SIL Allocation. - Deterministic vs. risk-based approach - Layer Of Protection Analysis (LOPA) overview
|
|
- Aldous Fisher
- 6 years ago
- Views:
Transcription
1 SIL Allocation - Deterministic vs. risk-based approach - Layer Of Protection Analysis (LOPA) overview
2 Origin and causes of accidents involving control system failure 44% Specification 20% Changes after Start-up 15% Design and Implementation 6% Instalation and Start-up 15% Maintenance and Operation Ref Out of Control: Why control systems go wrong and how to prevent failure Published by UK HSE 2
3 SIS Safety Lifecycle, IEC61511 Management of functional safety and assessment and audit of functional safety Structure and planning of th e safety life cycle 1 2 Assessment of hazards s and risks Allocation of the safety functions to the protection layers Verification 3 Specification of the safety requirements for the safety instrumented system 4 Design and engineering of the safety instrumented system Design and development of other means of reducing risk 5 Installation, Receipt reception and Validation validation Operation and maintenance 6 7 Modification Decommissioning 8 9 3
4 SIL Allocation in the IEC61511 Safety Lifecycle Management of functional safety and assessment and audit of functional safety Structure and planning of th e safety life cycle 1 2 Assessment of hazards s and risks Allocation of the safety functions to the protection layers Verification 3 Specification of the safety requirements for the safety instrumented system 4 Design and engineering of the safety instrumented system Design and development of other means of reducing risk 5 Installation, Receipt reception and Validation validation Operation and maintenance 6 7 Modification Decommissioning 8 9 4
5 SIL Allocation & SIL Verification Management of functional Assessment and risks of s hazard assessment safety planning and and audit and e safety th of functional of safety requirements Specification for of the the instrumented system safety 3 4 system Installation validation reception and, 5 6 Modification 7 Decommissioning Set target Demonstrate target is met Management of functional Assessment and risks of s hazard assessment safety planning and and functional audit and e safety th of of 1 safety requirements Specification for of the instrumented system safety 3 system Installation validation reception and, 5 6 Modification 7 Decommissioning SIL Allocation Minimum SIL requirements LOPA, Risk graphs, Determine if additional SIF are required and if yes then allocate the target SIL SIL 1 SIL 2 SIL3 Design & Engineering SIL Verification calculations (PFD) FMECA, SAR, Safety Manuals, etc. Address target SIL (Fault Tolerance & PFD) Select system technology Configuration / vooting Test interval Diagnostic 5
6 SIL Allocation The two approaches Deterministic Risk-Based ISO10418 OLF070 LOPA, Risk graph, QRA 6
7 SIL Allocation Deterministic approach 1. Design in accordance with process industry standards ISO10418, API RP14C for offshore installations NFPA 85, 86, API RP556 for various types of fired equipments Prescriptive recommendation for protective measures Based on experience and recognized practice Acceptable level of safety achieved (refer to clearly defined hazards and standardized behavious of safety systems and barriers) etc. 7
8 SIL Allocation Deterministic approach 2. Allocate SIL based on predetermined requirements Minimum SIL Requirements OLF070 Application of IEC in the Norwegian Petroleum Industry Company Governing Documentation Minimum SIL requirement is derived from expected reliability (PFD) of typical SISs. i.e. achievable by standard solutions considered good industry practice. Not based on required risk reduction conforming to specific RTC Enforces quality requirements in the SIS design, installation and operation 8
9 SIL Allocation The two approaches Deterministic Risk-Based ISO10418 OLF070 LOPA, Risk graph, QRA TES 9
10 The safety onion Integrated approach Independent Protection Layers COMMUNITY EMERGENCY REPSONSE PLANT EMERGENCY REPSONSE PHYSICAL PROTECTION (DIKES) PHYSICAL PROTECTION (RELIEF DEVICES) AUTOMATIC ACTION SIS OR ESD CRITICAL ALARMS, OPERATOR SUPERVISION, AND MANUAL INTERVENTION BASIC CONTROLS, PROCESS ALARMS, AND OPERATOR SUPERVISION I PROCESS DESIGN LAH 1 Layer of SIS 10
11 Alternative view - protecting by multiple protection layers SIS Action Trip set point High Level Alarm Operator Takes Action PSD logic PCS High level Process level Low level Normal Level PT PT 11
12 Reducing risks with protection layers Missing adequate barriers? Remaining risk Risk tolerance criteria Initial Risk (frequency) Increasing risk Required risk reduction Achieved risk reduction Risk reduction SIS Risk reduction Other technologies Risk reduction external Closing the safety gap between risk and target 12
13 Applicability of risk assessment methods for risk judgements Qualitative analysis (100% of scenarios are analyzed using qualitative methods) Simplified-quantitative or semi-qualitative analysis (1-5% of scenarios, 100% of SIF) Quantitative analysis (<1 o / oo of scenarios, 1% of SIF) Technique Applicability to simple issues Applicability to complex issues HAZOP, What if LOPA, Risk Graph ETA, FTA, QRA Good Good Overkill Poor to Okay for risk judgment Usually Good Good 13
14 SIL Allocation process (risk-based) Plant Facilities & Safety Conceptual strategies / philosophies Design & Operating principles / Performance Standards / Acceptance criteria Plant Design development input (e.g., process conditions, P&ID, C&E, FDS, etc.) Qualitative Risk Assessment / Process Hazard Analysis (PHA) / IPL definition (e.g. HAZOP) SIF determination & SIL Allocation Semi-qualitative Simplified-quantitative Quantitative NO For each scenario, SIF determination & SIL allocation with simplified risk analysis technique (e.g. LOPA, risk graph) SIL1, SIL2 or SIL3 with GALE TES where further assessment is needed? YES NO SIL4? OR SIL3 with no GALE TES? YES Design change or other non-sis IPL possible? NO Quantitative risk assessment for dedicated scenario Evaluate other non-sis IPL or design change SIL1, SIL2, SIL3 or SIL4 by multiple SIS? NO SIL4 Required by a single SIS? YES Apply for dispensation to TR2041 YES Complete SIL allocation for each SIF & Reporting 14 SRS, CDD, SAR, etc.
