Design Criteria For Control System and Instrumentation
Design Criteria For Control System and Instrumentation
Design Criteria For Control System and Instrumentation
TABLE OF CONTENTS
1 GENERAL
1.1 Scope
This Specification describes general requirements for the engineering and design of the control system and
instrumentation, which shall be incorporated in the preparation of Basic and Detailed Engineering Package.
1
1.3 Abbreviations and Acronyms
a. DCS Distributed Control System
a. ESD Emergency Shutdown System
b. MMI Man machine Interface
c. PCS Process Control System
d. PES Programmable Electronic System
e. PLC Programmable Logic Controller
f. SGS safeguarding System
g. SIL Safety Integrity Level
h. SIS Safety Instrumented System
International System of Units (SI) shall be used, except for the units of piping size, temperature and
pressure, which shall be in Inches, degrees Celsius and Bars respectively.
2
instrument protection box (e.g. O’Brien Box), with manifold mounted heater or
thermostatically controlled space heater.
d. When the minimum ambient temperature is less than the minimum permitted operating
temperature of the field transmitters, the transmitters and the relevant manifold valves
shall be shall be (Delete, duplicate) mounted within a fully enclosed instrument
protection box (e.g. O’Brien Box), with manifold mounted heater or thermostatically
controlled space heater.
2. FIELD INSTRUMENTATION
2.1. Signal Levels
a. All field mounted transmitters in connection with the plant PCS and SGS shall operate on 24 VDC,
4- 20 mA signals.
b. Field mounted switches, if any, serving on alarming, interlock or shutdown services, shall operate on
24 VDC.
c. DC power to the said field instrument shall always be supplied by the plant PCS and/or SGS; hence
all switch contacts shall be volt free type.
d. Local loops, i.e., those not required to be connected to the DCS shall be pneumatic, operating on 0.2-
1.0 Barg signal.
e. 0.2-1.0 Barg signal. (Delete, duplicate as above)
f. Digital communication with Safety Instrumented System (SIS) is prohibited and where ever three (3)
sensors are applied, (used both for midpoint selection in the DCS and 2 out 3 voting in a logic solver,
which is part of a SIS, classified SIL 2 or higher).
2.2 Material
a. All wetted parts in connection with the process shall generally be AISI 316, unless higher grades are
required by the process conditions.
2.3 Transmitters
3
a. Transmitters shall be smart type operating on 4-20 mA, 24 VDC analogue signals, with integral
digital indicators.
b. All transmitters (pressure, flow, temperature etc.) shall be provided with burnout protection.
c. Alarm (burnout) and saturation current limits shall be NAMUR NE 43 compliant as follows:
1. If the process variable applied to the transmitters falls outside of the lower or upper range
settings, the output signal shall saturate at the following values:
2. Under range; 3.8 mA to 4.0 mA
3. Over range: 20 mA to 20.5 mA.
4. The integral indicator shall flash to signify the “ out of range” reading.
5. In case of transmitter failure, the output shall be driven to less than 3.6 mA or greater than 21
mA (user configurable), with the integral indicator displaying “ Alarm” to indicate the failure
status.
a. Instrument flange material and/or control/safety valve body material shall comply with the piping
flange/valve material of the applicable piping specification.
b. Minimum rating of inline instruments and control/safety valves shall be in accordance with the
piping specification, with the exception of orifice plates and flanges, body and flanges of control
valves, ESD valves and On/Off valve, which shall be 300 # minimum.
4
2.7 Manifold valves
In addition to the process isolation valve at the measurement take-off point, each pressure instrument shall be
provided with a dedicated multiport valve or manifold valve (3-valve, 5-valve) to enable maintenance, in-situ
calibration, venting and draining. These valves shall have ½ " NPT connections for pressure gauges and
pressure switches. For pressure and differential transmitters, the process side shall be ½ “ NPT/BW, and the
transmitter side shall be direct flush mounting.
a. On viscous, corrosive or clogging services, instrument connection with the process shall be via
diaphragm seals, which shall be shown on P&IDs.
b. In services such as asphalt flow measurements, where the use of ordinary instruments require
elaborated heat tracing of the impulse lines, diaphragm sealed type differential pressure instruments,
with capillary tubing, shall be used and the primary flow element shall be of flow nozzle type.
