Thereâs a âSafety Lifecycleâ poster on the wall, courtesy of one of our safety consultants, Exida. A few years ago, the Ohio Chemistry Technology Council had a conference focused on safety systems, and Exida kindly gave us a dozen or so such postersânormally sold for $5âto share with the attendees. Not surprisingly, it highlights the various services and software Exida offers at each phase in the lifecycle. Whether the complexity and intimidation of the safety lifecycle chart has grown with the array of services and software offered, or vice-versa, is something to ponder.
As one walks among the many pipes, vessels, rotating machinery and utilities infrastructure carrying flammable, explosive, toxic, high-voltage or otherwise life-threatening materials and energy in enormous volumes, often at high pressures and temperatures, youâd best be at least a little intimidated. If the process itself doesnât scare you, the regulatory authorities are empowered to scare you with fines, penalties, and even jail time. When making choices regarding safety, itâs good to imagine yourself in a deposition explaining why your design failed to be effective in protecting people or the environment from harm.
OSHA in the plant for cause can also garner attention from investment analysts. Corporate leaders are afraid of lawyers and the government as well, and might be prone to send internal auditors your way so they can gain some measure of assurance that their scary but cash-producing manufacturing assets are not going to make any headlines. When the auditors depart, weâre fortunate if weâre not left with a bushel of findings and mandates that we have neither the time nor the resources to address.
Instruments are being revealed to be the crux of an increasing number of âprotection layers,â from alarms that prompt an operator action to high-integrity interlocks that help ensure vessels are protected from overpressure and stay intact. Even if itâs âjust an alarm,â itâs no longer acceptable to run to failure. Facing an ever-increasing number of instruments that warrant some measure of routine testing, weâre straining to come up with procedures to demonstrate efficacy, let alone execute them all. What are the alternatives?
When an alarm is claimed as a protection layer, one needs to ensure that the alarm setpoint and priority are kept intact in the DCS. Maybe youâve already deployed periodic (or even daily) alarm âenforcement.â Thatâs when all the alarms in the alarm database are written back to the DCS, overwriting any setpoint changes or suppression. Enforcement might be sufficient to cite in lieu of a test to make the alarm sound. But is it possible to validate a measurement loop without physically running a test or calibration?
For instruments in such services, you might be able to justify a few extra dollars to get enhanced diagnostics. Some HART devices will generate an alert if the digital HART PV doesnât correspond with the 4-20 mA analog output within some margin. The Rosemount 3051S can be purchased with a âpower diagnosticâ that can generate alerts if the current loop is compromised by water, corrosion or a faulty power supply. The same transmitter can use noise in the pressure signal to detect plugged impulse lines. Temperature transmitters have features like hot backup that can switch to a redundant sensor and generate an alert. Some have diagnostics to detect sensor degradation or drift.
One might be able to claim such diagnostics support measurement validation without a physical test or calibration, or at least extended test intervals. But the diagnostics themselves require some expertise and tuning to set up. Most likely, youâll need procedures in place to address how they shall be monitored and what actions will be taken when the alerts come in. That the alert itself functions as designed might warrant testing. After all that, does the effort to configure and prove the efficacy of the diagnostic equal or exceed the effort to calibrate and test the conventional loop?
If only, if only our measurement and monitoring systems were capable of self-validation without exhaustive testing, maybe the increasing complexity of the safety lifecycle would be less of a burden. We donât want to just check the box for auditors or simply change some cell on a spreadsheet from red to greenâwe want our instrumented systems to demonstrably protect our process plants from hazards and spurious trips.
