InstrumentationTools.com

Similar documents
IEC61511 Standard Overview

PRIMATECH WHITE PAPER CHANGES IN THE SECOND EDITION OF IEC 61511: A PROCESS SAFETY PERSPECTIVE

Australian Standard. Functional safety Safety instrumented systems for the process industry sector

Options for Developing a Compliant PLC-based BMS

INTERNATIONAL STANDARD

This document is a preview generated by EVS

INTERNATIONAL STANDARD

Safety Instrumented Systems Overview and Awareness. Workbook and Study Guide

INTERNATIONAL STANDARD

Process Safety - Market Requirements. V.P.Raman Mott MacDonald Pvt. Ltd.

The Use of an Operator as a SIL 1 component in a Tank Overfill Protection System

Beyond Compliance Auditing: Drill til you find the pain points and release the pressure!

Functional Safety: the Next Edition of IEC 61511

Session Four Functional safety: the next edition of IEC Mirek Generowicz Engineering Manager, I&E Systems Pty Ltd

ADIPEC 2013 Technical Conference Manuscript

Safety Transmitter / Logic Solver Hybrids. Standards Certification Education & Training Publishing Conferences & Exhibits

INTERNATIONAL STANDARD

FUNCTIONAL SAFETY IN FIRE PROTECTION SYSTEM E-BOOK

Practical Methods for Process Safety Management

Addressing Challenges in HIPPS Design and Implementation

Assessment of the Safety Integrity of Electrical Protection Systems in the Petrochemical Industry

This document is a preview generated by EVS

100 & 120 Series Pressure and Temperature Switches Safety Manual

Integrated but separate

Safety Instrumented Systems

2015 Functional Safety Training & Workshops

This document is a preview generated by EVS

Technical Paper. Functional Safety Update IEC Edition 2 Standards Update

Why AC800M High Integrity is used in Burner Management System Applications?

Digital EPIC 2 Safety manual

High Integrity Pressure Protection System

67 th Canadian Chemical Engineering Conference EDMONTON, AB OCTOBER 22-25, 2017

USER APPROVAL OF SAFETY INSTRUMENTED SYSTEM DEVICES

SIL Safety Guide Series MS Single-Acting Spring-Return Hydraulic Linear Actuators

New Developments in the IEC61511 Edition 2

Safety Integrity Verification and Validation of a High Integrity Pressure Protection System to IEC 61511

This is a preview - click here to buy the full publication

Is your current safety system compliant to today's safety standard?

AVOID CATASTROPHIC SITUATIONS: EXPERT FIRE AND GAS CONSULTANCY OPTIMIZES SAFETY

New requirements for IEC best practice compliance

AVOID CATASTROPHIC SITUATIONS: EXPERT FIRE AND GAS CONSULTANCY OPTIMIZES SAFETY

Changes in IEC Ed 2

innova-ve entrepreneurial global 1

White Paper. Integrated Safety for a Single BMS Evaluation Based on Siemens Simatic PCS7 System

Overfill Prevention Control Unit with Ground Verification & Vehicle Identification Options. TÜVRheinland

2013 Honeywell Users EMEA Nice. Johan School. Concepts and Implementation of Process Risk Management using Safety Manager

Fire and Gas Detection and Mitigation Systems

United Electric Controls One Series Safety Transmitter Safety Manual

LOPA. DR. AA Process Control and Safety Group

Safety Instrumented Fire & Gas Systems

ANALYSIS OF HUMAN FACTORS FOR PROCESS SAFETY: APPLICATION OF LOPA-HF TO A FIRED FURNACE. Paul Baybutt Primatech Inc. and

Safety lnstrumentation Simplified

PPA Michaël GROSSI - FSCE PR electronics

Reliability of Safety-Critical Systems Chapter 1. Introduction

The Amazing Secret World of ISA Standards

Where Process Safety meets Machine Safety

Safety Instrumented Systems The Smart Approach

The SIL Concept in the process industry International standards IEC 61508/ 61511

Functional Safety Solutions

IMPLEMENTING PROCESS SAFETY KPI SUITE AT A WORLD-SCALE HFO UNIT

BRIDGING THE SAFE AUTOMATION GAP PART 1

Failure Modes, Effects and Diagnostic Analysis

An Approach towards Safety Using Safety Instrumented Systems: A Case Study

User s Manual. YTA110, YTA310, YTA320, and YTA710 Temperature Transmitters. Manual Change No

INTERNATIONAL STANDARD

Numerical Standards Listing

Tank protection example using Simatic

Benchmarking Industry Practices for the Use of Alarms as Safeguards and Layers of Protection

Implementing Safety Instrumented Burner Management Systems: Challenges and Opportunities

Numerical Standards Listing

Mobrey Magnetic Level Switches

Functional Safety Application of IEC & IEC to asset protection

Session Number: 3 Making the Most of Alarms as a Layer of Protection

The agri-motive safety performance integrity level Or how do you call it?

IEC an aid to COMAH and Safety Case Regulations compliance

HIPPS High Integrity Pressure Protection System

INTERNATIONAL STANDARD

Siemens Process Automation End-user Summit- 2011

Standards Certification Education & Training Publishing Conferences & Exhibits. Functional Safety Resources

HIPPS High Integrity Pressure Protection System

Failure Rate Data, Safety System Modeling Concepts, and Fire & Gas Systems Moderator: Lori Dearman, Webinar Producer Thursday, May 16th, 2013

Fully configurable SIL2 addressable Fire & Gas Detection solutions

Session Ten: The importance of a clear Safety Requirements Specification as part of the overall Safety Lifecycle

IEC PRODUCT APPROVALS VEERING OFF COURSE

SIL DETERMINATION AND PROBLEMS WITH THE APPLICATION OF LOPA

Failure Modes, Effects and Diagnostic Analysis. Rosemount Inc. Chanhassen, Minnesota USA

Alarm Management Reflections

SITRANS. Temperature transmitter Functional safety for SITRANS TW. Introduction. General safety instructions 2. Device-specific safety instructions

Failure Modes, Effects and Diagnostic Analysis

Strathayr, Rhu-Na-Haven Road, Aboyne, AB34 5JB, Aberdeenshire, U.K. Tel: +44 (0)

Industrial Safety And Emergency Preparedness: NTPC Perspective Shivam Srivastava GM-Safety NTPC Limited

Rosemount Functional Safety Manual. Manual Supplement , Rev AF March 2015

Session Number: 3 SIL-Rated Fire (& Gas) Safety Functions Fact or Fiction?

Failure Modes, Effects and Diagnostic Analysis

Improved safety system in a nitric acid plant

FINAL DRAFT INTERNATIONAL STANDARD

Integrating Control and Safety: Where to draw the line.

Alarm Management Standards Are You Taking Them Seriously?

DRAFT NFPA 805 TRANSITION PILOT PLANT OBSERVATION GUIDANCE

, CFSE, Senior Manager, ABB Taiwan;, 2011/9/2. Functional Safety. ABB Group September 5, 2011 Slide 1

Transcription:

Author: Instrumentation Tools Categories: Safety Systems S84 / IEC 61511 Standard for Safety Instrumented Systems IEC 61511 is a technical standard which sets out practices in the engineering of systems that ensure the safety of an industrial process through the use of instrumentation. Such systems are referred to as Safety Instrumented Systems. The title of the standard is Functional safety Safety instrumented systems for the process industry sector.

IEC 61511 covers the design and management requirements for SISs from cradle to grave. Its scope includes: initial concept, design, implementation, operation, and maintenance through to decommissioning. It starts in the earliest phase of a project and continues through startup. It contains sections that cover modifications that come along later, along with maintenance activities and the eventual decommissioning activities. The standard consists of three parts: 1. Framework, definitions, system, hardware and software requirements 2. Guidelines in the application of IEC 61511-1 3. Guidance for the determination of the required safety integrity levels ISA 84.01/IEC 61511 requires a management system for identified SIS. An SIS is composed of a separate and independent combination of sensors, logic solvers, final elements, and support systems that are designed and managed to achieve a specified safety integrity level (SIL). An SIS may implement one or more safety instrumented functions (SIFs), which are designed and implemented to address a specific process hazard or hazardous event. The SIS management system should define how an owner/operator intends to assess, design, engineer, verify, install, commission, validate, operate, maintain, and continuously improve their SIS. The essential roles of the various personnel assigned responsibility for the SIS should be defined and procedures developed, as necessary, to support the consistent execution of their responsibilities. ISA 84.01/IEC 61511 uses an order of magnitude metric, the SIL, to establish the necessary performance. A hazard and risk analysis is used to identify the required safety functions and risk reduction for specified hazardous events. Safety functions allocated to the SIS are safety instrumented functions; the allocated risk reduction is related to the SIL. The design and operating basis is developed to ensure that the SIS meets the required SIL. Field data are collected through operational and mechanical integrity program activities to assess actual SIS performance. When the required performance is not met, action should be taken to close the gap, ensuring safe and reliable operation. IEC61511 references IEC61508 (the master standard) for many items such as manufacturers of hardware and instruments and so IEC61511 cannot be fully implemented without reference to IEC61508. IEC61511 is the process industry implementation of IEC61508. Acronyms and Abbreviations Used ANSI American National Standards Institute BPCS Basic Process Control System E/E/PES Electrical / Electronic / Programmable Electronic Systems ESD Emergency Shutdown System IEC International Electrotechnical Commission IPL Independent Protection Layer ISA Instrumentation Society of America (now called The Instrumentation, Systems and Automation Society) LOPA Layers of Protection Analysis PES Programmable Electronic System PFD Probability of Failure on Demand SIL Safety Integrity Level

