Goble Safety Expo06

23
Standards Certification Education & Training Publishing Conferences & Exhibits Automation Connections ISA EXPO 2006

description

Goble Safety Expo06

Transcript of Goble Safety Expo06

Page 1: Goble Safety Expo06

Standards

Certification

Education & Training

Publishing

Conferences & Exhibits

Automation Connections ISA EXPO

2006

Page 2: Goble Safety Expo06

Standards

Certification

Education & Training

Publishing

Conferences & Exhibits

Control System Safety and Reliability Evaluation

William M Gobleexida

Page 3: Goble Safety Expo06

Key Points

• Safety and Reliability Evaluation is done to show how to improve, how to save money.– Eliminate weak links– Identify maintenance priorities

• New ISA S84.00.01-2004 (IEC 61511 Mod.) requires probabilistic evaluation– Regulatory compliance– Optimal safety system design

• Safety and reliability evaluation has become practical– Data sources are available– Tools are available

• IEC 61508 Certification provides reliability and safety via design integrity

Page 4: Goble Safety Expo06

Why do safety and reliability evaluation?

System Reliability?

“The 9000 series is the most reliable computer ever made. No 9000 computer has ever made a mistake or distorted information. We are all by any practical definition of the words, foolproof and incapable of error.”

Page 5: Goble Safety Expo06

Key Issues

• Failure rates - HIGH STRENGTH• Failure Modes• Diagnostic coverage - online test capability• Diagnostic coverage – manual proof tests• Common cause strength• Software reliability

Page 6: Goble Safety Expo06

Activities

• Get failure rate and failure mode data• Build a model for alternative designs

– Markov model?– Fault Tree?– Reliabiity Block Diagram?

• Compare results based on objectives– Life cycle cost?– Minimum capital expense?– Risk reduction?

Page 7: Goble Safety Expo06

Reliability/Safety Evaluation Process

Failure Rates for each failure mode

Component Probabilities of Failure for each Failure Mode

Repair Times

Manual Proof Test Interval

Manual Proof Test Effectiveness

Other…

System Probabilities of Failure for each Failure Mode

RT

TI

CPT

PFDavg

MTTFS

PFS

PFDavg

MTTFS

PFS

SIL

Page 8: Goble Safety Expo06

Benefits of Reliability Analysis

• Higher uptime• Lower risks• Better product quality• Lower life cycle costs• Understanding system operation during failure conditions• Making the right choices• Meeting requirements of ISA 84.00.01-2004

Page 9: Goble Safety Expo06

Modify?

Select SIS TechnologySelect SIS ArchitectureDetermine Test FrequencySIS Detailed DesignSIS InstallationSIS CommissioningSIS Initial Validation

Conceptual Process DesignIdentify Potential RisksConsequence AnalysisLayer of Protection AnalysisDevelop Non-SIS LayersDetermine SIF Target SILDocument Requirements

Yes

StartupOperationMaintenancePeriodic Proof TestsModificationsDecommissioning

No

Analysis Realization Operation

Safety Life Cycle – ISA S84.00.01-2004

Modify?Yes No

How much safety do I need?

How much safety do I have

with my design?

How will I keep it safe?

Drawing by Hal Thomas

Page 10: Goble Safety Expo06

10. SIS Installation,Commissioningand Pre-startup Acceptance Test

Safety Requirements Specification -Functional Description of each Safety Instrumented Function, Target SIL, Mitigated Hazards, Process parameters, Logic, Bypass/Maintenance requirements, Response time, etc

7. SIS ConceptualDesign

7a. Select Technology

7b. Select Architecture

Redundancy: 1oo1,1oo2, 2oo3, 1oo2D

7c. Determine Test Philosophy

7d. Reliability, Safety Evaluation

SILs Achieved SIL

Achieved?No

Yes

8. SIS Detailed Design

Failure Data Database

Manufacturer’s Installation Instructions

9. Installation& Commission

Planning

Manufacturer’s Failure Data

Detailed Design Documentation -Loop Diagrams, Wiring Diagrams, Logic Diagrams, Panel Layout, PLC Programming, Installation Requirements, Commissioning Requirements, etc.

