Please select your location to go directly to the relevant Pilz country homepage. If you cannot select your country, click here: Global Site

Close
Ireland | english

Designing in safety systems pays

   

High profile accidents such as the Buncefield and BP Texas explosions illustrate the consequences of failures in plant safety. Pilz recently saved a company costs totalling 26%, by designing in life cycle safety systems at the start of a major plant development project.

Structured methodologies for the deployment of prevention and mitigation measures are, Pilz Ireland senior process safety consultant Brian Aherne explains, used to reduce the likelihood of such events and the severity of the related consequences. The benefits of such a structured approach, reflected in international standards such as IEC 61511(see panel) are highlighted by the results achieved in the design and construction of an active pharmaceutical ingredient (API) manufacturing plant.

IEC 61511 "Functional Safety – Safety instrumented systems for the process industry sector” is the only internationally approved method to demonstrate compliance to the application of safety instrument systems of process industries.

The problem:

The plant engineering team planned to increase capacity by constructing a new plant. The initial plan was to replicate the design of an existing plant on an adjoining Greenfield site. The plant engineering, maintenance and health and safety teams commissioned a critical review of the existing plant specification, design and performance, with a view to addressing any inadequacies. The cost and effectiveness of the safety stem implemented in the plant was an issue highlighted in the review.

To improve on the initial approach, the company sought the services of a Pilz to assess and validate the planned safety system utilising a process compliant with IEC 61511.

When designing and constructing the original plant, the company conducted a hazard and operability study (HAZOP) and used the engineering judgment of the project partners and their own safety and engineering teams to identify and implement the necessary safety measures. However following the initial HAZPY there was no traceability from the hazards identified to the actual safety integrity of the implement systems.

The solution

For the new plant, the output of the HAZOP was used to generate detailed safety requirements. For counter measures reliant on a Basic Process Control System (BPCS), a list of consequence scenarios were generated. These scenarios were assessed to filter those with a "high consequence”. A layer of protection analysis (LOPA) methodology was conducted, yielding a statistical determination of the performance level required. This enable the project team to understand the exact cost, benefits and performance for all relevant functions and to select the most effective and adequate safety solutions, based on a an objective and fully traceable analysis.

In contrast to the original plant, the LOPA indicated a 40% increase in the number of safety instrumented functions requiring a reliability level with a failure on demand of less than 1 X10 -3 . These were reflected in a revised safety requirements specification. A safety validation process designed at the specification stage was completed, with a determination that the system as implemented met all the safety requirements.

The addition of "interlock” systems in the original plant at design, post design and post construction stages resulted in the initial selection of a suboptimum safety system. Reengineering costs, new electrical control systems, plant shutdowns, modification in operating and maintenance procedures and higher installation costs would be required in order to bring the old plant to the desired safety performance level. A near miss incident in this old plant resulted in a further need to upgrade the system.

The benefits

The incidents experienced in the original plant, which resulted in the adoption of the IEC 61511 methodology by Pilz, resulted in a more traceable, comprehensive and effective safety system.

The summary of costs indicated in the graphic, verify from a financial aspect the benefits of implementing safety solutions as early as possible in the safety lifecycle. In addition, by following a structured process complaint with IEC 61511, full traceability was provided from the HAZOP stage to the specification of safety integrity requirements and the validation of the overall system. Additionally, the early consideration of the safety issues in the plant lifecycle will simplify future operational or plant modification due to the traceability provided.

What those involved in the project concluded is that safety managers in operating plants should consider the benefits and changes that new techniques bring to support the lifecycle process.

It is no coincidence that the major contributory factors of the Buncefield explosion were foreseeable and would have been detected and considered in the process described. That is why the main recommendation from the investigation was the adoption of a process ass defined in IEC 61511.

The overall cost of the Buncefield explosion to its owners and the UK economy is estimated to be will in excess of £300 million. The HSE in the UK believe that the primary contributing factors would have been detected in a competently-managed IEC 61511 lifecycle. Consequently the HSE are recommending such an approach when constructing new plant or retrofitting existing plants.