innovave - WordPress.com · systems. (similar to ANSI/ISA S84.01) IEC61511 - was published in 2003...
-
Upload
vuongthien -
Category
Documents
-
view
218 -
download
0
Transcript of innovave - WordPress.com · systems. (similar to ANSI/ISA S84.01) IEC61511 - was published in 2003...
www.utm.my innova-ve●entrepreneurial●global 2
Safety Integrity Level (SIL) is defined as: ● Relative level of risk-reduction provided by a safety function to
specify a target level of risk reduction. ● SIL is a measurement of performance required for a Safety
Instrumented Function (SIF).
Standard ● IEC61508 - generic standard for design, construction, and
operation of electrical/electronic/programmable electronic systems. (similar to ANSI/ISA S84.01)
● IEC61511 - was published in 2003 to provide guidance to end-users on the application of Safety Instrumented Systems in the process industries.
www.utm.my innova-ve●entrepreneurial●global 3
SIL is a measure of safety system performance, in terms of probability of failure on demand (PFD).
Safety Integrity
Level (SIL)
Probability of Failure on Demand
Average Range (PFD Average)
Risk Reduction Availability (%)
1 10-1 to 10-2 10 to 100 90 to 99
2 10-2 to 10-3 100 to 1000 99 to 99.9
3 10-3 to 10-4 1000 to 10,000 99.9 to 99.99
4 Below 10-4 10,000 to 100,000
99.99 to 99.999
www.utm.my innova-ve●entrepreneurial●global 4
Event Likelihood Consequence
Catas-trophic
Major Severe Minor
Frequent SIL 4 SIL 3 SIL 3 SIL 2
Probable SIL 3 SIL 3 SIL 3 SIL 2
Occasional SIL 3 SIL 3 SIL 2 SIL 1
Remote SIL 3 SIL 2 SIL 2 SIL 1
Improbable SIL 3 SIL 2 SIL 1 SIL 1
Negligible / Not Credible
SIL 2 SIL 1 SIL 1 SIL 1
www.utm.my innova-ve●entrepreneurial●global 5
● The required SIL level is determined independently for every safety function or safeguarding loop.
● The realized SIL level of a loop, in contrast, is the actual SIL as it is realized in the field. It depends on: – the transmitters used,
– the configuration of the transmitters
– barriers, isolators, fuses
– the logic solver or Safety Instrumented System
– the actuator(s): valves, valve positioners, circuit breakers, etc – the configuration of the valves, for instance "single block" or
"double block & bleed"
www.utm.my innova-ve●entrepreneurial●global 6
Safety Integrated Levels (SILs) for emergency shutdown system: • SIL1 (PFD = 10-1 to 10-2): implemented with a single sensor, a
single logic solver, a single final control element, and requires periodic proof testing
• SIL2 (PFD = 10-2 to 10-3): typical fully redundant, including the sensor, a single logic solver, a single final control element, and requires periodic proof testing
• SIL3 (PFD = 10-3 to 10-4): typical fully redundant, including the sensor, a single logic solver, a single final control element, and requires careful design and frequent validation test to achieve low PFD figures.