SIS Safety Instrumented System SRS Safety Requirements Specifications What is S84 / IEC 61511? It is a US and international industry standard (ANSI/ISA S84.00.01-2004 / IEC 61511, Functional Safety: Safety Instrumented Systems for the Process Industry Sector, called S84 / IEC 61511 herein). Its objective is to define requirements for Safety Instrumented Systems (SISs) and Safety Instrumented Functions (SIFs). What are SISs? SISs take the process to a safe state when predetermined conditions are violated, such as set points for pressure, temperature, level, etc. In other words, they trip the process when they detect an out-of-limit condition. Other terms commonly used for SIS include Emergency Shutdown System (ESD, ESS), Safety Shutdown System (SSD), and Safety Interlock System (SIS). These systems are often automated but can also involve human action in response to alarms. What are SIFs? SIFs are actions taken by a SIS to bring the process or equipment under control to a safe state. Each SIF consists of a set of actions to protect against a single specific hazard. One or more SIFs may be implemented in a SIS for a common purpose, e.g. protection of the same process. For example a SIS designed to protect a process may contain three SIFs: high reactor temperature closes the two reactor feed valves, high column temperature or high column pressure closes a reboiler steam valve, high column pressure closes the two reactor feed valves. Why was S84 / IEC 61511 developed? S84 / IEC 61511 is based on international standards from the International Electrotechnical Commission (IEC). A performance-based umbrella standard applies to any industrial process that uses E/E/PES (IEC 61508, Functional Safety of Electrical / Electronic / Programmable Electronic Safety-Related Systems, Parts 1 7, 1998 2000). It is intended to allow the development of industry-specific standards. A process-sector specific version of IEC 61508 has been developed (IEC 61511, Functional Safety -Safety Instrumented Systems for the Process Industry Sector, Parts 1 3, 2003 2004). When does S84 / IEC 61511 apply? It applies when functional safety is achieved using one or more SIFs in a SIS for the protection of personnel, public or the environment. It may be applied to non-safety issues, e.g. asset protection. S84 / IEC 61511 covers a wide variety of process sector industries including chemicals, oil refining, oil and gas production, pulp and paper, and nonnuclear power

generation. Can you tell me more about SIS? SISs provide safety control functions and complement the Basic Process Control System (BPCS) which provides normal process control. Ideally, SISs and the BPCS should be independent. SISs provide a layer of protection to help protect the process against accidents. SISs are composed of: Sensors Logic solvers Power supplies Field wiring Final control elements Communications interfaces They may include hardware, software and humans. Examples of sensors are pressure and level transmitters. An example of a final control element is an emergency block valve. Logic solvers addressed by S84 / IEC 61511 are primarily Electrical / Electronic / Programmable Electronic Systems (E/E/PES). However, the basic principles of the standard should be applied for other types of logic solvers, such as pneumatic or hydraulic. S84 / IEC 61511 applies to SIS sensors and final control elements regardless of the technology used. Communications interfaces include human interfaces with the process such as operator interaction with the SIS through video displays and mechanic interaction during maintenance of the SIS as well as internal communications within and between SIS. How do SIS relate to other layers of protection? Process designers use a variety of protection layers, or safeguards, to provide a defense in depth against catastrophic accidents. They are devices, systems or actions that are capable of preventing a scenario from proceeding to an undesired consequence. For example, they may be: Inherently safe design features Physical protection such as relief devices Post-release physical protection such as fire suppression systems Plant and community emergency response SIS Ideally such protection layers should be independent from one another so that any one will perform its function regardless of the action or failure of any other protection layer or the initiating event. When they meet this criterion they are called Independent

