Modern industrial plants, oil & gas production facilities and other process plants all have some instrumentation and automation that ensures safety. These are known as Safety Instrumented Systems SIS for short. These type are also referred to many times as an ESD system or simply shutdown systems. These SIS ESD systems also are known by various other names such as Safety Systems, High Integrity Pressure Protection Systems (HIPPS) and so on. But all of them belong to the class of systems that are referred to as SIS.
Safety Instrumented Systems in the past
In the past, the Safety Instrumented System was strictly separate from the normal plant automation system, that was used for process control. The SIS was used for only emergency shutdown of the plant. The BPCS (Basic Process Control System-which most people refer to as the "plant DCS") was used for running the plant only. This was done for a variety of reasons, but mainly to segregate the safety and control functions and to have higher availability and reliability. In older plants, typically the BPCS was actually a collection of pneumatic panels having pneumatic instruments and controllers. The Safety System was implemented using hardwired relays and contactors.
The situation today
Lately, there have been many launches of new "integrated" control systems, that have both DCS and SIS systems in the same package. For those of you are not familiar with these terms, an SIS is short for "Safety Instrumented System", which is a special kind of control system that is used for the safety critical parts of process plants, turbomachinery, boilers and so on. An ESD system, used for emergency shutdown, can be considered a subset of the SIS category of control systems. Also other kinds of high reliability specialized systems like HIPPS (High Integrity Pressure Protection Systems), BMS (Burner Management Systems) and so on can be considered as belonging to the same class, i.e. a SIS rather than a BPCS.
On the other hand DCS (Distributed Control Systems) are those systems that are used for normal control and monitoring operations of process plants, oil refineries, oil & gas production platforms, power plants and so on. The DCS is the main system that measures, monitors and controls various process parameters like flow, temperature, pressure and so on. This is referred to as the BPCS by people who use both SIS and DCS in their plants.
Separation of SIS and BPCS
In the view of the many members who are part of standards bodies (like those on the IEC 61508 committee or ISA S84 for Functional Safety), these two systems have to be separate, as the safety systems used for emergency shutdown, have to be dedicated to only the safety critical parts of the plant and the garden-variety DCS cannot be said to be robust, fail-safe and sure to operate the safety critical instruments at all times. This distinction between the DCS and SIS, led to separate markets for both types of systems with separate suppliers for both, initially. Thus suppliers like HIMA, ICS Triplex, Triconex, PILZ and so on were the suppliers of these safety systems, whereas the DCS market was dominated by companies like Emerson, ABB, Honeywell, Yokogawa and so on, which initially only used to offer industrial grade instrumented systems. The DCS vendors sensed this fervent desire and many of them came out with "integrated" systems, where the DCS and SIS controllers are different but part of the same overall system.
Integrated SIS and DCS
So which systems are better?
The original separate safety systems where the logic solver (popularly referred to as the Safety PLC or Safety Controller) is totally different or the integrated version, where the same system has two different kinds of controllers/logic solvers-one type for the BPCS and another type (usually certified by third party agencies like TUV or Risknowlogy against a common global standard such as IEC 61508) for the SIS?
Note that the integrated SIS DCS does not imply that it is one common system, it is just integrated for ease of use and convenience. Thus the configuration software may have different types of logic blocks, some meant exclusively for use in safety functions, whereas other can be used in the normal BPCS functions. If the logic solvers/ controllers need to communicate with other logic solvers, then it has to be over a "safety bus" (a communication bus that is robust enough to carry safety critical data reliably). Thus the integrated system is not really totally integrated, but is much more close knit than the earlier totally standalone systems. Only time will tell us which system is better. There were fears among a section of the Process Automation community that a single common cause failure could knock out both systems, but these seem to be unfounded for the moment, especially because even in the so called "Integrated" systems, there is really a kind of separation between the Automation (BPCS) parts and the Safety Shutdown (SIS) parts.
To learn all about SIS, ESD system, HIPPS and similar topics, get the Abhisam Safety Instrumented Systems training course now. To get more informative White Papers like this for free, please subscribe to our mailing list below.
Our Safety Instrumented Systems training course, can be taken online from anywhere and has all that you need to know, including Functional Safety, Safety Integrity Level (SIL) and much more! Plus get a free Certificate of Competency too, plus your electronic badge on passing the exam.
Still Have Questions?
No Problem. Contact Us by filling the form below and we will get back to you.