Intrisic Safety in the Digital Age

In Which We Sort Through the Complexities of Building Intrinsically Safe Fieldbus and Ethernet Networks in Hazardous Plant Areas

Share Print Related RSS
Page 2 of 4 1 | 2 | 3 | 4 View on one page

As Ian Pinkney, technical authority for BP Southern North Sea, Aberdeen, Scotland, says, “BP investigated explosion-proof enclosures as an alternative to IS and rejected that option because the enclosures are expensive, heavy and difficult to work on. We also found that maintenance of equipment under power is much more difficult with explosion-proof enclosures. When maintenance is required, our procedures require us to get a permit issued and to declassify the area to assure it is not hazardous before work can begin. When this is not possible, the equipment and possibly the entire process has to be shut down before maintenance can be performed, and shut downs are obviously something we really want to avoid.” (See for more on the BP North Sea operation.)

According to MooreHawke’s, O’Neill, “Explosion-proof enclosures typically have multiple bolts around their periphery, all of which must be removed when opening the cabinet. When servicing anything inside the cabinet, power must be cut to the enclosure, thus powering down all equipment inside. This may mean shutting down an entire process unit just to replace a fuse.”

In Europe, the Intrinsic Safety approach gained widespread acceptance in above-ground refineries and chemical plants as a less-expensive-to-implement-and-maintain solution than the explosion-proof approach. This followed initial applications in underground coalmines, where several fatal and highly publicized coal-dust explosions emphasized the need for specialized procedures in hazardous environments. In recent years,  IS concepts have also become more popular in North America, due largely to generally lower installation and maintenance costs and the freedom perform “live work,” as needed, without having to obtain work permits to do so.

The general idea behind IS is to use special barriers (known as “associated apparatus” in IS-speak) to limit the amount of energy available within hazardous plant areas to a level that is insufficient to generate arcs, sparks, heat or other conditions that could cause flammable gases or dust to ignite. On the surface, this sounds very simple. But things get complicated pretty quickly when you consider all the different permeations of and interactions between the various field devices (“apparatus”), associated apparatus, wiring and terminations typically involved and all the things that could potentially go wrong.

Closely related to IS, is the “nonincendive” approach. Both approaches limit the amount of energy present in hazardous environments to minimize the risk of explosion. The main difference is that, with IS, you have to consider the possibility of faults and thus be even more conservative about the amount of energy allowed into the hazardous area. The more restrictive IS approach is used for environments where the presence of potentially explosive gases or dust is the norm (Division I in North America), while the nonincendive approach is restricted for use in environments where the presence of potentially explosive gases or dust is the exception (Division II). 

Pepperl+Fuchs fieldbus segment protectors and valve couplers installed in a nonincendive (extra safety) classified area in a European chemical plant.
(Courtesty of Pepperl+Fuchs)
In the past, leaky valves and piping flanges meant that “Div I” areas requiring intrinsically safe standards were not uncommon. Today, however, more stringent environmental regulations mean that, in actual practice, true Div I areas are uncommon in modern process plants. Thus, unless a plant has decided to standardize on Div I to simplify things, Div II nonincendive approaches are typically used.

Enter Entity

Initially, each and every possible combination of field devices and barriers needed to be evaluated and approved together as an intrinsically safe system and documented with formal control drawings before it could be used in hazardous plant areas―an extremely limiting approach. Over time, the Entity parameter concept was developed. With Entity, field devices and barriers (“apparatus” and “associated apparatus”) are approved separately by an official approval organization, uch as Factory Mutual, CSA or CENELEC. Users then can combine intrinsically safe and associated apparatus as long as specific parameters for voltage, current and capacitance are correctly matched and the equipment is installed in an approved manner. The good news is that this approach provides users with much greater flexibility. The bad news is that it typically requires engineers to perform complicated, time-consuming calculations.

According to Robert Schosker, intrinsic safety product manager at Pepperl+Fuchs in Twinsburg, Ohio, “Entity isn’t really all that hard to handle. The challenge is to be able to match Entity parameters so that you have a truly intrinsically safe system that works properly.”

The Shin-Etsu manufacturing facility in Rotterdam, The Netherlands, successfully used the Entity approach for its ethylene dichloride cracking furnace process. Here, 35 segments and 275 fieldbus instruments were installed and integrated with a Honeywell Experion DCS using MTL-Relcom power supplies. For the field wiring, Shin-Etsu chose nonincendive-certified MTL wiring hubs to connect individual spur wiring to the trunk cables. The wiring hubs and field devices were matched for safety using Entity parameters for nonincendive plant environments.

If not ideal, the Entity approach works well enough for conventional, analog instrumentation using point-to-point wiring techniques. However, due to the very conservative power restrictions built into the Entity parameter approach, it is far from an ideal solution for fieldbus, where many of the initial cost savings come from the ability to drop multiple instruments off the same wire.

Page 2 of 4 1 | 2 | 3 | 4 View on one page
Share Print Reprints Permissions

What are your comments?

You cannot post comments until you have logged in. Login Here.


No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments