This article was printed in CONTROL's November 2009 edition.
"Ask the Experts"is moderated by Béla Lipták, process control consultant and editor of the Instrument Engineer's Handbook (IEH). The 4th edition of Volume 3, Process Software and Networks, is in progress. If you are qualified to contribute to this volume, or if you are qualified to answer questions in this column, or want to ask a question, write to email@example.com.
Q: We would like to improve on the safety record of fossil and nuclear energy processes in our design of a new renewable energy process. One element of that improved performance is the selection of the safe failure position for valves. We followed the advice in your handbook on designing for mechanical, plant or instrument air and electric power supply failures. We also followed your advice on safe failure positions, such as valves being closed on heating and open on cooling. In critical cases, we are also using redundant valves with different actuators—one pneumatic and the other an electric motor—and then installing them in parallel for cooling and in series for heating applications, as you suggested.
Now, we came across a situation where the safe failure position changes with the phase of the process, and depending on the phase, it can be open, closed or the last position. Am I right that in such cases we should use double-acting and not spring-return actuators? Do you have any other advice on how to design for such situations?
A: Your options are a function of how much you can afford to spend versus what level of safety you require. In any case, you should have backup for both your air and electric power supplies.
The less expensive solution is to use a double-acting valve with redundant solenoids to load one side or the other, or vent both as the required failure position changes.
The more expensive choice is to provide three parallel pipe runs with block valves, and select the right run for each phase of operation. If the switching needs to be fast, the block valves should be automatic.
In either case, all valves should have limit switches and the logic to make sure that valve status and operating mode requirements match.
A: It is not unusual to have valves with both fail-open and fail-close control systems in fossil power applications. This arrangement is usually achieved through the use of two solenoids, one for fail closed and one for fail open.
The reliability of these systems can be further improved by using redundant solenoids and a voting system, or by specifying the reliability of the instruments using IEC 61508 and the SIL rating system. Triple-redundant solenoids have been used for more than 30 years in Europe for boiler and condenser protection. Triple redundancy is being replaced by the SIL system.
A: Without knowing nearly enough about the process you are using, two ways to accomplish your stated goal come to mind.
- Build a manifold for three automatic valves, so that each valve has manual block valves. Use an air-to-open and air-to-close spring-return valve. The third valve is double-acting. Assuming the process state changes are sufficiently spread in time, manually select the valve for each state (phase). You may have to switch the process control system as well.
- Many years ago, the large butterfly valve for a 7,000 hp hot-gas expansion turbine had to close quickly if the shaft to the axial compressor failed. A local power supply consisting of a cylinder of compressed nitrogen provided the pressure to operate a double-acting valve. A local pneumatic control device sensed over speed and closed the inlet valve. This solution was in operation at a large nitric acid plant owned by Hercules Powder Co. sometime in the late 1960s.
Have you done the probability analysis for everything involved in a failure, not just the air supply? Doing so would be a good idea. There is a balance between cost and risk to be considered. Intrinsic electrical safety is based on the idea that the probability of two improbable events happening at the same time is an acceptable level of risk. Is it possible in this application for one accident or fire to take out both plant air and electricity?
Q: Below is a question about an ammonia storage tank:
- Content of tank: Liquid ammonia (not corrosive)
- Max liquid level: 19.55 m
- Density at normal operating temperature (vapor/liq.): 0.776/675.7 kg/m3
- Liquid viscosity: 0.25 cp
- Normal operating temperature: -35.1 ˚C
- Operating pressure: 0.05 barg.
We need a level transmitter with an accuracy of ±1 mm. The transmitter would be installed on the roof of tank on an 8-in. nozzle on the top of the tank. I don't know which to use—servo LT or guided wave radar? What are the benefits and limitations of each?
A: Radar will provide the best accuracy, but it will not be inexpensive. I suggest checking with either custody transfer meter folks such as Saab, which is now part of Rosemount, or others such as Magnetrol for guided wave radar solutions.