5
where the trim can be removed with the valve in situ. Minimum body and connection rating shall be
53 Barg for screwed and ANSI Class 300 for flanged connections.
3. Wafer type valves shall only be used in water lines and air services.
4. Body size shall normally be 1” minimum. The use of odd size such as 1- 1/4 “ and 5” shall be
avoided. Body sizes smaller than 1” may be used for special applications with ½” and smaller line
sizes, and for pressure regulator services. For valves sizes smaller than 1" reduced trim in 1” size
bodies, will normally be preferable.
5. The maximum allowed A-weighted sound pressure level (LA, 1m), measured at 1 metre downstream
of the control valve at a distance of 1 metre from the pipe, shall not exceed 85 dB (A) under any of
the operating conditions (min./norm./max. flow).
b. Characteristics
1. Control valve characteristics shall generally follow the following guidelines:
6
Gas process with large volume. Equal Percentage
As load increases, pressure drop
across the valve decreases, and
the pressure drop across the
valve at maximum load is less
than 20 % of the minimum load
pressure change.
c. Trim
Plug, seat and the guiding shall be stellited in the following cases:
7
5. Erosive service
6. Wet gas or saturated steam
7. In dry/clean gas when:
Pressure drop exceeds 20 bar for valves < 4"
Notes:
1. Full-developed cavitation shall be eliminated by selecting specially designed anti-cavitation trim.
2..Hard facing of trim will be applied to the seating contours of the plug and seat.
d. Stroking Time
1. The stroking time of a control valve is defined as the time required to stroke the valve from 2%
opening to 98% opening and vice versa while it is at operating (min. to max.) differential pressure.
The maximum stroking time of a control valve shall not exceed the values of the following table:
1 4 3 8 8 14
1-1/2 4 4 10 10 16
2 5 6 12 > 10 16
Notes:
1. Maximum allowed stroking time of the purge gas firing control valve is 10 seconds, irrespective of the valve
type and size.
Note:
2. Local authority rules shall be adhered to, regarding limitations of fluid emissions along the control valve
stem packing, i.e. mitigation of fugitive emissions.
8
1. Valve sizing shall be based on a maximum sizing capacity of 30 % higher than the normal maximum
flow or 10 % higher than the absolute maximum flow, whichever is greater. The sizing pressure drop
(DP sizing) shall be sufficient as per requirements of this article and to obtain good regulation at the
normal minimum quantity within the rangeability of the selected valve. If in primary design stage
maximum flow is not available, then valves shall be selected to have twice the CV required for normal
design flow at specified conditions.
2. The selected Cv shall be such that the valve opening is approximately at 75% of full opening at the
calculated Cv. The valve shall never have less than 25% opening at minimum flow.
1. The sizing pressure drop (DP sizing) shall be sufficient to yield good regulation at normal minimum
quantity within the rangeability of the selected valve. If in primary design stages maximum flow is not
available, then valves shall be selected to have twice the Cv required for normal design flow at the
specified conditions.
2. The pressure drop across the control valve at the maximum flow shall be at least 20% of the pressure
drop across the control valve at normal flow.
3. For control valves at the discharge of reflux, charge and recycle pumps, valve pressure drops at
normal and maximum design rate are calculated as follows:
At normal rate, one-third of the total variable system pressure drop including pressure drop of the
control valve.
At maximum design rate (i.e., the rated flow on the pump data sheet is up to 125% of the normal flow
rate), 15% of the total variable system pressure drop including pressure drop of the control valve.
At maximum design rate (i.e., the rated flow on the pump data sheet is higher than 125% of the
normal flow rate), 10% of the total variable system pressure drop including pressure drop of the control
valve.
Except for low-pressure services, in any other cases minimum Pressure Drop shall be 0.7 bars.
4. For control valves in the steam line to reboilers, allow a pressure drop of 5% to 10% of the initial
absolute steam pressure or, when operating with low pressure steam of 2 bar or less, use a minimum
drop of 0.35 bar unless otherwise system operating pressure requires a lower drop.
The same criteria to be applied to vapours and gases other than steam.
5. If the viscosity of the liquid at the operating temperature is above 10 C St, the effect of viscosity on
the control valve shall be applied
6. Fouled condition pressure drop such as vacuum heater, visbreaker heater, and filter shall be added in
to the variable system pressure.
