Safety in the Spotlight

Deadly plant explosions, increasing oil & gas investments, and greater awareness are factors focusing attention on process safety systems.

It has been slow, but certainly steady and sure. Industries the world over are realising the imperativeness of ensuring process safety. It may have taken a few charred bodies, however, to enhance the awareness. But then, that is how development has come about – triggered by exigencies, mishaps and catastrophes, some unexpected, and some just inevitable consequencesof human carelessness.

Whatever the triggers may have been, process safety systems suppliers are having a field decade, so to say. No fears of any downturns exist till the end of this decade, when one considers a global market open to all players in this sector.

Shop-floor accidents and mine-site mishaps have not yet become things of the past. Coal mine casualties in the recent past in the US, India and China, and the British Petroleum (BP) explosion in Texas in 2005 are incidents which stand out fresh in the mind’s eye.

Fossil fuels, while being drivers of economies around the world, have also been “poisoning” mankind as sources of the main agents of global warming greenhouse gases and snatching away lives of human beings, birds and animals alike when spilled for instance or allowed to ignite and explode (due to human carelessness or sometimes even despite the exercising of the greatest possible care).

It has been, in recent times, a classical case of how one thing leads to another. Rapid economic and population growth in India and China for instance, has stimulated a demand for fuels and energy. In the absence of enough capacity to exploit renewable energy resources, the onus of meeting this demand has fallen on fossil fuels. This has triggered several greenfield and brownfield projects in the oil and gas sector in countries around the world which have been eager to benefit from the development of two big markets in Asia.

With new process industries being set up and many more on the anvil, and also with safety, quality and environmental regulations for these being beefed up by the year, process safety instrumented systems and services providers, and also the components manufacturers have cashed in on the opportunities. This virtuous cycle has wonderfully blended together the need for increasing welfare in society and a rise in the standard of living with of fulfilling this need in a safe and environmentally-friendly way.

Billions of dollars
Asish Ghosh, Vice President of ARC Advisory Group, in a recently-published report, predicted a CAGR (compounded annual growth rate) of 10 percent for the process safety systems market, meaning that by the end of this decade, the marketwould be worth about US$1.5 billion.

“Rough estimates of safety related I/O, in the oil and gas sector instance, of the total I/O’s in a project, would be something like 15-20 per cent for refining, 50 per cent for the upstream and about 30 per cent for LNG,” said Ghosh when quizzed by CE Asia.

He singles out the Asian giants – India and China– as being the main drivers of this market, whilepointing out that the North American market willdecline slightly. It is likely that the players there willtry to keep themselves in the black by updating oldinstallations and providing existing clients with newsafety systems with added functionalities.

But then, if incidents like the 2005 one at the BP refinery in Texas keep happening sporadically in different process sectors, there would be pressure on these industries to overhaul their process safety systems (or perhaps risk losing their licenses to operate), which would open up a sea of opportunities for the players who may also have started seeking overseas clients (in the Latin American markets for instance) in order to make up for a possibly sagging bottom line.

It is the world market which beckons one and all these days, more than the respective domestic markets. Globalisation is bringing unprecedented challenges in the wake of conspicuous benefits, but it has certainly widened the range of possibilities for survivaland success in the business arena.

Stephen Burke, a process safety expert based in Singapore, concurs with Ghosh that the DCS market in Asia has become a veritable magnet for process safety systems suppliers, and points out the change in attitude that has come about in the developing world towards process safety– from indifference to growing interest. Thischange of attitude has acted as a stimulusfor new products to be introduced into themarket.

Power demands
While the oil and gas sector has been pointed out by many respondents as being a key demand driver for integrated process safety systems, Burke points out that the power sector will also generate some demand in the years to come. In this backdrop, it is noteworthy that nuclear utilities are decreasing safety-related investments, and so-called passively safe reactors have many safety systems replaced by natural processes like gravity fed emergency cooling waterand air cooling.

It is surprising that the 1957 catastrophe at Windscale, the 1979 Three Mile Island disaster, the 1986 Chernobyl accident and the 1999 Tokaimura (fuel rods fabricating facility) mishap, have failed to be effective“history lessons”. It is also true that mostnuclear reactors in operation these days are20-or-more years old, and efforts are beingmade to impart longevity to them.

Do these efforts include investing in enhanced process safety systems? Ideally, they should. If they do, considering that many developing countries (India, Indonesia, Egypt, China etc) are keen on upgrading their nuclear energy capabilities for civilian purposes, new contracts for safety systems are likely to be signed.

Beyond systems

A strong leadership culture to drive process safety practices in the industry is a necessary accompaniment to investments in automated safety systems in the workplace. There certainly is no “mechanical or electronic substitute” for a strong safety culture imbibed and religiously practiced by one and all in the workplace under amotivating leader.

There have also been calls to extend the Kaizen approach beyond quality and productivity to process safety. In other words, improvements in safety should be continuous and progressive, and certainly not static and awaiting accidents to trigger incremental improvements, and also preferably not stepped.

Adhering to IEC standards and introducing the state-of-the-art software and hardware into the safety system is just one part of the solution. If one can recall what happened at British Petroleum refinery in Texas in 2005, process safety culture needs to encompass the entire organization – top-down to begin with but pervasive eventually.

‘The Fastest Growth Region is Asia’ Stephen Burke, TÜV-certified functional safety expert and a Siemens Process Safety Promoter in Southeast Asia, is seeing big changes in attitude towards plant safety. He talks here to CE Asia. Q: Forecasts abound that the demand for process safety systems is on the rise. Which part of the world market is the most attractive one for Siemens? A: Yes, the forecasts are true. The DCS market for one is growing rapidly; the fastest growth region is Asia. Q: Would you delineate any particular product you market as having the brightest prospects? A: Customers are now increasingly demanding an Integrated Control and Safety System (ICSS) solution. Fastest growing sectors are oil & gas, power, and the chemical industries. Q: How aware is industry in the developing world about process safety? A: I have witnessed a big change over the previous 2 to 3 years, from “don’t want to know” to great interest and healthy attendance in my Safety Lifecycle Concepts Workshops. New international standards and requirements of global investors in joint venture facilities are driving this, especially in the oil & gas sector. Q: When MNCs relocate to Asia do you see the same quanta of orders for process safety systems? A: Yes, certainly, as risk reduction concepts are understood and international standards apply to their facilities in the Third World as well, they cannot discriminate between their operations in the First World and the developing world, as far as process safety goes. Q: Typically, how much would a mid-size process plant have to expend on having a process safety system installed? A: There are many variables to consider – what is the process, what are the identified hazards, what would the consequences of an event be. Every hazard must be studied and the amount of risk reduction determined so the safety performance requirements (SIL) and intent of each safety instrumented functions (SIF) can be documented. Only then can safety engineers design a safety instrumented system (SIS) to meet the identified SIL and complete the verification of the design for each SIF. High levels of risk reduction (SIL3) will require more proof testing and more field devices to achieve required performance. This is why I always encourage customers to think very hard before they ask for a SIL3 SIS. High SIL will be complex in design and will require many field devices and have very high lifecycle costs due to increased proof-testing requirements essential to achieve SIL. They should always do a Layer of Protection Analysis (LOPA) to identify other non-SIS protection layers so the can keep SIL of SIS below SIL3 wherever possible.

Safety All Around Today’s integrated safety instrumented systems (SIS) provide simplified engineering and configuration as well as a solution for the whole safety loop. By Chia Kee Guan. Process plants are under increasing pressure to operate safely while operating in an efficient manner. Maximizing operating asset returns means both eliminating unplanned or spurious shutdowns and operating with streamlined operating and engineering staff. Process manufacturers must decide how best to implement safety instrumented systems in light of these difficult business conditions. Ultimately, safety is incorporated into a plant through layers of protection and the safety instrumented system is normally one of these layers. The traditional solution for implementing plant operating controls is to purchase a basic process control system (BPCS) to automate processing, and a separate safety instrumented system (SIS) with a monolithic logic solver, which meets the need of maintaining separation between the two different systems. Until recently, process manufacturers had little choice but to opt for this approach despite limitations such as complicated engineering, awkward interfacing, and low modularity. Fortunately, a new generation of SIS systems is now available that overcomes these disadvantages, offering a high level of integration with control while maintaining a clear separation from BPCS as required by international safety standards IEC 61508 and IEC 61511. Separate but integrated This architecture allows each safety controller to be standalone, with a selfcontained logic solver that is capable of being integrated into the BPCS to permit information sharing and that uses common engineering tools and environments that can greatly simplify system configuration and maintenance. This approach has been certified by the independent TÜV organization as meeting the requirements of IEC 61508, which covers safety instrumented system design and IEC 61511, which deals with performance standards for process manufacturers’ application of safety instrumented systems and definition and determination of safety integrity levels (SILs.) This approach has also been recommended by independent industry analysts like Asish Ghosh of the ARC Advisory Group. New generation safety instrumented systems can also provide the solution for the whole safety loop, by being engineered with diagnostics tools that permit diagnostics of the field devices. This capability results from the recent advent of intelligent field devices that can sense, diagnose and digitally communicate this information over digital fieldbuses back to the logic solver or special purpose diagnostic software routines. In addition, it is also possible for today’s SIS systems to perform partial valve stroke tests to increase confidence in the proper operation of safety shutdown valves to extend the period between more rigorous manual valve testing. By testing and increasing the confidence in the operation of the whole loop, modern SIS systems can dramatically reduce the opportunity for spurious trips that by themselves subject a plant to potentially dangerous shutdown and startup transient operations. While the idea of integrating communications, engineering tools, and working environments is appealing and leads to lower engineering implementation and maintenance costs, ample separation between the BPCS and SIS should still be maintained, i.e. information should be shared from the SIS without the BPCS interfering in any way with the proper operation or configuration of the SIS. The ideal system would include password protection schemes that prevent unauthorized access to SIS configuration areas.

Busting Safety Jargons Dr Angela Summers, CEO of SIS-TECH Solutions, Texas, USA, provides CE Asia readers with some insights into the common terms associated with process safety systems. Despite the fact that safety standards IEC 61508 and IEC 61511 have been in existence for many years, some confusion still abounds when it comes to the interpretation of the terms associated with process safety systems. Safe failure fraction (SFF) is the ratio of the safe and detected dangerous failures to the total safe plus total dangerous failures. IEC 61508 permits increasing the SFF by detecting more dangerous failures and then re-classifying them as detected dangerous. However, there is a caveat here. The owner/operator/user should be able to recognize that the failure has occurred and be willing to assume responsibility for maintaining process safety. 100 per cent SFF is claimed by some manufacturers who on the basis of the existence of perfection in design, diagnostics, manufacturing, installation, commissioning, validation, inspection, maintenance, and proof testing. Such claims however come across as inconsistent with a safety culture that demands developing and using conservative, real world data. Despite IEC 61508’s scope being confined to the Electrical/Electronic/ Programmable Electronic System, inclusion of the mechanical and wetted parts in the certification reports serves only to confuse users. Certification is another area of much confusion among users. It should be noted that the word “certify” and its derivatives do not appear anywhere in IEC 61511. The standard requires that users select the individual devices that will comprise safety instrumented system (SIS) based on proven performance in an operating environment that is similar to the environment where the SIS will be applied. If the user’s operating environment, inspections, maintenance, proof testing, etc. are different from those for/in which the device was certified, the user must make appropriate design and implementation considerations in order to ensure the implemented SIS meets its design specification. Safety instrumented system (SIS) has, in many peoples minds, mistakenly come to mean electronic/programmable logic solvers. In reality, it is composed of a separate and independent combination of sensors, logic solvers, final elements, and support systems designed and managed to achieve a specified safety integrity level. An SIS may implement a single safety instrumented function (SIF) or it may include multiple safety functions. Depending on the safety function requirements of the application, an SIS logic solver can be assembled using anything from relays to sophisticated CPU-based programmable controllers. Emergency shutdown systems (ESD), such as are used for burner and gas protection, are instrumented systems, however, they are not considered SIS and therefore they are not required to be designed in compliance with IEC 61511. These systems are safety equipment and each should be tested, inspected, and managed. If/when ESD systems are implemented in the SIS logic solver the entire system must be managed, at minimum, to the level of rigor required for the SIS.