PProcessing plants contain many valvesthat perform safety functions (e.g.emergency shut down (ESD) and blowdown (BD)). We always hope that thesevalves need never be used in earnest. Suchuse means that something has gone wrongand, at least, one plant system has to be shutdown, with its associated disruption of oper-ations. However, if ESD valves are calledinto use, they have to work reliably, becausethe consequences of failure will be far moreserious than the disruption, when they work.

PPrroobblleemmssLong experience has shown that, if valves

are not exercised, they can stick in one posi-tion. In fact, the general perception is thatsticking is the main failure mode of safetyrelated valves. Sticking may be caused byseveral factors (e.g. dirt or corrosion).Movement of the valves can reduce dirt

build-up and can give an indication if corro-sion is present (e.g. because the strokingtime is longer than specified). An examina-tion of OREDA 1997 shows that in a popu-lation 552 valves used in ESD/PSD applica-tions, there were 125 critical failures. Ofthese 125 - 46 involved the valve failing tomove; 75 involved leaks of various types;and 1 was a delayed operation. The balanceinvolved a plugged valve and 2 spuriousoperations. So, on the basis of objective evi-dence, sticking is second to leakage as themain failure mode, but it is still significant.

If safety related valves are fully exercised,it is inevitable that the affected system isshut down. Thus, it is only possible to fullytest these valves at scheduled shutdowns andturnarounds. This may mean interval of one,two or more years between valves tests.Given the trend in the process industry tofollow the requirements of IEC 61508 and61511 to preserve safety integrity levels(SIL), these long intervals between tests areoften too long to show an adequately lowprobability of failure on demand (PFD).

Partial stroke testing of the valves canmitigate some of these problems.

PPaarrttiiaall SSttrrookkee TTeessttiinnggThe main advantage of partial stroke test-

ing is that it will provide a measure of confi-dence that a valve is not stuck in one positionand it will do so at short intervals, if

required. This has both a pre-ventive and corrective aspect.The valve movement can dis-lodge any dirt build-up to helpprevent sticking. If the valve isalready stuck, the test willdetect it and corrective measurescan be taken. The system caneither be brought to an orderlyshut down to perform repairs,or, if repairs can be completedquickly, the shut down valvemay be temporarily by-passed.

Partial stroke testing canalso be automated. PLC-basedsafety systems are quite capable

of being programmed to perform the partialstroke tests, as well as record the results andalarm failures on a given schedule. Similarly,with appropriate instrumentation on thevalve, it is possible to determine speed ofresponse and predict stroking times. Thesevariables can be used to determine any dete-riorating trends in the valves. This serves toincrease the diagnostic coverage on thevalve.

An examination of the equations for pre-dicting PFD, (as per IEC 61508), will showthat the most influential variables are: failure

rate; proof testing interval and diagnosticcoverage. Partial stroke testing serves toimprove two of these variables. Figure 1 andthe following analyses illustrate this situa-tion.

This simple system has a safety function.If the pressure in the vessel goes high, for anyreason, the pressure switch signals the basicprocess control system (BPCS), which, inturn, signals the actuator to close the inletvalve. If we assume that the system has aturnaround every two years, and the safetyfunction is only tested at that time, and thecomponents have no diagnostic coverage,then using some typical failure data fromOREDA and a proven IEC compliant SILsoftware tool, like SilCore, we can calcu-late a PFD for the safety function: Pressure switch failure rate - l PSH = 1.7 failures/106 hours Pressure switch MTTR = 11.6 hours BPCS failure rate - l B = 76.13 fail-ures/106 hours BPCS MTTR = 4.1 hours Valve failure rate - l V = 10.94 failures/106hours Valve MTTR = 33.4 hours From this data and system architecturePFD = 0.593 (i.e. very high)

It is relatively easy to apply automateddiagnostic coverage to a computerized con-trol system. So using the same failure rateand MTTR values, if we assume that thediagnostic coverage for the BPCS is 90% (i.e.90% of failures are discovered and fixedwhile still incipient), the PFD calculationyields: PFD = 0.171 (i.e. a considerable reduc-tion)

It is also relatively easy to proof test thesensors and the BPCS at shorter intervalsthan the turnaround. So if we assume aproof-testing interval of six months for thesensors, the PFD calculation yields: PFD = 0.112 (i.e. a further reduction)Now 81% of the PFD is attributable to thevalve.