15 LOPA Layer of Protection Analysis Multidiscipline team exercise. Immediately after HAZOP (1w/m) Good synergy with HazOp (Cause, consequence, safeguards) Simple rules (reproducible), order of magnitude of the risk Barrier/Protection layers analysis methodology Focus on Safety Instrumented Systems Will also address credit for other Safety Related Systems Identification of required and expected performance of critical systems Closes the gap between expected system performance and required Risk Tolerance Determines Safety Integrity Level (SIL) of gap Can be an entry point to QRA 15
16 LOPA Can address the following Does my system (planned or actual) ensure my criteria are met? Do I need additional Safety Instrumented System? Are there alternatives? LOPA References and applicability in the industry IEC LOPA will meet requirements (Part 3, Annex F)) AIChE endorsement Risk-based approach common in downstream industry, especially for PSD LOPA often used In Americas. Europe often using risk graphs Some O&G companies have developed their own software / spreadsheets 16
17 LOPA Procedure Step 1: Establish TTC Step 2: Preliminary selection of scenarios Step 3: Evaluate impact severity on safety, environment and assets Step 4: Determine IE frequency Step 5: Identify IPLs and select the probability of failure Step 6: Identify Conditional Modifiers and select the probability Step 7: Evaluate Scenario frequency and compare with TTC Step 8: Identify SIF and Allocate SIL Step 9: Evaluate need for other non-sis IPL or redesign Step 10: Evaluate consequences of spurious failure Step 11: Reporting 17
18 Impact level Step1 Establish Target Tolerance Criteria (TTC) Category 8 / Frequency (/year) Catastrophic < 1E-4 1E-4 1E-3 1E , / Major > / Severe 5 / Serious 4 / Moderate Target Tolerance Criteria 1 x E-6 pr year 1 x E-5 pr year 1 x E-4 pr year 1 x E-3 pr year 1 x E-2 pr year Frequency Level 18
19 Step1 Establish TTC The criteria are dependant on numbers used for initiating events, risk reduction factors etc. Economic impact should include the total loss Demolition cost Installed equipment costs (x3 purchase price) Cost of business interruption (value of product that cannot be shipped out, not cost of lost production) Corporate TTC should be used as a basis to establish local applicable TTC 19
20 Step2 Preliminary selection of scenarios/sifs Scenarios/SIF identified from C&E, interlocks narrative and P&IDs Temperature transmitter Temperature transmitter Solenoide On/off valve Level Switch Logic Solver (PLC) Pump Flow transmitter Solenoide On/off valve Additional scenario where a SIF is recommended for evaluation (e.g. identified during HAZID, HAZOP or other project/facility review) High impact severity scenarios (i.e. category 7 and 8 in TTC) 20
21 Step2 Identification of scenario Initiating Event 1 PREVENTION Terminate the chain of events, reduce frequency MITIGATION & RECOVERY Reduce consequence severity No consequence CAUSES Initiating Event 2 BPCS Operator response to Alarm from monitoring system SIS PSV TOP EVENT E.g. Loss of Containment ESD Ignition control Fire Water Consequence A Consequence B Consequence C CONSEQUENCES Initiating Event 3 Consequence D Initiating Event 1 Consequence D LOPA scenario : single cause consequence pair 21
22 Step3 Evaluate Impact severity Define worst reasonably credible consequences that result if the chain of events continues without interruption. Select Impact severity from TTC for all categories (People s safety, Environment, Economic). Category 8 / Catastrophic 7 / Major 6 / Severe 5 / Serious 4 / Moderate Target Tolerance Criteria 1 x E-6 pr year 1 x E-5 pr year 1 x E-4 pr year 1 x E-3 pr year 1 x E-2 pr year 22
23 Step4 Determine Initiating Event Frequency Identify all possible initiating events, i.e. causes Mechanical, Instrument or Human failures f ie Instrument Initiating Event failure/year BPCS Instrument Loop Failure 1,00E-01 BPCS Sensor failure 1,00E-01 Control loop failure 1,00E-01 Loss of instrument air 1,00E-01 Human Initiating Event failure/year 3rd Party Intervention 1,00E-02 Human error in a no-routine, low stress 1,00E-01 Human error in a routine, once per day opportunity 1,00E+00 Human error in a routine, once per month opportunity 1,00E-01 Operator Failure Action more than once per quarter 1,00E-01 Mechanical Initiating Event Canned/Magnetic Drive Pump Failure Compressors, Pumps and Crane fail Control valve failure Cooling Water Failure Double Mechanical Seal Pump Failure Expansion Joint Fails General Utility Failure Heat Exch. tube leak <100 tube Heat Exch. tube leak >100 tubes Heat Exch. tube rupture <100 tubes Heat Exch. tube rupture >100 tubes Loss Cooling Loss Power Manual valve failure Pressure safety valve failure Pressure Vessel Failure Significant Release Pump Failure Loss of Flow Single Mechanical Seal Pump Failure Unloading/Loading Hose Failure failure/year 1,00E-02 1,00E+00 1,00E-01 1,00E-01 1,00E-02 1,00E-02 1,00E-01 1,00E-02 1,00E-01 1,00E-03 1,00E-02 1,00E-01 1,00E-01 1,00E+00 2,00E-01 1,00E-05 1,00E-01 1,00E-01 1,00E-01 Human Error probability for not correctly performing a task for various situations per demand Complexity Simplest Routine & Simple Routine but Requires Complicated Care Routine No Stress Moderate Stress High stress non- 23
24 Step4 Determine Initiating Event Frequency Enabling event, e.g. adjust to the time at risk, i.e. multiply f ie by fraction of time during which the risk is present SIF operating in continuous mode of operation f ie = 2* PFD 24
25 Step5 Identify IPLs and select probability of failures Essential Requirements Specific. Detect Decide and Deflect Effective. big Enough, fast Enough, strong Enough, smart Enough Independent. Its performance must not be affected by other protection layers and must be Independent of the events causing the accident Reliable: The protection given by the IPL reduce the risk in a known and specific quantity. Auditable: It must allow periodic checks and tests of the protection function. All IPL are protection Layers, but all protection layers are not IPLs 25
26 Step5 Identify IPLs and select probability of failures Process design Inherent safety in design Initial risk, not an IPL. Minimize, Substitute, Moderate, Simplify Process control system Actions to return the process in within normal operating envelope (e.g. minimum flow control) Process shutdown (shadowing the SIS in the PCS) Alarms (+operator response) 26
27 Step5 Identify IPLs and select probability of failures Process control system Maximum PFD claimed 0,1 if independent of initiating events and other IPLs It the initiating event is caused by PCS control loop failure, PCS can be considered an IPL if: Sensors, I/O cards and final elements are independents Logic controller designed with high level of reliability by reference to recognized industry standards (e.g. redundant CPUs). Sensor 1 Sensor 2 Input 1 Input 2 Logic Controler PFD lower than 0,1 requires that the PCS is designed according to IEC61511 PCS cannot be catered twice as IPL. IE IPL Output 1 Output 2 Final Element 1 Final Element 2 27
