Upload
cesar-garcia
View
354
Download
2
Embed Size (px)
DESCRIPTION
Excelente introducción al manejo de alarmas y diseño de HMI.
Citation preview
Slide 1
Controller Effectiveness: Alarm Management and High Performance
HMI
API Control Room Conference
October 2009
San Antonio, Texas
Bill HollifieldPrincipal Alarm Management and HMI Consultant for PAS
Slide 2
Controller Effectiveness Resources
Bill HollifieldPrincipal Alarm Management
and HMI Consultant for
PAS
ANSI/ISA 18.2
Management of Alarm
Systems for the Process Industries
SOON:API RP-1167
Alarm Management For Pipeline
Systems
Slide 3
Controller Effectiveness: Support Factors
Note from Bill: Aren’t we all tired of the “3-legged stool” analogy?
Effective Alarm Management
High Performance HMI
Control Loop Performance
Very Effective Controller!
This Presentation:
Slide 4
Related ISA StandardsANSI/ISA–18.2–2009Management of Alarm Systems for the Process IndustriesBegun 2003, Released June 2009
ISA 101Human Machine Interface - In early draft stageRelease Date 2011+???
ISA-18.2 has:
A framework of alarm management life cycle steps and activities
Mandatory practices
Recommended practices
Some additional content will be published in follow-on “Technical Reports” (2011-2012)
The Standard does not have:
Detailed or specific “How to” guidance. That is not allowable content for a standard.
Work Practice Examples
Specific method recommendations
Specific method details
The “WHAT” Not the “HOW”
A vital and essential next step for alarm management !
Slide 5
ISA-18.2 Regulatory Impact
Does ISA-18.2 Apply to You? YES – if you have a DCS, SCADA systems, PLCs, Safety Systems, or anything where a controller responds to alarms!This includes Petrochemical, Chemical, Refining, Platform, Pipelines, Power Plants, Pharmaceuticals, Mining & Metals. Also for continuous, batch, semi-batch, or discrete processes.
Regulatory ImpactISA-18.2 is a “recognized and generally accepted good engineering practice.” (RAGAGEP!) OSHA and other agencies have General Duty Clauses: , “The employer shall document that equipment complies with recognized and generally accepted good engineering practices.” Regulatory agencies will take notice of ISA-18.2.
A regulated industry can be expected to either comply with RAGAGEP or show that they are doing something “just as good or better.”
GrandfatheringISA-18.2 says: “… The practices and procedures of this standard shall be applied to existing systems in a reasonable time as determined by the owner/operator.”
Slide 6
API RP1167 – High PointsAlarm: a visible and/or audible means of indicating to the controller an equipment
malfunction, process deviation, or other condition requiring a controller’s response.
The alarm system should be reserved for items meeting this definition.
• Alarm Philosophy• Alarm Systems – Proper Characteristics• Proper Alarm Prioritization• Proper Alarm Documentation & Rationalization• Master Alarm Database• Roles and Responsibilities• Proper Alarm Handling• NO UNCONTROLLED ALARM SUPPRESSION• ALARM CHANGES BY CONTROLLERS TIGHTLY CONTROLLED• MANAGEMENT OF CHANGE• Alarm Shelving• Advanced Alarm Methodologies overview• Alarm System Monitoring and Performance Metrics (TARGET NUMBERS!)• Alarm System Audits• General Information: SCADA Alarm types and typical features
Slide 7
API RP1167 – Alarm System Performance
Alarm Performance Metrics per Controller PositionBased upon at least 30 days of data
Metric Target Value
Annunciated Alarms per Time:Target Value: Very Likely to be Acceptable
Target Value: Maximum Manageable
Annunciated Alarms Per Day per Controller Position ~150 alarms per day ~300 alarms per day
Annunciated Alarms Per Hour per Controller Position ~6 (average) ~12 (average)
Annunciated Alarms Per 10 Minutes per Controller Position ~1 (average) ~2 (average)Metric Target Value
Percentage of hours containing > 30 alarms ~ <1%
Percentage of 10-minute periods containing >5 alarms ~ <1%
Maximum number of alarms in a 10 minute period 10 or less
Percentage of time alarm system is in a flood condition ~ <1%
Percentage contribution of the top 10 most frequent alarms to the overall alarm load
~<1% to 5% maximum, with action plans to address deficiencies.
Quantity of chattering and fleeting alarms Zero, action plans to correct any that occur.
