[instreng.com]sis how to primer[1]
TRANSCRIPT
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 1/32
Safety Instrumented Systems: A How To Primer
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 2/32
Presenter IntroductionPresenter Introduction
• Michael Scott, PE, CFSE
• Vice President, AE Solutions
• 18 Years Experience• ISA Committees - S84, WG6 FGS
Chair, WG3 BMS Core Team Member
• Past ISA Safety Division BMS
Chairman• Past ISA Safety Division FGS
Chairman
• ISA Course Developer / Instructor
• ISA, AIChE, NFPA, SFPE Member • Past PIP Safety System Task Team
Member
• BSME, University of Maryland
• MS, University of South Carolina
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 3/32
What is an SIS?What is an SIS?
• Informal Definition:
– Instrumented Control
System that detects “ out of
control” conditions and
automatically returns the
process to a safe state
• “ Last Line of Defense”
– Not basic process control
system (BPCS)
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 4/32
Common SIS ApplicationsCommon SIS Applications
• Emergency Shutdown Systems
• Process Interlock Systems
• Burner Management Systems for FiredHeaters
• High Integrity Pressure Protection Systems
– Flare Load Reduction• Fire and Gas Detection and Mitigation
• Many are Installed and in Operation in
typical Process Plants…
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 5/32
How SIS are Different from BPCS?How SIS are Different from BPCS?
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 6/32
SIS Program
Safety
valve
Output
Process Process
Logic solver(s)
Input
Transmitter
Final Element(s)Sensor(s)
SV
IAS
SIS ComponentsSIS Components
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 7/32
What is NOT an SIS?What is NOT an SIS?
• Many Instrumented Protective Functions (IPF)
fall outside the industry-accepted definition
Equipment Protective Functions
ESD Functions that are solely initiated by manual
means
Emergency Isolation Valves
Alarm Systems Mechanical Devices, e.g., Fire Safety Valves with
Fusible Link, Overspeed protection, etc.
Not all interlocks in aNot all interlocks in a
SIS will be associated withSIS will be associated withPreventing a Specific Safety HazardPreventing a Specific Safety Hazard
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 8/32
Installation and
Commissioning 6%
Changes afterCommissioning 21%
Specification 44%
Operation and
Maintenance 15%
Design and
Implementation 15%
HSE Study of Accident CausesHSE Study of Accident Causes
• Accidents involving inadequate control
systems
“Out of Control: Why Control Systems go Wrong
and How to Prevent Failure,” UK Heath and SafetyExecutive, 1995
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 9/32
Conceptual Process DesignConceptual Process Design
Process Hazards AnalysisProcess Hazards Analysis
SIFSIF DefinitionDefinition
TargetTarget SelectionSelection
Conceptual DesignConceptual Design
TargetTarget Verification Verification
Design SpecificationsDesign Specifications
Construction, Installation,Construction, Installation,
And Commissioning And Commissioning
PSATPSAT
Operation, MaintenanceOperation, Maintenance
and Testingand Testing
Procedure DevelopmentProcedure Development
Management of ChangeManagement of Change
Typical SIS design lifecycleTypical SIS design lifecycle
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 10/32
Key Regulatory RequirementsKey Regulatory Requirements
• Process Safety Information
– OSHA Process Safety Management (PSM) Standard
29 CFR 1910.119(d) (3) – (ii) “ The employer shall document that equipment
complies with recognized and generally accepted
good engineering practices.”
• Also cited in EPA Accidental Release
Prevention Program 40 CFR Part 68
(68.65)
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 11/32
OSHA Endorsement of ISA 84.01OSHA Endorsement of ISA 84.01
• In 2000, OSHA Endorsed ANSI/ISA 84.01 viaLetter of Interpretation
• Complies with “ Process Safety Management”
• Is one example of RAGAGEP
• Not the “ only” way
• Applies to 1996 version of ANSI/ISA 84.01
• Also have endorsed 2004 version
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 12/32
“ “GeneralGeneral” ” SIS StandardsSIS Standards
• ANSI/ISA 84.01 (1996, 2004) – Application of Safety Instrumented Systems for
the Process Industries (1996) – Functional Safety: Safety Instrumented Systems
for the Process Industry Sector, (2004)
• IEC 61511
– Functional Safety: Safety Instrumented Systemsfor the Process industry Sector
• IEC 61508 – Functional Safety of
Electrical/Electronic/Programmable ElectronicSafety Related Systems
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 13/32
Application Specific Standards Application Specific Standards
• Burner Management Systems
– NFPA 85, Boilers
– NFPA 86, Ovens and Furnaces• Fire and Gas Systems – NFPA 72
• Compressor Systems – API 617-619
• Turbine Driver Systems – API 616• Offshore Oil & Gas Applications – API RP
14C
Application Specific Standards tend to be More-Prescriptive in
Nature. Not Flexible, or Performance-Based Standards
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 14/32
Existing versus New SystemsExisting versus New Systems
• OSHA Process Safety Management29 CFR 1910.119(d) (3) – (ii) “ The employer shall document that
equipment complies with recognized andgenerally accepted good engineeringpractices.”
– (iii) “ For existing equipment designed andconstructed in accordance with codes,
standards, or practices that are no longer ingeneral use, the employer shall determine anddocument that the equipment is designed,maintained, inspected, tested, and operating in
a safe manner.”“ The Grandfather Clause”
Grandfathering applies onlyGrandfathering applies only
If no upgrades are made to SISIf no upgrades are made to SIS
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 15/32
Regulatory ComplianceRegulatory Compliance• “ Good Engineering Practice”
– Is a moving target as industry practices change
– Does allow for a large degree of f lexibility based on
industry- and company- practices
– Is not an OPTION in the eyes of Process Safety
Regulations
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 16/32
How is Implementation of SIS goingHow is Implementation of SIS going
to affect my Plant?to affect my Plant?• Analysis Required
– Identify Safety Instrumented Functions
– Select and Verify Achievement of Performance
Targets
– Develop Safety Requirements Specs.