9
3. Emergency valve operation shall be carefully analyzed to determine whether valve should be
energized or de-energized in the event of power failure.
4. ESD valves shall have flanged or welded process connections. ESD valves with welded ends
shall be top-entry where the trim can be removed with the valve in situ.
5. ESD valves shall have fire safe body with diaphragm/spring or piston /spring actuators.
6. Packing material shall be PTFE for temperatures of up to 230 C and Graph oil/Graphite for
higher temperatures.
7. Solenoid valves shall be direct acting and air filter regulators with gauges shall be supplied.
b. Stroking Time
1. The stroking time of ESD valve is defined as the time required for the valve to travel to its fail safe
position (i.e. fully closed or fully open) from the moment the electrical power is removed from the
solenoid valve
2. The maximum allowed stroking time of an ESD valve (travelling to its fail safe position) shall not
exceed the values in the following table:
1 4 3 6 8 8
1-1/2 4 4 6 10 8
2 4 6 8 > 10 10
Notes:
1. Maximum allowed stroking time of the Fuel gas and purge gas for firing ESD valves is 3 seconds,
irrespective of the valve type and size.
The time required to reset the ESD valve shall not exceed the stroking time requirements specified for control
valves.
2. Local authority rules shall be adhered to, regarding limitations of fluid emissions along the ESD valve stem
packing.
3. ESD valves shall never be replaced with a control valve with a solenoid valve.
10
2.13 Automatic On/Off Valves And Switching Valves
a. On/off and switching valves shall have flanged or welded process connections. On/off and switching
valves with welded ends shall be top-entry where the trim can be removed with the valve in situ.
Wafer type valves are only permitted in water lines and air.
b. Instrument on/off valves may be employed when isolation of equipment/pipe sections of the plant is
required, e.g. batch processing. If an on/off valves is part of a PES classified as SIL 2 or higher then
it shall meet the requirements of an ESD valve.
c. Stroking time of on/off valves shall be determined per application. On/off valves shall have fire safe
body with diaphragm/spring or piston /spring actuators.
d. Packing material shall be PTFE for temperatures of up to 230 °C and Graph oil/Graphite for higher
temperatures.
e. Solenoid valves shall be direct acting or pilot type and air filter regulator with gauges shall be
supplied.
Notes:
1.Control valves may, by addition of a solenoid valves, replace an on/off valve for non-critical interlocks
2.Local authority rules shall be adhered to, regarding limitations of fluid emissions along the on/off valve stem
packing.
3. On/off valve accessories, such as solenoid valves and air filter regulator, shall be mounted on the valve as an
integral part of the on/off valve assembly.
b. Specification
1. Safety valves (excluding thermal relief valves) shall be specified in accordance with the following
table:
11
FULL SNAP
LIFT ACTING
GAG
Notes:
c. Accumulation
The accumulation used in calculating sizes of relieving devices shall be as follows:
SERVICE ACCUMULATION
12
d. Application
1. Single pressure relief valve shall be specified for each service unless:
Multiple valves are necessary because the required capacity can not be provided in a single valve or
are preferred for a particular services
Dual valves are required in accordance with the American Society of Mechanical Engineers (ASME)
Boiler and Pressure Vessel Code, Section I.
2. Spare pressure relief valves are normally not required unless otherwise specified by NIOEC’s
Engineering Standards. For steam service governed by ASME Boiler and Pressure Vessel
code, section I, the use of inlet or outlet block valves is not permitted.
3. All pressure vessel pressure relief valves (except as noted in this item) should be equipped with
L/O blocked valves at inlet & outlet and by-pass line (when discharging to closed relief
header).
4. Criteria for Discharging PR valves to closed systems shall be as follows:
Pressure Relief (PR) valves handling hydrocarbon liquid materials or partially liquid at the valves
inlet.
PR valves normally in vapour service, but which under any single contingency may discharge
flammable, corrosive or hazardous liquids.
PR valves located in the vapour space of partially liquid filled vessels, which could rapidly fill with
liquid during a plant upset.
PR valves in toxic or polluting vapour services where discharge to the atmosphere would result in the
calculated concentration at the property line or at any working area (either at grade or an elevated platform)
exceeding the Threshold Limit Value (TLV).
