Safety Transmitter / Logic Solver Hybrids. Standards Certification Education & Training Publishing Conferences & Exhibits

Similar documents
United Electric Controls One Series Safety Transmitter Safety Manual

Safety lnstrumentation Simplified

100 & 120 Series Pressure and Temperature Switches Safety Manual

InstrumentationTools.com

Safety Instrumented Systems

FUNCTIONAL SAFETY IN FIRE PROTECTION SYSTEM E-BOOK

IEC61511 Standard Overview

High Integrity Pressure Protection System

Digital EPIC 2 Safety manual

Assessment of the Safety Integrity of Electrical Protection Systems in the Petrochemical Industry

User s Manual. YTA110, YTA310, YTA320, and YTA710 Temperature Transmitters. Manual Change No

SIL Safety Guide Series MS Single-Acting Spring-Return Hydraulic Linear Actuators

FMEDA Report. Failure Modes, Effects and Diagnostic Analysis. KFD0-CS-Ex*.54* and KFD0-CS-Ex*.56* Project: X7300

Failure Modes, Effects and Diagnostic Analysis

Safety Instrumented Systems Overview and Awareness. Workbook and Study Guide

Overfill Prevention Control Unit with Ground Verification & Vehicle Identification Options. TÜVRheinland

PPA Michaël GROSSI - FSCE PR electronics

Failure Modes, Effects and Diagnostic Analysis

Failure Modes, Effects and Diagnostic Analysis

Fire and Gas Detection and Mitigation Systems

Soliphant M with electronic insert FEM52

Pressure Transmitter cerabar M PMC 41/45 cerabar M PMP 41/45/46/48 with Output Signal ma/hart

Failure Rate Data, Safety System Modeling Concepts, and Fire & Gas Systems Moderator: Lori Dearman, Webinar Producer Thursday, May 16th, 2013

Rosemount Functional Safety Manual. Manual Supplement , Rev AF March 2015

SITRANS. Temperature transmitter Functional safety for SITRANS TW. Introduction. General safety instructions 2. Device-specific safety instructions

Technical Paper. Functional Safety Update IEC Edition 2 Standards Update

Options for Developing a Compliant PLC-based BMS

SAFETY MANUAL. Intelligent Sensors for H 2 S Gas Applications

Safety Integrity Verification and Validation of a High Integrity Pressure Protection System to IEC 61511

Failure Modes, Effects and Diagnostic Analysis. Rosemount Inc. Chanhassen, Minnesota USA

Failure Modes, Effects and Diagnostic Analysis

Functional Safety Manual June pointek CLS500/LC500

New Developments in the IEC61511 Edition 2

Failure Modes, Effects and Diagnostic Analysis

FMEDA and Proven-in-use Assessment. Pepperl+Fuchs GmbH Mannheim Germany

Failure Modes, Effects and Diagnostic Analysis

Safety in the process industry

USER APPROVAL OF SAFETY INSTRUMENTED SYSTEM DEVICES

Failure Modes, Effects and Diagnostic Analysis

Safety Instrumented Systems The Smart Approach

Functional Safety Solutions

Is your current safety system compliant to today's safety standard?

Session Four Functional safety: the next edition of IEC Mirek Generowicz Engineering Manager, I&E Systems Pty Ltd

Failure Modes, Effects and Diagnostic Analysis

Addressing Challenges in HIPPS Design and Implementation

Failure Modes, Effects and Diagnostic Analysis

Implementing Safety Instrumented Burner Management Systems: Challenges and Opportunities

Failure Modes, Effects and Diagnostic Analysis. Rosemount Inc. Chanhassen, MN USA

Session Ten Achieving Compliance in Hardware Fault Tolerance

Siemens Process Automation End-user Summit- 2011

Numerical Standards Listing

Proof Testing Level Instruments

Australian Standard. Functional safety Safety instrumented systems for the process industry sector

SAFETY MANUAL. Electrochemical Gas Detector GT3000 Series Includes Transmitter (GTX) with H 2 S or O 2 Sensor Module (GTS)

ACCURATE FAILURE METRICS FOR MECHANICAL INSTRUMENTS IN SAFETY APPLICATIONS

Failure Modes, Effects and Diagnostic Analysis

SAFETY MANUAL. FL4000H and FL4000 Multi-Spectral Infrared Flame Detectors

Technical Report Proven In Use SITRANS P500

Numerical Standards Listing

SIPART. Electropneumatic positioner Functional safety for SIPART PS2. Introduction. General safety instructions 2. Device-specific safety instructions

Failure Modes, Effects and Diagnostic Analysis

LOPA. DR. AA Process Control and Safety Group

Failure Modes, Effects and Diagnostic Analysis

The SIL Concept in the process industry International standards IEC 61508/ 61511

Failure Modes, Effects and Diagnostic Analysis

SAFETY MANUAL. IR5000 Open Path Hydrocarbon Gas Monitoring System

Process Safety - Market Requirements. V.P.Raman Mott MacDonald Pvt. Ltd.

