These days, safety systems engineers need all the help they can get. Major capital projects (MCPs) have grown by an order of magnitude, and so have their systems. "A project that was $500 million used to be a large project. Now it's tens of billions," said Joe Pittman, safety instrumented systems team lead, Chevron ETC, in his presentation today at the 2014 Yokogawa Users Conference and Exhibition in Houston.
Safety systems are becoming much larger and more complex, and their design often must be distributed over multiple contractors and companies. "We're not all on four or five floors in one building, all talking to each other," Pittman said. And competency is a scarce commodity. "When the market is down, we lay off. When it comes up, we hire, but the result is a lot of people don't have the experience. It's worse overseas, in areas like China and Africa."
Pressure is rising on speed of execution. "Companies are selling the product of these big, expensive new plants as of the day they're scheduled to start up," Pittman said. "But we still have delays in design and engineering; then we compress the schedule. This puts a lot of pressure on the contractors, especially the automation contractors."
It's an ongoing battle to create and maintain accurate and consistent documentation, and then there are the regulatory requirements. "Regulators are more and more in our business to see that we meet industry standards," Pittman said. "Ten years ago, that wasn't happening."
To implement a safety instrumented system (SIS) successfully, it's critical to reduce human errors when capturing design requirements, and to get those requirements correctly into the hardware design and the application code that controls the safety controllers.
Pittman has found that Chevron can streamline SIS design by using Trinity Integrated Systems' iDefine Software Suite. But first, his disclaimer: "I don't work for Trinity, I just find the tools effective and easy to use," he said. "The iDefine suite is a vendor-neutral requirements capture and configuration tool designed to reduce error by allowing engineers to work in a more natural interface."
The suite uses state machines for sequential logic, and cause-and-effects for shutdown logic. This allows the engineer to concentrate more on functionality and less on translating the source documentation into function blocks and ladder logic.
The tested application can be used to generate vendor-specific SIS code, and the suite includes tools that provide management of functional safety, document generation and code simulation testing capabilities.
One of today's large projects might involve 30 or 40 coders. "The suite provides the consistency you want to expect in a system," Pittman said. Its templates conform to Chevron standards and "save configuration and test time, allowing code generation to be done later in the project lifecycle," Pittman said. "This is a great advantage if you need to be able to squeeze the contractor."
Founded on State Logic
State machine technology is easy to understand, and helps operations and engineering collaborate on what the safety system needs to do. A state analysis tool is used to build state chart-style models to describe detailed behavior. It begins by simply defining the various states and transitions of a piece of equipment. States are outputs, and transitions are the inputs required to move from one state to another. For instance, the states of a furnace would be
The next step is deciding what the outputs are for each state. Then define transitions by determining how to get from one state to another. For example, to get from tripped to stopped, you might press reset.
The iDefine State Transition Tool leads operations and engineers through designing the system. The suite's Logic Editor is an IEC 61131 function block diagram (FBD) editor that helps graphically build diagrams. "A change in one place appears everywhere," said Pittman, which greatly helps in reducing errors and maintaining documentation.
A Simulation and Test Case tool allows the user to apply logic to an easily developed simulation graphic for functional testing and simulation. Test cases are transformed into scripts that can be executed in emulation or a target programmable logic controller (PLC). In operation, "It's a great troubleshooting tool," Pittman said. "You can see exactly what tripped and why."
White Board and Documentation tools are among Pittman's iDefine favorites. "The designer says the thing he hated the most is documentation, so he did a great job on this tool," Pittman said. "A change in any item of project data is reflected automatically in the documentation." A Management of Functional Safety tool prevents users from proceeding to the next step before the previous step is completed.
Chevron is working with Trinity to develop a specialized version for itself and its vendors, and "Yokogawa is working closely enough with Trinity that when we make a change, they can look at it and verify it," Pittman said. "Today, iDefine changes can be transferred automatically into ProSafe, but not the other way. In the future, I expect that ProSafe and iDefine will stay in synch, so any change made in one will show up in the other. Then we'll be able to pull the code out of a dying PLC and put it right into ProSafe."