Now let us apply partial stroke testing tothe valve. Earlier we said 46 of 125 valvefailures were due to sticking. Therefore the

PPRROOCCEESSSSSAFETYKen Bingham

The consequences of failure are far more serious than a disruption...

PPaarrttiiaall SSttrrookkee TTeessttiinnggOOff EEmmeerrggeennccyy SShhuuttddoowwnn VVaallvveess

PPRROOCCEESSSSWest | Summer 2005 | 49

BPCS

PSHPressure Switch

Outlet

Inlet

Actuator

Valve

PressureVessel

Figure 1.

failure rate for the sticking failure mode is(46/125)* 10.94 = 4.03 failures/106 hoursand the failure rate that will not yield to par-tial stroke testing is 10.94 - 4.03 = 6.91 fail-ures/106 hours. Now the diagnostic coveragefor sticking valves is much higher (say 90%)and the test can be automated to happen (sayevery three months). The PFD calculation now yields: PFD =0.08.

So, having taken advantage of the easyoptions to reduce PFD first, performing apartial stroke test on the valve, every threemonths, reduces the PFD by a further 28%.This may be a significant gain when a plantis trying to reach a SIL 1 or SIL 2 rated safe-ty function with basic architecture as shown.Partial stroke testing does have some disad-vantages. If tight shut-off is a requirementfor a valve, then this requirement can stillonly be tested at scheduled shutdowns andturnarounds. However, partial stroking isstill better than nothing at all as a safeguardagainst sticking.

There is also a disadvantage to more fre-quent testing. The moving parts of thevalves will be subject to increased wear, par-ticularly the stem and packing. This can leadto leaks. Therefore, whoever is responsiblefor determining the test interval has tochoose, judiciously, between protectionagainst sticking and protection against leaks.

The actual movement of an ESD or a blowdown valve may also cause a minor disrup-tion in the process. The length of the partialstroke and the time that the valve is awayfrom its nominal position has to be carefullydesigned and controlled.

Where partial stroke tests are automated,there is always the possibility that the instru-mentation can fail. However, given the self-test capability of PLC based safety systems,this is both unlikely and, usually, easilydetectable.

CCoonncclluussiioonnPartial stroke testing is not a panacea for

failures in safety related valves. Nevertheless,it is worthwhile for the protection it givesagainst the most prevalent failure modes ofthese valves. It is particularly advantageouswhere the testing can be automated.

PPWW

Readers can contact the author, Ken Bingham of ACM Facility Safety a division of ACM Automation Inc. for more information by email: ken.bingham@acm.ab.ca and by phone 403-264-9637

Given the trend in theprocess industry to follow

the requirements ofIEC 61508 and 61511 topreserve safety integrity

levels (SIL)... long intervals between tests

are often too long to showan adequately low

probability of failure ondemand (PFD).

Partial stroke testing ofthe valves can mitigate

some of these problems.

50 | Summer 2005 | PPRROOCCEESSSSWest

Canadian Process Control Association 2100 Banbury Crescent, Oakville, ON L6H 5P6 Tel: 905-844-6822 Fax: 905-844-6822 E-mail: cpca@sympatico.ca www.cpca-assoc.com

The Most Successful CompaniesAll Have One Thing In Common...

Discover the Benefits of the CPCAfor Yourself

Industry Statistics Industry Surveys Industry Voice

Peer Networking Free Publicity

Professional Development Academic Liaison

Find out more...www.cpca-assoc.com

CCiirrccllee 33