• Like

Loading…

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

Best Safety Practices for Critical Applications

  • 1,166 views
Uploaded on

 

More in: Business , Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,166
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
66
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Best Safety Practices for Critical Applications CFSE&PHA Leader Carlos R. Jacobo VargasCopyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 2. Speaker Carlos Jacobo, CFSE, PHA Leader Carlos is the Senior Safety Leader of the HSE (Health and Safety Environment) department at the Mexican Institute of Petroleum (IMP) of México. Carlos joined the IMP in 1994 and currently leads PHA (Process Hazard Analysis) and implements SIL Selection and Verification for Oil & Gas Process Plants at different subsidiaries within Pemex. Carlos is the President of the ISA México. He holds a Chemical Engineer degree by the University of México and is a Certified Functional Safety Expert (CFSE) and Certified Process Hazard Analysis Leader. Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 3. Mexican Institute of Petroleum• Created in 1965, The Mexican Institute of Petroleum(IMP),was built to develop technology for critical processes in the Petroleum Industry• Scientific researching and human technological development to serve the National Petroleum Industry• Dedicated to technological development through the commercialization of products and services, as a result of the preparation of highly specialized human resources. Mission: “Transform knowledge in innovative industrial applications for strategic priorities in the Oil & Gas Industry” Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 4. The Safety Instrumented Systems• An automatic response for the process under certain condition to carry out to a safe state. – It integrate, sensors + logic solver + final elements BPCS ESD EtherNet/IP SIS Function Pressure: 18 Kg/cm2 Pressure: 10 Kg/cm2 Process Function Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 5. The Safety Instrumented System• Safety Instrumented Function (SIF), or “safety loop” proceeded by the Safety Instrumented System• Requirements of functionality and integrity – What is the safety function for? – What is the reliability required (integrity) - SIL• Integrity – Referred as SIL, RRF or PFDavg Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 6. Design Criteria• Design is based on completion of standards, using mainly Electronic Programmable Technology• The solutions that have been developed are designed with certified instrumentation for safety applications• The design cycle is developed through risk analysis and detailed engineering Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 7. Design Criteria• The phase of verification of the SIL determined that the Safety Instrumented Functions (SIF) or loops that form the SIS, not only depends on the estimation of the PFDavg, but also SIL capability and architectural constraints EQUIPMENT DESIGN SIL ACHIEVED by SIL CAPABILITY SAFE FAILURE FAILURE MODES ARQUITECTURAL (SIL CAP) FRACTION (SFF) CONSTRAINS (SIL AC) DIAGNOSTICS HARDWARE FAULTCONCEPTUAL DESIGN Select the minor of TOLERANCE SILCAP, SILAC, SILPDFavg SIL by PFDavg FAILURE RATES CALCULATION (SIL PFDavg) FREQUENCY OF SIL TESTING PROOF ACHIEVED
  • 8. Design Criteria• IEC.61511, 11.2.8 manual means independent of the logic solver, shall be provided to actuate the SIS final elements unless otherwise directed by the safety requirement specification• All emergency shutdown valves are instrumented with field operating buttons, which is a requirement of NRF-204-PEMEX-2008• On the other hand, only piston type pneumatic actuators are utilized for high torque with spring return that closes when air is missing• A pneumatic back up cylinder for three “open-close” cycles is also installed, in order to avoid false trips Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 9. Design Criteria• Standard 10.3.1. indicates: definition of the requirement for any safety instrumented function necessary to survive a major accident event• For that purpose the protection with fireproofing material is specified for the actuator and components of the valve for 30 minutes of operation. According to the UL 1709 or similar such protection must meet a working condition of at least 1050 C Definition of the requirement for any safety instrumented function necessary to survive a major accident event Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 10. Design Criteria• In general, the usage of “transmitters” (PIT) is preferred instead of switches (PSH), due to access to diagnostics• According to our design vision, in the case with a SIL 2 application requirement, a second sensor is added and the principle of using n+1 architecture is considered. With this, a maintenance outline is provided when it does not leave the process at «risk» when a sensor is in maintenance.• With the redundant outline for sensors, we obtain high levels of performance, even in the cases of maintenance. For example, if a SIF is designed with a 2oo3 configuration for sensors, it is warned that in case of maintenance of a sensor, the original configuration most be reconfigured to a 1oo2 configuration in order to maintain the SIL objective. Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 11. Design Criteria• The Logic Processor is a part of the SIS that handles one or more logic functions.• Although it is the component with less contribution to the PFDavg of the SIF, it may become the weakest point of the SIS in the following cases: – When the available space is critical (Offshore platforms) – When due to process requirements, the SIS must grow in the number of SIF with a higher SIL than the maximum assigned before the SIS “upgrade” . – When a PLC-SIS is required, with low PFDavg and a low rate of nuisance trips. Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 12. Design Criteria• 11.4.1 IEC-61511• For safety instrumented functions, the sensor, logic solvers and final elements shall have a minimum hardware fault tolerance. – Hardware fault tolerance is the ability of a component or subsystem to be able to undertake the required safety instrumented function in the presence of one or more dangerous faults in hardware…. Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 13. Design Criteria Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 14. Design Criteria• From IEC-51508-1 2010• 7.2.2.2 ….. if any subsystem of an E/E/PE safety related system with a hardware fault tolerance of zero is taken off-line for testing, the continuing safety of the EUC shall be maintained by additional measures and constrains……[that Measures] shall be at least equal to the safety integrity provided by E/E/PE safety related system• 7.4.4 Hardware safety integrity architectural constrains – Route 1H based on hardware fault tolerance and safe failure fraction concept; or, – Route 2H based on component reliability data from feedback from end users, increased confidence levels and hardware fault tolerance for specified safety integrity levels.• We prefer the use of route 1H for this requirement, and the selection PLC s with at least one fault tolerance in hardware Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 15. Challenges in Functional Safety• Select only certified equipment for safety application• Low values of Probability of Failures on Demand• Good performance for low Spurious Trip Rate – Typically the design consider MTTFsp bout 15-25 years• No use a single logic solver• Low power consumption• Small space for logic solver• Use the appropriate PLCs according to the quantity of inputs• Speed response of about 300ms• Analog output Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 16. Issues and Solutions• Low STR – In some applications the requirement for MTFFsp, are as large as 25 years, the safety PLC was the problem and AADvance was the solution in a 1oo2D architecture• Low power consumption – For an existent offshore platform the power source available was very limited, and we needed a safety controller with very low requirements for power, we evaluated many options and found a AADvance met this requirement• High density for signal process – In an Alkylation Plant and FCC the quantity of safety sensors as final elements were very large, and the requirement were for SIL up to SIL-3, we selected Trusted Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 17. Issues and Solutions• Small requirements of I/O – In a small application distribution terminal, the quantity for signals was very small - about 7 Safety Functions - and we needed a flexible PLC with high integrity• Analog output – In a Pump Station, we needed to stop the pumps required for a Safety Function, the driver is a turbine and the stop required modulating the feed of gas to the turbine. For this application we needed an analog output certified for a SIL application, the solution was an analog output for AADvance PLC. Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 18. Benefits• Small requirements of I/O – Optimize the cost for a SIS in small application• Analog output – With this issue we can stop turbines in a way that provides high integrity. For customers this is very valuable the ability• Power consumption and space – Decreasing the requirement of power consumption the limitation in space also optimize, because the capacity of HVAC decrease and the capacity of UPS an battery bank is small, reducing the space required in control room. Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 19. Benefits• Return on Investment has always been a difficult subject to deal with, with the administrative people at the plants. They expect an increment of production due to investment in safety and it is not always so direct.• The right metrics are different “How much I am losing by not investing in Safety”• The support of the investments we have accomplished for safety projects is based on the following simple concept: Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 20. Return on Investment?• In most cases, the cost/benefit in safety is always positive with this simple rule and the customer s criteria of risk acceptance Copyright © 2011 Rockwell Automation, Inc. All rights reserved.
  • 21. Questions?Copyright © 2011 Rockwell Automation, Inc. All rights reserved.