The document discusses process safety and functional safety. It covers many topics related to ensuring safety in industrial processes, including safety lifecycles, risk assessments, safety instrumented systems, standards like IEC 61511, and maintaining safety through proper design, installation, operation and modification of systems.

1. Mike Boudreaux DeltaV SIS Brand Manager

2. Not all activities in life are safe…

3. …and we have different levels of risk tolerance

4. Occupational safety Personal safety Process safety Mechanical Integrity Structural Design FallPrevention Inherently Safer Design Policies & Procedures Facility Siting Ergonomics Work Schedules Functional Safety Safety Audits Personal Protective Equipment Emergency Response Employee Training Risk Assessment s Total Recordables Management Of Change

5. Process safety Mechanical Integrity Inherently Safer Design Policies & Procedures Facility Siting Safety Audits Functional Safety Emergency Response Employee Training Risk Assessment s Management Of Change

6. Bhopal, India, 1984 Texas City Refinery, USA, 2004 Chernobyl, Russia, 1986 Piper Alpha, UK, 1988 Why do accidents happen?

9. “You can have a very good accident rate for ‘hard hat’ accidents but not for process ones.”

10. “The fact that you’ve had 20 years without a catastrophic event is no guarantee that there won’t be one tomorrow.”

11. Process safety Mechanical Integrity Inherently Safer Design Policies & Procedures Facility Siting Safety Audits Functional Safety Functional Safety Emergency Response Employee Training Risk Assessment s Management Of Change

12. Functional safety PFDavg SRS RRF IEC 61511 FMEDA SIS IEC 61508 BPCS PHA HAZOP SIL LOPA SIF

14. For system designers integrators and users For product designers and manufacturers IEC61513 : Nuclear Sector IEC61508: All Industries IEC62061: Machinery Sector IEC61511: Process Industry Sector

16. Source: http://www.wordle.net/show/wrdl/2276332/IEC_61511

18. Workstation Controller Control element Transmitter

19. Logic solver Transmitter Final element

21. SIF #1 SIF #2

25. PFDSIF1 = PFDPT-101 +PFDlogicsolver+ PFDFV-101 Logic solver SIF #1 PT-101 FV-101

26. Source: IEC 61511-1, Table 3 – Safety Integrity Levels: probability of failure on demand

27. Functional safety PFDavg SRS RRF IEC 61511 FMEDA TÜV SIS IEC 61508 BPCS PHA HAZOP SIL LOPA SIF

28. ?

29. Safety Lifecycle Management

30. The IEC 61511 Safety lifecycle

31. Safety Lifecycle Management

32. Functional Safety Management

35. Competency management

36. Documentation structure and control

37. Configuration management

39. CompetencyRequirements

41. Activity / phase objectives Safety Requirements Specification Process Hazards Analysis Safety Management System

42. Verify

43. Source: IEC 61511-1, Figure 12 – Software development lifecycle (the V-Model)

45. Safety Life-cycle Structure and Planning

46. Safety Lifecycle Planning

47. Verification Planning

48. Safety life-cycle structure

49. ?

50. Analysis Phase

52. Allocation of safety functions to protection layers Hazard and risk assessment Source: IEC 61511-3, Figure 4 – Risk and safety integrity concepts

53. Source: IEC 61511-3, Figure 2

54. SIS BPCS Plant and Emergency Response Emergency response layer Containment, Dike/Vessel Passive protection layer Mitigate Fire and Gas System Active protection layer Incident Emergency Shutdown System Safety layer Emergency shutdown Trip level alarm Prevent Process control layer Operator Intervention Operator intervention Process alarm Process control layer Process Value Normal behavior

55. Likelihood Increasing Risk Inherent Risk of Process Non-SIS Mitigating Safeguards Baseline Risk SIS Risk Reduction Overall Risk SIL1 Non-SIS Preventative Safeguards SIL2 ALARP Risk Region Unacceptable Risk Region SIL3 Overall Risk Overall Risk Negligible Risk Region Consequence

56. As low as reasonably practicable (ALARP) Intolerable Risk 10-3 / man-year (worker) 10-4 /year (public) ALARP or Tolerable Risk Region 10-5 / man-year (worker) 10-6 /year (public) Negligible Risk

57. Government mandates for tolerable risk levels 10-2 10-3 10-4 10-5 10-6 10-7 10-8 10-9 Australia (NSW) - Hong Kong - Netherlands - United Kingdom - The United States does not set tolerable risk levels, or offer guidelines.

58. Chemical industry benchmarks for tolerable risk 10-2 10-3 10-4 10-5 10-6 10-7 10-8 10-9 Company I - Company II - Company III - Small companies - Large, multinational chemical companies tend to set levels consistent with international mandates Smaller companies tend to operate in wider ranges and implicitly, at higher levels of risk

61. Quantitative Risk Assessment

62. Qualitative Risk Assessment

63. Qualitative risk analysis – Safety layer matrix

64. Source: Exida Safety and Critical Control Systems in Process and Machine Automation July 2007

65. Safety Requirement Specification

66. ?

67. Implementation Phase

68. Implementation Phase

69. Implementation Phase

70. Design and Engineering of theSafety Instrumented System Iterate if requirements are not met.

71. Technology selection Sensors Analog vs. discrete signal Smart vs. conventional transmitter Certified vs. proven-in-use

74. SIS Application? Certified Prior-Use Mfg proves It’s safe PFD PFD User proves It’s safe PFD User proves It’s safe

75. Technology selection Logic solver Relays vs. PLC vs. Safety PLC HART I/O vs. conventional analog Centralized vs. modular Integrated vs. Standalone

80. Good for large projects.

82. Scalable for large & small projects

84. Technology selection Final element Solenoid vs. DVC Automated vs. manual diagnostics Response time considerations

86. SIL 2 PFD Proof Test Interval (years)

88. Safety integrity

89. Availability

93. Proof test philosophy Proof test frequency 5 yrs, 1 yr, 6 mos, 3 mos? Online vs. offline proof testing. Turnaround schedule? Total SIF proof test or proof test components on different intervals?

94. Reliability evaluation Confirm that performance meets specifications Safety integrity (PFD) Availability (MTTFs) Response time

96. λD= 0.02 failures/yr λS = 0.01 failures/yr T = 1 year 1oo2 2oo3 1oo1 2oo2

97. PFDSIF1 = PFDPT-101 +PFDlogicsolver+ PFDFV-101 Logic solver SIF #1 PT-101 FV-101

98. Source: IEC 61511-1, Table 3 – Safety Integrity Levels: probability of failure on demand

99. Detailed design & build Instrument design / specifications Wiring drawings Hardware design & build Software design & implementation BPCS / SIS integration Factory acceptance testing

100. Factory Acceptance Testing (FAT)

101. Installation, Commissioning and Validation

102. Installation, commissioning, and Validation Validation is the key difference between control and safety systems.

103. ?

104. Operation Phase

106. Operation and Maintenance Planning

110. SFF = 93%

111. Perform wiring continuity test Use smart features to test electronics and wiring continuity Remove sensor and test on bench Test sensors in-situ by other means Safely test the SIF using actual process variables Sensor testing options

112. Example – Rosemount 3051S Proof Test Proof Test 1: Analog output Loop Test Satisfies proof test requirement Coverage > 50% of DU failures Proof Test 2: 2 point sensor calibration check Coverage > 95% of DU failures Note – user to determine impulse piping proof test

113. Valve Testing Options

115. SIL 2 PFD Proof Test Interval (years)

116. Source: Instrument Engineers’ Handbook, Table 6.10e – Dangerous Failures, Failure Modes, and Test Strategy

117. Modification

119. ?