Scribd Logo
Upload

Welcome to Scribd!

  • 953 views

    Safety Instrumented Systems

    Uploaded by

    pp1956
    The document discusses safety instrumented systems (SIS) and the safety life cycle. It defines key concepts like safety instrumented functions (SIF), safety integrity levels (SIL), and the safety requirement specification (SRS). The safety life cycle guides a safety system from initial hazard and risk assessment, through design, installation, operation and maintenance, and ultimately decommissioning. The SRS documents the SIF design and verifies that the target SIL is achieved. Functional proof tests must be performed periodically to maintain reliability.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd

    Safety Instrumented Systems

    Uploaded by

    pp1956
    953 views21 pages
    The document discusses safety instrumented systems (SIS) and the safety life cycle. It defines key concepts like safety instrumented functions (SIF), safety integrity levels (SIL), and the safety requirement specification (SRS). The safety life cycle guides a safety system from initial hazard and risk assessment, through design, installation, operation and maintenance, and ultimately decommissioning. The SRS documents the SIF design and verifies that the target SIL is achieved. Functional proof tests must be performed periodically to maintain reliability.

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document discusses safety instrumented systems (SIS) and the safety life cycle. It defines key concepts like safety instrumented functions (SIF), safety integrity levels (SIL), and the safety requirement specification (SRS). The safety life cycle guides a safety system from initial hazard and risk assessment, through design, installation, operation and maintenance, and ultimately decommissioning. The SRS documents the SIF design and verifies that the target SIL is achieved. Functional proof tests must be performed periodically to maintain reliability.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    953 views21 pages

    Safety Instrumented Systems

    Uploaded by

    pp1956
    The document discusses safety instrumented systems (SIS) and the safety life cycle. It defines key concepts like safety instrumented functions (SIF), safety integrity levels (SIL), and the safety requirement specification (SRS). The safety life cycle guides a safety system from initial hazard and risk assessment, through design, installation, operation and maintenance, and ultimately decommissioning. The SRS documents the SIF design and verifies that the target SIL is achieved. Functional proof tests must be performed periodically to maintain reliability.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 21
    At a glance
    Powered by AI
    The key takeaways are that the Safety Life Cycle provides guidelines for safety systems from risk assessment through decommissioning and defines important safety concepts like SIS, SIL, SIF and SRS.

    The purpose of the Safety Life Cycle is to guide a safety system through all stages from initial risk assessment to final decommissioning to achieve an appropriate risk-based level of safety.

    Some important concepts defined in the Safety Life Cycle include the Safety Life Cycle stages themselves, Safety Instrumented Systems (SIS), Safety Integrity Level (SIL), Safety Instrumented Function (SIF) and Safety Requirement Specification (SRS).

    www.ProcessEngr.

    com

    Safety Instrumented Systems (SIS)


    and
    Safety Life Cycle
    Presented in September 2009
    By Jennifer L. Bergstrom
    Process Engineering Associates, LLC
    www.ProcessEngr.com

    Safety Instrumented Systems (SIS)


    and Safety Life Cycle
    Agenda:
    zISA standard that defines Safety Life
    Cycle
    zSafety concepts (including a lot of new
    acronyms)
    zAspects of the Safety Life Cycle and how
    to take it from “cradle” to “grave”
    zWays to incorporate SIS into process
    design
    www.ProcessEngr.com

    ANSI/ISA 84.00.01-2004 for SIS


    z ANSI/ISA 84.00.01-2004 (IEC 61511-Mod) -
    Application of Safety Instrumented Systems
    (SIS) for Process Industries :
    {First version in 1996
    {Second version approved in 2004 (only addition was
    “Grandfather Clause”)
    {OSHA recognizes this standard as a RAGAGEP
    {Defines all steps that encompass the Safety Life Cycle
    {Defines a Safety Instrumented System (SIS)
    www.ProcessEngr.com

    Safety Life Cycle


    zConcepts (safety acronyms):
    {Safety Life Cycle
    {Safety Instrumented System (SIS)
    {Safety Integrity Level (SIL)
    {Safety Instrumented Function (SIF)
    {Safety Requirement Specification (SRS)
    www.ProcessEngr.com

    Safety Life Cycle


    “cradle”
    Hazard & Risk
    Assessment Design
    (PHA, SIL Analysis) (Execute &
    Evaluate)

    Installation, Commission,
    & Validate
    Modification
    (FAT, SAT, Functional
    Proof Test)

    Operations
    Decommission and
    Maintenance
    “grave”
    www.ProcessEngr.com

    Safety Life Cycle

    z Definition: “An engineering process designed to


    achieve a risk-based level of safety with
    performance criteria that allow versatile
    technologies and optimal design solutions.” -exida

    z In other words, the cycle is meant to guide a


    safety system from the Risk Assessment “cradle”
    to the Decommissioning “grave”.
    www.ProcessEngr.com

    Why Safety Life Cycle?

    zAccidents can and do occur, so in order to


    help minimize the frequency and/or
    severity…..

    zSafety Instrumented Systems and Safety


    Life Cycle were designed to minimize risk
    www.ProcessEngr.com

    Protection Layers

    zSIS is used as a protection layer between


    the hazards of the process and the public
    (the worse the potential hazard, the more
    layers required for prevention/protection)
    zExamples:
    {BPCS (control system), alarms and operator
    response, SIS, physical devices (PSV’s, dikes,
    flares, deluges, etc.), and other human
    mitigation (emergency response)
    www.ProcessEngr.com

