the process safety management suite (psms) is a · after the cause & effect test is completed,...
TRANSCRIPT
2
The Process Safety Management Suite (PSMS) is a range of software packages designed to assist in the lifecycle management of Satety Instrumented Systems.Allowing for a defined and controlled approach to simplifying the design and validation of system development and modification.
The PSMS tools assist engineers, operation managers, control room operators, maintenance teams and many more personnel who have an active role within the systems lifecycle.
These tools have been designed and developed by certified functional safety engineers, providing a package which endeavours to reduce the time and costs involved with the management of a system yet providing an increased understanding and confidence with the operation of the system and the application logic.
The development activities for the PSMS have been externally audited by two independent auditing bodies against the requirements of IEC 61508.
Process Safety Management Suitepssuk.co.uk
3
Process Safety Solutions
IfonlyourCause&Effectwasuptodate inrealtime BackDraftingofCause&Effectdocumentationcanoftenlaglongbehind actualsystemmodificationprocesses.
CEREScanensureuptodateCause&Effectmanagement,trackhistory andimprovesafetyintegrity.
Process Safety Solutions
6
pssuk.co.uk
7
Key features
•LifecycleManagementofSafetySystemCause&Effects•GraphicalInterfacefordeveloping&maintainingCause&Effects•Searchtoolforqueryingcause&effectdatabase•ProductionofCause&EffectDrawings•Fulllifecyclehistoryandcomparisons•RedLinemark-uptoolformodifications•ImportfacilitytoconvertexistingCause&Effects•ExporttooltoVESTAforsystemtesting•ExporttooltoPALLASforsystemmonitoring
CERESisapackageofinnovativesoftwaretoolsthatallowforthedevelopment,maintenanceandlifecyclemanagementofCause&Effectdocumentationforsafety-instrumentedsystems.
CERESactsasaninterfacetothevastamountofdataneededtoproduceafullsystem’sC&EdrawingsandallowsformodificationstobedirectlyintroducedtothelifecycleoftheC&E.
CERESintroducesaconsistencytoC&Edrawingsbymaintainingarecordofpastdatabaseversions,ensuringdevelopmentiscarriedoutonthemostcurrentC&Edrawingsandprovidingatrailofpastmodifications. ExistingC&EscanalsobetreatedwiththesameleveloflifetimesupportasCERESprovidesatoolforconvertingexistingC&EsintoCERES.UtilisingtheCERESExtracttoolmakesforfastandcosteffectivemigrationofexistingC&EdrawingsintotheCERESC&Estyle.
TheversatilityofthefunctionsCERESprovidesausefulandpracticalsoftwaretoolforthemanagementanddevelopmentofSISC&ECharts.CERESoffershighlevelsofefficiencyandcontrolthrough-outthelife-cycleofasystem’sC&EChartswithpowerfulanduniquefunctionality.
Cause & Effect Relationship Software A full lifecycle Cause & Effect managementtool for Safety Instrument Systems.
7
CERESDesignallowsthedesignandmodificationsoftheCauseandEffectdatabase.
UsingCERESDesign,userscanConstruct,DestructandModifysystemInputs,Outputs,CauseandEffectrelationships,systemnotes,systeminformationandFire/ProcessZonemapping.
Eachmodificationisloggedwithadate/timestamp,theuserwhoimplementedthechangeandtheversionoftheCERESDatabase.
Beforeimplementingmodifications,theversionoftheCERESProjectcanbeupdated.Thisarchivesthecurrentversion.ThisallowsallpreviousversionsoftheCERESDBtobeinterrogatedandcompared.
CERESViewproducesCauseandEffectdrawingsbasedoninformationcontainedwithintheCERESdatabase.
TheCauseandEffectsdrawingsarecreatedbasedonuserspecifiedtemplateswhichallowtheCause&Effectdrawingstomeetenduserdocumentspecifications
TheCERESCauseandEffectdrawingsallowfor:
•Input/OutputGrouping&Segregation•DisplayofVotingInputs,IncludingANDing,MooNetc.•RevisionHistoryDetails•ExternalDocumentReferencing.•Cause&EffectsareexportedinexcelandPDFformat
pssuk.co.ukProcess Safety Solutions
8 9
CERESinsightprovidesuserswithaquickandeasy accessmethodtoobtainrelevantCauseandEffectinformation.
UsingthequeryfieldsuserscanentersearchcriteriatodisplaysystemandCause&Effectinformationrelevanttothequeriedinputsandoutputs.
ThisinformationcanbeusedtoswiftlydeterminetherelationshipsbetweeninputandoutputwithouttheneedtosearchmanuallythroughtheCauseandEffectsdrawings.
ThesearchparameterscanbesavedasCERESquerieswhichcanbeloadedbacktoallowforquickaccesstocommonsearches.
Thequeryresultscanbeexportedtherebyallowing forreportinganduserspecificapplications.
CERESVersionsallowsforcomparisonbetweentwoversionsoftheCERESProject.
Thisallowsorpreandpostmodificationverification,highlightinganychangesmadebetweenthetwoversions.
Thedifferencesarelistedandcanbedisplayedonthecauseandeffectmatrix.
pssuk.co.ukProcess Safety Solutions
10 11
CERESExtractcanbeemployedtoextractexistingCause&Effectdatabases,Cause&EffectdrawinginformationandpopulateanewCERESDatabase,.
UtilisingalibraryofeasytouseextractorsCERESextractcanbeusedonalargenumberofformatsincludingExcel,AccessDB,ParadoxDB,andSQLDB.
IfastandardextractorcannotbedeployedProcessSafetySolutionscanproducebespokeextractortoolstoremovetheneedformanualtransfer.
CERESTestisanexporttoolpassingtheCERESCause&EffectinformationtoVESTAandPALLASforoffandonsitevalidationofthesystemCause&Effect,againsttherunningSISapplicationlogic.
Process Safety Solutions pssuk.co.uk
12 13
pssuk.co.uk
15
pssuk.co.uk
15
Process Safety Solutions
14
Process Safety Solutions
14
Process Safety Solutions
14
Whydoesitinvariablytakeover400manhourstotestmysystemsapplicationsoftwareafteronlyaminorchange?Doyoucompromisesafetyintegrityandtestonlythoseareasaffectedbythechangeoracceptthatinanyaspectofmanualinterventiontherecouldbeimplicationtoanypartofthesystem,andcarryout100%Cause&Effecttest?
UsingthePSMSa100%systemtestcanbesettorunautomatically.Typicallyasystemteston1000I/Osystemtestwouldcompleteinapproximately6hours.
Key features
•TestingofCause&EffectstoverifyfunctionalityofSafetyPLCapplicationlogic•ImportexistingC&Echartsinavarietyofformats(Autocad,Exceletc.viaCERES)•CreateTestSequencestomimicC&Efunctionality•AutomaticallyconditionSystemtoa‘healthy’state•FullCauseandEffecttestingofSystemlogic•VerificationofexpectedEffectsagainstinitiatingCauses•DetectionofunexpectedEffects•ProductionofC&EChartsandreportsfromtests•Fullyautomated,fast,accurateandrepeatabletesting•Carryout‘before’and‘after’verificationofsystemapplicationlogic•Preandpostmodification.Compareresults.•FullysatisfiestherequirementsofIEC61511Part1Clause17.2.7Paragraph9: “Tests used to verify that the change has not adversely impacted parts of the SIS which were not modified.”
VESTAisaninnovativeoff-siteconditioningandtesttoolforsafety-instrumentedsystems(SIS)thatallowscompletelyautomatedtestingofsafetyapplicationprograms,runningonavarietyoftargethardware.
Itsimulatesinputs/votes(Causes)intothesafetyapplicationrunningonaSafetyPLCoremulator,thencomparestheexpectedoutputs’states(Effects)againstactualEffectsobserved,andproducesreports,basedontheresultsoftesting.
TheneedforclumsyarraysofswitchesandlampstypicallyrequiredtocarryoutSISapplicationverificationtestingisnotonlyeliminatedwithVESTAbutthespeed,repeatabilityandaccuracyofsuchtestingproceduresisvastlyimproved.
Verification and Test of ApplicationsAn off-site conditioning and test tool for safety instrumented system applications.
Applicationlogicmodificationsmayalsobetestedinthesamemanner,allowinganaudittrailtobeproduced;preandpostmodification.
Process Safety Solutions
16 17
VESTAmaintainsadatabaseofTags,SystemAddressingandTagTripPoints.
TheseTrippointsincludeLowLow,Low,Mid,HighandHighHigh
TheseTrippointscanbecalledusingTripcommandswithinVESTAsequencesandCERESCause&Effects.
VESTAallowsfortheallocationofsetpointstoeachanalogueinputandsetsthenormalstateofeachdigitalinputandoutput.
TheVESTASequenceeditorcanbeutilisedtodefineVESTAtestsequenceswhichcanbeusedtovalidatealargevarietyofSISfunctionality,including:
•AnalogueSpanChecks•DifferentialTrips•TimeDelayTrips•Voting•OverrideTesting•LogicFunctionTesting•FunctionBlockTesting
SequencesI/O Conditioning
Process Safety Solutions pssuk.co.uk
18 19
AftertheCause&Effecttestiscompleted,VESTAproducesatestreportdetailinganydiscrepanciesbetweenthedefinedCause&Effectsandthetestedapplicationlogic.
ThisreportcanbeutilisedasevidenceofthefullCause&Effecttestingandcanbeusedinconjunctionwithfactoryacceptancedocumentation.
VESTAiscapableoftestinganumberofuserdefinedCause&Effectlogicalfunctions,whichcanbemanuallydefinedordirectlyimportedfromtheCERESdatabse,including:
•DirectInput-OutputTest•TimeDelayTripTests•ANDedInputs•MooNInputs•AnalogueDifferentialTrips
OnceCause&Effectinformationhasbeendeclared,VESTAcanperformthefullCause&Effecttestautomatically.
Thetestisperformedasfollows:
•Conditioningofthesystemtoa‘healthy’baselinestate.•Systemresetsareapplied.•ThefirstCause&Effectinput/voteistripped. Alltheoutputsaremonitored.•Outputtripsaredisplayedonthetestmatrix.•Input/voteismade‘healthy’.•Systemresetsareapplied.•ThesecondCause&Effectinput/voteistripped.
TheCause&Effecttestisexecutedforeachdefinedinput/inputvote.Oncethetesthasbeencompleted,aCause&Effectmatrixviewtestreportisproduced.
Cause & Effect Testing
Process Safety Solutions
Test Reporting
pssuk.co.uk
20 21
Risk
No Risk - Logic functions as expected
Highlights a risk to Production
Highlights a risk to Safety
No Risk - Logic functions as expected
Description
Output tripped as expected
Output tripped, but was not expected
Output was expected to trip, but did not
No trip expected and none occurred
Name
Expected Trip
Un-Expected Trip
Expected Trip. Not Recorded
No Trip
Symbol
XXO
Process Safety Solutions
22
pssuk.co.uk
23
Process Safety Solutions
22
pssuk.co.uk
23
Process Safety Solutions
22
Key features
•LiveCause&EffectMatrixViewer•Cause&Effectinformationcanbeconvertedfromvariousstandardformats•AlarmandEventLogging•ReplayofloggeddatafromPALLASorESOE•ConnectstoSafetyPLCsvia•OPCAlarmsandEvents(1.x)•OPCDataAccess(1.x,2.xand3.x)
PALLASisaliveCause&EffectMatrixviewerforonsiteCause&Effectverificationandalarmlogging.
PALLASconnectstoalogicsolverviaanonintrusivereadonlyOPCinterface,andusesC&EdatafromCERESorfromPALLASdesignertodisplaythestatusofsysteminputs,outputsandintersects.
PALLASrecordstheAlarmandEventdatawhichallowsPALLAStoactasanAlarmLogger.
ThemainfeatureofPALLASistheliveviewingofaC&EMatrixasalarmsandeventsoccurinthesystembeingmonitored.CauseswillbehighlightedastheyhappenandanycorrespondingEffectswhichareinitiatedintheSISbytheinputchangearemonitoredandcomparedtotheC&EChartforthesystem.
Process Automation, Live Logging and Analysis SoftwareOn-site data historian and live Cause & Effect viewing application.