Release of flammable vapours which, if discharged to atmosphere, would in the event of inadvertent
ignition result in radiant heat intensities in excess of the permissible exposure level for personnel.
13
The gas does not condense at the ambient temperature.
7) Blow down System for Liquid Relief Stream Disposal for voluntary and involuntary liquid discharges shall
be:
To onsite dedicated liquid blow down drum (separately for each case) if the material discharged
contains solvent to be recovered may congeal at low temperatures in closed relief system (flare).
To oily water sewers only if the material will not cause hazardous conditions and/or will not be
congealed at the ambient conditions.
The liquid discharged to an oily water sewer shall be non-volatile and non-toxic. The required liquid relief
rate shall be within the oil removal capability of the oily water treating system.
To pump suction if pump will not overheat or can withstand the expected temperature rise.
Required liquid relief shall discharge to an upstream liquid reservoir from which the pump takes suction.
The liquid relief may discharge directly to the pump suction line if sufficient cooling is provided to prevent a
temperature rise of the liquid recycled through the pump when the safety/relief valve opens or when a
constant displacement pump is used.
1. Process operating pressures are close to set pressure of the pressure relief valve;
Or
2. The relieved service fluid is corrosive.
In general, valves of pop-action type are used. Where minimum loss of fluid or stable operation is required
during relief, valves of modulating action type are to be considered.
The pilot operated pressure relief valve design should be such that, in the event of failure of an essential part of
the pilot, the main valve opens automatically at the set pressure and discharge its full rated capacity.
14
3. If fluid is corrosive and standard materials for safety valve trim are not sufficient, a rupture
disc of special material or with a coating may be located upstream of a safety valve
4. If over-pressure in liquid systems may rise to fast too open safety valve in time
5. If total de-pressurisation is required after relief
A rupture disc shall be provided with a "rupture indicator", suitable for remote alarm in the control room when
used as primary or secondary relief. In flammable fluid service, the rupture sensor shall be intrinsically safe
(Eex’i’).
Notes:
1. Flow transmitters include differential head producers in combination with a dP-transmitter, coriolis meters,
etc., however exclude transmitters built-in a variable area meter.
2. Instruments for mass balance calculations (when identified as such on the P&IDS) are to be specified with no
relaxation on any of the design factors affecting accuracy. These include the physical restraints such as straight
lengths, etc., but may also cover requirements for density and temperature corrections and other physical
variables, when indicated on the P& D.
3. Instruments used for fiscal metering (when identified as such on the MID) shall be approved by the local
authorities. This will include the primary element, transmission system and instruments required for density
corrections (e.g. temperature).
b. Instrument Type
The following types of instruments may be selected for the measurement of liquids, vapours and gasses, when
their selection can be justified:
1. dP-transmitter with square edge orifice plate with flange tapping,( above 14", radius taps shall be
used)
2. dP-transmitter with Venturi or flow tube Dall (Where low pressure loss is essential) for
3. ISA nozzle with dP-transmitter
4. Conical entrance or quarter circle with dP-transmitter (quadrant edge) orifice plates (For low pipe
Reynolds numbers)
5. dP-transmitter with averaging pitot tube (Where no appreciable pressure loss can be tolerated, on
clean service only)
6. Pre-fabricated metering runs shall be used for line sizes below 2". Sizes smaller than 2" shall only be
used if it can be shown that swaging up to 2" is not viable. Integral orifices will be considered for
very small flows (line sizes'/")
7. dP- transmitter with Segmental or eccentric orifice plates (may be used in horizontal lines where the
liquid contains large amounts of solids)
8. Variable area meters (for local indication, pre-alarms, purge and analyzer systems)
15
9. Coriolis type mass flow meters
10. Ultrasonic flow meters
11. Turbine meters
12. PD meters
c. Flow dP-Transmitters
1. The output signal of the flow dP transmitter shall be linear with the dP. Square root
extraction shall be included in the transmitter.
2. The transmitters shall be able withstand the application of the maximum service static
pressure to the “low” pressure side, with the “high” side at atmospheric pressure, without any
adverse effect or requiring recalibration.
1) Sizing Requirements
1. Orifice plates, used on differential pressure flow measurement installations, shall be sized to ISO
5167-1 or equivalent standard. Sizes below 50 mm (2"), not covered by ISO 5167-1, shall be
calculated in accordance with ISO/TR 15377.
