Safety layers protect best when visible

By Mike Bacidore

Oct 22, 2019

Sponsored by Schneider Electric

When you’re looking for the solution to avoiding safety incidents, visibility is the clear answer. “Process safety incidents happen, but they can be avoided,” said Farshad Hendi, safety services director at Schneider Electric, who presented during the company’s Innovation Days user group conference this week in Austin, Texas. “We have the best intentions when we design a safety system, but not everything is as rosy and nice as when we design the system.”

Designing a safety system requires an assumption of the demand rate on the independent protection layers (IPLs), which can include the process itself, the basic process control systems, the prevention layer, mitigation and emergency response. The availability and reliability of the protection layers are critical, as is response time. “Sometimes the event gets through the holes,” explained co-presenter Dan Poston, safety systems consultant at LyondellBasell. There must be proper testing to meet availability requirements.

“We need to build strategies to protect ourselves,” said Poston. “We expect a certain quality standard. But a lot of things can creep in. Systematic failures can creep into your design.”

Safety first

Safety is a measure of freedom from risk or conditions that can cause death and physical harm, explained Poston. “Additional safety concerns typically include equipment or property damage,” he said. “Risk is the measure of the loss in terms of the likelihood and magnitude. How likely and how severe is it?”

Minimizing risk can’t be done with one solution, explained Poston. Risks must be weighted, and judgments must be made using knowledge, experience and company need. “It’s more important to establish clear objectives and parameters for risk assessment than to use a cookbook method,” he said.

Poston and Hendi cited a paper from Britain’s Health & Safety Executive (HSE), identifying tolerable or acceptable industrial risks as they pertain to individuals and to society.

“To be safe,” said Poston, “we want to be better than ‘tolerable.’ The broadly acceptable risk should be zero.”

An ounce of prevention

Lack of availability and device failures can create holes in a safety system. Methodologies to prevent them include inspection, diagnostics and testing. “We need to get the information back, so we can do something with it,” explained Poston. “You have to have a process in place to continually review what’s actually happening.”

That’s why seeing the information is so important. A safety-instrumented function (SIF) can be bypassed by intentionally preventing the output from acting to achieve or maintain a safe state of the process. For example, the signal could be forced; the terminal wiring could be jumpered; the trip settings could be changed so the trip won’t occur; the valve could be clamped; or the valve could be physically bypassed.

“Small things, when they add up together, can lead to a disaster,” warned Hendi. “We have as-designed assumptions from digital data and we have as-operating, or actual, conditions from process data. Analytics can help you to provide the insight. But we sometimes lose the visibility to see what’s going on in our plants.”

Having that visibility is only half the battle, explained Hendi. “Then you want to share it to the cloud, so you can collaborate with management, operations, maintenance and engineering,” he said. “When you collaborate, you find the right information in the right place. The information should be available everywhere, so you can share the information and you can see it anywhere any time.”