• New Equipment – Transmitters
– Valves
– Logic Solver (PLC)• Testing and Maintenance
– Increase (Decrease?) Effort Level
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 17/32
Layers of ProtectionLayers of Protection
Prevention Mitigation
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 18/32
What is aWhat is a “ “StandardStandard” ” SIS Design?SIS Design?
In Most Cases, The Prescriptive
Approach to SIS Design is Not Optimalfrom the Standpoint of Cost or Safety
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 19/32
Industry Standards forIndustry Standards for
SSafetyafety IInstrumentednstrumented SSystems (SIS)ystems (SIS)• Instrumentation, Systems, and Automation
Society (ISA), ANSI/ISA S84.00.01-2004,Functional Safety: Safety InstrumentedSystems for the Process Industry Sector ,2004.
• International Electrotechnical Commission(IEC), IEC 61511, Functional Safety: Safety
Instrumented Systems for the Process Sector
Performance Oriented Standards
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 20/32
What does ISA 84.01 require?What does ISA 84.01 require?
• Performance based
• Defines a “ safetylifecycle”
• Requires selection of
performance target• Requires confirmation of
target achievement,
quantitatively
What is a Safety Integrity LevelWhat is a Safety Integrity Level
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 21/32
A measure of the amount of risk reduction provided
by a Safety Instrumented Function (SIF)
SafetyIntegrity
Level
SIL 4
SIL 3
SIL 2
SIL 1
Risk ReductionFactor
100,000 to 10,000
10,000 to 1,000
1,000 to 100
100 to 10
Safety
> 99.99%
99.9% to 99.99%
99% to 99.9%
90% to 99%
What is a Safety Integrity LevelWhat is a Safety Integrity Level
(SIL)?(SIL)?
Probability ofFailure on Demand
0.001% to 0.01%
0.01% to 0.1%
0.1% to 1%
1% to 10%
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 22/32
Consequence
L
ike
lihood
Tolerable Risk
Region
ALARP
Risk Region
Unacceptable
Risk Region
Consequence Reduction,e.g., material reduction,
containment dikes,
physical protection
Inherent Risk
of the Process
Increasing Risk
SIL 1
SIL 2
SIL 3
Non SIS Risk
Reduction, e.g.Pressure
Relief Valves
SIS Risk
Reduction
Reducing Risk Reducing Risk NonNon--SIS Risk ReductionSIS Risk ReductionSIS Risk ReductionSIS Risk Reduction -- PreventivePreventive
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 23/32
Conceptual DesignConceptual Design
• Select Technology – Device Failure Rate
– Certifications
– Proven in Use (Prior Use)
– Safety Manual for Certif iedEquipment
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 24/32
Conceptual DesignConceptual Design
• Select Architecture /Voting – Select degree of
Fault Tolerance
– Redundancy for Safety
– Redundancy for NuisanceTrip Avoidance
– Identify potentialcommon-cause failuresthat could defeatredundant architecture
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 25/32
Conceptual DesignConceptual Design
• Functional Proof Tests – Frequency
– Online or during Shutdown
– Full Functional Test orPartial Test
• Diagnostic Testing
– Frequency – Response to detected fault
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 26/32
Typical SIL 1 DesignTypical SIL 1 Design
Atmospheric
Storage Tank
LT-101
V-101
LIC
101
LAL
LT-102
SV
IAS
LV-101 XV-101
ProductSeparator
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 27/32
Typical SIL 1 DesignTypical SIL 1 Design – – Low MTTFsLow MTTFs
AtmosphericStorage Tank
LT-101
V-101
LIC
101
LAL
SV
IAS
Vote 2oo2
LV-101 XV-101
Product
Separator
LAL
LT-102
LT-103
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 28/32
Typical SIL 2 DesignTypical SIL 2 Design
AtmosphericStorage Tank
LT-101
V-101
LIC
101
LAL
SV
IAS
Vote 1oo2
SV
IAS
LV-101 XV-101 XV-102
Product
Separator
Overhead toVapor
Recovery
LAL
LT-102
LT-103
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 29/32
Typical SIL 2 DesignTypical SIL 2 Design – – Low MTTFsLow MTTFs
AtmosphericStorage Tank
LT-101
V-101
LIC
101
LAL
IAS
Vote 2oo3
LV-101 XV-101 XV-102
Product
Separator
Overhead toVapor
Recovery
LAL
LT-102
LT-103
LT-104
2oo2
SOV
2oo2
SOV
IAS
C f P lC t f P l
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 30/32
Certified Functional Safety Expert
" ...ensuring that applicable parties involved in
any of the overall E/E/PE or software safety
lifecycle activities are competent to carry
out activities for which they are
accountable"
- IEC 61508, Part 1, Paragraph 6.2.1 (h)
Competence of PersonnelCompetence of Personnel
C tifi d F ti l S f t E tC tifi d F ti l S f t E t
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 31/32
Certified Functional Safety ExpertCertified Functional Safety Expert
• PE type certification process for applicationof IEC61508 / IEC61511 (www.csfe.org)
8/9/2019 [Instreng.com]SIS How to Primer[1]
http://slidepdf.com/reader/full/instrengcomsis-how-to-primer1 32/32