2. Differential pressure range shall normally be 0.25 bar (100” water column). However , for gas and
vapour service the differential pressure range in inches of water shall normally not exceed the
flowing pressure in psia.
3. The d/D Ratio of the orifice plate shall normally be between 0.25 and 0.70.
4. Maximum flow rate shall be chosen so that a rounded flow factor is available.
5. Orifice shall be sized so that the normal flow rate falls at approximately 70% of maximum chart and
minimum flow not less than 25% of maximum chart.
2) Installation requirements
1. Orifice plates, venturies and flow nozzles shall be installed in straight lengths of process pipe work in
accordance with ISO 5167-1 or equivalent standard. The values in parentheses, given in section 1.1
are the minimum required for control, safeguarding, indication and alarm loops, however the values
given without parenthesis are preferred. When measurement is required for material balance (to be
indicated on the MID) the values without parentheses shall be used.
2. The position of the pressure tapping and the location of the dP-transmitter for horizontal lines shall
be as follows:
Dry Clean Gas: pressure tappings to be vertically up, with transmitter located above the tappings
16
Wet Gas (excluding steam): pressure tappings to be vertically up, with transmitter located above the
tappings ( draining into the process)
Steam : pressure tappings to be vertically up, with transmitter located below the tappings
Clean Gas: pressure tappings to be horizontal, with transmitter located below the tappings
3) Construction requirements
1. Orifice Plates in line 1-1/2 inch nominal size and larger shall be of the square edged concentric type
except where unsatisfactory for the application .
2. For line size 1-inch nominal size or smaller, the line can be increased to 1-1/2 inch where process
condition permits.
3. Orifice plates shall be manufactured in accordance with the dimensions and tolerances given in ISO
5167-1 and shall conform to the latest ASME Flow Measurement Supplement to the ASME Power
test Codes.
4. The standard orifice plate material shall be AISI 316 stainless steel.
5. For steam and wet gas applications in horizontal lines, the orifice plate shall be provided with a drain
hole. For liquid applications, the orifice may contain a vent hole.
6. Orifice flanges shall be consistent with ASME B16.36 and shall be of the welding neck type.
7. Orifice flanges shall not be provided with spire pressure tappings.
8. In flammable gas service and steam, pressure tappings shall be provided with reinforced butt-welded
nipples. Fort other services screwed nipples may be used if permitted by the applicable piping
specification.
9. The flange material, facing and type of gasket shall be consistent with the applicable piping
specification.
10. The minimum orifice flange rating shall be 20 bars. The use of higher rated flanges or facing other
than raised face, shall be as called for in Piping Specification. For dimension of orifice flanges ANSI
B 16.36 shall be referred.
11. Office plates thickness shall be 1/8” in sizes 6” and smaller, 1/4 “ in size 8” to 16” and 3/8 “ in sizes
18” and larger.
1) General
1. Vortex meters shall not be employed without the written approval of NIOEC, and in any case vortex
flow meters shall not be used in the following applications:
2. Wet steam
3. Liquids with high vapour pressures (see note)
4. When the fluid of a control valve mounted upstream or downstream of the vortex flow meter is
flashing or cavitating
5. Pulsating flow (e.g. downstream reciprocating compressors)
17
6. When the pipeline in which the vortex flow meter is installed is subject to vibration
Note:
The vapour pressure at the highest operating temperature shall not exceed the value calculated with the
following formula.
a. General
Field mounted temperature transmitters shall be used on all temperature control loops, monitoring, ESD and
interlocks. Head mounted transmitters shall be avoided.
b. Temperature Elements
1. Temperature element wires shall be mineral insulated and metal sheathed.
2. The temperature elements shall be provided with a weatherproof head with element wires connected
to terminals.
3. Duplex temperature elements will be provided if indicated on the P&IDS. The termination head for
duplex elements shall be provided with two separate cable entries. If temperature measurement is
required for both control and ESD functions, two elements, each having their own protection wells,
shall be provided. Exceptions are made for multipoint temperature assemblies on reactors.
4. For remote indication, control and shutdown functions, the following type of temperature sensing
elements will be selected for process temperature measurement:
18
3 950 TO 1250 ( flue Gas Aluminium R type B type TC
only) Oxide TC
Nicrobell N type
TC
Note 1.
