Safety Instrumented Systems Design Tips | Reliability Data | Common Cause Failures| SIS Components

.....continued

Design Tip 3

Get reliability data regarding your process equipment, instruments and systems before you start the design.

There is no sense in working with assumed or other vague figures. If at a later date the basic data was found to be erroneous, the entire exercise of calculating target SILs, verifications, etc will be pointless. Data can be sourced from manufacturers, third party database providers or your own historical data. Take the worst case figures out of the three sources, for your calculations.

Design Tip 4

Keep an eye on Common Cause Failures (CCFs).

It may sound simple and ridiculous, but sometimes we fail to foresee common cause failures, even in large projects that have several hundred engineers working on it. For example, is your BPCS and SIS powered from the same UPS? The same utility feeder? Could it become a CCF? Does your SIS card and BPCS card share a common backplane? What if the backplane fails-say due to ingress of moisture or rodents? Could it become a CCF? Ask these questions at the design stage itself to save yourself tears later.

For an interesting case study on how CCFs can lay low a very expensive and technologically sophisticated program like the International Space Station, here is an interesting link. A single CCF knocked off all redundant computers in the International Space Station, endangering the lives of the astronauts.

Design Tip 5

Keep an eye on the SIS components, especially sensors and final control elements

Ensure that your SIS loops do not use substandard components like cheap terminal strips, poor quality lugs, undersized signal wire and such things. Don't laugh, but these are real causes of failure of million dollar safety shutdown systems and HIPPs and all those sophisticated systems. Don't be penny wise and pound foolish.

Are you aware that out of all documented failures of SIS loops, only 8% were related to the logic solvers (Safety PLCs) and fully 92% were failures related to sensors and final control elements. Contrast this with the amount of debate, discussion and time that is spent on designing the logic solver part of the SIS (heated discussions on whether we need triple redundant safety PLCs or quad redundant safety PLCs or something even more exotic).

The reality is that very few people focus attention to the non glamorous part of the SIS loop-the transmitter and the automated valves. Very likely they are the same types that are used in the "normal" loops. Is this a correct practice? Should not you be having a higher benchmark for these? Especially since their performance will ultimately decide the reliability of the SIS loop? Also be careful with your terminal strips. A poor quality termination can cause nuisance trips worth millions of dollars-have a better benchmark for these passive components in your SIS loops.

If you follow the tips above you can have definitely have a much better SIS in your plant.