www.utm.my innova-ve●entrepreneurial●global 8
- -
- -
a 1
1 2
1 3
a 1
1 2
1 3
1 2
1 3
2 4
3 5
h 8
- -
a 1
W1 W2 W3
2 2 4
3 5
2 4
3 5
3 6
4 7
3 6
3 6
4 7
C 1
C 2
C 3
C 4
P 1 P 2 P 1 P 2
F 1
F 2
F 1 F 2
PFDavg= Ft/Fnp = Tolerable Frequency Process Demand Frequency
RISK REDUCTION FACTOR REQUIRED MATRIX
CONS
EQUE
NCE
4 10 10 1000 1000 TH
3 NR 10 100 1000 1000 2 NR NR 10 100 100
1 NR NR NR 10 10
1 2 3 4 5 FREQUENCY
Risk Matrix
Risk Graph
www.utm.my innova-ve●entrepreneurial●global 9
● Calculate Initial Risk (or Inherent Risk) using risk analysis tools Inherent Risk = Threat X Vulnerability
● Calculate the residual risk (risk after barriers) using techniques such as ETA, LOPA Residual Risk = Inherent Risk X Controlled Risk
● Calculate the necessary risk reduction to reach an acceptable level – Requires numerical expression of acceptable risk
Risk Reduction = Inherent RiskAcceptable Risk
www.utm.my innova-ve●entrepreneurial●global 10
Residual Risk = Inherent Risk – Effectiveness of Controls
Example
Likelihood (times per period)
Consequence $ Impact
Total $ per period
Inherent Risk 10 10,000 100,000
Effectiveness of control
80% 40%
Residual Risks
2 6,000 12,000
Both the likelihood can be mitigated by some selected control measures
www.utm.my innova-ve●entrepreneurial●global 11
Drive the consequence and/or frequency of potential incidents to an tolerable risk level
Intolerable Risk
Tolerable Risk
Risk = frequency * consequence
www.utm.my innova-ve●entrepreneurial●global 12
● Incident Frequency = Initiating Cause Frequency ● Consequence = Scenario Consequence
Initiating Cause Consequence
Unmitigated Risk
IS IT TOLERABLE? Compare unmitigated risk to risk tolerance. If unmitigated risk is greater than risk tolerance, independent protection layers are required
www.utm.my innova-ve●entrepreneurial●global 13
IPL1
PFD1
IPL2
PFD2
Mitigated Risk = reduced frequency * same consequence
IPL3
PFD3
Unmitigated Risk = frequency *
consequence
The frequency can be reduced by using better devices to achieve tolerable risks
Initiating Event
Failure
Failure
Failure
Success
Success
Success
Safe Outcome Safe Outcome Safe Outcome
Consequences exceeding criteria
www.utm.my innova-ve●entrepreneurial●global 14
PFD=0.1 PFD=0.1 PFD=0.01
Different Scenario Consequence Occurs
Unmitigated Risk
Initiating Event Frequency = 1/yr
Failure = 0.1
Failure = 0.1
Failure = 0.01
Success = 0.9
Success = 0.9
Success= 0.99
Frequency = 0.9/yr Safe Outcome Frequency = 0.09/yr Safe Outcome Frequency = 0.0099/yr Mitigated Release, tolerable outcome Frequency 0.0001/yr Consequences exceeding criteria
Mitigative Feature
Preventive
Feature
Preventive Feature
Mitigated Risk = reduced frequency * reduced
consequence
www.utm.my innova-ve●entrepreneurial●global 15
PFD=0.1 PFD=0.1 PFD=0.01
Different Scenario Consequence Occurs
Unmitigated Risk
Initiating Event Frequency = 1/yr
Failure = 0.1
Failure = 0.1
Failure = 0.01
Success = 0.9
Success = 0.9
Success= 0.99
Frequency = 0.9/yr Safe Outcome Frequency = 0.09/yr Safe Outcome Frequency = 0.0099/yr Mitigated Release, tolerable outcome Frequency 0.0001/yr Consequences exceeding criteria
Mitigative Feature
Preventive Feature
Preventive Feature
Mitigated Risk = reduced frequency * reduced
consequence
www.utm.my innova-ve●entrepreneurial●global 16
PROCESS DESIGN
PREVENTION Mechanical Protection system Alarms with operator corrective actions Safety Instrumented Control System
CONTROL & MONITORING Basic Process Control System Monitoring system (Alarms) Operator Supervision
MITIGATION Mechanical Mitigation System Safety Instrumented Control System Safety Instrumented Mitigation System Operator Supervision
PLANT EMERGENCY RESPONSE Evacuation Procedure
COMMUNITY EMERGENCY RESPONSE Emergency Broadcasting
WHAT ARE IPL?
• Each layer is independent in terms of operation.
• The failure of one layer does not affect the next