Manufacturer’s Safety Manual

Choose sensor, logic solver and final element technology

Drawing copyright 2006, exida.com LLC, Safety Lifecycle Poster, used with permission

Realization Phase - SIF Design Process

Page 11: Goble Safety Expo06

PERD – Site Specific Failure Database

AIChE CCPS – Process Equipment Reliability Database Project

• Mission - Operation of an Equipment Reliability Database, Making Available High Quality, Valid, and Useful Data to the HPI and CPI Enabling Analyses to Support Availability, Reliability, and Equipment Design Improvements, Maintenance Strategies, and Life Cycle Cost Determination

Page 12: Goble Safety Expo06

#

Failure Rate Data Harvest - PERD

CCPS IndustryDatabase

Company 1Database

Event Data Maintenance Inspections Proof Testing Incidents Etc.

Inventory Data ID Number Tag Number

Plant nData

Plant 2Data

Company nDatabase

Company 2Database

Plant 1Data

Inventory Data

Event Data

Inventory Data

Event Data

Page 13: Goble Safety Expo06

Modeling

• Fault Trees

• Reliability Block Diagrams

• Markov Models

• Others

Solenoid subsystem

failure

Solenoid B fails

PF

Solenoid A fails

PF

Common Cause Solenoid

Solenoid subsystem

failure

Solenoid B fails

PF

Solenoid A fails

PF

Common Cause Solenoid

POWER SUPPLY

A

CONTROLLERA

POWER SUPPLY

B

CONTROLLERB

POWER SUPPLY

A

CONTROLLERA

POWER SUPPLY

B

CONTROLLERB

OK0

DegradedDetected

1

DegradedUndetected

2

Fail-Safe

3

Fail-Danger

4

1

3

2

4

5

6

7

1

2

3

Page 14: Goble Safety Expo06

Reliability and Safety Modeling Tools

• Casspack, L&M Engineering

• SafeCalc, Honeywell

• exSILentia, exida.com

• SIL Solver, SIS-Tech

• Others

Page 15: Goble Safety Expo06

What about Systematic Faults / Software Errors ?

Specification of requirements, design, implementation

Real needs

Correct Design Incorrect Design Systematic Fault

Well Designed System: system is correct Random failure

The system is not correct

The system has a failure

Function required or execution trajectory hits

incorrectness

Page 16: Goble Safety Expo06

Systematic Faults

Complex Systems Reliability and Safety- REALITY?

Carter: Mr. Jones, are we ready to release our new software?

Jones: Yes Sir. As requested it is full of bugs which means that people will be forced to upgrade for years.

Carter: Outstanding!

Copyright 1997, Danjaq LLC and United Artists, from the James Bond movie “Tomorrow Never Dies.”

Page 17: Goble Safety Expo06

Systematic Fault ProtectionIEC 61508 Full Certification

• Many instrumentation products are now IEC 61508 certified. The certification process requires a full assessment of the design and testing procedures used to create the product.

• The end result of the certification process is a certificate listing the SIL level for which a product is qualified. Higher SIL levels require more stringent procedures and should provide higher reliability and safety.

• Sometimes restrictions are listed in the safety manual and must be followed if safe operation is required.

Page 18: Goble Safety Expo06

IEC 61508 Certified Instruments

Free list of certified instrumentation on www.exida.com

Product Type Manufacturers Pressure Transmitter ABB, Rosemount, Yokogawa Temperature Transmitter Rosemount, Yokogawa Flow Transmitter Micro-Motion Level Transmitter Endress+Houser Gas Detector Det-Tronics Flame Detector Det-Tronics Solenoid ASCO, Westlock, RGS Pneumatic Actuator Hy-Tork, El-O-Matic, Bettis Valves Maxon, Mokveld

Page 19: Goble Safety Expo06

Reliability and Safety Analysis

Many understand that these methods help us to minimize risk, optimize the design and lower cost.

Remember, things do fail.

Page 20: Goble Safety Expo06

Jack Godell, explaining: “A faulty relay in the generator circuit and …a a stuck valve”Copyright 1979, Columbia Pictures, from the movie “The China Syndrome”

Remember – things do fail!

Page 21: Goble Safety Expo06

Summary

• Safety and Reliability Evaluation is done to show how to improve, how to save money.– Eliminate weak links

– Identify maintenance priorities

– Optimize designs

• New ISA S84.00.01-2004 (IEC 61511 Mod.) requires probabilistic evaluation– Regulatory compliance

– Optimal safety system design

• Safety and reliability evaluation has become practical– Data sources are available

– Tools are available

• IEC 61508 Certification provides reliability and safety via design integrity

Page 22: Goble Safety Expo06

Questions and Discussion

Page 23: Goble Safety Expo06

For more information:

ISA best sellers on automation safety and reliability

More Information on Reliability and Safety

Phone: (919) 549-8411 E-mail Address: [email protected]