What is a Safety Instrumented System?

00:04

In this video, you will learn what a Safety Instrument System is,

00:08

how it is constructed, and how it plays an important role in keeping our chemical,

00:13

refining, and other manufacturing plants running safely

00:17

and as productive community partners and employers.

00:32

Before we get into today’s video, if you love our videos,

00:36

be sure to click the like button below,

00:39

and make sure to click subscribe and the bell to receive notifications of new RealPars videos.

00:45

This way you never miss another one!

00:50

Chemical, petrochemical, mining, gas compression,

00:54

and many other types of plants and manufacturing facilities

00:58

can be very dangerous places to work due to the presence of risk:

01:02

risk due to fire, explosion, tank overflow, gas release, or chemical exposure.

01:11

The only way to eliminate these risks is to not build or operate these types of plants.

01:17

But that is not practical.

01:19

These plants produce materials that are useful,

01:22

necessary, and important in our everyday lives.

01:26

Even a product like dry powdered laundry detergent is made

01:31

via a process that includes pumping liquids at high pressure,

01:34

spraying droplets into very hot air,

01:37

and collecting the product below which may be dusty and pose an inhalation hazard.

01:45

In order to minimize these risks,

01:47

process control systems are installed to maintain a safe operation of the plant,

01:52

assisted by a robust alarm detection and reporting system,

01:56

and operated by trained, qualified personnel.

02:00

But often, these measures alone cannot reduce the risk of injury,

02:05

fire, explosion, or other risks to a tolerable level.

02:10

Regardless of the types of risks, the process design itself,

02:14

the basic process control system, alarms, and operator intervention,

02:19

provide the first layers of protection for the process.

02:23

Each of these layers provides approximately a 10-fold

02:27

or greater protection to the process plant than the layer below.

02:32

In the process design, care is taken to specify lines,

02:36

equipment, and valves with the right sizes,

02:39

materials of construction, and proper accessories.

02:43

The basic process control system is installed with the appropriate instruments,

02:48

controls, and monitoring logic to allow the plant to be operated

02:53

within the safest ranges for pressure, temperature and flowrate.

02:58

Alarms are configured to allow the operators to react to abnormal conditions

03:04

and take corrective actions before a risk becomes an accident.

03:09

Even with all of these layers of protection in place,

03:12

the risks may still be too great to prevent an accident from happening.

03:17

A couple of examples illustrate this.

03:20

In 1974, a nylon plant in Flixborough, England,

03:24

exploded, killing 28 and injuring more than 100.

03:30

In 1984, a gas leak in a fertilizer plant in Bhopal, India,

03:35

killed over 3000 and injured 200,000.

03:40

More recently, in 2005, an explosion at a Texas City refinery

03:45

killed 15 and injured more than 150.

03:49

All three of these plants had control systems, alarms, and trained operators.

03:56

But these first three layers of protection do not reduce a hazardous plant’s risk to a tolerable level.

04:03

The risks associated with production at Flixborough were not all well-defined,

04:08

and the proper controls were not in place to minimize those risks.

04:14

At Bhopal, systems were in place to prevent the resulting gas leak

04:18

but did not take into account the scenario that led to the accident.

04:23

In Texas City, several technical and operational shortcomings led to an explosion.

04:31

In order to mitigate risks like the ones above, OSHA,

04:36

The Occupational Safety and Health Administration,

04:38

and several companies in the chemical industry,

04:41

along with ISA and other professional groups,

04:45

embraced the idea of defining risks, not as isolated processing line or tank risks,

04:51

but as risks associated with processing functions as a whole.

04:55

Standards ISA 84 and IEC 61508 were developed around the concept of functional safety.

05:06

Later, these standards, ISA in the US and IEC in Europe,

05:11

were harmonized in a single standard, ISA-84/IEC-61511.

05:19

The way functional safety would be addressed in a plant

05:22

in order to reduce functional risks was to install a separate,

05:26

well-designed, Safety Instrumented System.

05:31

The Safety Instrumented System, or SIS,

05:35

represents an additional layer of protection above the first three layer discussed previously.

05:42

This layer should provide at least a 10-fold decrease in the risk of the operation.

05:47

This decrease can be called a risk reduction factor of equal to or greater than 10.

05:55

So as we have seen, many levels of protection are required

06:00

to reduce the risk of an operation to a tolerable risk level.

06:05

This level of tolerable risk must be determined by each individual company,

06:10

but there are benchmarks for many industries,

06:13

such as chemical, oil & gas, food & beverage, and others.

06:19

Overall, the chemical industry has a Fatal Accident Rate, or FAR, of 4.

06:26

Driving a car has an FAR of 40.

06:30

Fatal Accident Rate is just one way that overall risk can be measured.

06:36

And in addition to the layers discussed so far,

06:39

others can be added to reduce the overall risk even greater,

06:43

like physical protection devices, such as relief valves and dikes,

06:48

and plant and community response teams, like fire departments.

06:54

So, now let’s answer what a Safety Instrumented System is.

06:59

A Safety Instrumented System is comprised of sensors,

07:03

logic solvers, and final control elements

07:06

for the single purpose of taking the process to a safe state

07:10

when pre-determined conditions are violated.

07:20

This means that the Safety Instrumented System, or SIS,

07:25

is a separate set of devices from the basic process control system.

07:30

In order to provide a risk reduction factor of greater than 10X,

07:35

it cannot be interlinked with the basic process control system,

07:39

and any of shortcomings of that system.

