440 likes | 599 Views
University of Khartoum. Electrical and Electronic Dep. Control Section. Safety Instrumented Systems. The Facts about Industrial Accidents. IN EUROPE ……………. Accidents in industry kill one person every 2 hours and injure one person every 15 seconds
E N D
University of Khartoum Electrical and Electronic Dep. • Control Section Safety Instrumented Systems
The Facts about IndustrialAccidents • IN EUROPE……………. • Accidents in industry kill one person every 2 hours and injure one person every 15 seconds • The death toll is approximately 4,900 every year from a total of 7.6 million accidents....
“How can you demonstrate that you are safe?”
KILLAZ ooooooooo Good BYeTuhami
A Safety Instrumented System (SIS) is a form of processcontrol usually implemented in industrial processes, such as those of a factory or an oil refinery. The SIS performs specified functions to achieve or maintain a safe state of the process when unacceptable or dangerous process conditions are detected. Safety instrumented systems are separate and independent from regular control systems but are composed of similar elements, including sensors, logic solvers, actuators and support systems.
A Safety Instrumented System (SIS) is a new term used in standards like IEC 61511 or IEC 61508 for what used to be called Emergency Shutdown System ESD, Safety Shutdown System, Interlock System, Permissive Systems, etc. ... • A Safety Instrumented System (SIS)consists of one or more Safety Instrumented Functions SIF.
Basic Fundamentals of Safety Instrumented Systems (SIS) • The operation of many industrial processes involve inherent risks due to the presence of dangerous material like gases and chemicals. Safety Instrumented Systems SIS are specifically designed to protectpersonnel, equipment and the environment by reducing the likelihood (frequency) or the impactseverity of an identified emergencyevent. • Explosions and fires account for millions of dollars of losses in the chemical or oil and gas industries each year. Since a great potential for loss exists, it is common to employ Safety Instrumented Systems SIS to provide safe isolation of flammable or potentially toxic material in the event of a fire or accidental release of fluids…..
Basic Process Control System (BPCS) Safety Instrumented System (SIS) Inputs Outputs Inputs Outputs PT 1A PT 1B I / P FT Reactor Safety Instrumented Systems (SIS) A system composed of sensors, logic solvers, and final control elements for the purpose of taking the process to a safe state when pre-determined conditions are violated.
Basics of Safety Instrumented Systems (SIS) • Typically, Safety Instrumented Systems consist of three elements: A Sensor, a Logic Solver and a Final Control Element • Sensors:Field sensors are used to collect information necessary to determine if an emergency situation exists. The purpose of these sensors is to measure process parameters (e.g. temperature, pressure, flow, etc.) used to determine if the equipment or process is in a safe state.
Cont. • Logic Solver:The purpose of this component of Safety Instrumented Systems (SIS) is to determine what action is to be taken based on the information gathered. It is typically a controller that reads signals from the sensors and executes pre-programmed actions to prevent a hazard by providing output to final control elements. • Final Control Element:It implements the action determined by the logic system. This final control element is typically a pneumatically actuated On-Off valve operated by solenoid valves.
Examples ofSafety Instrumented Systems • High fuel gas pressure furnace initiates shutdown of main fuel gas valves. • Highreactor temperature initiates fail open action of coolant valve. • High column pressure initiates fail open action of pressure vent valve.
HI 5 LOWAI MAAAAAYN C YA KUNNO
Standards Bodies that Define Good Engineering Practice for Safety Instrumented Systems • ISA, Instrumentation Systems and Automation Society • IEC, International ElectrotechnicalCommission
Safety Instrumented System Standards IEC 61508-“Functional Safety: Safety Related Systems” Current version released 1999 Under revision for next release 2005 IEC 61511 -“Functional Safety: Safety Instrumented Systems for the Process Industry Sector” Published 2003 ISA 84.01-2003 -“Functional Safety: Safety Instrumented Systems for the Process Industry Sector” Identical to IEC 61511 with inclusion of grandfather clause To be published October 2003
Probability of Failure upon Demand PFD • By understanding how components of an Safety Instrumented System SIS can fail, it is possible to calculate a Probability of Failure on Demand PFD. • There are two basic ways for SIS to fail. The first way is commonly called a spurious trip which usually results in an unplanned but safe process shutdown. While there is no danger associated with this type of SIS failure, the operational costs can be very high. • The second type of failure does not cause a process shutdown or nuisance trip. Instead, the failure remains undetected, permitting continued process operation in an unsafe or dangerous manner. If an emergency demand occurred, the SIS would be unable to respond properly. These failures are known as covert or hiddenfailures and contribute to the probability PFD of the system failing in a dangerous manner on demand.
Cont. • The PFD for the Safety Instrumented SystemSIS is the sum of PFDs for each element of the system. In order to determine the PFD of each element, the analyst needs documented, historic failure rate data for each element. • The governing standards for Safety Instrumented Systems SIS state that: plant operators must determine and document that equipment is designed, maintained, inspected, tested and operated in a safe manner. Thus, it is imperative that these components of Safety Instrumented Systems be tested frequently enough to reduce the PFD and meet the target SIL.