Stale AlarmsLess than 5 present on any day, with action plans to address
Annunciated or Configured Priority Distribution
3 priorities: ~80% P3, ~15% P2, ~5% P1 or4 priorities: ~80% P3, ~15% P2, ~5% P1, ~<1% “Priority Critical.” Other special-purpose priorities (“Diagnostic”) excluded from the calculations
Unauthorized Alarm SuppressionZero alarms suppressed outside of controlled or approved methodologies
Improper Alarm Attribute ChangeZero alarm attribute changes outside of approved methodologies or MOC
Slide 8
The 7-Step Alarm Management Improvement Process – A Proven Methodology
Step 1: Develop, Adopt, and Maintain an Alarm Philosophy
Step 2: Collect Data and Benchmark Your Systems
Step 3: Perform “Bad Actor” Alarm Resolution
Step 4: Perform Alarm Documentation and Rationalization (D&R)
Step 5: Implement Alarm Audit and Enforcement Technology
Step 6: Implement Real Time Alarm Management
Step 7: Control and Maintain Your Improved System
Always Needed
Needed Based Upon Performance
Often Done Simultaneously
The WHAT and the HOWA primary focus on improvement of existing systems, with applicability to new systems.
Slide 9
Alarm Philosophy and Analysis
An Alarm Philosophy (a comprehensive document on “how to do alarms right!”)
CONTENTS Of An Alarm Philosophy1.0 Alarm Philosophy Introduction2.0 Purpose and Use3.0 Alarm Definition and Criteria4.0 Alarm Annunciation and Response4.1 Navigation and Alarm Response4.2 Use of External Annunciators4.3 Hardwired Switches4.4 Annunciated Alarm Priority5.0 Alarm System Performance5.1 Alarm System Champion5.2 Alarm System KPIs5.3 Alarm Performance Report6.0 Alarm Handling Methods6.1 Nuisance Alarms6.2 Alarm Shelving6.3 State-Based Alarms6.4 Alarm Flood Suppression6.5 Operator Alert Systems7.0 Alarm Rationalization7.1 Areas of Impact and
Severity of Consequences7.2 Maximum Time for Response
and Correction7.3 Priority Matrix7.4 Alarm Documentation7.5 Alarm Trip Point Selection7.6 The Focused D&R Option
8.0 Specific Alarm Design Considerations8.1 Handling of Alarms from Instrument
Malfunctions8.2 Alarms for Redundant Sensors and
Voting Systems8.3 External Device Health and Status Alarms8.4 ESD Systems8.5 ESD Bypasses8.6 Duplicate Alarms8.7 Consequential Alarms8.8 Pre-Alarms8.9 Flammable and Toxic Gas Detectors8.10 Safety Shower and Eyebath Actuation Alarms8.11 Building-Related Alarms8.12 Alarm Handling for Programs8.13 Alarms to Initiate Manual Tasks8.14 DCS System Status Alarms8.15 Point and Program References to Alarms8.16 Operator Messaging System9.0 Management of Change10.0 Training11.0 Alarm Maintenance Workflow Process
Plus Appendices
CONTENTS Of An Alarm Philosophy1.0 Alarm Philosophy Introduction2.0 Purpose and Use3.0 Alarm Definition and Criteria4.0 Alarm Annunciation and Response4.1 Navigation and Alarm Response4.2 Use of External Annunciators4.3 Hardwired Switches4.4 Annunciated Alarm Priority5.0 Alarm System Performance5.1 Alarm System Champion5.2 Alarm System KPIs5.3 Alarm Performance Report6.0 Alarm Handling Methods6.1 Nuisance Alarms6.2 Alarm Shelving6.3 State-Based Alarms6.4 Alarm Flood Suppression6.5 Operator Alert Systems7.0 Alarm Rationalization7.1 Areas of Impact and
Severity of Consequences7.2 Maximum Time for Response
and Correction7.3 Priority Matrix7.4 Alarm Documentation7.5 Alarm Trip Point Selection7.6 The Focused D&R Option
8.0 Specific Alarm Design Considerations8.1 Handling of Alarms from Instrument
Malfunctions8.2 Alarms for Redundant Sensors and
Voting Systems8.3 External Device Health and Status Alarms8.4 ESD Systems8.5 ESD Bypasses8.6 Duplicate Alarms8.7 Consequential Alarms8.8 Pre-Alarms8.9 Flammable and Toxic Gas Detectors8.10 Safety Shower and Eyebath Actuation Alarms8.11 Building-Related Alarms8.12 Alarm Handling for Programs8.13 Alarms to Initiate Manual Tasks8.14 DCS System Status Alarms8.15 Point and Program References to Alarms8.16 Operator Messaging System9.0 Management of Change10.0 Training11.0 Alarm Maintenance Workflow Process
Plus Appendices
Alarm Analysis(Specific Problem Identification)
Top 10 Most Frequent Annunciated Alarms
0
20000
40000
60000
80000
100000
120000
140000
160000
180000
43M
V02
2.B
AD
PV
43M
V00
6.B
AD
PV
43M
V02
4.B
AD
PV
43P
AH
397.
