Integration of Safety Lifecycle Tools and PLC Programming
Standards Certification Education & Training Publishing Conferences & Exhibits
Iwan van Beurden, exida Charlie Fialkowski, Siemens
�Presenters & Co-authors
exida
Iwan van Beurden, MSc, CFSE
Senior Safety Engineer exSILentia product Manager
Siemens
Charlie Fialkowski, CFSE
Safety System Product Manager
John Cusimano, CFSE
Business Development Manager, Process Safety Systems
Patricia Ela
�Integration of Safety Lifecycle Tools and PLC Programming
Safety Lifecycle Phases Example HIPPS Safety Lifecycle Engineering Tools
SIL Selection SIL Verification (conceptual design) Cause & Effect Matrix (detailed design)
Integration of exSILentia and Safety Matrix
�ANSI/ISA 84.00.01-2004 Safety Lifecycle
Management of Functional Safety and Functional Safety Assessment
Safety Lifecycle Structure and Planning
Risk Analysis and Protection Layer Design Sub-clause 5 Allocation of Safety Functions to Safety Instrumented Systems or Other Means of Risk Reduction Sub-clause 5 Safety Requirements Specification for the Safety Instrumented System Sub-clause 55 Design and Development of Safety Instrumented System Sub-clause 55
Verification
ANALYSIS
Design and Development of Other Means of Risk Reduction Sub-clause 5
Installation, Commissioning, and Validation Sub-clause 11 55 Operation and Maintenance Sub-clause 11 55
Clause 5 Subclause 55 .
REALIZATION OPERATION
Sub-clause 55. , 55
Modification Sub-clause 55 .5
Decommissioning Sub-clause 11
�Example HIPPS Safety Instrumented Function
Example Process
Heat used to separate petroleum into various components in distillation column
Hazard identified
Column C-51 Overpressure, with Possible Overloading of Flare System
Safety Instrumented Function
High Pressure on Column C51 Causes Steam Supply to Reboiler E-52 to Close
�SIL Selection
Assume Demand frequency
Over pressure every 3 years
Consequence
Single Fatality Economic Loss of $4 Million
SIF Item SIF 1 Hazard Description Inputs PT-51 PT-52 PT-53 (2oo3) Outputs XV-51 Close XV-52 Close (1oo2) Target SIL 3
Column C-51 High Pressure on Column C-51 overpressure, with causes Steam Supply to Reboiler possible overloading of E-52 to close. flare system.
Note: Target SIL and input / output voting are for illustrative examples only and are not to be taken as typical, suggested or recommended.
�Conceptual Design (I)
PT-51 PT-52 PT-53 Logic Solver
S
2oo3
1oo2
S
XV-51
XV-52
SIF Item SIF 1
Hazard
Description
Inputs PT-51 PT-52 PT-53 (2oo3)
Outputs XV-51 Close XV-52 Close (1oo2)
Target SIL 3
Column C-51 High Pressure on Column C-51 overpressure, with causes Steam Supply to Reboiler possible overloading of E-52 to close. flare system.
Note: Target SIL and input / output voting are for illustrative examples only and are not to be taken as typical, suggested or recommended.
�Conceptual Design (II)
�Detailed Design
A ) FCV-555 B-5 Heater Fuel Gas Control Valve (Minimum Fire) (5
Item: 5 Tag: I-5 A A Description: B-5 Heater Shutdown
Legend: O = Open C = Closed R = Reset A = Action 5= See Note 5(and so on) SD = Shutdown (Stop) P = Permissive
Cause or Effect
Description
Input or Cause
Tag Description Vote EULO 5 FSLL-555 Flashed crude to B- 5 Heater Pass 5 A Lo-Lo Flow 5 5 oo Flashed crude to B- 5 Heater Pass 5 A Lo-Lo Flow 5 FSLL-555 5 5 oo 5 5 HS-555B-5 Heater Fuel Gas Control Valve Minimum Firing SW A 5 5 oo A 5 HS-555B-5 Heater Fuel Gas Block Valve Dropout SW 5 5 oo B- A 5 HS-111 5 Heater Pilot Gas Block Valve Dropout SW 5 5 oo 5 5 5 1 1 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 Notes: (5 Reference P&ID: xxx ) (5 Minimum firing: de-energize relay to interrupt 555 signal from FC-555 ) - mA (5 Restores FC-555 ) control. EUHI Units Trip Act 5 5 5 C C C C C 5 5 5 5 5 5 1 5 5 5 5 5 1 5 5 5 5 5 Switch delay of 5Seconds on the input. Switch delay of 5Seconds on the input.
HV-111 B-5 Heater Pilot Gas Block Valve A
A HV-555 B-5 Heater Fuel Gas Block Valve
Tag
Rev Description 5 Under Development
Date 5 -May-5 5 5
By xx
App yy
Client:
By:
SIS Functional Specification
C&E 555 Drawing No. xxx Project No. xxx Page 5 of 5 Rev 5
�exSILentia to Safety Matrix Integration Workflow
project.exi exSILentia export file
exSILentia to Safety Matrix Utility
10
�SIMATIC Safety Matrix for HIPPS Example
11
�The Safety Lifecycle - Objectives
Build safer systems that do not experience as many of the problems of the past Build more cost effective systems that match design with risk Eliminate weak link designs that cost much but provide little Provide a global framework for consistent designs
12
�Summary
The ANSI/ISA 84.00.01-2004 (IEC 61511 Mod.) offers the opportunity to design safer systems and optimize cost Safety Lifecycle implementation can be engineering and documentation intensive Various software tools address different phases of the Safety Lifecycle exSILentia covers SIL selection, SIL verification and reliability calculations SIMATIC Safety Matrix is a Cause and Effect Matrix design, programming, and operations and maintenance tool Import utility provides a comprehensive cost effect and less error prone solution for managing the entire Safety Lifecycle
13
�Path Forward
Standardize a conceptual design to detailed design transition format
14
�Integration of Safety Lifecycle Tools and PLC Programming
Standards Certification Education & Training Publishing Conferences & Exhibits
Iwan van Beurden, exida Charlie Fialkowski, Siemens