    Hazards and Risks in Industry

    z Risk – ups and downs –

    process risk BPCS


    P
    alarms
    R
    O
    SIS
    C
    Risk E
    mechanical
    S
    S
    other
    tolerable
    www.ProcessEngr.com

    SIF and SIL


    z Safety Instrumented Function (SIF) is
    designed to minimize process risks to a
    tolerable level (or ALARP)
    z Each SIF is assigned a Safety Integrity Level
    (SIL) during SIL analysis - risk assessment
    {SIL 0/none – lowest risk
    {SIL 1 – 95% of the SIFs
    {SIL 2 – 5% of SIFs
    {SIL 3 – < 1% (not likely in refineries, but possible in
    off-shore platforms or nuclear)
    {SIL 4 – highest risk (only seen in nuclear industry)
    www.ProcessEngr.com

    Safety Integrity Level (SIL)


    z Each SIL rating (increasing in number) must
    be that much more reliable and available at
    all times (and costs more for upkeep).

    z Reliability and availability are achieved by:


    {Design – using proper safety components
    {Installation – per manufacturer’s guidelines
    {Testing – both at initial startup as well as at
    specified intervals or after any modification (i.e., via
    PSSR)
    www.ProcessEngr.com

    Design
    z Phase where the SIF/SIS is developed to achieve
    the risk reduction that is determined in the PHA or
    SIL Analysis (target SIL). Design options can
    include:
    {Redundancy (initiators, control system, and/or final
    elements)
    {Type/style of components (transmitter vs. switch or
    modulating valve vs. on/off chop valve)

    z NOTE: If a SIS already exists, then analysis of the existing


    system is done to determine if the target SIL can be achieved
    with the current design. (“Grandfather Clause”)
    www.ProcessEngr.com

    Design - Type of Failures


    z When designing or modifying a SIS, keep in
    mind there are two types of failures:
    {Safe Failures - “FAIL SAFE”
    {Dangerous Failures
    z Safe Failures are the desired failure
    {Initiated (actual event)
    {Spurious (false – undesired but still safe)
    z Dangerous failures are not desired
    {Inhibited (bypassed)
    {Dangerous operation (doesn’t trip when needed)
    www.ProcessEngr.com

    Design - Type of Failures

    z How do we design for safe failures with minimal


    spurious trips?

    Safe Dangerous
    z Voting Logic
    1oo1 good good
    1oo2 good best
    1oo2D best better

    Best blend 2oo2 better good


    of both
    2oo3 best better
    (Source: ISA & Exida)
    www.ProcessEngr.com

    Safety Requirement Specification


    (SRS)
    z The design and verification is compiled into a
    document called the Safety Requirement
    Specification (SRS)
    {Information included:
    z Intent of each SIF (the hazard that is mitigated)
    z Components of each SIF (sensor, logic solver, final
    element)
    z Calculations to verify the target (required) SIL can be
    achieved
    www.ProcessEngr.com

    SIL Verification
    z SIL verification involves multiple equations to
    determine the achieved SIL.
    z Some of the components to verify this
    include:
    {MTTFS
    {PFD
    {RRF (inverse of PFD or 1/PFD)

    z NOTE: SIL 1 achieves a RRF of 10 to 100


    www.ProcessEngr.com

    SIL Verification
    z If the required SIL can not be achieved with
    the initial design, some options are:
    {More frequent proof testing
    {Add redundancy (i.e., initiating device, control
    system, final element)
    {Install “smarter” device (i.e., HART smart transmitter
    or transmitter vs. switch or relay, smart control valve
    with diagnostics and feedback and position
    indication vs. basic control valve)
    {Add protection layers (independent)
    www.ProcessEngr.com

    General Concepts to Remember in


    Design
    z Two ways to achieve lower MTTFS (PFD) or
    higher RRF to achieve the target SIL:
    {Diagnostics, diagnostics, diagnostics,…
    {Redundancy

    z Instrumentation with diagnostics is the key!


    {Feedback information can tell you the condition of
    the instrument and whether it is “ill” and about to fail
    www.ProcessEngr.com

    General Concepts to Remember in


    Design
    z Transmitter is better than a switch or relay
    z If using switch, solenoid, or relay (anything on/off or
    discrete), verify that it is normally energized during
    operation (fail safe)
    z Use dedicated wiring to each device (as much as
    possible)
    z Minimize common cause failures (i.e., common
    wires, instrument taps – including bridles, or same
    controller or I/O card)
    z Mechanical devices are the weakest link in the SIF.
    They can stick if not moved periodically (i.e., PSVs,
    valves, switches)
    { To remedy this issue: install double blocks or modulating
    valves that can be partially stroked
    www.ProcessEngr.com

    Functional Proof Tests


    z Proof Tests must be performed at the frequency
    stated in the SRS to continue the reliability of the
    SIF.
    z It should include the following information:
    { Test procedure
    z Test all bypasses, all individual initiators, and final
    elements
    z Results of all steps of the procedure
    z Verification that process has been restored to normal
    operation
    { Date of test and all personnel performing the test
    { Control logic – version # (if available)
    { Results of entire test and any abnormalities found
    www.ProcessEngr.com

    Final Review
    z Safety Life Cycle
    { Guidelines for a safety system from the Risk Assessment
    “cradle” to the Decommissioning “grave”.
    z SRS
    { It is only a portion of the Safety Life Cycle, but documents and
    verifies the SIF design
    z Employer must also fulfill the SRS timelines as
    determined in the SRS to the keep the SIF reliable
    and available to reduce risk.
    { Functional Proof Test – at a specified interval
    { Mission Time – replacement interval
    { Document any modifications to SIS or protection layers
    (MOC)

    You might also like