28 Step5 Identify IPLs and select probability of failures PCS supervision & Alarms Human intervention direct connection between the alarm, which indicates the event, and the measures to be taken by staff to avoid the event Safety Alarms requiring intervention should be prioritized, configuration access restricted Time needed vs time available due to process dynamics: Final Consequences alarm processing Top event (e.g. Loss of integrity) limited troubleshooting decide action trigger action and get action to be effective SIS trip point PCS pre-alarm set point Min min if automatic; min 30-1h if manual local action Written procedure in use, training Process Safety time Time available for the operator to take action Time 28
29 Step5 Identify IPLs and select probability of failures Preventive SIS (PSD) Mitigation SIS ESD, F&G, Emergency Depressurization or Dumping system, Fire water, etc. Have a role in risk reduction but should not be considered IPL for evaluation of preventive SIF (PSD) with LOPA. Objective is to prevent scenario without relying on mitigation SIS (residual consequences even if successful). May be given credit in QRA. Design against scenario shall be demonstrated, claimed reliability shall be demonstrated, appropriate maintenance and testing. 29
30 Step5 Identify IPLs and select probability of failures Mechanical mitigation system PSV and rupture disk Depends on SIF design intent, i.e. in lieu of PSV or in addition e.g. to limit release to disposal system. PSV fulfils the 3E? release damageable? Fouling service? Check valve IPL, with restriction on service and technology, frequent testing required Flame arrestor (in line) Can be IPL. Design against deflagration will not prevent detonation, testing Explosion doors Not an IPL. can be considered for selection of lower impact severity. Design must be checked against explosion load Excess flow valves Mitigation, generally not an IPL 30
31 Step5 Identify IPLs and select probability of failures Post release physical protection (Passive) Dike, Fire wall, Passive fire protection, Collision protection Should not considered IPL for evaluation of preventive SIF with LOPA. May be given credit in QRA. Design against scenario shall be demonstrated, appropriate maintenance Emergency response (Evacuation and rescue) Relying on Evacuation and rescue is the last resort. No credit for risk reduction shall be granted as IPL. Considered in the selection of conditional modifier (Probability of personnel present) 31
32 Step5 Identify IPLs and select probability of failures PFD IPL Independent protection layer Single check valve in clean liquid service Single check valve in gas service Two check valves in series in clean gas or liquid service Process Safety Valve fail to open. Clean service. Control loop /PCS Explosion doors Flame arrestor Operator response to alarm (15-20 minutes) PFD 2,00E-01 1,00E+00 2,00E-02 1,00E-02 1,00E-01 1,00E+00 1,00E-01 1,00E-01 32
33 Step6 Conditional modifiers P ignition Probability of Ignition for flammable release Probability that personnel are present at the time of the hazardous event P person present Ignition Probability Modifier Probability Gas Major (1-50kg/s) EXPLOSION 8,40E-03 Gas Major (1-50kg/s) FIRE 7,00E-02 Gas Massive (>50kg/s) EXPLOSION 9,00E-02 Gas Massive (>50kg/s) FIRE 3,00E-01 Gas Minor (<1kg/s) EXPLOSION 4,00E-04 Gas Minor (<1kg/s) FIRE 1,00E-02 Liquid Major (1-50kg/s) EXPLOSION 3,60E-03 Liquid Major (1-50kg/s) FIRE 3,00E-02 Liquid Massive (>50kg/s) EXPLOSION 2,40E-02 Liquid Massive (>50kg/s) FIRE 8,00E-02 Liquid Minor (<1kg/s) EXPLOSION 4,00E-04 Liquid Minor (<1kg/s) FIRE 1,00E-02 Not always relevant (e.g. release above auto-ignition, control of ignition souces environmental impact) = Occupancy X Probability to avoid the hazardous event once the SIS has failed Probability of death (vulnerability) Not taken into account (conservative but simpler) 33
34 Step6 Conditional modifiers Occupancy 0,1: Rare to occasional exposure in the hazardous zone: Exposure time inferior to 10% Most continuous process plants will have only occasional exposure. This would be the default choice for normal operation and when something goes spontaneously wrong 1 : Frequent to permanent exposure in the hazardous zone (more than 10% of the time). Exposure time superior to 10% Most continuous process plants will have troubleshooting, testing and maintenance activities upon certain alarms. This can mean that several people are exposed to a hazard when it happens. The correct action for hazardous work and when something goes wrong is to evacuate the premises as much as possible; (ARCO 1989 tank explosion). Consider specific scenarios during shut-down or start-up with almost permanent exposure (e.g. lightning of fired heaters). Batch plants and semi-batch plants that often require semi-continuous human supervision. 34
35 Step6 Conditional modifiers Probability to avoid the hazardous event once the SIS has failed 1 : Almost impossible to avoid the hazard: this is the default probability. Credit for using personal protective equipment to avert a hazard should not be taken, unless it is certain that the personal protective equipment will actually be worn. Usually, systems are designed on the assumption that the use of such equipment is not absolutely required to achieve a sufficient degree of safety, although it is recognized that it can further improve safety. 0,1: Possible to avoid the hazard under certain conditions: needs strong justification. Should be only selected if all the following conditions are true: Facilities are provided to alert the operator that the SIS has failed Independent facilities are provided to shut down such that the hazard can be avoided or which enable all persons to escape to a safe area (e.g. escape route is obvious and immediate, with no vertical or spiral staircase, no rescue required, etc.) The time between the operator being alerted and a hazardous event occurring exceeds 1 hour or is definitely sufficient for the necessary actions Caution: Don t cater twice for the same operator intervention (e.g. Alarm+operator intervention) 35
36 Step7 Compare scenario frequency with TTC Initiating Event 1 Consequence D f LOPAscenario f ie * PFDIPL * PFDIPL2 * * PFDIPLn 1 n IPL RRF RRF Step8 Identify SIF and Allocate SIL f f LOPA scenario TTC LOPA scenario TTC * P ignition * P person present < 1 Scenario «passes» LOPA > 1 Risk reduction needed Step9 Evaluate need for other non-sis IPL or redesign 36
37 Step8 - Identify SIF and Allocate SIL Increasing risk Initial Process Risk (Without IPL) Risk reduction Reduction Achieved Risk reduction reduction Needed i.e. Safety Gap (SG) Risk reduction factor (RRF) required for the SIS Risk Reduction by BPCS Target Tolerance Criteria Residual Risk (With IPL) Risk Reduction by Operator response to alarms Risk Reduction by Safety Instrumented System Risk Reduction by Mechanical devide Risk Reduction by Other means Closing the safety gap by SIS 37
38 Step9 Evaluate need for other non-sis IPL LOPA is focused on identification of SIF to close the safety gap, it does not necessarily mean that a SIS is needed By order of preference: Design the problem out of the process using inherently safe principles Protection by non-sis protective measure Passive rather than active A SIF should be the solution of last resort when other solutions are not practicle Step10 Evaluate consequences of spurious trip failure Spurious failure: failure trigging action in an untimely manner Consider need for robust to spurious trip design (e.g. 2oo3 instead of 1oo2) Set minimum mean time to fail safe requirement (MTTFS=1/ STR) 38