Failure Modes, Effects and Diagnostic Analysis

White Paper. Integrated Safety for a Single BMS Evaluation Based on Siemens Simatic PCS7 System

Functional Safety: the Next Edition of IEC 61511

Rosemount 2140:SIS Level Detector

Integrated but separate

Certification Report of the ST3000 Pressure Transmitter

Why AC800M High Integrity is used in Burner Management System Applications?

Reliability of Safety-Critical Systems Chapter 1. Introduction

SAFETY MANUAL. PointWatch Eclipse Infrared Hydrocarbon Gas Detector Safety Certified Model PIRECL

Certification Report of the ST 3000 Pressure Transmitter with HART 6

Simply reliable: Process safety from Endress+Hauser

Pressure Transmitter cerabar S PMC 731/631 cerabar S PMP 731/635 with ma output signal

Proservo NMS5- / NMS7-

FUNCTIONAL SAFETY MANUAL

SIL DETERMINATION AND PROBLEMS WITH THE APPLICATION OF LOPA

FUNCTIONAL SAFETY CERTIFICATE

SAFETY MANUAL. Multispectrum IR Flame Detector X3301

Failure Modes, Effects and Diagnostic Analysis. PR electronics A/S Rønde Denmark

Differential Pressure Transmitter deltabar S PMD 230/235 deltabar S FMD 230/630/633 with ma output signal

The Use of an Operator as a SIL 1 component in a Tank Overfill Protection System

Practical Methods for Process Safety Management

Guidelines. Safety Integrity Level - SIL - Valves and valve actuators. February Valves

Karl Watson, ABB Consulting Houston LOPA. A Storage Tank Case Study. ABB Inc. September 20, 2011 Slide 1

Introduction. Additional information. Additional instructions for IEC compliant devices. Measurement made easy

HIPPS High Integrity Pressure Protection System

HIPPS High Integrity Pressure Protection System

Failure Modes, Effects and Diagnostic Analysis

Tank protection example using Simatic

SAFETY MANUAL. X2200 UV, X9800 IR, X5200 UVIR SIL 2 Certified Flame Detectors

Measurement of Safety Integrity of E/E/PES according to IEC61508

innova-ve entrepreneurial global 1

Functional safety according to IEC / IEC Important user information. Major changes in IEC nd Edition

67 th Canadian Chemical Engineering Conference EDMONTON, AB OCTOBER 22-25, 2017

Transcription:

Safety Transmitter / Logic Solver Hybrids Standards Certification Education & Training Publishing Conferences & Exhibits

Traditional Pressure Sensor Portfolio Trip Alarm or Trip Module Process Transmitter Process Switch Safety Transmitter-Switch

Process Pressure Transmitter Widely accepted for BPCS and safety control, alarm and interlock (SCAI) Supplies an analog 4 to 20 ma output Comes with or without local indication Interface/Integration Coupled with a central or distributed logic solver Attention must be paid to set-up and proof testing SIL capable Up to SIL 2 (SC3) Prior use and certified versions used in SIS Newer versions address legacy issue of frozen impulse

Process Switch Widely used in plants for safety control, alarm and interlock (SCAI) Supplies SPDT Form C output No indication Interface/Integration Supplies discrete input to logic solver or coupled directly final elements Attention must be paid to set up and proof testing SIL capable Prior use and certified versions are available SIL achievement is sometimes a stretch No diagnostic coverage

Trip Alarm or Trip Module Widely used in plants for safety control, alarm and interlock (SCAI) Supplies an analog or digital outputs With or without local indication Interface/Integration Needs additional environmental or hazardous area protection Attention must be paid to set-up and proof testing SIL capable Process relays and fault relays must be wired in series (i.e. you must monitor the diagnostic output)

Hybrid Transmitter-Switch Emerging niche technology for safety control, alarm and interlock (SCAI) Combines functions of transmitter and trip alarm Comes with local indication Interface/Integration Coupled with logic solver or powered externally Programmable logic for set-up SIL capable SIL 2 (SC3) Prior use and certified versions used in SIS Automatic self-diagnostics

Value Proposition of Hybrids Cost effective 3 in 1 in one footprint Lower unit price point & lower total cost Reduces complexity Simplified integration Standalone hardware & software SIL capable Certified for use in SIL 2 (SC3) Robust diagnostics

Functional Safety Standards increasingly inform selections What are the functional safety standards against which these sensor devices are measured? Qualitative and quantitative assessment

IEC Standards for the Process and Other Industries

ISA 84.00.01-2004

IEC 61508 Functional safety is a concept applicable across all industry sectors. It is fundamental to the enabling of complex technology used for safety-related systems. It provides the assurance that the safety-related systems will offer the necessary risk reduction required to achieve safety for the equipment. IEC

IEC 61508 Functional safety relies on active systems. The following are two examples of functional safety: The detection of smoke by sensors and the ensuing intelligent activation of a fire suppression system; or, The activation of a level switch in a tank containing a flammable liquid, when a potentially dangerous level has been reached, which causes a valve to be closed to prevent further liquid entering the tank and thereby preventing the liquid in the tank from overflowing. IEC

ANSI/ISA 84.91.01-2012

ANSI/ISA 84.91.01 (2012)

Basic Concepts of ANSI/ISA 84.91.01 (2012) Identify process safety functions that utilize instrumentation in order to maintain safe operation. Identification of safety control, alarms and interlocks (SCAI) Focused on mechanical integrity and maintenance being the key to managing process risk.