SIL 4 Increasing Severity SIL 3 SIL 2 SIL 1 No Protection Increasing Cost Risk and Determination of Safety Integrity Levels
Protective System Technology Standard components, single channel or twin non-diverse channels SIL 1 Standard components, 1 out of 2 or 2 out of 3, possible need for some diversity. SIL 2 Multiple channel with diversity on sensing and actuation. Should rarely be required in Process Industry SIL 3 Specialist design. SIL 4
Safe Technology Safe Management I N S P E C T I O N S Planning Information to the Public Emergency Planning Demonstrate safety in the Safety Report
Planning Front End Engineering Management of Change Safety Lifecycle Engineering Design Operations & Maintenance Commissioning
Our MAAN THANX ABOALLOL
TheSISused to implement one or more safety functions. A SIS is composed of any combination of sensors, logicsolvers, and finalcontrolelements. Sensors: •for instrumentation (e.g., pressure sensor or radiation detector) Logic solvers: •Relay Logic •Solid State Logic •PLC Actuators: •Solenoids •Valves •Motors Design of (SIS)
Cont. •Design is built in layers of defense, called Independent Protection Layers (IPLs), to protect against the release of hazardous materials. •One of the protection layers could be the SIS designated for preventing or mitigating the hazardous event. • The SIS design usually divided into five steps: 1- Perform Hazard Analysis. 2- Allocate Safety Requirements. 3- Design SIS. 4- Testing, Installation and Verification. 5- Operation and Maintenance.
Step1:Hazard Analysis •Initial focus: “How much risk reduction will be required throughout the SIS life cycle?” This step includes the following: –Perform the HazardAnalysis; –Determine the likelihood and consequence of event scenarios; –Establish the functional classifications; and –Design requirements for the safety systems.
Step2: Safety Requirements •Safety Requirements are “allocated” to different “safetylayers” with the SIS being a potential safety layer. •Usually we use a graded approach by defining needed robustness, using a SafetyIntegrityLevel (SIL) as a figure of merit. •There are four SIL levels (SIL 1 to SIL 4) expressed in reliability terms(as mentioned before). –Probability of failure on demand-average (PFDavg). –The numerically higher the SIL, the higher the reliability of the SIS.
Cont. •One of SIL determination method called the Safety Layer Matrix (SLM). •SLM is used to determine the SIL of a SIS classified as safety significant. •The SLM accounts for: –The likelihood/consequence of events; and –The number of Independent Protection Layers (IPLs) that are credited for a specific safety function. The SLM is a qualitative SIL determination method.
Step 3:DesignSIS • Firstly we consider factors affects SIS design: • –Component failure rate (λD) • –Redundancy of structures, systems, and components • –Voting (e.g., one out of two or two out of four) • –Testing frequency (TI) • –Diagnostic coverage (DC) • –Common cause failure (β) • –Human factors • –Technology (i.e., digital vs. analog) • –Software integrity (e.g., language complexity, failure detection)
cont. •Software Quality Assurance (SQA): SIS must meet safety software quality assurance requirements, clarification relative to SIS terminology (e.g. application and embedded software) •Human Factors Engineering (HFE): The standard provides additional details for HFE considerations that are implemented during the SIS design process thereby ensuring that actions necessary for safety are performed correctly and in a timely manner (e.g., task analysis, human reliability analysis, testing,etc.). •Procurement and Commercial Grade Dedication (CGD): The Standard provides additional details for CGD providing reasonable assurance that an item will perform its intended safety function and can be deemed equivalent to an item designed and manufactured using appropriate national or international consensus standards.
Step4:Testing, Installation and Verification • Testing SIFs to ensure that they have desired functionality. • The SIL should be verified at the end of the detailed design to ensure that the design can achieve the assigned PFD avg. •The final SIL verification is performed after installation and/or modification. •The Standard requires verification that the design as installed and maintained complies with the assigned SIL. •The verification calculation requires a level of understanding and expertise about the factors that affect the PFDavg for a device and system and the ability of the device or system to perform the safety function.
Step5: Operation and Maintenance • Use diagnostics and testing to maintain performance. • Create and maintain procedure to support these activities. • Train personnel on procedures.
Safety Instrumented Systems (SIS) • Today SIS Safety Instrumented Systems play an increasingly important role in many process plants. Safety standards such as IEC 61508, IEC61511 and ISA S84.01, are creating more stringent safety requirements for process plants. • Depending on application use, other names used for SIS Safety Instrumented Systems are:Emergency Shutdown Systems (ESD), Burner Management Systems (BMS), Fire and Gas Systems (F&G), Critical Turbo machinery Control, Railway Switching, Semiconductor Life Safety Systems (SEMI S2), Nuclear 1E Safety Systems, High Integrity Protection Systems (HIPS), High Integrity Pressure Protection System (HIPPS) .