39 Step10 Reporting. SIL Allocation Report Methodology Identified IPL listing that is regarded part of the PCS, e.g. alarm function requiring operator action Identified SIF list and SIL allocation result, corresponding SIS SIF/SIL Allocation worksheet All assumption, uncertainties and sensitivities should be recorded Level of detail sufficient to enable 3rd party to follow/reproduce the evaluation Starting point for the Safety Requirement Specification (SRS) 39
40 Step10 Reporting. SIL Allocation Report SIF/SIL Allocation worksheet Target Tolerance Criteria = 10-5/yr 40
41 SIL Allocation & SIL Verification Management of functional Assessment and risks of s hazard assessment safety planning and and audit and e safety th of functional of safety requirements Specification for of the the instrumented system safety 3 4 system Installation validation reception and, 5 6 Modification 7 Decommissioning Set target Demonstrate target is met Management of functional Assessment and risks of s hazard assessment safety planning and and functional audit and e safety th of of 1 safety requirements Specification for of the instrumented system safety 3 system Installation validation reception and, 5 6 Modification 7 Decommissioning SIL Allocation Minimum SIL requirements LOPA, Risk graphs, determine if additional SIS are required and if yes then allocate the target SIL SIL 1 SIL 2 SIL3 Design & Engineering SIL Verification calculations (PFD) FMECA, CDD, SAR, Safety Manuals, etc. Address target SIL (Fault Tolerance, PFD, software req.) Select system technology Configuration / vooting Test interval Diagnostic 41
42 Thank you SIL Allocation Layer of protection analysis Presenters name: Mathilde Cot Presenters title: Principal Consultant, Safety Technology, CFSE tel:
43 Special cases handling Global Safety Instrumented Systems for consequence Mitigation ESD, F&G, Emergency Depressurization or Dumping system, Fire water, etc. Release and other events cannot be interrupted by mitigation SIS. Severity reduction, but residual consequences even if the mitigation SIS is successfull (e.g. large uncontrolled fire vs controlled fire, avoid escalation) PREVENTION MITIGATION & RECOVERY CAUSES Initiating Event 1 Initiating Event 2 BPCS Operator response to Alarm from monitoring system SIS PSV Terminate the chain of events, reduce frequency TOP EVENT E.g. Loss of Containment Reduce consequence severity ESD Ignition control Fire Water No consequence Consequence A Consequence B Consequence C CONSEQUENCES PFD*TTC (large uncontroled fire) 1*TTC (controlled fire) Initiating Event 3 Consequence D Same protection GAP? Initiating Event 1 Consequence D 43
44 Special cases handling Global Safety Instrumented Systems for consequence Mitigation Preferred approach: Deterministic Divide Global SIS Detection SIS Action SIS Detection SIS: incomplete safety instrumented system: S1 S2 output signal PLC Input signal Action SIS: Incomplete safety instrumented system V1 S3 V2 Safety logigram 44
45 Special cases handling Safety-related parts of control systems for machinery SIS in process under patented license Permissive safety function Staggered safety functions Overpressure protection via SIS 45
46 LOPA - Limitations Simplified risk assessment. SIL 3 with no TES and SIL4 (implemented by independent SIS) shall be further assessed by quantitative method Components shared between the IE and candidate IPLs. No independence. Several independent SIS with same functionality and possibility for common cause failures Complex scenarios sequences NO Plant Facilities & Safety Conceptual strategies / philosophies Design & Operating principles / Performance Standards / Acceptance criteria Plant Design development input (e.g., process conditions, P&ID, C&E, FDS, etc.) Risk Assessment / Process Hazard Analysis (PHA) / IPL definition (e.g. HAZOP) For each scenario, SIF determination & SIL allocation with simplified risk analysis technique (e.g. LOPA, risk graph) SIL1, SIL2 or SIL3 with TES where further assessment is needed? YES Quantitative risk assessment for dedicated scenario SIL1, SIL2, SIL3 or SIL4 by multiple SIS? SIF determination & SIL Allocation NO NO SIL4? OR SIL3 with no TES? SIL4 Required by a single SIS? YES YES Design change or other non-sis IPL possible? NO Apply for dispensation to TR2041 Evaluate other non-sis IPL or design change YES Complete SIL allocation for each SIF & Reporting SRS, CDD, etc. 46
47 Step2 Identification of SIF Design Intent Safe State Demand mode vs Continuous mode of operation (IEC definitions) Demand mode: where a specified action (e.g. closing of a valve) is taken in response to process conditions or other demands. In the event of a dangerous failure of the SIF a potential hazard only occurs in the event of a failure in the process or the PCS PFD Continuous mode: where in the event of a dangerous failure of the safety instrumented function a potential hazard will occur without further failure unless action is taken to prevent it A SIF operates in continuous mode when the frequency of demands for operation on the SIF is more than once per year or more than twice the SIF proof test frequency. PFH 47
innova-ve entrepreneurial global 1
www.utm.my innova-ve entrepreneurial global Safety Integrity Level (SIL) is defined as: Relative level of risk-reduction provided by a safety function to specify a target level of risk reduction. SIL is
More informationEvery things under control High-Integrity Pressure Protection System (HIPPS)
Every things under control www.adico.co info@adico.co Table Of Contents 1. Introduction... 2 2. Standards... 3 3. HIPPS vs Emergency Shut Down... 4 4. Safety Requirement Specification... 4 5. Device Integrity
More informationIdentification and Screening of Scenarios for LOPA. Ken First Dow Chemical Company Midland, MI
Identification and Screening of Scenarios for LOPA Ken First Dow Chemical Company Midland, MI 1 Layers of Protection Analysis (LOPA) LOPA is a semi-quantitative tool for analyzing and assessing risk. The
More informationKnowledge, Certification, Networking
www.iacpe.com Knowledge, Certification, Networking Page :1 of 71 Rev 01 Sept 2016 IACPE No 19, Jalan Bilal Mahmood 80100 Johor Bahru Malaysia The International of is providing the introduction to the Training
More informationUnderstanding safety life cycles
Understanding safety life cycles IEC/EN 61508 is the basis for the specification, design, and operation of safety instrumented systems (SIS) Fast Forward: IEC/EN 61508 standards need to be implemented
More informationVALIDATE LOPA ASSUMPTIONS WITH DATA FROM YOUR OWN PROCESS
Honeywell Advanced Materials new Low-Global-Warming Refrigerant Plant in Geismar, LA Tony Downes Sept 2018 VALIDATE LOPA ASSUMPTIONS WITH DATA FROM YOUR OWN PROCESS A little about the presenter 1 Led over
More informationValve Communication Solutions. Safety instrumented systems
Safety instrumented systems Safety Instrumented System (SIS) is implemented as part of a risk reduction strategy. The primary focus is to prevent catastrophic accidents resulting from abnormal operation.
