“The old concept that a PLC can perform both BPCS and SIS has been repackaged by the vendors and given credibility by certification,” adds Summers. “This isn’t a new concept. The only thing that’s new is the ability to get it certified. This wasn’t allowed in previous process sector SIS standards, but is allowed in IEC 61508, since it covers other sectors, such as transportation, and medical, as well as manufacturing.”
Of course, any PLC with digital and analog I/O and appropriate algorithms can do both,” Summers continues. “The problem is that most process industry users don’t rigorously document, validate, control access to or manage changes to their control system. This is required when control systems and safety instrumented systems are combined.”
Dunn reports that users are implementing SISs in more new projects to see if they improve safety and integrate better with controls systems. “Certification helps, but there are many folks who don’t understand what this means,” says Dunn. “It’s still buyer beware out there. The end user is still responsible for the safety of his operation.”
Adler adds that, “Whatever SIS you pick, you must still look at the entire loop from the field to the control and back. You can install the best safety PLC ever, but if it’s applied improperly by relying on old transmitters and valves with bad measurements, then you haven’t accomplished anything.”
To-Do List for Safety
Despite the limitations of present standards and certifications and the variable applications where process safety is needed, there are some basic procedures that all must follow to implement it. Most versions of this laundry list are based on OSHA’s 1910.119 process safety management (PSM) of highly hazardous chemicals regulations (see sidebar), which tells users to perform a process hazard analysis (PHA).
- First, a risk analysis of the process application and facility must be done to determine what equipment and functions may need an SIS based on the probably of an adverse event occurring, especially one that’s undetected, and the consequences if one does happen.
- Second, users need to look at safety measures already in place in their facility, identify the gaps in what they have and what they need, and address these weak links in the recommendations for each application. A hazop analysis can identify particular risks, and S84 can help users choose devices with the right Safety Integrity Level (SIL) to include in their application. These performance-based risk calculations also are typically ranked according to each user’s pre-established corporate risk level.
- Third, once appropriate equipment is selected, users must calculate the failure on demand for each device, and fit them into the application’s overall loop and lifecycle.
Control's Exclusive SIS Market Study
To identify use and application trends of safety instrumented systems (SIS) among process automation professionals, Control conducted an electronic survey of 114 readers in February 2007. Key findings of the survey include:
- 58% of respondents believe their company’s SISs are not up to date or complete.
- 57% use ISA S84’s grandfather clause to continue using older systems.
- 79% audit their SISs’ compliance and 90% believe an ongoing compliance program is important.
- 31% have a program for partial-stroke testing of safety-control valves.
- 44% say a SIS should not be connected to a basic process control system (BPCS), while 56% say it’s safe to do so.
- 38% say the SIS should be independent, while 62% say it’s okay to have both systems on the same backplane.
- 34% say it’s desirable to communicate with the SIS from outside the plant, while 66% said this is unacceptable.
- 61% consider integrated SISs to be “very safe” or “reasonably safe.” 85% believe standalone SIS is “very safe” or “reasonably safe.” However, 5% say integrated SIS is “not very safe,” and 6% say they “would never use it.”
- 70% are unaware that there’s more than one TÜV agency for certifying SISs, while 11% agree that certifications from any TÜV agency are equivalent, and 11% say they’re not. Meanwhile, 34% are “not sure” and 44% “don’t know.”
OSHA's PSM Compliance Rules
U.S. Occupational Safety and Health Administration’s guidelines for complying with its 1910.119 process safety management (PSM) of highly hazardous chemicals regulations are the foundation for many individual PSM plans. Expanded versions of these rules are available online at www.osha.gov. In short, these guidelines instruct users to:
- Define the hazards of chemicals used in their processes; technology and equipment used; and show how employees are informed about safety issues
- Conduct a process hazard analysis (PHA)
- Describe the application’s operating procedures
- Demonstrate an employee training program
- Describe involvement by outside contractors
- Perform pre-startup safety reviews
- Evaluate mechanical integrity of equipment, including process defenses, written procedures, inspection and testing and quality assurance
- Describe non-routine work authorizations
- Conduct a managing-change program
- Perform incident investigations
- Demonstrate emergency preparedness
- Conduct compliance audits and provide for planning, staffing, performing the audit, completing it and taking corrective action