Safety in process industry - Endress+Hauser€¦ · Safety in the process industry •...

40
Products Solutions Services Safety in the process industry Simply reliable

Transcript of Safety in process industry - Endress+Hauser€¦ · Safety in the process industry •...

Page 1: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Products Solutions Services

Safety in the process industry

Simply reliable

Page 2: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Table of contents

Safety in the process industry

• Endress+Hauser: At home in the process safety• Smart devices and concepts for hazardous areas• Introduction to functional safety• Safety by choice - not by chance• Ensuring mechanical integrity• Development according IEC61508: A view on electronics and

software

• Safety and availability: The value of redundancy• Manage the safety life cycle• Conclusion

Page 3: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

What is safety?

• Reducing risk to a tolerable level

• Basic: equipment should not cause any problem (Explosion safety)

• One step further: Instrumentation as the safety fundament of SIS to bring

processes to a safe state

• Safety awareness, standards and recommendations driven by major

incidents: Bhopal, Seveso, Buncefield, Deepwater Horizon,….

Safety in the process industry

Page 4: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Buncefield, UK

Safety in the process industry

Page 5: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Intelligent safety switch

Safety in the process industry

Diverse + separate technology Self monitoring

Easy proof testing via push-button SIL3 with permanent self function control

PFM

▪ Switching between differently designed electronics

▪ 2nd line of defense

Page 6: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Most comprehensive SIL portfolio

• Complete range of SIL devices: pressure, temperature, level, pH, flow

including system components

• www.endress.com/SIL

Safety in the process industry

Page 7: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Products Solutions Services

Functional safety

Equipment safeguarding chemical reactions and storage of goods

Page 8: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Construction: Safety instrumented system

Safety in the process industry

Safety discussion

Assessment of risk and

classification(SIL)

Risk reducing measures

Elements safety instrumented

systems

Failure cause device

Failure modesFailure rates

Probability of failure

Proof test inteval

PFDavg= 1/2 DU TiFieldcheck TM

Heartbeat Technology TM

Page 9: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Overall Safety Life-Cycle acc. IEC 61511

Management of Functional

Safety and Functional

Safety Assessment

and Auditing

Safety Lifecycle Structure

and Planning

Verification

Hazard and Risk Assessment

Sou

rce:

DIN

EN

61

51

1-1

–F

ig. 8

Allocation of Safety Functions to Protection Layers (Quantification)

Design and Engineering of the Safety Instrumented System

Design and Development of other Means of Risk Reduction

Safety Requirements Specifications for the Safety Instrumented System

Installation, Commissioning and Validation

Operation and Maintenance

Modification

Decommissioning

Safety Integrity Level (SIL) / Functional Safety Theory

Slide 27 Dept. GT / Thomas Fritz

Page 10: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

What is functional safety?

• A safety instrumented system is 100%

functionally safe if all random,

common cause and systematic failures

do not lead to malfunctioning of the

safety system and do not result in

• Injury or death of humans

• Spills to the environment

• Loss of equipment or production

• 100% functional safety does not exist,

but risk reduction SIL 1, 2, 3 or 4 does.

Safety in the process industry

Process industryExample: Petrochemical plant

Page 11: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Safety in the process industry

Risk reduction to tolerable level

• Freedom of unacceptable risks

(ISO/IEC guide 51)There is always a

remaining minimum risk

Page 12: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Risk assessment is country/customer specific

Safety in the process industry

Page 13: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Risk graph to determine SIL

Safety in the process industry

/ Occupancy

Page 14: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Safety in the process industry

Layers of protection

Plant emergency response Emergency response layer

Embankment Passive protection layer

Relief valve, rupture disk, F+G system

Active protection layer

Safety instrumented system EmergencyShutdown

Isolated protection layerTrip level alarm

Alarm & operator intervention “Wild” process

Process control layer

Basic process control system or DCS

Normal process

Process control layer

Plant and process design Inherent safe plant design

Mit

igat

ion

Pre

ven

tio

n

Page 15: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Risk Reduction by Safety Instrumented Systems

Process

Communication

e.g. 4…20 mA

Communication

e.g. 4…20 mA

Actuator

Safety Instrumented System (SIS)

Logic unitSensor

Safety in the process industry

Process interface

Process interface

Residual × 𝑃𝐹𝐷Risk = 𝑃 × 𝐷

Page 16: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Sensor35%

Actuator50%

Controller15%

PFDavg - Integration of the complete loop

Safety in the process industry

SIL 1: ≥10-2…<10-1

SIL 2: ≥10-3…<10-2

SIL 3: ≥10-4…<10-3

SIL 4: ≥10-5…<10-4

Common values for the distribution of PFDavg to subsystems

𝑃𝐹𝐷𝑎𝑣𝑔 = 𝑃𝐹𝐷𝑆𝑒𝑛𝑠𝑜𝑟 + 𝑃𝐹𝐷𝐶𝑜𝑛𝑡𝑟𝑜𝑙𝑙𝑒𝑟 + 𝑃𝐹𝐷𝐴𝑐𝑡𝑢𝑎𝑡𝑜𝑟

Page 17: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Safety in the process industry