More informationA large Layer of Protection Analysis for a Gas terminal scenarios/ cause consequence pairs
A large Layer of Protection Analysis for a Gas terminal 2000+ scenarios/ cause consequence pairs Richard Gowland European process Safety Centre The scope of the study was a large gas terminal handling
More informationSection 1: Multiple Choice
CFSP Process Applications Section 1: Multiple Choice EXAMPLE Candidate Exam Number (No Name): Please write down your name in the above provided space. Only one answer is correct. Please circle only the
More informationAdvanced LOPA Topics
11 Advanced LOPA Topics 11.1. Purpose The purpose of this chapter is to discuss more complex methods for using the LOPA technique. It is intended for analysts who are competent with applying the basic
More informationSAFETY SEMINAR Rio de Janeiro, Brazil - August 3-7, Authors: Francisco Carlos da Costa Barros Edson Romano Marins
SAFETY SEINAR Rio de Janeiro, Brazil - August 3-7, 2009 Using HAZOP and LOPA ethodologies to Improve Safety in the Coke Drums Cycles Authors: Gilsa Pacheco onteiro Francisco Carlos da Costa Barros Edson
More informationImpact on People. A minor injury with no permanent health damage
Practical Experience of applying Layer of Protection Analysis For Safety Instrumented Systems (SIS) to comply with IEC 61511. Richard Gowland. Director European Process Safety Centre. (Rtgowland@aol.com,
More informationDETERMINATION OF SAFETY REQUIREMENTS FOR SAFETY- RELATED PROTECTION AND CONTROL SYSTEMS - IEC 61508
DETERMINATION OF SAFETY REQUIREMENTS FOR SAFETY- RELATED PROTECTION AND CONTROL SYSTEMS - IEC 61508 Simon J Brown Technology Division, Health & Safety Executive, Bootle, Merseyside L20 3QZ, UK Crown Copyright
More informationUsing LOPA for Other Applications
10 Using LOPA for Other Applications 10.1. Purpose LOPA is a tool used to perform risk assessments. Previous chapters described its use in assessing the risk level of process hazards scenarios and in evaluating
More informationImplementing IEC Standards for Safety Instrumented Systems
Implementing IEC Standards for Safety Instrumented Systems ABHAY THODGE TUV Certificate: PFSE-06-607 INVENSYS OPERATIONS MANAGEMENT What is a Safety Instrumented System (SIS)? An SIS is designed to: respond
More informationThe Risk of LOPA and SIL Classification in the process industry
The Risk of LOPA and SIL Classification in the process industry Mary Kay O Connor Process Safety Center International Symposium Beyond Regulatory Compliance, Making Safety Second Nature October 28-29,
More informationMethods of Determining Safety Integrity Level (SIL) Requirements - Pros and Cons
Methods of Determining Safety Integrity Level (SIL) Requirements - Pros and Cons Faeq Azam Khan & Dr. Nihal A. Siddiqui HSE Department, University of Petroleum & Energy Studies, Dehradun, Uttarakhand,
More informationUnderstanding IPL Boundaries
Understanding IPL Boundaries A.M. (Art) Dowell, III Principal Engineer Process Improvement Institute, Inc. 16430 Locke Haven Dr. Houston, TX 77059 USA adowell@piii.com Copyright 2018, all rights reserved,
More informationSection 1: Multiple Choice Explained EXAMPLE
CFSP Process Applications Section 1: Multiple Choice Explained EXAMPLE Candidate Exam Number (No Name): Please write down your name in the above provided space. Only one answer is correct. Please circle
More informationPartial Stroke Testing. A.F.M. Prins
Partial Stroke Testing A.F.M. Prins Partial Stroke Testing PST in a safety related system. As a supplier we have a responsibility to our clients. What do they want, and what do they really need? I like
More informationSIL explained. Understanding the use of valve actuators in SIL rated safety instrumented systems ACTUATION
SIL explained Understanding the use of valve actuators in SIL rated safety instrumented systems The requirement for Safety Integrity Level (SIL) equipment can be complicated and confusing. In this document,
More informationWorkshop Functional Safety
Workshop Functional Safety Nieuwegein 12 March 2014 Workshop Functional Safety VDMA 4315 Part 1 page 1 Agenda VDMA Working Group on Functional Safety Functional Safety and Safety Lifecycle Functional Safety
More informationQUANTIFYING THE TOLERABILITY OF POTENTIAL IGNITION SOURCES FROM UNCERTIFIED MECHANICAL EQUIPMENT INSTALLED IN HAZARDOUS AREAS
QUANTIFYING THE TOLERABILITY OF POTENTIAL IGNITION SOURCES FROM UNCERTIFIED MECHANICAL EQUIPMENT INSTALLED IN HAZARDOUS AREAS Steve Sherwen Senior Consultant, ABB Engineering Services, Daresbury Park,
More informationReliability of Safety-Critical Systems Chapter 3. Failures and Failure Analysis
Reliability of Safety-Critical Systems Chapter 3. Failures and Failure Analysis Mary Ann Lundteigen and Marvin Rausand mary.a.lundteigen@ntnu.no RAMS Group Department of Production and Quality Engineering
More informationUnderstanding the How, Why, and What of a Safety Integrity Level (SIL)
Understanding the How, Why, and What of a Safety Integrity Level (SIL) Audio is provided via internet. Please enable your speaker (in all places) and mute your microphone. Understanding the How, Why, and
More informationL&T Valves Limited SAFETY INTEGRITY LEVEL (SIL) VERIFICATION FOR HIGH INTEGRITY PRESSURE PROTECTION SYSTEM (HIPPS) Report No.
L&T Valves Limited TAMIL NADU SAFETY INTEGRITY LEVEL (SIL) VERIFICATION FOR HIGH INTEGRITY PRESSURE PROTECTION SYSTEM (HIPPS) MAY 2016 Report No. 8113245702-100-01 Submitted to L&T Valves Ltd. Report by
More informationFUNCTIONAL SAFETY: SIL DETERMINATION AND BEYOND A CASE STUDY FROM A CHEMICAL MANUFACTURING SITE
FUNCTIONAL SAFETY: SIL DETERMINATION AND BEYOND A CASE STUDY FROM A CHEMICAL MANUFACTURING SITE Jasjeet Singh and Neil Croft, HFL Risk Services Ltd, Manchester, UK Industrial chemical processes increasingly
More informationUltima. X Series Gas Monitor
Ultima X Series Gas Monitor Safety Manual SIL 2 Certified " The Ultima X Series Gas Monitor is qualified as an SIL 2 device under IEC 61508 and must be installed, used, and maintained in accordance with
More informationProposal title: Biogas robust processing with combined catalytic reformer and trap. Acronym: BioRobur
Proposal title: Biogas robust processing with combined catalytic reformer and trap Acronym: BioRobur Initiative: Fuel Cells and Hydrogen Joint Undertaking (FCH-JU) Funding scheme: Collaborative project
More informationReliability of Safety-Critical Systems Chapter 4. Testing and Maintenance
Reliability of Safety-Critical Systems Chapter 4. Testing and Maintenance Mary Ann Lundteigen and Marvin Rausand mary.a.lundteigen@ntnu.no RAMS Group Department of Production and Quality Engineering NTNU
More informationEngineering Safety into the Design
Engineering safety into the design Peter Scantlebury P.Eng Technical Safety Manager Amec Foster Wheeler, Oil & Gas Canada Abstract Safety by design is Amec Foster Wheeler s systematic approach to engineering
More informationPREDICTING HEALTH OF FINAL CONTROL ELEMENT OF SAFETY INSTRUMENTED SYSTEM BY DIGITAL VALVE CONTROLLER
PREDICTING HEALTH OF FINAL CONTROL ELEMENT OF SAFETY INSTRUMENTED SYSTEM BY DIGITAL VALVE CONTROLLER Riyaz Ali FIELDVUE Business Development Manager Fisher Controls Int'l., LLC. Marshalltown, IA 50158
More informationHigh Integrity Pressure Protection Systems HIPPS
High Integrity Pressure Protection Systems HIPPS HIPPS > High Integrity Pressure Protection Systems WHAT IS A HIPPS The High Integrity Pressure Protection Systems (HIPPS) is a mechanical and electrical
More informationSolenoid Valves used in Safety Instrumented Systems
I&M V9629R1 Solenoid Valves used in Safety Instrumented Systems Operating Manual in accordance with IEC 61508 ASCO Valves Page 1 of 7 Table of Contents 1 Introduction...3 1.1 Terms and Abbreviations...3
More informationProposed Abstract for the 2011 Texas A&M Instrumentation Symposium for the Process Industries
Proposed Abstract for the 2011 Texas A&M Instrumentation Symposium for the Process Industries Focus Area: Automation HMI Title: Author: Shared Field Instruments in SIS: Incidents Caused by Poor Design
More informationFP15 Interface Valve. SIL Safety Manual. SIL SM.018 Rev 1. Compiled By : G. Elliott, Date: 30/10/2017. Innovative and Reliable Valve & Pump Solutions
SIL SM.018 Rev 1 FP15 Interface Valve Compiled By : G. Elliott, Date: 30/10/2017 FP15/L1 FP15/H1 Contents Terminology Definitions......3 Acronyms & Abbreviations...4 1. Introduction...5 1.1 Scope.. 5 1.2
More informationSession One: A Practical Approach to Managing Safety Critical Equipment and Systems in Process Plants
Session One: A Practical Approach to Managing Safety Critical Equipment and Systems in Process Plants Tahir Rafique Lead Electrical and Instruments Engineer: Qenos Botany Site Douglas Lloyd Senior Electrical
More informationHydraulic (Subsea) Shuttle Valves
SIL SM.009 0 Hydraulic (Subsea) Shuttle Valves Compiled By : G. Elliott, Date: 11/3/2014 Contents Terminology Definitions......3 Acronyms & Abbreviations..4 1. Introduction 5 1.1 Scope 5 1.2 Relevant Standards
More information4-sight Consulting. IEC case study.doc
4-sight Consulting IEC 61511 / 61508 Case study 1 Contents 1 SUMMARY 4 2 INTRODUCTION 5 3 SCOPE OF THE STUDY 5 4 METHOD USED FOR THE STUDY 5 5 OPERATION OF THE TERMINAL 5 6 DESCRIPTION OF OVERFILL PREVENTION
More informationAUSTRALIA ARGENTINA CANADA EGYPT NORTH SEA U.S. CENTRAL U.S. GULF. SEMS HAZARD ANALYSIS TRAINING September 29, 2011
AUSTRALIA ARGENTINA CANADA EGYPT NORTH SEA U.S. CENTRAL U.S. GULF SEMS HAZARD ANALYSIS TRAINING September 29, 2011 Purpose The purpose of this meeting is to provide guidelines for determination of hazard
More informationDeZURIK. KGC Cast Knife Gate Valve. Safety Manual
KGC Cast Knife Gate Valve Safety Manual Manual D11036 August 29, 2014 Table of Contents 1 Introduction... 3 1.1 Terms... 3 1.2 Abbreviations... 4 1.3 Product Support... 4 1.4 Related Literature... 4 1.5
More informationPROCESS AUTOMATION SIL. Manual Safety Integrity Level. Edition 2005 IEC 61508/61511
PROCESS AUTOMATION Manual Safety Integrity Level SIL Edition 2005 IEC 61508/61511 With regard to the supply of products, the current issue of the following document is applicable: The General Terms of
More informationSafety Manual OPTISWITCH series relay (DPDT)
Safety Manual OPTISWITCH series 5000 - relay (DPDT) 1 Content Content 1 Functional safety 1.1 In general................................ 3 1.2 Planning................................. 5 1.3 Adjustment
More informationSafety Manual. Process pressure transmitter IPT-1* 4 20 ma/hart. Process pressure transmitter IPT-1*
Safety Manual Process pressure transmitter IPT-1* 4 20 ma/hart Process pressure transmitter IPT-1* Contents Contents 1 Functional safety 1.1 General information... 3 1.2 Planning... 4 1.3 Instrument parameter
More informationThe Key Variables Needed for PFDavg Calculation
Iwan van Beurden, CFSE Dr. William M. Goble, CFSE exida Sellersville, PA 18960, USA wgoble@exida.com July 2015 Update 1.2 September 2016 Abstract In performance based functional safety standards, safety
More informationEutectic Plug Valve. SIL Safety Manual. SIL SM.015 Rev 0. Compiled By : G. Elliott, Date: 19/10/2016. Innovative and Reliable Valve & Pump Solutions
SIL SM.015 Rev 0 Eutectic Plug Valve Compiled By : G. Elliott, Date: 19/10/2016 Contents Terminology Definitions......3 Acronyms & Abbreviations...4 1. Introduction..5 1.1 Scope 5 1.2 Relevant Standards
More informationPneumatic QEV. SIL Safety Manual SIL SM Compiled By : G. Elliott, Date: 8/19/2015. Innovative and Reliable Valve & Pump Solutions
SIL SM.0010 1 Pneumatic QEV Compiled By : G. Elliott, Date: 8/19/2015 Contents Terminology Definitions......3 Acronyms & Abbreviations..4 1. Introduction 5 1.1 Scope 5 1.2 Relevant Standards 5 1.3 Other
More informationSafety Manual VEGAVIB series 60
Safety Manual VEGAVIB series 60 NAMUR Document ID: 32005 Contents Contents 1 Functional safety... 3 1.1 General information... 3 1.2 Planning... 4 1.3 Adjustment instructions... 6 1.4 Setup... 6 1.5 Reaction
More informationHazard Operability Analysis
Hazard Operability Analysis Politecnico di Milano Dipartimento di Energia HAZOP Qualitative Deductive (search for causes) Inductive (consequence analysis) AIM: Identification of possible process anomalies
More informationDeZURIK. KSV Knife Gate Valve. Safety Manual
KSV Knife Gate Valve Safety Manual Manual D11035 August 29, 2014 Table of Contents 1 Introduction... 3 1.1 Terms... 3 1.2 Abbreviations... 4 1.3 Product Support... 4 1.4 Related Literature... 4 1.5 Reference
More informationRisk reducing outcomes from the use of LOPA in plant design and operation
Risk reducing outcomes from the use of LOPA in plant design and operation Paul Feltoe Safety Solutions Ltd Background Layer of Protection Analysis (LOPA) has been traditionally applied to assess scenario
More informationSolenoid Valves For Gas Service FP02G & FP05G
SIL Safety Manual SM.0002 Rev 02 Solenoid Valves For Gas Service FP02G & FP05G Compiled By : G. Elliott, Date: 31/10/2017 Reviewed By : Peter Kyrycz Date: 31/10/2017 Contents Terminology Definitions......3
More informationRESILIENT SEATED BUTTERFLY VALVES FUNCTIONAL SAFETY MANUAL
Per IEC 61508 and IEC 61511 Standards BRAY.COM Table of Contents 1.0 Introduction.................................................... 1 1.1 Terms and Abbreviations...........................................