ThecomparisonbetweenlivedatawiththesystemC&EChartsallowsforaclearunderstandingofhowthesystemoperateswithregardstoCauseandEffect,italsooffersanimmediateinsightintoproblemsorfaultswithinthesystemorC&ECharts.
LogsarekeptbyPALLASofeveryeventwhichhappensinthesystemthereforeofferingaviewofhistoricaldataandloggingofdatauptotheexactmomentofanypotentialproblemsorshutdowns
WhydoesittakehoursoftrawlingthoughSequenceofEventsLogstoidentifywhatcausedtheShutDown?PALLAS’shistoricplaybackfeatureallowsfortheFirstUptriptobequicklyidentifiedusingtheCause&Effectplaybackmode,assistingwithRootCauseanalysis,resultinginmoreefficientshutdownanalysisandplantrecovery.
Process Safety Solutions
24 25
PALLAShasaLiveCause&EffectViewer.Utilisingknown‘normal’systemstates,thecurrentsystemstate(UsingtheA&Edata)andaCause&EffectmatrixdefinedfromCERES(ormanually).
Whenasysteminputtransitionstoatrippedstate,theinputisflaggedastrippedontheinputsectionoftheCause&Effectmatrix.
PALLASalsomonitorsthesystemoutputshighlightingwhentheoutputstransitiontotrip.
IfinputandoutputcorrespondbasedonthedefinedCause&Effectinformation,theappropriateintersectwillbehighlightedastripped.
Ifthereisanydiscrepancybetweeninputandoutput,eitheranunsuccessfultriporanun-expectedtrip,theintersectfieldwillbehighlightedasfailed.
ThecoloursdisplayedonthematrixareuserconfigurableallowingPALLAStoconformtoenduserrequirements.
Live Cause & Effect ViewerOPC Data Logger
OnceconnectedtoanOPCAlarmandEventsServerPALLASstartsloggingallevents.
TheseeventsarestoredlocallyonthePALLASPCallowingforaccesstohistoricaleventdata.
pssuk.co.ukProcess Safety Solutions
26 27
EachendelementdefinedwithinPALLAScanbeassociatedwithfeedbackinputs.Theseinputscanincludevalvelimitswitchesandswitchgeartellbacks.
Numerousfeedbacksignalscanbedeclaredforeachoutputandthe‘healthy’and‘tripped’feedbackstatesmustbedeclared.
Usingthisinformation,anoutputdiscrepancyisflaggedandloggedwhenthefeedbacksignalsdisagreewiththeoutputstate.
Thisfeatureactsasarecordforend-to-endtestingofsystemandelements.
Usingthefeedbacksignals,outputtimingcanbemeasuredallowingfortheopen/closetimesofvalvesetctoberecorded.
PALLAScalculatesthetimebetweenthesystemoutputstatechangeandthefeedbacksignalconfirmation.
Thesetimevaluesareloggedandallowsforaccesstoalargenumberoftimingdata.Thisdatacanbeusedtomonitorvalvehealthandtoassistinvalvemaintenance.
UsingthearchivedA&Edata,PALLAScanreplaythehistoricsystemeventsallowingforplantshutdownoccurrencestobereplayedandtoassistinRootCauseAnalysis.
Usingthetimestampeddata,PALLAScanreplayin‘realtime’orstepbysteptheshutdownoccurrencehighlightingfirstupinputsandallowingoperationpersonneltoidentifythecauseandtheshutdownquicklyandefficiently,allowingforquickerplantrecovery.
Thelogfilescanbeextractedfromtheon-sitePALLASPCandtransferredtoanyotherPALLASPCallowingfordatatobeanalysedbyoffsitepersonnel,includingmaintenance,managementandgoverningbodies.
Historical PlaybackFeedback Confirmation and Timing
pssuk.co.ukProcess Safety Solutions
28 29
Cyclic Cause & Effect Verification
Process Safety Solutions
Cyclic Cause & Effect Verification
pssuk.co.uk
Process Safety Solutions
Process House341GreatWesternRoadAberdeenAB106NWT:+44(0)1224586288
Knowledge GatewayUnitD3NesfieldRoadColchesterCO43ZLT:+44(0)1206625444
E:[email protected]:www.pssuk.co.uk