are you ready for an sis? what to do before starting on your sis…and after it’s installed march...

Are You Ready for an SIS?

What to do before starting on your SIS…and after it’s installed

March 24, 2009

Presenter: Mike Schmidt, P.E.

Principal Bluefield Process Safety

Principal Safety ConsultantEmerson Process Management

Are You Ready for an SIS?, ©2009Slide 2

Before starting on an SIS

Steps of the Safety Life Cycle and Why They Matter

SIFs and SIL AssignmentThe SRSAfter the SIS is installed

– a conversation


The Safety Life Cycle

7

7

6543

2

2

8

19 8 7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

OperationProcess Design

1

1



7

7

6543

2

8

19 8 7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

OperationHazard Identification

1

1

2



7

7

654

2

2

8

19 8 7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

OperationRisk Assessment

1

1

3



7

7

653

2

2

8

19 8 7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

Operation

Risk Tolerance Criteria Confirmation

1

1

4



7

7

64

3

2

2

8

19 8 7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

Operation

Risk Reduction Allocation

1

1

5



7

7

543

2

2

8

19 8 7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

OperationSafety Function Definition

1

1

6



7

6543

2

2

8

19 8 7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

OperationSafety Function Specification

1

1

7



7

7

6543

2

21

9 8 7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

OperationReliability Verification

1

1

8



7

7

6543

2

2

8

19 8 7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

Operation

Mechanical/ Electrical/ Structural Detailed Design

1

1



7

7

6543

2

2

8

19 8 7

6

5

4

3

3

4

5

6

Analysis

Implementation

OperationSoftware Configuration

1

1

2



7

7

6543

2

2

8

19 8 7

6

5

4

2

3

4

5

6

Analysis

Implementation

Operation Equipment Build

1

1

3



7

7

6543

2

2

8

19 8 7

6

5

3

2

3

4

5

6

Analysis

Implementation

Operation

Factory Acceptance Testing

1

1

4



7

7

6543

2

2

8

19 8 7

6

4

3

2

3

4

5

6

Analysis

Implementation

OperationConstruction/ Installation

1

1

5



7

7

6543

2

2

8

19 8 7

5

4

3

2

3

4

5

6

Analysis

Implementation

OperationSite Acceptance Testing

1

1

6



7

7

6543

2

2

8

19 8

6

5

4

3

2

3

4

5

6

Analysis

Implementation

OperationValidation

1

1

7



7

7

6543

2

2

8

19

7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

OperationTraining

1

1

8



7

7

6543

2

2

8

18 7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

OperationPre-Startup Safety Review

1

1

9



7

7

6543

2

2

8

9 8 7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

OperationOperation

1

1

1



7

7

6543

2

8

19 8 7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

OperationTraining

1

1

2



7

7

6543

2

2

8

19 8 7

6

5

4

3

2

4

5

6

Analysis

Implementation

OperationProof Testing

1

1

3



7

7

6543

2

2

8

19 8 7

6

5

4

3

2

3

5

6

Analysis

Implementation

OperationInspection

1

1

4



7

7

6543

2

2

8

19 8 7

6

5

4

3

2

3

4

6

Analysis

Implementation

OperationMaintenance

1

1

5



7

7

6543

2

2

8

19 8 7

6

5

4

3

2

3

4

5

Analysis

Implementation

OperationManagement of Change

1

1

6



7

6543

2

2

8

19 8 7

6

5

4

3

2

3

4

5

6

Analysis

Implementation

Operation

De- commissioning

1

17


The Analysis Phase

7

21

9 8 7

6

5

4

3

2

3

4

5

6

Implementation

Operation

1

Analysis: Before starting on an SIS

7

6543

2

8Analysis

1


Process Design

Process Design has the greatest influence on the need for an SIS

This includes all of the main Process Design Documents

Conceptual DesignPFDs and Heat/Material BalancesP&IDs

1


Hazard Identification

Hazards are identified during the Process Hazard Analysis (PHA)

Preliminary PHAs“What If?”Checklist

Detailed PHA HazOp (Hazard Operability Review)


HazOps: Some tips

Tip 1. Take care in identifying the cause. If it’s a deviation, that normally means a failure.