More informationA study on the relation between safety analysis process and system engineering process of train control system
A study on the relation between safety analysis process and system engineering process of train control system Abstract - In this paper, the relationship between system engineering lifecycle and safety
More informationProof Testing A key performance indicator for designers and end users of Safety Instrumented Systems
Proof Testing A key performance indicator for designers and end users of Safety Instrumented Systems EUR ING David Green BEng(hons) CEng MIET MInstMC RFSE Ron Bell OBE BSc CEng FIET Engineering Safety
More informationSPR - Pneumatic Spool Valve
SIL SM.008 Rev 7 SPR - Pneumatic Spool Valve Compiled By : G. Elliott, Date: 31/08/17 Contents Terminology Definitions:... 3 Acronyms & Abbreviations:... 4 1.0 Introduction... 5 1.1 Purpose & Scope...
More informationOperational Risk Using BowTie Methodology
Operational Risk Using BowTie Methodology Richard Emery, MMI Engineering Ltd, The Brew House, Wilderspool Park, Greenall s Avenue, Warrington, WA4 6HL. Management of risk on COMAH sites relies on diverse
More informationQuantitative Risk Analysis (QRA)
Quantitative Risk Analysis (QRA) A realistic approach to relief header and flare system design Siemens AG 2017, All rights reserved 1 Quantitative Risk Analysis Introduction Most existing pressure relief
More informationCOMMON MISUNDERSTANDINGS ABOUT THE PRACTICAL APPLICATION OF IEC 61508
COMMON MISUNDERSTANDINGS ABOUT THE PRACTICAL APPLICATION OF IEC 61508 Helen Pearce, James Catmur and Geoff Stevens The use of IEC 61508 for determination of the Safety Integrity Level (SIL) of Safety Interlock
More informationDeZURIK Double Block & Bleed (DBB) Knife Gate Valve Safety Manual
Double Block & Bleed (DBB) Knife Gate Valve Safety Manual Manual D11044 September, 2015 Table of Contents 1 Introduction... 3 1.1 Terms... 3 1.2 Abbreviations... 4 1.3 Product Support... 4 1.4 Related
More informationBespoke Hydraulic Manifold Assembly
SIL SM.0003 1 Bespoke Hydraulic Manifold Assembly Compiled By : G. Elliott, Date: 12/17/2015 Contents Terminology Definitions......3 Acronyms & Abbreviations..4 1. Introduction 5 1.1 Scope 5 1.2 Relevant
More informationDesigning to proposed API WHB tube failure document
Designing to proposed API WHB tube failure document Dennis H. Martens Consultant and Technical Advisor (martensdh@pm-engr.com) Porter McGuffie Inc. Lon Stern Consultant (lhstern@earthlink.net) Stern Treating
More informationExpert System for LOPA - Incident Scenario Development -
Expert System for LOPA - Incident Scenario Development - Adam Markowski a, Jaffee Suardin b, and M.Sam Mannan b a Process and Ecological Safety Division, Technical University of Lodz, Poland b Mary Kay
More informationEMERGENCY SHUT-DOWN RELIABILITY ADVANTAGE
Your partner in Fluid Control Solutions EMERGENCY SHUT-DOWN RELIABILITY ADVANTAGE George Cao 06 May, 2011 1. ESD Overview Why Do You Need ESD Solution? Safety! Safety!! Safety!!! Safety Is a Must! The
More informationCombining disturbance simulation and safety analysis techniques for improvement of process safety and reliability
17 th European Symposium on Computer Aided Process Engineering ESCAPE17 V. Plesu and P.S. Agachi (Editors) 2007 Elsevier B.V. All rights reserved. 1 Combining disturbance simulation and safety analysis
More informationSafety Manual VEGAVIB series 60
Safety Manual VEGAVIB series 60 Contactless electronic switch Document ID: 32002 Contents Contents 1 Functional safety... 3 1.1 General information... 3 1.2 Planning... 4 1.3 Adjustment instructions...
More informationTRI LOK SAFETY MANUAL TRI LOK TRIPLE OFFSET BUTTERFLY VALVE. The High Performance Company
TRI LOK TRI LOK TRIPLE OFFSET BUTTERFLY VALVE SAFETY MANUAL The High Performance Company Table of Contents 1.0 Introduction...1 1.1 Terms and Abbreviations... 1 1.2 Acronyms... 1 1.3 Product Support...
More informationThis manual provides necessary requirements for meeting the IEC or IEC functional safety standards.
Instruction Manual Supplement Safety manual for Fisher Vee-Ball Series Purpose This safety manual provides information necessary to design, install, verify and maintain a Safety Instrumented Function (SIF)
More informationMAHB. INSPECTION Process Hazard Analysis
Number 5 2016 seveso common MAHB INSPECTION s e r i e s criteria Process Hazard Analysis Major Accident Hazards Bureau Security Technology Assessment Unit This publication of the European community on
More informationSafety-critical systems: Basic definitions
Safety-critical systems: Basic definitions Ákos Horváth Based on István Majzik s slides Dept. of Measurement and Information Systems Budapest University of Technology and Economics Department of Measurement
More informationSession: 14 SIL or PL? What is the difference?
