PDF file

Documents
entrate555.pdf · PDF file

entrate555.pdf · PDF file

Documents
n040002ro_ke2.pdf (PDF)

n040002ro_ke2.pdf (PDF)

Documents
PDF Created with deskPDF PDF Writer - Trial :: ...neurosurgery.dergisi.org/pdf/pdf_JTN_345.pdf · PDF Created with deskPDF PDF Writer - Trial :: . Turkish Neurosurgery 8: 63 - Effects

PDF Created with deskPDF PDF Writer - Trial :: ...neurosurgery.dergisi.org/pdf/pdf_JTN_345.pdf · PDF Created with deskPDF PDF Writer - Trial :: . Turkish Neurosurgery 8: 63 - Effects

Documents
antikorupcija.meantikorupcija.me/media/documents/Ugovori_o_radu_Sud_za... · 2016-08-15 · Scan10008.PDF; Scanl 0007.PDF; Scan10006.PDF; Scan10005.PDF; Scan10004.PDF; Scanl Scan10002.PDF;

antikorupcija.meantikorupcija.me/media/documents/Ugovori_o_radu_Sud_za... · 2016-08-15 · Scan10008.PDF; Scanl 0007.PDF; Scan10006.PDF; Scan10005.PDF; Scan10004.PDF; Scanl Scan10002.PDF;

Documents
Pdf pdf pdf

Pdf pdf pdf

Documents
PDF (Schaefer_pc_1969.pdf)

PDF (Schaefer_pc_1969.pdf)

Documents
PDF 51.pdf

PDF 51.pdf

Documents
PDF (Kinnersley_wm_1969.pdf)

PDF (Kinnersley_wm_1969.pdf)

Documents
Page 1 of 3 - thelawsalon.net · 1 cal CLASSIFICATION OF ACTIONS26 ... WEST'S CALIFORNIA DIGEST crim Law vol 14B pdf pdf pdf pdf pdf pdf pdf pdf pdf pdf pdf pdf pdf Misc

Page 1 of 3 - thelawsalon.net · 1 cal CLASSIFICATION OF ACTIONS26 ... WEST'S CALIFORNIA DIGEST crim Law vol 14B pdf pdf pdf pdf pdf pdf pdf pdf pdf pdf pdf pdf pdf Misc

Documents
cap8.pdf · PDF file

cap8.pdf · PDF file

Documents
Full page photodatarecoverypune.net/pdf/overwritten case studies...shalbin14.PDF shalbinIS.PDF shalbin16.PDF shalbin20.PDF shalbin22.PDF shalbin23.PDF shalbin24. PDF X Size 39, 620

Full page photodatarecoverypune.net/pdf/overwritten case studies...shalbin14.PDF shalbinIS.PDF shalbin16.PDF shalbin20.PDF shalbin22.PDF shalbin23.PDF shalbin24. PDF X Size 39, 620

Documents
scan0083.pdf scan0084 - Crescent Public Schools Care Plan.pdfscan0083.pdf scan0084.pdf scan0085.pdf scan0086.pdf scan0087.pdf scan0088.pdf scan0089.pdf How the length of the commute

scan0083.pdf scan0084 - Crescent Public Schools Care Plan.pdfscan0083.pdf scan0084.pdf scan0085.pdf scan0086.pdf scan0087.pdf scan0088.pdf scan0089.pdf How the length of the commute

Documents
pdf (1).pdf

pdf (1).pdf

Documents
4AAH1007_71550 4AAH1007_71550.pdf 4AAH1007_71550.pdf 4AAH1007_71550.pdf 4AAH1007_71550.pdf

4AAH1007_71550 4AAH1007_71550.pdf 4AAH1007_71550.pdf 4AAH1007_71550.pdf 4AAH1007_71550.pdf

Documents
PDF (Cummings_be_1962.pdf)

PDF (Cummings_be_1962.pdf)

Documents
13.2.pdf · PDF

13.2.pdf · PDF

Documents
cc24 pdf(1).pdf

cc24 pdf(1).pdf

Documents
1_2015.pdf · PDF file

1_2015.pdf · PDF file

Documents
1996.pdf · PDF file

1996.pdf · PDF file

Documents
110_ESF_18_Dep_Jun_15.pdf 120_EA_18_Dep_Jun_15.pdf 130_EVHP_18_Dep_Jun_15.pdf 140_ECSF_18_Dep_Jun_15.pdf 150_EFE_18_Dep_Jun_15.pdf 160_EAA_18_Dep_Jun_15.pdf 170_EADOP_18_Dep_Jun_1

110_ESF_18_Dep_Jun_15.pdf 120_EA_18_Dep_Jun_15.pdf 130_EVHP_18_Dep_Jun_15.pdf 140_ECSF_18_Dep_Jun_15.pdf 150_EFE_18_Dep_Jun_15.pdf 160_EAA_18_Dep_Jun_15.pdf 170_EADOP_18_Dep_Jun_1

Documents
PDF 76.pdf

PDF 76.pdf

Documents
PDF Compressor Pro - core.ac.uk · PDF Compressor Pro. PDF Compressor Pro. PDF Compressor Pro. PDF Compressor Pro. PDF Compressor Pro. PDF Compressor Pro. PDF Compressor Pro. PDF

PDF Compressor Pro - core.ac.uk · PDF Compressor Pro. PDF Compressor Pro. PDF Compressor Pro. PDF Compressor Pro. PDF Compressor Pro. PDF Compressor Pro. PDF Compressor Pro. PDF

Documents
narratividadeBertrand (PDF).pdf

narratividadeBertrand (PDF).pdf

Documents
PDF version PDF

PDF version PDF

Documents
Electronic Signatures & PDF - Planet PDF - The PDF User Community

Electronic Signatures & PDF - Planet PDF - The PDF User Community

Documents
smt1-2015.pdf · PDF

smt1-2015.pdf · PDF

Documents
341.pdf · PDF file

341.pdf · PDF file

Documents