OF
FN
RM
43M
V01
0.B
AD
PV
43M
V01
8.B
AD
PV
43M
V02
2.C
MD
DIS
43M
V01
0.C
MD
DIS
43M
V01
8.C
MD
DIS
43F
C15
5.P
VLO
Ala
rm C
ou
nt
0.0
10.0
20.0
30.0
40.0
50.0
60.0
70.0
80.0
90.0
100.0
Cu
mu
lati
ve %
Alarms Per Day
0
1000
2000
3000
4000
5000
6000
- 8 Weeks -
Recorded
Max. Acceptable (300)
Manageable (150)
“We don’t need no stinkin’
rules!”
Slide 10
Top 10 Most Frequent Annunciated Alarms
0
20000
40000
60000
80000
100000
120000
140000
160000
180000
43M
V02
2.B
AD
PV
43M
V00
6.B
AD
PV
43M
V02
4.B
AD
PV
43P
AH
397.
OF
FN
RM
43M
V01
0.B
AD
PV
43M
V01
8.B
AD
PV
43M
V02
2.C
MD
DIS
43M
V01
0.C
MD
DIS
43M
V01
8.C
MD
DIS
43F
C15
5.P
VLO
Ala
rm C
ou
nt
0.0
10.0
20.0
30.0
40.0
50.0
60.0
70.0
80.0
90.0
100.0
Cu
mu
lati
ve %
Fix Your “Bad Actor” Alarms!
• The “top 10” alarms usually make up 20% to 80% of the entire alarm system load
• Many types: Chattering, Fleeting, Frequent, Stale, Duplicate, Nuisance Diagnostic, etc.
• The methods are simple to learn and apply.
Exactly How To Solve Them
Slide 11
Alarm Documentation and Rationalization
Ensures your actual alarms comply with your alarm philosophy (operator actions, priorities, time to respond, etc.)
Documents your alarms (Set Points, Causes, Consequences, Corrective Actions), creating a Master Alarm Database.
Fix problemswhile theyare small
Process History
Alarm and Control Configuration
SOPEOPHAZOPEtc…
Process History
0.0
0.2
0.4
0.6
0.8
1.0
1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 2 4 6 8 10 12 14 16
Data Points
MW
Plant Experience & KnowledgeProcess, Equipment, Operations, Procedures
P&IDs and Operating Graphics
D&R Software Tools
Alarm Statistical Analysis
ESD / APC Expertise
Slide 12
Audit / Enforce Proper Alarm Settings
• Alarm Configuration security is often ineffective.
• “Alarm Creep” will occur after D&R unless positive steps are taken.
• Best Practice: Automatically audit alarm settings to ensure they are not improperly changed.
Summary of Changes in Alarms Needing Management of Change (MOC)
Type of Change Quantity During Analysis Period
Alarm Enable State 79
Alarm Trip Points 181
Alarm Priority 92
Tag Range 121
Tag Execution Status 175
Total 648
Average Per Day 5.6
Slide 13
Implement Real Time Alarm Management• Real-time, dynamic Alarm Management
techniques are used to reduce inappropriate alarms caused by changing operating conditions. These techniques include:• Advanced Alarm Shelving (Temporarily
suppress alarms safely, with proper tracking and control)
• State-Based Alarming (Sets of multiple alarm settings that are optimum and correct for all your operating conditions.)
• Alarm Flood Suppression (Minimize these hazardous conditions!
• Operator Alert Systems(A toolset for notification of things that should not be alarms.)
Detect Plant State Change
Automatically Alter Alarm Settings to Match New State
Slide 14
Control and Maintain Your Improved System
• CONTROL - Insure that gains are not lost over time. Transition responsibilities. Continue to analyze.
• Ensure Proper Management of Change
On-Going KPIs
Slide 15
Be on the TV news!
If you haven’t started already, get started now! Or…
Get to know your Regulatory inspectors really well. They just want to help you.
Slide 16
Alarm Management Summary• Poorly performing alarm systems AND HMIs are
contributing factors to major accidents and poor operating performance.
• Proper Alarm System Management and Alarm System Performance is essential to maximum-efficiency operations.
• The solutions to the problems are well known and fully documented.
So, what about HMIs?
Slide 17
Most Existing HMIs are POOR!
•Common, but ineffective process depictions!•“Numbers sprinkled on a P&ID screen”•Inconsistent, improper use of color•No trends•No condition information
Many other poor practices
Slide 18
Alarm! Left of course!
