Functional Safety

A Case Study: Updating a Refinery Boiler Controls utilizing ISA 84 Standard for Safety Instrumented Systems

ISA - 9th May 2012

Permission granted for ISA Houston Section Website

Presenters
Alan Sharkey Audubon Chuck Laughter Audubon Matt Hufford Wilson Mohr Steve Papp - Wilson Mohr

Permission granted for ISA Houston Section Website

Agenda Functional Safety Life Cycle Overview Case Study of Boiler in Refinery
HAZOP LOPA PFD/SIL Determination SRS Development SIS Implementation Phase Operation & Maintenance Phase

Q&A
Permission granted for ISA Houston Section Website

Process Safety Management

Functional Safety ISA 84 IEC 61508/11 Other Recognized Standards NFPA API

Permission granted for ISA Houston Section Website

Safety Life Cycle Flow-Chart

Permission granted for ISA Houston Section Website

HAZID/HAZOP
Hazard ID and Risk Assessment
Step 1

Permission granted for ISA Houston Section Website

HAZID/HAZOP
Objectives
Identify Hazards and Hazardous events of the process and associated equipment

Task Required
For each hazard identified , determine the consequence /severity level, the deviation, the initiating cause(s), and the safeguards(s) Note: Safe design should be developed as far as reasonably practical before reliance is placed on the SIS to reduce risk

Permission granted for ISA Houston Section Website

LOPA
Objectives Identify required mechanical, operational & safety instrumented functions (SIF) protection layers for each consequence carried into LOPA For each SIF determine the associated SIL & and risk reduction target Tasks required Review hazard identification, for each hazard assign risk reduction credits Assign target PFD (SIL x) to each SIF Note: Client will most likely have own risk graph and acceptable levels of risk
Permission granted for ISA Houston Section Website

SRS
Definition of SRS: Function design requirements of the SIS Minimum Requirements SIS System architecture (sensor, logic solver & end control elements System hardware standards Spare capacity, loading & expansion Specify testing interval(s) I/O requirements I/O signal types and field interfaces System communications Equipment and field termination/marshalling cabinet design requirements Operator MOS Override requirements (HSW/KSW/Status Panel) Optional Items Preliminary SIL verification calculations
Permission granted for ISA Houston Section Website

Detail Designing of SIS

Objectives To design, procure and test the SIS equipment to meet the SRS Detailed specification of hardware; data sheets, etc Provide SIS detailed design drawings; loop diagrams, etc. Application software functional logic design and development. Construct SIS following approved procedures designed to reduce systematic faults. Verify compliance to SRS; confirm testing intervals are satisfied. Provide procedures to operate and maintain the SIS. To validate, through inspection and testing, that the designed, built & configured SIS logic solver, application software (SIFs) & associated hardware meets in all respects the requirements as stated in the SRS (FAT).
Permission granted for ISA Houston Section Website

Installation & Commissioning

Objectives Install and commission the SIS according to design documentation so that it is ready for final system validation. Commission and check calibration of the SIS components To integrate and test the SIS (SAT) To validate, through inspection and testing, that the installed & commissioned SIS & its associated SIFs meets in all respects the requirements as stated in the SRS.

Permission granted for ISA Houston Section Website

Operation & Maintenance

Objectives To ensure that the functional safety of the SIS is maintained during operation and maintenance SIS documentation is maintained To control maintenance and testing activities, so that the design intent of SIS is retained over the asset life

Permission granted for ISA Houston Section Website

Management of Change

Objectives To control all SIS modifications, so that safety integrity of the SIS is maintained over the asset life. To ensure that any SIS changes are properly planned, designed reviewed, approved and tested prior to implementation.

Permission granted for ISA Houston Section Website

Case Study of Refinery SRU HAZOP LOPA SRS SIS Operations & Maintenance

Permission granted for ISA Houston Section Website

SIS Implementation
Qualifications

Practical Considerations

Resulting Complications

- Customer Timing - Plant Control Infrastructure - Corporate Specifications - S84 vs NFPA 85 - Customer Awareness - Maintenance Restrictions

Impact on Cycle

- Concurrent Development Cycle - Vendor Restrictions - Conflicting Requirements - Needs dont match capabilities

Permission granted for ISA Houston Section Website

SIS Implementation
Design Constraints for Case Study

- Customer Timing:
2 Year Turnaround Schedule

- Confecting Requirements
- Corporate Spec for S84 - Plant Spec for NFPA 85

- Concurrent design cycle required

- Forced SIL Target - Commitment to Amend Mechanical design - Preselected Control Vendor

Permission granted for ISA Houston Section Website

SIS Implementation
Resulting Design for Case Study
- Redundant Processors Utilizing Independent Tasks - Shared Power & Comm Backbone - Dedicated Redundant Analog & Digital Inputs on SIS I/O - SIS & BMS Operate Totally independently - SIS Processes SIF and Controls Safety Relay Only - MFT Circuit is the Interlocking Mechanism Between the Two Systems

Permission granted for ISA Houston Section Website

SIS Implementation
Resulting Design for Case Study
Low Fire Light off on Individual Burner Trains Single Block with Vent on Headers
Combustion Circuit

DCS Controlled

with BMS Dump Vale on IP

Backup Nitrogen System on IA

Double Block and Bleed on all Individual Trains

2of3 Voting on all NFPA Recommended Signals

Permission granted for ISA Houston Section Website

SIS Implementation

Permission granted for ISA Houston Section Website

SIS Implementation

Permission granted for ISA Houston Section Website

Questions?

Permission granted for ISA Houston Section Website