This page contains a Flash digital edition of a book.
Health & Safety


operation is running in a steady state. While plant operators commonly perform their role to the highest standards, nonetheless, human error has, after investigation, often been seen to contribute significantly to process safety incidents. Safety standards limit the amount of risk


reduction credit associated with an operator to a factor of 10 in a best case scenario (ie 10 per cent probability of failure on demand). Research demonstrates that for tasks which are more complex and performed seldom and within an unfamiliar situation, then the likelihood of human error and system failure is greatly increased - especially in the type of highly stressful situation that could lead to a hazardous and potentially life threatening incident.


Transition tightrope In essence, as operators are walking the process transition tightrope they are being asked to remove their own safety net by applying bypasses and overrides to the safety systems in place and this to my mind does not make sense. Te lack of similarity between a transition state and steady state may mean that the basic process control system is less effective as a protection layer. A good example is loop tuning for loops in the steady state which may not work so well when the process is out of its normal operating range. All the more reason to not disable the existing safety instrumented systems in place. It may be a challenge to cope with differing


processes and scenarios whilst capturing the knowledge and experience of the best operators and embedding it within the SIS, but it could be argued that such efforts are worth it in the end if it makes process plants safer. Te dynamic nature of a transition state shouldn’t


support the argument for not automating such phases - if anything I would argue it helps make a sound case for why companies should undertake an opposing approach. If businesses can document a start-up procedure for an operator, then with the range of new tools for configuring SIS logic they can surely take this a further step and add key elements of automation to give the operator both back-up and certainty during such a critical phase of a process plant’s operation. Of course, the operator still has an important part to play, but by restoring the integrity of the SIS as an independent protection layer (IPL), companies can clearly make their plants safer, as well as removing unnecessary burdens and pressures on plant operators. Te key to effective knowledge capture is to


involve the operations staff at the earliest possible stage of the project so they can play a full part in defining the requirements for the transition logic during the SIS development so it is fully incorporated in the safety lifecycle - rather than as an add-on at the end of the project. Permissive sequencing is a tool that can help implement such additional logic so that the safety instrumented system steps beyond the steady state and plays a central role in maintaining safety through all the phases of the operation. Keeping it simple is one of the key tenets of functional safety so implementation of permissive sequencing needs to be possible without introducing additional levels of complexity. Te advent of new SIS configuration tools now makes it practical for the safety instrumented systems to participate actively in the important, but potentially problematic process transitions. Te key underlying requirements for tools


to implement a permissive sequencing solution are that they be dynamic enough to cope with a degree of complexity, but simple enough to be self documenting and easy to understand for the operator. Permissive sequences for start-ups, shut downs and transitions share some common characteristics. Automated tool solutions have to be mindful of:


● Time dependencies. ● Changing variable thresholds or limits. ● Interlocks that vary or may need to be inhibited or overridden.


Te cause and effect diagram is often used as a method for documenting SIS logic requirements. It has the advantage of being readily understood by process engineers, C&I engineers and operators alike. By extending this methodology and using it directly as a configuration ‘language’ to both directly create logic and automatically generate the operator interface, both cost and risk can be reduced. By extending this cause and effect concept still further to accommodate the requirements of permissive sequencing, the SIS can also effectively manage key aspects of safety during process transition states providing valuable backup to the operator in a safe and effective manner. ●


REFERENCE


Permissive Sequencing and ISA 84 -The Shape of Things to Come. Gene Cammack, PE; Francisco Sanchez, PDVSA and Luis M. Garcia G. CFSE Siemens Energy & Automation, Houston, Texas, 2008


Ian Curtis is with Siemens Industry Automation & Drive Technologies, Manchester , UK. www.siemens.co.uk/automation


72 www.engineerlive.com


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80