Alarm! Right of course!
Alarm! Too Low!
Alarm! Too High!
No way to run a process:
Poor Alarm Systems and HMIs Encourage “Operating by Alarm”
Slide 19
DCS Graphics Were Introduced in an Era with No Guidelines!
• Many Poor Practices
Poor Graphics encourage Poor Operating Practices
Poor Graphics persist for decades!
Slide 20
Vendor Examples are Some of the Worst!
Flashy marketing graphics for selling a system!
10% of the screen is poorly-presented numeric data,
90% is just a “pretty picture”
Slide 21
Where is the information the operator needs?
5% of the screen is poorly-
presented numeric data,
95% is a “pretty picture”
Slide 22
Other Industries Do It Better
Speed Altitude Position Course
Time Enroute Time to next
Waypoint Time to Destination
Fuel Remaining Ground and
Terrain Proximity
Positions of nearby aircraft
Real-time weather & lightning
Glide Radius
Nearby Airports
Engine diagnostics
Data on Available Services at Airports
Comm & Nav Frequencies
Instrument Approaches
Much more…
GARMIN ® 1000 Avionics System
Situation Awareness is a High Priority!
Slide 23
High Performance HMI Benefits
• Study by Nova Chemicals and ASM® Consortium
Task Improvement
Detecting Abnormal Situations Before Alarms Occur
A 5X increase
Success Rate in Handling Abnormal Situation
37% over base case
Time to Complete Abnormal Situation Tasks
41% reduction
$800,000 per year savings anticipated on 1 ethylene plant
Time after time, poor HMIs are cited as contributing factors to major accidents
Slide 24
Data is Not Information: Is Fluffy Sick?
Blood Tests for Fluffy -1
Test Results
HCT 31.7%
HGB 10.2 g/dl
MCHC 32.2 6/dl
WBC 9.2 x109 /L
GRANS 6.5 x109 /L
L/M 2.7 x109 /L
PLT 310 x109 /L • Answer: Unless you are
vet, how can you know?
Slide 25
How About Now?
ABNORMAL VALUES can be seen at a glance.
Blood Tests for Fluffy -3
Test Results Range IndicatorLow – Normal - High
HCT 31.7% 24.0 – 45.0
HGB 10.2 g/dl 8.0 – 15.0
MCHC 32.2 6/dl 30.0 - 36.9
WBC 9.2 x109 /L 5.0 – 18.9
GRANS 6.5 x109 /L 2.5 – 12.5
L/M 2.7 x109 /L 1.5 – 7.8
PLT 310 x109 /L 175 - 500
Slide 26
Data is Not Information:
45.1°
48.2°
50.6°
53.8°
54.9°
22.5%
42.9°
98.2 MPPH221.2 PSI
96.2% “XYZ”
22.3% “ABC”60.1°
DP INH2012-15 22.81-12 16.31-15 39.1
77.8 MPPH
45.1°
48.2°
50.6°
53.8°
54.9°
22.5%
42.9°
98.2 MPPH221.2 PSI
96.2% “XYZ”
22.3% “ABC”60.1°
DP INH2012-15 22.81-12 16.31-15 39.1
77.8 MPPH• Lots of Data but
Not Much Information!
• Poor Presentation
• High Mental Workloadto Decipher
West East
Drive: 232.2 amps
Cooler
W. Vibration: 2.77 E. Vibration: 3.07
2.77MSCFH
155.2 °F 108.2 °F 166.1 °F55.7 psig
135.1psig
190.5 psig
Oil 155.2 °FOil 85.1 psi
65.1 °F
P&IDs are NOT HMIs!
Slide 27
Show INFORMATION not DATA
Coolgpm
RECYCLE COMPRESSOR K43
Alarm Indicator Appears here with Priority Level and Color
Desirable Operating Range shown as pale blue area
Alarm Range depicted and (for some) shutdown value
Alarm Range depicted and (for some) interlock valueShow Values Show Trends
Buttons for additional functionality
2
Compressor Status Showing Alarm/Shutdown Limits
Suctpsig
Interpsig
Dschpsig
SuctdegF
InterdegF
DschdegF
E. Vibmil
N. Vibmil
W. Vibmil
MotorAmps
Oilpsig
OildegF
42.7
38.793.1
18595 120
170
128
9170
80
290
Operational status is obvious at a single glance!
Slide 28
Analog is powerful!
A Column Temperature Profile
Deviation or absolute numbers optionally toggled
20.1
24.2
25.6
27.8
28.9
+1.1
-0.7
+0.8
A goodprofile?
Yes, this one is.
Too hot at the top, too cold at the bottom
Optional:Line color indicates abnormality, alarm is not yet activated
Slide 29
75001020
20 min000
Econ O2%
5.0
Sec Air
in.H2O7.0
AirKLBH
7400
3-4 traces maximum, with rare exceptions.
“What is good” element next to trend. Color coded with traces.
3500
5000
3500
5000
2 Hrs
KLBHKLBH
in.H2O
15
-15
MainSteam
4750
Feed Water4580
DrumLevel
-0.5
Trends are Underutilized. EMBED Trends INSIDE Graphics!
Implement:AUTO-RANGEAUTO-TIMEShow Boundaries of “What is
Good”
Slide 30
Alarm Indications
480.1 psi 480.1 psi480.1 psi
480.1 psi No Alarm Indication
480.1 psi
Diagnostic Priority
Priority 3 Priority 2 Priority 1
Diagnostic Priority
Priority 3 Priority 2 Priority 1
480.1 psi 480.1 psi 480.1 psi480.1 psi
2 1
Diagnostic Priority
Priority 3 Priority 2 Priority 1
480.1 psi 480.1 psi 480.1 psi480.1 psi4 3
Poor
Poor
Best:Redundant Coding
WORST 480.1 480.1 480.1
Priority 1 Priority 2 Priority 3
Slide 31
Status Depiction
Bright saturated color
is used to indicate
abnormal situations only
Using bright, saturated red and green to
show Run/Stop is a poor practice!
(Shape is Unfilled and darker)
Pumps with Run Indication Sensor:
Wrong Better
Pumps without Run Indication Sensing have a fill matching the background:
Not Running or Energized
Running or Not
Energized
Wrong Better
STOPPED
RUNNING(Shape is Filled and lighter)
Slide 32
Keep it Simple!
Good HMIs Have:• No Animation• Limited use of color, reserved for indicating abnormal situations and alarms• 2-D, not 3D!• No non-relevant internal equipment depiction• MANY TRENDS:• Integrated Alarm Information• Dozens of other factors
Poor Graphics encourage Poor Operating Practices
Wrong Wrong
Poor Vessel Level
Indication
Better Vessel Level
Indication
Very Poor Vessel Level
Indication
Crude Feed TK-21
Trend Vessel Level
Indication
2 Hrs
All Wrong!
3 Way Valve Symbols
Comm Failure
Off Scan
Alarm Inhibited
Offscan
Manual
Communication Failure (Stale)
Alarm Inhibit
Tagged
RIGHT
ABC
T
TI
<- Device State
Data Attribute
<- TagField ID ->
RIGHT
RIGHT
ABC
T
TI
RIGHT
ABC
T
TO
RIGHT
ABC
T
TI
RIGHT
ABC
T
TS
RIGHT
ABC
T
TI
RIGHT
ABC
T
TM
STATIC LEFT
LEFT
ABC
T
TI
LEFT
ABC
T
TO
LEFT
ABC
T
TI
LEFT
ABC
T
TS
LEFT
ABC
T
TI
LEFT
ABC
T
TM
TRANSIT
TRN
ABC
T
TI
TRN
ABC
T
TO
TRN
ABC
T
TI
TRN
ABC
T
TS
TRN
ABC
T
TI
TRN
ABC
T
TM
INVALID
INV
ABC
T
TI
INV
ABC
T
TO
INV
ABC
T
TI
INV
ABC
T
TS
INV
ABC
T
TI
INV
ABC
T
TM
Tagged
LEFT
ABC
T
TI
LEFT
ABC
T
TO
LEFT
ABC
T
TS
LEFT
ABC
T
TI
LEFT
ABC
T
TM
UNKNOWN/ERROR
ERR
ABC
T
TI
ERR
ABC
T
TO
ERR
ABC
T
TI
ERR
ABC
T
TS
ERR
ABC
T
TI
ERR
ABC
T
TM
RUN
ABC
T
TI
LEFT
ABC
T
TI
RIGHT
ABC
T
TI
Slide 33
More Poor Practices. Where are these from?
In Document “XXX”: “Color should not be the only indication for information.”Then 7 pages later the following is recommended:
8 pages later, alarm “severity” (priority) is addressed with conflicting advice to this!