07:42

The logic solver is a specialized, hardened PLC- like device

07:47

that may have multiple processors executing the logic in parallel

07:52

to insure integrity of the logic and resulting action.

07:56

The SIS is designed around individual functions in the plant,

08:01

called Safety Instrumented Functions, or SIF for short.

08:05

The logic solver takes the SIS inputs

08:09

and determines what the state of the SIS outputs should be for that SIF.

08:17

Consider this process for transferring a liquid from a tank to reactor.

08:23

Normally, the flow controller,

08:25

which resides in the basic process control system,

08:29

can easily make the transfer of liquid in a very controlled, repeatable manner.

08:35

When the reactor level reaches a high alarm point,

08:38

the flow is stopped by shutting the control valve in order to keep the closed tank from over-pressurizing.

08:46

Let’s define our Safety Instrumented Function as “reactor overpressure protection”.

08:53

Now, let’s add the pieces of the SIS that are required to implement the components required for this function.

09:01

As you can see, we keep the basic process flow control loop in place,

09:06

operating as it normally does.

09:09

But now, we add a pressure sensor, logic solver,

09:13

and a positive shutoff valve to stop the flow independent of the flow controller

09:19

and the basic process control logic.

09:22

We have provided an independent layer of protection against reactor overpressure.

09:28

This improves the overall safety of the process.

09:32

In designing a Safety Instrumented System,

09:35

the design team must do a detailed risk analysis,

09:39

identifying all of the potential risks and deciding which of the risks

09:43

require a Safety Instrumented Function to be defined.

09:48

A detailed risk matrix can be used to identify the level of risk that is tolerable,

09:53

and at what point a function require as a SIF to be defined.

09:58

This can be done qualitatively,

10:00

or quantitatively by assigning numerical values to the expected frequency and severity of the risk.

10:09

Even a Safety Instrumented System has a probability to fail.

10:13

What if the pressure sensor in the previous example does not detect the high pressure condition?

10:18

What if the isolation valve does not close when it is told to?

10:23

The probability that a device, whether input, output, or logic solver,

10:28

will fail causing the SIF to not respond when called upon,

10:33

is called the Probability of Failure on Demand, or PFD.

10:39

For instance, a pressure regulator has approximately a 1 in 10,

10:44

or 1 x 10-1 , probability of failure in a years’ time.

10:52

Failure of an isolation valve is about 1 in 100, or 1 x 10-2.

11:01

These values can be obtained from vendor data for specific devices,

11:06

or from industry databases of typical PFD’s for each type of device.

11:13

When we design an overall safety instrumented system for each safety instrumented function,

11:19

we need to determine the overall Probability of Failure on Demand

11:23

or PFD for each function that is required.

11:29

If we determine the PFD should be less than 0.01, or 1 x 10-2,

11:37

then our SIF needs to be designed to a Safety Integrity Level of 2.

11:43

Similarly, a PFD of less than 1 x 10-1 requires a safety integrity level of 1,

11:52

and a PFD of less than 1 x 10-3 requires a safety integrity level of 3.

12:00

We can look up the PFD values for each of the devices

12:04

and logic solver elements we would like to use,

12:07

but to determine the overall PFD for an individual SIF usually requires a computer program.

12:15

Suffice it to say, the higher the safety integrity level,

12:19

the more reliable the safety instrument function will be.

12:22

A Safety Integrity Level of 4 is possible,

12:26

or a PFD of 1 x 10-4, but is usually not practical or economically feasible.

12:37

Another way to reduce risk is to add redundancy.

12:41

Redundancy adds cost, but generally will increase the reliability of the system and reduce risk.

12:49

A 1 out of 2 system will provide a greater

12:52

level of safety response than a simplex system.

12:56

A 2 out of 3 fault-tolerant system

12:58

can provide a greater level of safety response than a 1 out of 2 system.

13:04

While the 2 out of 3 system may be more reliable,

13:08

it may be installed at a much higher cost than a 1 out of 2 system.

13:13

Likewise, a 1 out of 2 system will have a higher cost than a simplex system.

13:19

When designing a Safety Instrumented System,

13:22

the ISA-84/IEC-61511 standards prescribe a methodology

13:29

for developing and documenting the system.

13:32

Certain design principles should be followed,

13:35

such as not allowing on-line changes to a logic solver,

13:38

requirements for testing the SIF, and a Management of Change process

13:43

for making any changes to the system once the design has been approved.

13:49

To review, past accidents and fatalities have led to a new way of looking at risk in a processing plant.

13:57

We now look at Safety Instrumented Functions in order to mitigate risk

14:01

and provide a safer operating environment.

14:06

The goal of the Safety Instrument System is to reduce the risk of accident or injury.

14:12

The SIS is only one of many layers of protection

14:15

that a plant uses to safeguard the process,

14:18

equipment, personnel, and the community.

14:22

But when implemented correctly, it can provide a very large reduction in the overall risk profile.

14:30

Safety Instrumented Systems are comprised of sensors,

14:33

logic solvers, and final control elements which are separate from all basic process control system elements,

14:41

and the logic solver drives the final control elements to the state required

14:46

to provide a safe state if the inputs indicate an abnormal situation.

14:54

Make sure that you head over to realpars.com.

14:57

To find even more training material for all of your PLC Programing needs.

15:02

We offer many videos to assist you in learning PLC Programing

15:07

and landing that job in a high-paying,

15:09

highly thought after field of automation and controls engineering.

15:14

Go to realpars.com and subscribe to our highly effective training series now!