Control Systems, Oh, No...Not Again!

This is more than a little clunky. "By combining the F&G system with the ESD system, you eliminate one level of passing 'vitally needed information' along to another SIS type system," Moore says. "I don't see combining F&G or ESD with the process shutdown SIS system, however."

There are clear arguments for convergence of these systems. Scott Hillman, director of marketing at from Honeywell Process Solutions (www.hps.honeywell.com) who is a subject matter expert on fire and gas safety as well as SIS, says, "I think they will continue to converge because it's more beneficial for the plant operator and others involved in actual operations to have the right information at their fingertips to make decisions. Having that information is contingent on two things. First, the operations personnel need to get actual information instead of just raw data, as a lot of raw data already exists. So the integration has to be intelligent enough to provide context-specific, actionable information. Two, it is contingent on the end users and their work processes."

Charles Fialkowski, Siemens Industry's safety system product manager says, "I see these convergences as advantageous and think they will promote increased safety and security. As systems become more and more integrated, the need for a proper blend of industry codes and standards to converge will also become more important."

Simon Pate, director of projects and systems at Detector Electronics Corp. (www.det-tronics.com), agrees with Fialkowski's last point. "In my opinion," he says, "one of the issues with the F&G systems that is often overlooked is the legislative requirements." There are different requirements in many different jurisdictions. Pate continues, "So it is fine for a process safety expert to design a fire and gas system to an SIS requirement, but he must also consider the legislative requirements that fire and gas systems are required to meet."

In some cases, legislation is lagging behind technology in the safety arena.

It Isn't the Systems. It's the Culture.

What's the biggest single issue hindering safety and security implementation in the process industries? Scott Hillman says, "In a word, people."

Is the convergence process with systems advantageous? "I really do think so," says Marcelo Mollicone, technical manager for SYM Consultoria of Camaçari, Brazil. "Safety culture is very important to achieve a safe process. Safety is not only related to SIF or SIS. It is a broad concept that should be on the mind of all company personnel. The convergences help to 'spread the word' as getting more people around the concepts."

But Rockwell Automation (www.rockwellautomation.com) safety guru Paul Gruhn says it isn't the equipment or systems that will really improve safety. "As [British chemical safety expert and author] Trevor Kletz has said, 'All accidents are due to bad management.' Reading the Baker Panel report on the BP Texas City accident reinforces the idea that safety must come from the top down. If management does not believe in the benefits of safety, even though study after study has shown that productivity improves when safety improves, then a culture reinforcing safety and security will not develop."

Emerson Process Management's (www.emerson.com) safety systems product manager Mike Boudreaux says, "Successful experience going unprotected can be the biggest obstacle for change" in the corporate culture. He continues, "It is so easy to fall into the trap that 'we've been doing it this way for so long, and nothing bad has happened…" This is precisely what happened at BP. The Chemical Safety Board and the Baker Panel reports indicate that the start-up of the isomerization unit had been done exactly the same way more than fifteen times with no adverse effects. What had really been happening is that the vapor cloud had dissipated before anyone applied a spark. Once there was an ignition source, the explosion was a certainty."

Boudreaux goes on to point out, "When industry incidents do occur, the results of incident investigations are sometimes kept secret in order to avoid damage to the company's public image or protect against lawsuits from injured parties."

An example of this is the accident that killed two operators at Bayer Crop Science in West Virginia in 2008. When called to testify before Congress, William Buckner, President and CEO of Bayer Crop Science, said, "…in January 2009, there were some in company management who initially thought that the Maritime Transportation Security Act of 2002, 46 U.S.C. Chapter 701, could be used to refuse to provide information to the CSB about issues regarding methyl isocyanate (MIC) beyond those related to the MIC day storage tank in the unit involved in the incident. We admit that." According to the CSB report, Bayer also managed to lose major pieces of evidence and cleaned up the event site before allowing CSB investigators onsite.

The Problem of Complex Systems

Donna Kasuska, a chemical engineer with Pegasus Group Integrated, and ChemConscious Inc. (www.everydaychemicals.com) in Downingtown, Pa., says, "Sophisticated control systems can significantly reduce plant failures by eliminating or improving the human interface. But even the most sophisticated system has to first be considered by humans, and is also subject to use and maintenance by humans."

Large automation and control systems are what are called complex systems. Complex systems do not behave the way simple systems do. A simple system says, for example, that cause A leads to effect B. Not doing A means that B does not happen. A complex system has so many dependencies and interrelations that it is not possible to predict accurately that A will always lead to B. Combinations of causes and combinations of effects make the behavior of complex systems often non-linear. Complex systems often behave in ways more predictable by chaos theory than by a linear engineering model. "Understanding these systems and analyzing or accurately predicting their behavior is often difficult," say Karen Marais and Nancy G. Leveson, from MIT, in their paper "Archetypes for Organizational Safety." Leveson served on the Baker Commission investigating the BP Texas City accident in 2005.