'B'" thermocouples shall not be used when temperature measurement below 200°C is essential (e.g. fire box
cross-over)
Thermocouple measuring junction shall be ungrounded.
ISA /MC 96.1
c. Temperature Transmitter
The output signal of temperature transmitters shall be linear with temperature.
Thermowells shall be standardized on. The material shall be AISI 316 SS, unless higher grades are required by
the process conditions.
d. Thermowells
1. All temperature elements and temperature gauges shall be used in a protecting well.
2. Thermowells in pipelines shall be weld-in or flanged. Screwed thermowells are only permitted in non-
flammable service. Screwed thermowells are not permitted in steam service.
3. Thermowells shall be 1-1/2” flanged type as per ANSI B16.5, 316 stainless steel bar
stock or better if dictated by the process. Flange material shall be the same as specified
for the companion pipe flange (e.g. CS). Stainless steel may be used instead of carbon
steel, however pressure/temperature rating shall be verified.
4. Multipoint thermocouple assemblies and long thermowells which can not be made from bar stock
may be fabricated, however only full penetration butt-welds are permitted which shall be 100%
radiographic examined.
5. Flange-well joint shall be a double fillet weld or a full penetration weld. Screwed/seal welded
thermowells are only permitted in non-flammable service.
6. In process lines smaller than 4", the required insertion length will be obtained by:
Partly enlargement of the line diameter to 4";
Insert in a bend of the line (against flow direction);
Insert in the line under a 45° angle (against flow direction)
19
2.19 Pressure Measurement
a) General
Field mounted pressure transmitters shall be used on all pressure control loops, monitoring, ESD and interlocks.
Pressure and differential pressure transmitters shall be diaphragm type.
b. Pressure Gauges
All pressure gauges shall be “Bourdon” type with safety pattern design (solid front) and have a blow-out
protection at the back and be provided with a shatterproof window. Minimum 100 mm
In pulsating or high-pressure services pulsating dampners shall be provided.
Selection of the instrument measurement type shall be in accordance with the following table:
2. Level gauges shall cover the complete operating range of any other level instrument installed on the same
vessel section, except if prohibited by the vessel code.
3. External displacement type level transmitters shall be used for maximum length of 3035 mm, connection will
be 1-1/2”, flanged.
a. Each level gauge glass , shall have maximum coverage of 5 sections totalling 1500 mm . For greater
coverage, multiple gauge glasses with overlapping connections shall be used on standpipes.
Connection shall be ¾”, flanged.
Level instruments serving vertical vessels shall have independent direct vessel connections. On horizontal
vessels, level transmitters may share the same standpipe with the level gauges, while transmitters on level
shutdown service shall have independent direct vessel connections.
20
Analytical Instruments will be electronic type preferably with integral indicators.
The instruments will be capable of providing linearised 4-20 mA output signals to be connected to the PCS. .
a. General
2. Contractor shall be responsible for the analysis and evaluation of the requirements for an
automatic fire and gas detection system on the basis of the following basic objectives:
1. To automatically monitor all areas of installation for incipient fire conditions and areas where
flammable gases may occur.
2. To monitor all areas where toxic gases may be released or accumulated.
3. To alert personnel of fire or gas emergency.
4. To activate automatically or manually fire extinguishing alarm and safety shutdown system.
2. A manual activated alarm system (manual call points) shall also be
provided to enable personnel to raise the alarm from areas through
the installation.
b. Fire detection
The fire detection system shall use infrared surveillance type flame detectors. These detectors should be
arranged so that all of the plant is within the view range of at least two units. In the event that one unit detects a
fire an alarm shall be made available in the control room. In case of two units detecting a fire, appropriate
automatic fire extinguishing and shutdown actions shall be taken.
c. Gas Detection
The flammable gas detection system shall consist of detectors, adequately positioned around the periphery of
the plant area. No shutdown action is initiated from gas detection system. It will be used for alarming purpose
only; alarms will be communicated to the control room.
d. Smoke Detection
Ionization smoke detectors shall be used within enclosed spaces, which are not
subject to extremes of temperature humidity or dust . Detection is achieved
before flames and high temperatures occur . Areas of selection should include control and equipment rooms
with false floors and ceiling, where high density of electrical cables are installed. Where detection is required in
false floors and ceilings, mean of remote indication will be provided.