Layers of protection

Plant emergency response Emergency response layer

Embankment Passive protection layer

Relief valve, rupture disk, F+G system

Active protection layer

Safety instrumented system EmergencyShutdown

Isolated protection layerTrip level alarm

Alarm & operator intervention “Wild” process

Process control layerHigh level alarm

Basic process control system or DCS

Normal process

Process control layerbetween high level and low level

Plant and process design Inherent safe plant design

Mit

igat

ion

Pre

ven

tio

n

Page 18: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Safety in the process industry

Mitigate the hazard with rupture disks

• Mechanical assemblies with

predictable failure modes

• E.g. in E+H Promass design

Page 19: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Products Solutions Services

Failures in electronics and software

Failure mode and effect analysis

Page 20: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Failure Mode and Effect Analysis (FMEA)

Safety in the process industry

Component failure modes• Short circuit• Interruption• Drift

Additionally: FMEA of mechanical Components (z. B. Sensor)

Example:

Failure mode effect on safety function?

Page 21: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Safety in the process industry

Failure Mode and Effect Analysis (FMEA)

tot = su +sd + du + dd (+λ not relevant)

MTBF = 1/tot

First step:• determine safety path (e.g. 4…20 mA output)• determine accuracy under fault condition ( e.g. ± 2 %)

Different failure modes:

PFD

Probability of failure modes

Detected faults Undetected faults

Safe faults lsd lsu

Dangerous faults ldd ldu

Page 22: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Safety in the process industry

Absolute number of failures are more important than SFF

sd + su + dd

totSFF=

Safe Failure Fraction (SFF)(in %)

SFF 95 % Internal diagnostics improves SFF

SFF 85 %

Page 23: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Products Solutions Services

Safety and availability

The value of redundant architectures in SIS

Page 24: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Single Channel System

Sensor Logic Actor System

SIL 2 3 2 ≤2

PFDav 0,3x10-2 0,05x10-2 0,4x10-2 0,71 x 10-2

Example: single channel overfill prevention

SIL 2PFDav= 0,35x10-2

SIL 3PFDav=0,05x10-2 SIL 2

PFDav=0,4x10-2

ActuatorLogicSensor

System= SIL 2

Safety in the process industry

PFDS+PFDL+PFDA < 10-SILsystem

SILS , SILL , SILA ≥ SILsystemDesign rules

Page 25: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Architecture of Multi-Channel Systems

Safety in the process industry

Safety

Availability

1oo1 2oo2 3oo3

1oo2

1oo3

2oo3

4oo4

1oo4

Fundamental Safety Parameters• PFDav• HFT• SFFfor the complete system must be evaluated (e.g. Markov Model)

Page 26: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Approximation formula (Source: VDI/VDE 2180, Sheet 4)

Safety in the process industry

DU = „dangerous undetected“, = Common cause Factor, T1 = Time interval for proof testing [h] (1 Jahr = 8.760 h)

Options of Circuit Approximation formula for PFDav

1oo1

1oo2

1oo3

1oo4

2oo2

2oo3

2oo4

23

1

2

121

TTPFD DUDU

oo

2

111

TPFD DU

oo

122 TPFD DUoo

2

12

132

TTPFD DU

DUoo

24

1

3

131

TTPFD DUDU

oo

2

13

142

TTPFD DU

DUoo

25

1

4

141

TTPFD DUDU

oo

This is simplified. Use MARKOV method to calculate

the PFD more accurate.

Page 27: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Subsystem ActuatorSubsystem Logic UnitSubsystem Sensor

Sensor 1 Interface 1

Sensor 2 Interface 2

Sensor 3 Interface 3

2oo3

ControlModule 1

ControlModule 2

1oo2

Actu. 1Interface 4

Actu. 2Interface 5

2oo2

lDU = 500 FIT (per line)

b=10%, T1=1 year, SFF=✓

lDU = 50 FIT (per Module)

b=2%, T1=1 year, SFF=✓

lDU = 1200 FIT (per line)

b=10%, T1=1 year, SFF=✓

Formula for für 2oo3 Formula for für 1oo2 Formula for für 2oo2

PFDav (S) = 2,4 × 10-4 PFDav (LE) = 4,4 × 10-6 PFDav (A) = 1,1 × 10-2

Result: PFDav (System) = PFDav (S) + PFDav (LE) + PFDav (A) = 1,3 × 10-2 SIL 1

Target: SIL 2

Target not achieved! What to do?FIT = Failures In Time, 1 FIT = 10-9 1/h

Complex calculation example(1)

Safety in the process industry

Page 28: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Action 1: Reduce Proof-Test Intervall from 1 year to ½ year Additional Cost!