Session: 14 SIL or PL? What is the difference? Stewart Robinson MIET MInstMC Consultant Engineer, Pilz Automation Technology UK Ltd. EN ISO 13849-1 and EN 6061 Having two different standards for safety
More informationMarine Risk Assessment
Marine Risk Assessment Waraporn Srimoon (B.Sc., M.Sc.).) 10 December 2007 What is Risk assessment? Risk assessment is a review as to acceptability of risk based on comparison with risk standards or criteria,
More informationCT433 - Machine Safety
Rockwell Automation On The Move May 16-17 2018 Milwaukee, WI CT433 - Machine Safety Performance Level Selection and Design Realization Jon Riemer Solution Architect Safety & Security Functional Safety
More informationSafety Integrity Verification and Validation of a High Integrity Pressure Protection System (HIPPS) to IEC 61511
Safety Integrity Verification and Validation of a High Integrity Pressure Protection System (HIPPS) to IEC 61511 Abstract Author: Colin Easton ProSalus Limited ~ Independent Safety Consultants A key requirement
More informationSIL Safety Manual. ULTRAMAT 6 Gas Analyzer for the Determination of IR-Absorbing Gases. Supplement to instruction manual ULTRAMAT 6 and OXYMAT 6
ULTRAMAT 6 Gas Analyzer for the Determination of IR-Absorbing Gases SIL Safety Manual Supplement to instruction manual ULTRAMAT 6 and OXYMAT 6 ULTRAMAT 6F 7MB2111, 7MB2117, 7MB2112, 7MB2118 ULTRAMAT 6E
More informationIntroduction to HAZOP Study. Dr. AA Process Control and Safety Group
Introduction to HAZOP Study Dr. AA Process Control and Safety Group A scenario You and your family are on a road trip by using a car in the middle of the night. You were replying a text message while driving
More informationPurpose. Scope. Process flow OPERATING PROCEDURE 07: HAZARD LOG MANAGEMENT
SYDNEY TRAINS SAFETY MANAGEMENT SYSTEM OPERATING PROCEDURE 07: HAZARD LOG MANAGEMENT Purpose Scope Process flow This operating procedure supports SMS-07-SP-3067 Manage Safety Change and establishes the
More informationPSM TRAINING COURSES. Courses can be conducted in multi-languages
Courses can be conducted in multi-languages One set of hardcopy course notes will be sent to client for printing and distribution to course participants. The courses will be held at the client s training
More informationHazard Identification
Hazard Identification Most important stage of Risk Assessment Process 35+ Techniques Quantitative / Qualitative Failure Modes and Effects Analysis FMEA Energy Analysis Hazard and Operability Studies HAZOP
More informationNew Thinking in Control Reliability
Doug Nix, A.Sc.T. Compliance InSight Consulting Inc. New Thinking in Control Reliability Or Your Next Big Headache www.machinerysafety101.com (519) 729-5704 Control Reliability Burning Questions from the
More informationNeles ValvGuard VG9000H Rev 2.0. Safety Manual
Neles ValvGuard VG9000H Rev 2.0 Safety Manual 10SM VG9000H en 11/2016 2 Neles ValvGuard VG9000H Rev 2.0 Safety Manual Table of Contents 1 General information...3 1.1 Purpose of the document... 3 1.2 Description
More informationInstrumented Safety Systems
Instrumented Safety Systems Engineered Valve Systems for Control and Safety Applications HIPPS Final Elements DINO OLIVIERI Mokveld Agent AIS ISA Giornata di studio HIPPS Agenda The loop Final Elements
More informationPART 1.2 HARDWARE SYSTEM. Dr. AA, Process Control & Safety
PART 1.2 HARDWARE SYSTEM Dr. AA, Process Control & Safety 1 How to Ensure that Process Plant is Safe 1. Preliminary Decision Process Selection, site selection etc 2. Process Design Inherent safety 3. Process
More informationProcess Safety Journey
Process Safety Journey Agenda The Status in early 2000s The Journey to improvement in Process Safety management Managing risks and barriers How has this impacted Kwinana? The Status in early 2000s Focus
More informationINHERENTLY SAFER DESIGN CASE STUDY OF RAPID BLOW DOWN ON OFFSHORE PLATFORM
INHERENTLY SAFER DESIGN CASE STUDY OF RAPID BLOW DOWN ON OFFSHORE PLATFORM Volton Edwards bptt Angus Lyon DNV Energy Alastair Bird DNV Energy INTRODUCTION A term now in common usage within the oil & gas
More informationHOW LAYER OF PROTECTION ANALYSIS IN EUROPE IS AFFECTED BY THE GUIDANCE DRAWN UP AFTER THE BUNCEFIELD ACCIDENT
HO LAYER OF PROTECTION ANALYSIS IN EUROPE IS AFFECTED BY THE GUIDANCE DRAN UP AFTER THE BUNCEFIELD ACCIDENT Richard Gowland, European Process Safety Centre, Rugby, UK Prior to the Buncefield explosion,
More informationFUNDAMENTAL SAFETY OVERVIEW VOLUME 2: DESIGN AND SAFETY CHAPTER P: REFERENCE OPERATING CONDITION STUDIES (PCC)
PAGE : 1 / 11 1. PASSIVE SINGLE FAILURE ANALYSIS The aim of the accident analysis in Chapter P is to demonstrate that the safety objectives have been fully achieved, despite the most adverse single failure.
More informationThe Relationship Between Automation Complexity and Operator Error
The Relationship Between Automation Complexity and Operator Error presented by Russell Ogle, Ph.D., P.E., CSP rogle@exponent.com (630) 274-3215 Chemical Plant Control Control physical and chemical processes
More informationIGEM/SR/15 Edition 5 Communication 1746 Integrity of safety-related systems in the gas industry
Communication 1746 Integrity of safety-related systems in the gas industry Founded 1863 Royal Charter 1929 Patron: Her Majesty the Queen Communication 1746 Integrity of safety-related systems in the gas
More informationFailure Modes, Effects and Diagnostic Analysis
Failure Modes, Effects and Diagnostic Analysis Project: Solenoid Drivers KFD2-SL2-(Ex)1.LK.vvcc KFD2-SL2-(Ex)*(.B).vvcc Customer: Pepperl+Fuchs GmbH Mannheim Germany Contract No.: P+F 06/09-23 Report No.:
More informationPressure Relief Valves is there a need when there are EDVs?
Pressure Relief Valves is there a need when there are DVs? Glenn Pettitt, nvironmental Resources Management, xchequer Court, 33 St Mary Axe, London, C3A 8AA Philip Pennicott, agip kco, Frontier Plaza,
More informationInherently Safer Design Analysis Approaches
Inherently Safer Design Analysis Approaches There are a number of ways inherent safety can be analyzed. In any case, the intent is to formalize the consideration of inherent safety rather than to include
More informationThe Best Use of Lockout/Tagout and Control Reliable Circuits
Session No. 565 The Best Use of Lockout/Tagout and Control Reliable Circuits Introduction L. Tyson Ross, P.E., C.S.P. Principal LJB Inc. Dayton, Ohio Anyone involved in the design, installation, operation,
More informationMajor Hazard Facilities. Major Accident Identification and Risk Assessment
Major Hazard Facilities Major Accident Identification and Risk Assessment Overview This seminar has been developed in the context of the MHF regulations to provide: An overview of MA identification and
More informationPoint level switches for safety systems
Point level switches for safety systems By: Bill Sholette Level Products Business Manager Northeast US - Endress+Hauser Point level switches are often used in applications designed to prevent accidents.
More informationUsing what we have. Sherman Eagles SoftwareCPR.
Using what we have Sherman Eagles SoftwareCPR seagles@softwarecpr.com 2 A question to think about Is there a difference between a medical device safety case and any non-medical device safety case? Are
More informationSafety Engineering - Hazard Identification Techniques - M. Jahoda
Safety Engineering - Hazard Identification Techniques - M. Jahoda Hazard identification The risk management of a plant 2 Identification of the hazards involved in the operation of the plant, due to the
More informationTHE BAKER REPORT HOW FINDINGS HAVE BEEN USED BY JOHNSON MATTHEY TO REVIEW THEIR MANUFACTURING OPERATIONS
THE BAKER REPORT HOW FINDINGS HAVE BEEN USED BY JOHNSON MATTHEY TO REVIEW THEIR MANUFACTURING OPERATIONS Colin P. Lynas, Elizabeth Campbell and Hendrik J. Koornhof Johnson Matthey Catalysts This paper
More informationNORMAL OPERATING PROCEDURES Operating Parameter Information
Operating Parameter Information Each operator performing the normal operating procedures (routine checks) of the facility should be familiar with the current normal operating parameters of all systems
More informationThe IEC61508 Operators' hymn sheet
The IEC61508 Operators' hymn sheet A few key points for those Operators of plant or equipment that involve SIL rated safety functions*, trips or interlocks by The 61508 Association SAFETY INSTRUMENTED
More information