The use of wireless devices has become ubiquitous in our lives, and is growing in the process, oil and gas industries. While first used for data communication with remote locations (e.g., SCADA), wireless applications have blossomed inside the fence of many plants and facilities. These applications generally started as monitoring points in applications where copper wire was not readily available or expensive to run, or in applications that were not feasible with wiring — generally in applications you couldn’t do in the past.
Success in these projects led to a desire to expand into control and, later, into safety applications. Using wireless technology for process control, which might have seemed almost blasphemous just a few years ago, is today gaining broader acceptance, at least for non-critical loops. A good deal of skepticism remains for critical process control and safety applications.
This expansion is not without controversy, particularly in the area of safety, but there is increasing pressure because of its perceived benefits to use wireless in safety and in applications that affect safety. Just how much wireless can we use in safety applications, including instrumented protective systems, such as safety instrumented systems (SIS) and other independent protection layers (IPL) and instrumented systems that provide increased safety? These can include situations where failure of the control system can serve as an initiating cause of a hazardous event.
Potential Places for Wireless in Safety
First, what type of applications are we talking about? We mentioned control systems, which are used to keep our processes under control and within the process safety limits. If you peruse any layer of protection analysis (LOPA), you will find that many of the initiating causes are listed as basic process control system (BPCS) failures. These systems use critical control loops, and their reliability is of equal concern as an IPL, offering a risk reduction factor (RRF) = 10. Using wireless for a critical control loop brings on safety concerns, just as it does for safety alarms.
The most obvious instrumented safety systems where wireless might be considered are safety alarms and safety instrumented functions (SIFs). The ISA S84 committee recognized that there was a desire by some in industry to use wireless in safety and commissioned Working Group (WG) 8, which is developing a technical report, "TR84.00.08. Guidance for Application of Wireless Technology to Safety Alarms.” This technical report provides guidance intended to demonstrate that the wireless system can be designed to be sufficiently robust to meet the requirements of an IPL. The potential use of wireless for SIS applications is still under discussion by the committee.
There are other safety-related applications that provide increased process safety, but are not considered IPL material from the LOPA perspective. These provide a risk reduction less than RRF = 10, provide an unquantified risk reduction, or exist downstream of the loss of containment. Examples of this are safety systems such as combustible or toxic gas detection, fire detection, leak detection and emergency shutdown switches. This brings up the concept of increased process safety — additional safety that can be provided over and above the minimum required by your risk assessment. This is a safety area where wireless potentially can be applied, particularly where increased safety is better than no safety.
Wireless vs. Wired: The Important Differences
Currently accepted signals for safety I/O include 4-20 mA and on/off 24 Vdc and 120 Vac. Digital fieldbus in safety has experienced limited, but growing, acceptance. To compensate for concerns about using wired digital communication in safety applications, safety protocols such as ProfiSafe, Foundation fieldbus FF-SIS and vendor proprietary protocols (e.g., Delta V SISNet, Honeywell SafeNet, Triconex Safe Peer-to-Peer, etc.) were developed. Concerns about using digital fieldbus in safety also led the ISA S84 safety committee to establish Working Group 6 on safety fieldbuses, which has issued technical report "TR84.00.06-2009, Safety Fieldbus Design Considerations for Process Industry Sector Applications.”
The open safety protocols generally use a "black-channel” approach (also called tunneling or "medium agnostic”). The approach uses a non-trusted transmission system (the network access points, couplers, routers, etc.) and a generic transport protocol (Ethernet) that is not safety-certified.
At this point in time, wired digital fieldbuses have general acceptance in industry for control and monitoring applications, so let us, as a point of discussion, assume that a digital safety fieldbus is acceptable for safety applications. What is the difference between a wired application and a wireless application? The three differences are the communication channel—wires vs. the atmosphere; wireless requires radios; and most wireless applications are on the input side where the field instruments are powered by batteries. The measurement or action and the conversion to/from digital information are the same; once decoded, they are processed the same way.
The fact that most wireless instruments are on the input side is not a great concern, but battery replacement requires management (although that condition is not unique to wireless safety application). If a black-channel safety protocol is used, most of the safety concerns for wireless are the same as for a wired application using the same protocol. This leads us to be primarily concerned with the reliability of the wireless channel to consistently transmit critical data.