Building a resilient safety system
While no safety system is perfect, it is imperative for users to understand the basics and define safety and risk to prevent accidents from happening that could have severe effects.
Nobody is perfect, and that includes the folks that design, build and maintain safety systems. But that doesn’t give anybody a free pass to not lock in and focus on keeping the plant and the surrounding environment safe from any potential disaster.
“There is no one solution to safety problems or concerns,” said Daniel Poston, safety system consultant at LyondellBasell during his presentation at the Innovation Days 2019: Foxboro and Triconex User Groups event in Austin, Tex. “You can’t use a cookbook approach to solve or minimize risk. We have plants with layers of protection where you have a process, basic process control systems, prevention, mitigation, and emergency response – and they all have holes in them.”
That is where users need to understand the basics and define safety and risk. Safety, Poston said, is a measure that shows freedom from risk or conditions that can cause death and physical harm. Additional safety concerns typically include equipment or property damage.
Risk is the measure of the loss in terms of the likelihood and magnitude of the loss, Poston said. A hazard is something that can cause an undesirable effect, Poston said. Water on a staircase is a hazard because you could slip on it a fall and hurt yourself. A loud noise is a hazard because it can cause hearing loss. Breathing in asbestos dust is a hazard because it can cause cancer.
Things go wrong
“Incidents happen,” said Dr. Farshad Hendi, functional safety director for Americas and EMEA at Schneider Electric during the Triconex User Group presentation. “We have the best intentions to design a safe system, but so many things can go wrong.”
He mentioned things like old technology, design flaws, automation asset impairment, operational procedures and a lack of visibility for the problems.
Main causes of incidents, Hendi said, are specifications at 44%, followed by changes after commissioning at 20 percent, and then design and implementation and operations and maintenance at 15% each, then installation and commissioning at 6%.
What is at issue now is there was a time when a user could implement a safety system and pretty much know, or think, it was ready to jump into action on a moment’s notice. But in this era of cybersecurity, where no one system is safe, new challenges are rising.
There are challenges and issues on device availability, failures, testing and bypass. That is where users need to “build strategies to help safeguard issues built into the design because nobody is perfect,” Poston said. “Look at overall quality, configuration and availability. Errors do creep into the design.”
Some methodologies to prevent failures:
- Review process
- Can’t test and be done with it; you have to have reviews in place.
It’s also crucial to understand if there are bypasses in place that could impede the safety system. A safety instrumented function (SIF) is considered bypassed when the output is intentionally prevented from acting to achieve or maintain a safe state of the process, Poston said.
A bypass occurs when:
- The signal is forced
- Terminal wiring is jumped
- Trip settings are changed such that the trip will not occur
- Valve is clamped
- Valve is physically bypassed.
“We want to design a resilient system to withstand issues that arise,” Hendi said. “We are able to digitize information and bring it all together. We are able to connect and collect all information from all the systems. It can tell you what is going on. You can find out why things are drifting from the normal points.”
Hendi said it is now possible to be descriptive, diagnostic, predictive and prescriptive.
The days of only utilizing the safety system in extreme cases are now over because technology advances allow for greater knowledge of what is going on at any given point.
“You are able to share the data with the cloud,” Hendi said. “I know that is scary, but we are able to share and collaborate to find the right decision to reduce an incident. Time is our enemy. We need to find out what to do right now. What happened? What is happening now? How and why did it happen? What the next best action?”
“You need to understand the risk posture,” Hendi said. “Information should be available at all times: A digital service collaborative environment to improve timely decision making.”