a. Cables shall be flame retardant to IEC 332 and the outer jacket resistant to UV exposure. Cables
serving in connection with Plant SGS shall be flame resistant to IEC 331.
b. Cabling and tubing within the battery limit of the units shall be over-ground via cable trays.
c. Instruments shall be connected via tray mounted over- ground single pair armoured cables to
secondary junction boxes, located within the units. From the secondary junction boxes, multi pair
armoured cables will run in over ground trays to the main junction boxes at the battery limits. From
21
the battery limits the cabling will be direct buried, underground via multi-core armoured cables with
lead sheath protection, which will connect the battery limit main junction boxes to the control room.
d. Separate junction boxes will be used for different categories of signals as follows and terminal strips
and each point will be identified and suitably with polarity indicated:
2. Start-up and shutdown shall be manually controlled from the same PCS by the Plant operators
following the relevant instructions.
3. The PCS shall be considered as the first layer of safety, hence the pre-alarms shall be configured as
high priority and ESD alarms are configured as low priority.
22
4. In the event of PCS failure, a SGS shall provide the next layer of safety. SGS shall operate
independently from the PCS and the intervention by the operator shall only possible by pre-defined
maintenance and operator overrides.
5. Each Programmable Electronic System (PES), classified as SIL-1 or more stringent, shall be
designed to fail-safe as far as viable. To this end the following considerations shall apply:
1. Contact sensors shall be normally closed (energised) if the measured variable is within the normal
operating range and will open if the measured values exceed the safe thresholds
2. Analogue transmitters shall be configured, in combination with the SGS, to cause a shutdown action
if the transmitter fails and when an open or short circuit is detected by the SGS
3. Solenoid valves on ESD valves shall be energised in the normal operating mode. On demand, the
solenoid valves shall be de-energised, causing the ESD valve to travel (by spring force) to the safe
position
4. Digital communication between field sensors and SGS shall be prohibited (e.g. "smart' transmitters
may only be used in the analogue 4-20 mA DC communication mode)
5. Intelligent/smart transmitters, used within a Safety Instrumented System (SIS), shall be write
protected to prevent inadvertent modifications and digital communication with remote systems and
hand-held communicators
6. To prevent a common cause fault, which inhibits correct operation of the DCS, from affecting the
safety integrity of the SGS, the following philosophy shall be followed throughout the design of the
Plant:
1. Sensors applied for PCS shall not be shared for ESD functions except if three sensors are provided
which are to be connected to both the DCS for midpoint selection and to the SGS for 2 out of 3 voting
2. In case 2 out of 3 voting and midpoint selection are provided, the signals will be powered from the
SGS and duplication of signals will be part of the SGS interface. Duplication may be via high quality
passive components (e.g. resistors), provided both the SGS and the PCS have galvanically isolated
inputs
3. Sensors applied for ESD functions shall not share the same process connections (and, if applicable,
heat tracing) with sensors used for control, except when used in a “2 OO 3 “ configuration. However,
each of the sensors in a “2 OO 3” configuration shall have independent process connections, etc. In
case of orifice meters, the same orifice plate and flange set may be used for all transmitters (control
and ESD functions), however, each sensor shall have its own pressure tapping, isolation valve,
impulse lines and, if applicable, heat tracing. Signals from the 3 transmitters may be connected to the
same junction box and may share the same multicore cable.
4. Level instruments, used for safeguarding, shall not share the same standpipe with instruments for
control and/or pre-alarms
5. Level instruments, used for “2 OO 3” voting and/or midpoint selection, shall not share the same
standpipe. However, level gauges may share the standpipe with any of the level transmitters
6. DCS software or data highway between DCS and SGS shall not be used to initiate an emergency
shutdown
23
3.2 Alarms And Sequence of Event Recording (SER)
a. Pre-alarms, generated in the DCS, are displayed in relevant graphic displays and on alarm pages. At
the same time, the alarms will be printed and stored on a computer archive system.
a. ESD-alarms, generated in the SGS, will be processed through the Sequence of Event Recorder
(SER). This SER is a software package, integrated in the SGS. The alarms will be displayed on a
dedicated PC-monitor and printed on a dedicated printer. The SER-PC will also contain long-term
storage facilities.
