Safety instrumented system

A safety instrumented system (SIS) is an engineered set of hardware and software controls which provides a protection layer which shuts down a chemical, nuclear, electrical, or mechanical system, or part of it, if a hazardous condition is detected.[1]

Requirement specification

A SIS performs a Safety Instrumented Function (SIF). The SIS is credited with a certain measure of reliability in the Safety Integrity Level (SIL). The required SIL is determined from a quantitative Process Hazard Analysis (PHA), such as a Layers Of Protection Analysis (LOPA). The SIL requirements are verified during the design, construction, installation, and operation of the SIS. The required functionality may be verified by design reviews, factory acceptance testing, site acceptance testing, and regular functional testing.

Hazard identification

A formal process of hazard identification is performed by the project team engineers and other experts at the completion of the engineering design phase of each section of the process, known as a Unit of Operation. This team performs a systematic, rigorous, procedural review of each point of possible hazard, or "node", in the completed engineering design. This review and its resulting documentation is called a HAZOP study. A HAZOP study typically reveals hazardous scenarios which require further risk mitigating measures which are to be achieved by SIFs. Via a Layer of Protection Analysis (LOPA) or some other approved method, Integrity Levels (IL) are defined for the SIFs in their respective scenarios. The Integrity Levels may be categorised as Safety Integrity Level (SIL) or Environmental Integrity Level (EIL). Based on HAZOP study recommendations and the IL rating of the SIFs; the engineering (including the BPCS and the SIF designs) for each unit operation is finalized.

Design

A SIS is intended to perform specific control functions to prevent unsafe process operations when unacceptable or dangerous conditions occur.

Safety Instrumented Systems must be independent from all other control systems that control the same equipment in order to ensure SIS functionality is not compromised.[2] SIS is composed of the same types of control elements (including sensors, logic solvers, actuators and other control equipment) as a Basic Process Control System (BPCS). However, all of the control elements in an SIS are dedicated solely to the proper functioning of the SIS.

The essential characteristic of a SIS is that it is composed of instruments which detect that process variables are exceeding preset limits, a logic solver which processes this information and makes decisions, and final control elements which take necessary action on the process to achieve a safe state.[3] One example is a temperature sensor which provides a signal to a controller which compares the sensed process temperature to the desired temperature setpoint and sends a signal to an emergency on-off valve actuator which stops the flow of heating fluid to the process if the process temperature is exceeded by an unsafe margin.

The specific control functions performed by an SIS are called Safety Instrumented Functions (SIF). They are implemented as part of an overall risk reduction strategy which is intended to minimize the likelihood of a previously identified accident that could range from minor equipment damage up to the uncontrolled catastrophic release of energy or materials.

The safe state must be achieved in a sufficiently short amount of time (i.e., "process safety time") to prevent the accident.

Equipment

The correct operation of an SIS requires a series of equipment to function properly. It must have sensors capable of detecting abnormal operating conditions, such as high flow, low level, or incorrect valve positioning. A logic solver is required to receive the sensor input signal(s), make appropriate decisions based on the nature of the signal(s), and change its outputs according to user-defined logic. The logic solver may use electrical, electronic or programmable electronic equipment, such as relays, trip amplifiers, or programmable logic controllers. Next, the change of the logic solver output(s) results in the final element(s) taking action on the process (e.g. closing a valve) to bring it to a safe state. Support systems, such as power, instrument air, and communications, are generally required for SIS operation. The support systems should be designed to provide the required integrity and reliability.

International standards

International standard IEC 61511 was published in 2003 to provide guidance to end-users on the application of Safety Instrumented Systems in the process industries. This standard is based on IEC 61508, a generic standard for functional safety including aspects on design, construction, and operation of electrical/electronic/programmable electronic systems. Other industry sectors may also have standards that are based on IEC 61508, such as IEC 62061 (machinery systems), IEC 62425 (for railway signalling systems), IEC 61513 (for nuclear systems), and ISO 26262 (for road vehicles). SIL Validation reports.

Other terms often used in conjunction with and/or to describe safety instrumented systems include:

  • Critical control system
  • Safety shutdown system
  • Protective instrumented system
  • Equipment protection system
  • Emergency shutdown system
  • Safety critical system
  • Interlock (engineering)
  • Interlocking (railway signalling)
  • Wrap around protection
  • Emergency shutdown systems
  • Process shutdown systems

See also

References
  1. Lee’s Loss Prevention in the Process Industries (Third ed.). p. 34/2.
  2. Lee’s Loss Prevention in the Process Industries (Third ed.).
  3. Lee’s loss prevention in the process industries (Third ed.). p. Preface.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.