Pumping Unit
Offscan
Manual
Communication Failure (Stale)
Alarm Inhibit
Tagged
STOPPED SEQUENCE INVALIDUNKNOWN/
ERROR TaggedRUNNINGSTATIC
OFF
ABC
T
TI
SEQ
ABC
T
TI
INV
ABC
T
TI
ERR
ABC
T
TI
RUN
ABC
T
TI
RUN
ABC
T
TI
RUN
ABC
T
TI
OFF
ABC
T
TO
SEQ
ABC
T
TO
INV
ABC
T
TO
ERR
ABC
T
TI
RUN
ABC
T
TI
RUN
ABC
T
TO
OFF
ABC
T
TM
SEQ
ABC
T
TM
INV
ABC
T
TM
ERR
ABC
T
TI
RUN
ABC
T
TM
RUN
ABC
T
TM
OFF
ABC
T
TS
SEQ
ABC
T
TS
INV
ABC
T
TS
ERR
ABC
T
TI
RUN
ABC
T
TS
RUN
ABC
T
TS
OFF
ABC
T
TI
SEQ
ABC
T
TI
INV
ABC
T
TI
ERR
ABC
T
TI
RUN
ABC
T
TI
RUN
ABC
T
TI
OFF
ABC
T
TI
SEQ
ABC
T
TI
INV
ABC
T
TI
ERR
ABC
T
TI
RUN
ABC
T
TI
Non SCADA Controlled Field ID ->
<- Device State
Data Attribute
<- Tag
RUN
ABC
T
TI
SCADA Controlled Field ID ->
<- Device State
Data Attribute
<- Tag
RUN
ABC
T
TI
RUN
ABC
T
TI
Non SCADA Controllable Valve
Offscan
Manual
Communication Failure (Stale)
Alarm Inhibit
Tagged
CLOSED TRANSIT INVALIDUNKNOWN/
ERROR TaggedOPENSTATIC
OPN
ABC
T
TI
RUN
ABC
T
TI
OPN
ABC
T
TI
CLS
ABC
T
TI
TRN
ABC
T
TI
INV
ABC
T
TI
ERR
ABC
T
TI
OPN
ABC
T
TI
OPN
ABC
T
TO
CLS
ABC
T
TO
TRN
ABC
T
TO
INV
ABC
T
TO
ERR
ABC
T
TO
OPN
ABC
T
TO
OPN
ABC
T
TI
CLS
ABC
T
TI
TRN
ABC
T
TI
INV
ABC
T
TI
ERR
ABC
T
TI
OPN
ABC
T
TS
CLS
ABC
T
TS
TRN
ABC
T
TS
INV
ABC
T
TS
ERR
ABC
T
TS
OPN
ABC
T
TS
OPN
ABC
T
TI
CLS
ABC
T
TI
TRN
ABC
T
TI
INV
ABC
T
TI
ERR
ABC
T
TI
OPN
ABC
T
TI
OPN
ABC
T
TM
CLS
ABC
T
TM
TRN
ABC
T
TM
INV
ABC
T
TM
ERR
ABC
T
TM
OPN
ABC
T
TM
OPN
ABC
T
TI
<- Device State
Data Attribute
<- TagField ID ->
4 Way Valve Symbols
Comm Failure
Off Scan
Alarm Inhibited
Offscan
Manual
Communication Failure (Stale)
Alarm Inhibit
Tagged
RIGHT
ABC
T
TI
<- Device State
Data Attribute
<- TagField ID ->
RIGHT
RIGHT
ABC
T
TI
RIGHT
ABC
T
TO
RIGHT
ABC
T
TI
RIGHT
ABC
T
TS
RIGHT
ABC
T
TI
RIGHT
ABC
T
TM
RIGHT
RIGHT
ABC
T
TI
RIGHT
ABC
T
TO
RIGHT
ABC
T
TI
RIGHT
ABC
T
TS
RIGHT
ABC
T
TI
RIGHT
ABC
T
TM
STATIC LEFT
LEFT
ABC
T
TI
LEFT
ABC
T
TO
LEFT
ABC
T
TI
LEFT
ABC
T
TS
LEFT
ABC
T
TI
LEFT
ABC
T
TM
LEFT
LEFT
ABC
T
TI
LEFT
ABC
T
TO
LEFT
ABC
T
TI
LEFT
ABC
T
TS
LEFT
ABC
T
TI
LEFT
ABC
T
TM
TRANSIT
TRN
ABC
T
TI
TRN
ABC
T
TO
TRN
ABC
T
TI
TRN
ABC
T
TS
TRN
ABC
T
TI
TRN
ABC
T
TM
INVALID
INV
ABC
T
TI
INV
ABC
T
TO
INV
ABC
T
TI
INV
ABC
T
TS
INV
ABC
T
TI
INV
ABC
T
TM
Tagged
LEFT
ABC
T
TI
LEFT
ABC
T
TO
LEFT
ABC
T
TS
LEFT
ABC
T
TI
LEFT
ABC
T
TM
UNKNOWN/ERROR
ERR
ABC
T
TI
ERR
ABC
T
TO
ERR
ABC
T
TI
ERR
ABC
T
TS
ERR
ABC
T
TI
ERR
ABC
T
TM
RUN
ABC
T
TI
Off-Scan
Manual
Communications Failure (Stale)
Field ID/Description
Device Value
Data Attribute
Tag
Discharge
Psi
Engineering Units
123.4 H
123.4 H
Suction
Discharge
Case 123.4 H123.4 H
ANALOG VALUES
Over Range
Under Range
Alarm Inhibited
Tagged
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Error
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
Discharge
Psi