Protection Layers (IPL). Not all safeguards meet the independence requirements to be classified as an IPL, although all IPLs are safeguards. For example, two standby pumps that are both electrically powered do not fail independently in the event of loss of power. Do I always need SIS? The philosophy of S84 / IEC 61511 is that SIS should be installed only if other non-instrumented systems cannot adequately mitigate process risk. Therefore, an evaluation must be made to determine if an adequate number of non-sis protection layers has been provided for a process. The method for doing so is not specified by S84 / IEC 61511. However, Layers of Protection Analysis (LOPA) is commonly used and is one of several methods described in S84 / IEC 61511. How do you account for the varying effectiveness of protection layers? The effectiveness of an IPL is described in terms of the probability it will fail to perform its required function when called upon to do so (a demand), and the scenario continues towards the undesired consequence despite the presence of the IPL. This is called the probability of failure on demand (PFD). In the case of SIFs the PFD is described and categorized by a Safety Integrity Level (SIL). Can you tell me more about SIL s? Once the need for a SIS/SIFs has been identified, the key is to determine the required SIL to control process risk to a tolerable level. The SIL is used as a performance measure (in terms of the probability of the SIF failing to perform its required function on demand). Four discrete integrity levels are defined in S84 / IEC 61511 (SIL 1, SIL 2, SIL 3, SIL 4). The higher the SIL level, the higher the availability of the SIS. SIL s are defined in terms of PFD:

Techniques such as LOPA are used to determine the required SIL for a SIF in a SIS. What does S84 / IEC 61511 require? S84 / IEC 61511 applies a Safety Life Cycle approach and addresses SIS from conceptual design to decommissioning, i.e. cradle to grave. S84 / IEC 61511 addresses: Management of functional safety Safety life-cycle requirements Verification Process hazard and risk assessment Allocation of safety functions to protection layers SIS safety requirements specification SIS design and engineering Requirements for application software, including selection criteria for utility software Factory acceptance testing SIS installation and commissioning SIS safety validation SIS operation and maintenance SIS modification SIS decommissioning Information and documentation requirements Can you summarize what S84 / IEC 61511 does and doesn t do? There are three issues for SIS: Are they needed? What type should be provided? What design should be used and how can its integrity be maintained throughout its life? Techniques such as LOPA address the first issue. However, they do not determine the types of SIS to provide. They can help choose between alternatives. The second issue on selecting the type of SIS to install is the province of the process designer and the control systems engineer. S84 / IEC 61511 does address the third issue. It provides requirements for SIS. Why should I comply with S84 / IEC 61511? First, S84 / IEC 61511 represents best practice.

Powered by TCPDF (www.tcpdf.org) Instrumentation Tools Second, OSHA has endorsed S84 / IEC 61511 as a national consensus standard for the application of safety instrumented systems for the process industries (March 23, 2000 OSHA letter to L. M. Ferson, ISA). This letter states that ANSI/ISA S84 / IEC 61511.01-1996 (the first edition of S84 / IEC 61511) is considered a recognized and generally accepted good engineering practice for SIS. Note that Paragraph (d)(3)(ii) of OSHA s PSM standard, CFR 1910.119, specifies: The employer shall document that equipment complies with recognized and generally accepted good engineering practices. The letter states that in evaluating whether an employer s engineering practices with respect to SIS comply with PSM, OSHA would consider, among other factors, whether the employer meets the requirements of S84 /IEC 61511. In the letter OSHA states that it is also important to note that there is a large percentage of processes which are not covered by PSM which may include SIS covered by S84 / IEC 61511. OSHA states that the employer may be in violation of the General Duty Clause, Section 5(a)(1) of the OSH Act if SIS are utilized which do not conform with S84 / IEC 61511, and hazards exist related to the SIS which could seriously harm employees. Consequently, this means that OSHA requires companies to comply with S84 / IEC 61511, not only for PSM-covered processes but also for other processes that use SIS where hazards to personnel may be present.

2024 © homedocbox.com Privacy Policy | Terms of Service | Feedback