Subsystem ActuatorSubsystem Logic UnitSubsystem Sensor

Sensor 1 Interface 1

Sensor 2 Interface 2

Sensor 3 Interface 3

2oo3

ControlModule 1

ControlModule 2

1oo2

Actu. 1Interface 4

Actu. 2Interface 5

2oo2

lDU = 500 FIT (per line)

b=10%, T1=½ year, SFF=✓

lDU = 50 FIT (per Module)

b=2%, T1=½ year, SFF=✓

lDU = 1200 FIT (per line)

b=10%, T1=½ year, SFF=✓

Formula for 2oo3 Formula for 1oo2 Formula for 2oo2

PFDav (S) = 1,1 × 10-4 PFDav (LE) = 2,2 × 10-6 PFDav (A) = 5,5 × 10-3

Result: PFDav (System) = PFDav (S) + PFDav (LE) + PFDav (A) = 5,6 × 10-3 SIL 2

Complex calculation example(2)

Safety in the process industry

Page 29: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Safety data sheet on www.endress.com/sil

Safety in the process industry

Page 30: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Safety in the process industry

Homogeneous Redundancy(same instruments)

Redundancy: Homogeneous or diverse?

Advantage of homogeneous system

• Control of random faults

• Simple stock management,

commissioning, maintenance …

Note: Systematic Integrity

(e.g. Software) can not

be enhanced!

Advantage of diverse system

• Control of random and systematic

faults (device + process)

• systematic integrity can be

enhanced

+z.B. 1oo2 SIL 3?

SIL 2 SIL 2

Diverse Redundancy(different instruments)

SIL 2 SIL 2

+z.B. 1oo2 SIL 3

Endress + Hauser offers multiple instruments which

are SIL2/3 capable.

You reach SIL 3 even in homogeneous redundancy.

SIL 3

Page 31: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Products Solutions Services

The safety life cycle

Maintain your safety at the highest level

Page 32: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Probability of a failure on demand - PFD

Safety in the process industry

SIL 4SIL 3

SIL 2

SIL 1

Operation time

PFD

Ti Ti

Example: Safety component with low demand frequency (~1/a)PFD du t (t << 1)

SIL

0,1

0,001

0,0001

0,01

PFDav ½ du Ti

TiTi = Proof test intervalPTC= Proof test coverage = λdu

*/ λdu

(λdu*=failures revealed by the proof test)

du Ti

PTC=100 %

Page 33: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Total Proof test coverage according to IEC 61508

Total coverage (DC+PTC)

FTL80/81/85+ FTL825

Wet test 99%(Procedure IA MAX/MIN)

Simulation(in situ testing!)

97 %(Procedure IB) Via test button

Max

Min

Safety in the process industry

Smart proof testing procedures reduce effort, increase safety and minimize shut down times.

Page 34: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Safety in the process industry

Proof testing without dismounting the device

Not necessary to interrupt or manipulate the production process for

partial proof test.

Recommendedproof test interval

12 years 3 years 2 years

Page 35: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Products Solutions Services

Conclusion

Endress + Hauser: State of the art technology and solutions

for your process safety

Page 36: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Improve safety with state of art technology - Liquiphant

Safety in the process industry

Explosion and fire at Buncefield Oil Storage Depot - Five companies to face prosecution

http://www.buncefieldinvestigation.gov.uk/press/b08002.htm

Failed !!!

Page 37: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Safety in the process industry

Separation of process monitoring and safety function

Buncefield report, Volume 2, Annex 4, Recommendation 3, page 11

Page 38: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Safety in the process industry

Need of record on site and a different location

Page 39: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

Summary

• Endress + Hauser offers an instrumentation portfolio for hazardous

areas and safety applications which is second to none.

• Robust measuring principles and material ensure reliability in

harshest processes

• Smart concepts to improve mechanical integrity are simulated,

implemented and tested in order keep your process safe under any

circumstances

• Hard- and software developed according IEC61508 and high

diagnostic coverage reduce dangerous, undetected failures to a

minimum and help to extent proof test interval

• Redundancy improves safety and availability

• Smart proof test procedures significantly safe cost

• Document your safety life cycle with W@M

Safety in the process industry

Page 40: Safety in process industry - Endress+Hauser€¦ · Safety in the process industry • Endress+Hauser: At home in the process safety • Smart devices and concepts for hazardous areas

And never forget…

Liquiphant FailSafe: THE safety switch for highest

demands.

Safety in the process industry

A unique device:SIL 3 and 12 years proof test interval.

Highest safety at minimum effort!