High-High Alarm High Alarm Normal Low Alarm Low-Low Alarm Deviation - PlusDeviation -
MinusTagged
123.4 THH
123.4 HH
123.4 O
123.4 M
123.4 S
123.4 HR
123.4 LR
123.4 I
123.4 THH
123.4 O 123.4 O 123.4 O 123.4 O 123.4 O 123.4 O 123.4 TO
123.4 H 123.4 123.4 L 123.4 LL 123.4 R+ 123.4 R- 123.4 THH
123.4 M 123.4 M 123.4 M 123.4 M 123.4 M 123.4 M 123.4 TM
123.4 S 123.4 S 123.4 S 123.4 S 123.4 S 123.4 S 123.4 TS
123.4 HR 123.4 HR 123.4 HR 123.4 HR 123.4 HR 123.4 HR 123.4 THR
123.4 LR 123.4 LR 123.4 LR 123.4 LR 123.4 LR 123.4 LR 123.4 TLR
123.4 I 123.4 I 123.4 I 123.4 I 123.4 I 123.4 I 123.4 TI
123.4 TH 123.4 T 123.4 TL 123.4 TLL 123.4 TR+ 123.4 TR- 123.4 THH
123.4
123.4
123.4
123.4
123.4
123.4
123.4
123.4
More “recommended” examples: By the way, what is the most common color-blindness?
Slide 34
Is This Really a Good Example?
T1
V12
L
CLS
V5
T
TI
OPN
V1
T
TI
RUN
U1
T
TIOPN
V9
T
TI
OPN
V8
T
TI
RUN
T1
T
TO
RUN
U2
T
TIOPN
V11
T
TI
OPN
V10
T
TI
OPN
V2
T
TI
CLS
V4
T
TIOPN
V3
T
TI
Station ABC
OPN
V6
T
TITank Level
%50.0
Suction
Psi123.4
Case
Psi123.4
Suction SP
Psi123.4
DIscharge
Psi123.4
Discharge SP
Psi123.4
% Open
%123.4
OPN
V17
T
TI
OPN
V16
T
TI
CLS
V15
T
TI OPN
V14
T
TI
OPN
V7
T
TI
OPN
V13
T
TI
To Station BCD To Station DEF
Slide 35
The BP ISOM Unit HMI – a Contributing Factor
• No Overview
• No trends• No condition indication
• Essentially just a P&ID segment sprinkled with live values.
• No material balance (FLOW IN is on a different graphic)
• Inconsistent colors and alarms
Slide 36
Reactor 1
ThioniteMid-RunONCLEAR
Prod:State:Agit:Locks:
Run Plan:Actual:
IN OUTBalance
Menus
MainMenu
FeedSys
AuxSys
Reactor1
L2
Trend Control
Comp A Comp B
72.0
80.0
2 HR
Cool CPC CRM
Rate
Reactor 2
CRM-114Mid-RunONCLEAR
Prod:State:Agit:Locks:
Run Plan:Actual:
Balance
Comp A Comp B
60.0
68.0
2 HR
Cool CPC CRM
Rate
IN OUT
Hydrog A
BedA1
BedA2
Suct Dsch
OKOKOKCLEAR
VIB:BRG:OIL:Locks:
CycleComp A
470
500
FLOW
2 HR
Hydrog B
BedB1
BedB2
Suct Dsch
OKOKOKCLEAR
VIB:BRG:OIL:Locks:
CycleComp B
470
500
FLOW
2 HR
Alarms:ACKUNACK
ToggleList /Summary
P100
P210
P321
P441
Reactor2
HydrogA
HydrogB
L3 L4
70
80
%
12 HR
Key Performance Indicators
Conversion Efficiency
0.5
1.0
12 HR
Emissions Limit Ratio
Feed A Feed B Feed C SynG
Feed System Aux Systems
Atv 1 Atv 2 Pres %IP
Clr T-In T-Out Visc
CWT CWP S10
PWR VentP VentT
C57D Null-A Jup2
S200
MGA
Grok2
2
071608 08:55:07 RX2 LOW CRM –QUALITY EXC
LVL
LVL
Reactor 1
ThioniteMid-RunONCLEAR
Prod:State:Agit:Locks:
Run Plan:Actual:
IN OUTBalance
Menus
MainMenu
FeedSys
AuxSys
Reactor1
L2
Trend Control
Comp A Comp B
72.0
80.0
2 HR
Cool CPC CRM
Rate
Reactor 2
CRM-114Mid-RunONCLEAR
Prod:State:Agit:Locks:
Run Plan:Actual:
Balance
Comp A Comp B
60.0
68.0
2 HR
Cool CPC CRM
Rate
IN OUT
Hydrog A
BedA1
BedA2
Suct Dsch
OKOKOKCLEAR
VIB:BRG:OIL:Locks:
CycleComp A
470
500
FLOW
2 HR
Hydrog B
BedB1
BedB2