b. The following signals will be integrated with the Sequence of Event Recorder and/or duplicated to the
DCS:
g. An annunciator (i.e. lamp box combined with manual ESD-initiators), controlled by the SGS, will
provide a visual alarm, independent from the DCS operation. The annunciator will contain the
following alarms:
1. Total plant shutdown,
2. Common fire and gas,
24
3. Unit shutdown,
4. Package unit shut down,
5. Main equipment shutdown,
6. Force enabled switch SGS enabled status,
7. Common maintenance override switch active,
8. Individual process override switch active,
9. Common power failure,
10. Common electrical tracing failure.
25
key operated switch shall be provided to enable to switch off the 'Force' functionality during commissioning.
This switch shall also be in the off position during plant operation and shall not be used instead of a
maintenance override switch.
POS shall be key operated hardwired and integrated in the DCS operator console.
26
The PCS for plant control , remote indication, alarms and data recording shall be a distributed control system
(DCS).
b. Human Machine Interface (HMI)
1. Each HMI shall consist of a desktop single head (dual head preferred) monitor and a
keyboard with dedicated electronics. To achieve maximum availability, each of the HMIs can
operate independent from the others.
2. The HMI will provide the operator enhanced control capabilities, dynamic visualisation, on-
line information of the process, full graphic operator interface, alarm management and real-
time and historical trending. Faceplates will be configured to provide a information of a
control loop (PV, SP, etc.). For an overview of sections of the process, graphic displays will be
configured (using the MID as basis).
3. In addition, alarm pages, trend displays, etc., will be configured to be used for plant
optimisation and maintenance.
c. Control Functions
1. The DCS shall be programmed, using standard blocks available within the system (e.g. controllers,
indicators, calculation, ramps, etc.) to a maximum extend.
1. In addition, programs may be written on top of the basic controls as required. The DCS shall be
programmed in such a way that, in case of failure of such programs, conventional closed loop control
can still be maintained and the operator will have control of the output to any field device.
d. Cycle Time
1. The cycle time of control modules is defined as the time required for one cycle of input/ update,
control algorithm function execution in response to this update and resulting output update for
control loops and as the time between two consecutive input updates for monitoring loops.
1. The cycle time of the control modules shall not exceed 0.5 second for flow and pressure control loop
(either single controller or slave controller in a cascaded loop) shall not exceed one second for any
other control loop, shall not exceed one second for non-temperature monitoring loops and shall not
exceed ten seconds for (multiplexed) temperature monitoring loops and shall be constant.
e. DCS Redundancy
1. The system shall at a minimum, incorporate the following redundancy:
2. Controller and I/O Redundancy
3. Complete one to one redundancy is required with full duplication of control modules
and I/O modules in control loops.
f. Operator Console Redundancy
Identical consoles shall be provided with one for-one backup, independently communicating with the control
system.
g. Communication Redundancy
On line redundant real time LAN and the redundant associated communication hardware shall have switchover
time from the main to the standby of less than 100 msec.
27
i. Availability of DCS
The availability of the equipment shall be in excess of 99.5 % and shall include all supplied equipment.
c. Availability of SGS
The availability of the equipment shall be in excess of 99.99 % and shall include all supplied equipment.
5. REQUIRED DOCUMENTATION
a. Contractor shall, according to the nature of the Project, furnish adequate documentation for the
engineering, procurement, installation, operation and maintenance of the instrumentation and
control/safety systems.
b. Project specifications and date sheets shall, at a minimum, include, specifications and data sheets for
pressure, temperature, flow and liquid level recorders and indicators, control valves, analyzers,
pressure gauges, temperature indicators, gauge glasses, transmitters, alarm signals, interlocks and
PCS and SGS.
28
c. Applicable process data including material and instrument operating range shall be provided for all
data sheets.
d. Calculated CVs, estimated valve sizes as per manufacturer catalogue (Masonailan or Fisher), flow
rate and operating range, operating conditions, applicable physical properties of process and utility
streams, action of the measured variable, flashing status of the fluid and air failure positions shall be
provided for all types of control valves.
e. Calculated orifice bore, including all required process data shall be furnished, and for all pressure
relief valves the calculated orifice together with the pertaining process data shall be included. (No
orifice bore data is included in Basic Engineering Design Data. Those data are part of detail
engineering contractors scope of work.)
29