Instrumented Safeguards

Recommended Reading

How SCAI is Implemented

Recommended Reading

Angela says When considering the use of BPCS for SCAI, the first thing to remember is that risk reduction is not free. Getting an order of magnitude risk reduction from the BPCS is hard. The independence and reliability requirements impose rigorous design and management practices, focusing on eliminating single points of failure and human error.

Angela says When claiming more than one order of magnitude (risk reduction) from a single controller in a scenario, the controller must be designed and managed as a SIS in accordance with IEC 61511.

Distributed SIS: Traditional Recipe

Distributed SIS: applying the hybrid in SIS AI 4 to 20 ma DO 2.5A @ 125 VDC High capacity programmable safety relay 5A @ 250 VAC 6A @ 30 VDC

Functional Safety context Target SIL PFD avg Risk Reduction (RRF)

Theoretical Safety Instrumented Function (SIF) The High Pressure Protection SIF measures steam pressure in the boiler output header and opens a vent valve if the pressure exceeds the setpoint.

Sensors Sensors are either certified process transmitters or a certified hybrid of a transmitter & switch Clean service MTTR=24 hours Proof Test Interval = 12 months Proof Test Coverage = 100% Process outputs are assumed to fail to safe states.

Logic Solver Generic SIL 2 or SIL 3 Logic Solver MTTR = 24 hours Proof Test Interval = 60 months PT Coverage = 100%.

Final Element Generic, 3-way solenoid Bettis G-Series pneumatic spring return actuator Fisher Controls Design EZ valve MTTR = 24 hours Proof Test Interval = 12 months PT Coverage = 85% No ß factor

Simplified Equation PFDavg (SIF) = PFDavg (Sensor Subsystem) + PFDavg (Logic Solver) + PFDavg (Final Element subsystem)

RRF & Achieved SIL (SIL 2 LS)

PD PUMP APPLICATION LOW SIL 2 - TRADITIONAL APPROACH Safety function to trip remote pump on excessive pressure Safety PLC Stainless steel cabinet Sub panel Associated wiring & programming Estimated cost >$20K MCC Process Transmitter SIL 2 Challenge Process Safety Time > 1 sec

PD PUMP APPLICATION LOW SIL 2 - NEW APPROACH High speed/high capacity Safety Relay (60 ms) Start/stop circuit MCC No Safety PLC 4 to 20 ma (NAMUR 43 NE Std) 30 VDC @ 20 ma (max) 30 VDC @ 20 ma max universal diagnostics

Hypothetical Illustration Target SIL 3 2oo3 LS Current Output 4 to 20 ma Current Output 4 to 20 ma Current Output 4 to 20 ma PT PT PT ß = NOT ENOUGH RISK REDUCTION

Recommended Reading

Hypothetical Illustration Target SIL 3 IPL 1 + IPL 2 LS Current Output 4 to 20 ma Current Output 4 to 20 ma Safety Relay Output 5A @ 125 VAC PT Hybrid Setpoint @ 500 psig IPL 1

Comparing Attributes (Three SIL 2 Certified Sensors) Product Safe Failure Fraction Safety Accuracy Fault Detection Number of Safety Variable Outputs Enviromental Profile (per IEC 60654-1 MTTR Input to Output Trip Response Time IEC 61508 Hybrid Transmitter 98.6% ±3% 6 sec 4 C3 24 hours ~ 60 ms Edition 2, 2010 Process Transmitter 95% ±2% 30 sec 1 C3 24 hours N/A Edition 2, 2010 Trip Alarm 91.4% ±2% 15 minutes 2* B2 8 hours 256 msec Edition 2, 2010 * Assumes fault relay is wired in series with process relays for fault monitoring

Can Hybrids Addressing Common Cause?

Common Cause Failure Major Equipment Groups

Summarizing Benefits of the Hybrid Highly distributed SIS Where full blow safety systems are cost prohibitive. Where ESD and continuous monitoring are needed. Where process safety time thresholds cannot be met. Where diversity can reduce common cause. Where lower unit price points for certified devices are desirable. Where lower total cost solutions are imperative.

Thank you for your attention For more information contact: Channing Reis, Director Functional Safety Technologies, United Electric Controls Company, Watertown, MA (USA) 617-899-1132 creis@ueonline.com

2024 © homedocbox.com Privacy Policy | Terms of Service | Feedback