Suct Dsch
OKOKOKCLEAR
VIB:BRG:OIL:Locks:
CycleComp B
470
500
FLOW
2 HR
Alarms:ACKUNACK
ToggleList /Summary
P100
P210
P321
P441
Reactor2
HydrogA
HydrogB
L3 L4
70
80
%
12 HR
Key Performance Indicators
Conversion Efficiency
0.5
1.0
12 HR
Emissions Limit Ratio
Feed A Feed B Feed C SynG
Feed System Aux Systems
Atv 1 Atv 2 Pres %IP
Clr T-In T-Out Visc
CWT CWP S10
PWR VentP VentT
C57D Null-A Jup2
S200
MGA
Grok2
2
071608 08:55:07 RX2 LOW CRM –QUALITY EXC
LVL
LVL
Level 1 Overview – “At-A-Glance Status”
Slide 37
PSOAUTO
76.8 MPH76.088.5 %
Main Feed
Main Feed MPH
72.0
80.0
-60 -30-90 2 Hours
PSOAUTO
11.9 MPH12.022.3 %
Additive 1
Additive 1 MPH
10.0
14.0
-60 -30-90 2Hours
PSOAUTO
4.0 MPH4.0
44.3 %
Additive 2
Additive 2 MPH
2.0
6.0
-60 -30-90 2 Hours
VENT SYS
Analysis: Purity %
32.0
40.0
-60 -30-90 2 Hours
Analysis: Inhibitor Concentration %
4.0
6.0
-60 -30-90 2 Hours
AgitatorON
Reactor M5
Pump 1RUNNING
PSOAUTO
95.044.3 %
M5 Pressure98.0 psig
PSOAUTO
70.054.3 %
M5 Level %71.0 %
ThioniteProduct: Mid-Run
52.3 %
5.0 %
CoolantFlow
CoolantTemp
PSOAUTO
45.054.3 %
M5 Temp45.0 °C
To Coils
COOLING SYS
92.0 MPHPRODUCT
Temperature °C
40.0
48.0
-60 -30-90 2 Hours
Diagnostics1-OK
PumpsNeeded 1
SHUTDOWN
M5
Run Plan:Actual:
FREEZEM5
IN
Reset
OUT
Calc Diff:
-10%
+10%
Hours: 238.1Since:
State:
19707 19301
Material Balance
2.1 %
06/02/07 14:00:00
ISOLATEM5
Pump 2STOPPED2-BAD
M4MainMenu
- Level 3 -M5
Interlocks
FeedSystem
Product Recovery
Level 1 ReactionOverview
M5 Sequence Overlay
PurgeRate
ConversionEfficiency
Cat.Activity
Reserve Capacity
M5 StartupOverlay
M6- Level 3 -
M5 Cooling System
Feed Components: A - B - C
+/- 5 psi, 2hr
+/- 1 %, 2hr
Trend Control
4
Level 2 Process Unit Control
Slide 38
7 Steps for Creating High Performance Displays
Step 1: Develop a High Performance HMI Philosophy and Style Guide
Step 2: Assess and benchmark existing graphics against the HMI Philosophy
Step 3: Determine specific performance and goal objectives for the control of the process, for all modes of operation
Step 4: Perform task analysis to determine the control manipulations needed to achieve the performance and goal objectives
Step 5: Design and build high performance graphics, using the design principles in the HMI Philosophy and elements from the Style Guide, to address the identified tasks
Step 6: Install, commission, and provide training on the new HMI
Step 7: Control, maintain, and periodically reassess the HMI performance
Slide 39
Summary
• Poor HMIs have been cited as contributing factors to incidents and accidents
• Poor HMI practices are common
• Proper HMIs are an important success factor
• A High Performance HMI is practical and achievable.
You can:ASSESS and BENCHMARK your HMI
Do a GAP ANALYSIS for Improvement
DESIGN, CREATE, and IMPLEMENT a
High Performance HMI
?????? ???
?????? ?