Tip 2. Some HazOp methods prompt an identification of frequency. If this is done, do it consistently…with or without safeguards, with or without recommendations, with or without SIFs


Risk Assessment

Intolerable Risk

Negligible Risk

Consequence

Lik

elih

ood

Risk = Consequence x Likelihood


Risk Assessment

Consequence AnalysisOffsite Consequence Analysis (OCA)Quantitative Risk Analysis (QRA)

Likelihood AnalysisLayers of Protection Analysis (LOPA)


How much risk is too much?

Intolerable Risk

Negligible Risk

Consequence

Lik

elih

ood

Compare: Risk against Risk Tolerance Criteria

Risk Tolerance Criteria


Risk Tolerance Criteria

May come from any of several sourcesPlant policy Corporate policyIndustry benchmarks and guidelinesGovernment mandates

The United States does not set tolerable risk levels or offer guidelines.

Outside consultants should not decide for you what is tolerable


ALARP: Levels in the UK

10-3 fatalities/ work-year (worker)

10-6 fatalities/ work-year (worker)

10-4 fatalities/year (public)

Intolerable Risk

Negligible Risk

ALARP or Tolerable Risk Region

10-6 fatalities/year (public)


Factors to Consider

Number of facilitiesMulti-national or notSocietal expectations

Large, multinational companies tend to set levels consistent with international mandates, while smaller companies tend to operate in wider ranges and implicitly, at higher levels of risk


Risk Reduction Allocation

When additional risk reduction is requiredNon-instrumented IPLs

Passive components: Dikes Blast walls Secondary containment

Active components: Relief devices Redundant equipment or installed spares

Instrumented IPLsControl loops within the BPCSSafety Instrumented Functions


How much risk reduction?

Intolerable Risk

Negligible Risk

Consequence

Lik

elih

ood

SIL: Difference Between Risk and Risk Tolerance Criteria

SIL Assignment


Safety Function Definition

Non-SIS Safety Functions (IPLs):Scope definitionProject specification(This follows the normal project cycle)

SIS: SIF List SIL assignment

Note: SILs are assigned to functions, not to systems


SIF List

Typically includesSIF TagHazard DescriptionSIL Assignment/Required PFDavgTrip conditions

Instrument tagsSet point and directionVoting

Trip actionsInstrument tagsTrip state


Safety Function Specification

For an SIS, this is the Safety Requirements Specification – the SRS

Used to develop system quotesBasis of detailed designBasis of configuration

More extensive than a SIF List


The SRS – §10.3.1

“These requirements shall be sufficient to design the SIS and shall include the following:”

A list of 27 bullet items followThe SIF List addresses five of them


The SRS – §10.3.1

Other items includeSource of demand and demand rateProof test intervalsResponse time intervalsEnergize-to-trip or de-energize-to-tripMaximum allowable spurious trip rateOverrides/inhibits/bypassesResetsDangerous combinations


Organizing an SRS

Suggested approachGeneral SIS RequirementsSpecific SIF RequirementsBasis of Design

Policies Procedures Documents Reports


General SIS Requirements


Specific SIF Requirements


Reliability Verification

Two kinds of “SIL Calcs”SIL Assignment Calculations

Consequence Analysis Likelihood Analysis

SIL Verification Calculations Required by standards Use a combination of software

tools and custom calculations exida – SILVER (exSILentia) SIS-Tech – SilSOLVER


Before starting SIS design

Process DesignHazard IdentificationRisk AssessmentRisk Tolerance Criteria ConfirmationRisk Reduction AllocationSafety Function DefinitionSafety Requirements SpecificationReliability Verification


After the SIS is installed

Are there questions about:WitnessingProceduresResponsibility (Vendor or customer?)CertificatesFrequency Training after installation (Who

needs it? Who can operate?)


are you ready for an sis? what to do before starting on your sis…and after it’s installed march...

Documents

mike schmidt

sil assignmentthe srsafter