Large and complex process facilities are dependent on a well-functioning safety and automation system for safe and reliable asset operations. It is the asset owner’s responsibility to ensure that all requirements for the individual safety barriers/-systems and performance standards for the different safety barriers are considered. Safety instrumented systems (SIS) are specifically designed to protect personnel, asset, and the environment. They achieve this by reducing the frequency or the impact severity of the credible hazard scenarios. On the other hand, an SIS may also cause spurious shutdowns and significant downtime. This is partly due to the “fail-safe” nature of subcomponents. To avoid downtime, asset operators must have a clear overview of the safety system. They also need to have an overview of its responses/actions in case of a safety transmitter signal error.
Our assessment of a client's system response
ORS has recently supported a client with the assessment of the preferred system response/action(s) upon signal failure between the safety transmitters and the safety system for an offshore asset. The main objective of the study was to review the current actions of safety transmitters failure in input/output (IO) cards on the final safety barrier, typically a shutdown valve or trip of rotating machinery.
As a part of the assessment, ORS also facilitated a workshop with the participation of multiple specialists. We did this to evaluate the safest actions for IO failures either on a single IO transmitter or on an IO card with several IO transmitters connected.
The intention of the workshop was twofold as follows:
To review the desired response/action on a system level. I.e., what is the safest resulting action for the system/EUC in case of signal failure from multiple safety transmitters, e.g., due to loss of an IO card.
To review the desired response/action per safety transmitter upon signal failure from each individual safety transmitter.
This assignment has benefited our clients in a way that they can strengthen their safety support. They can also ensure to adequately address all the applicable requirements (ISO, NORSOK, etc.) when designing the system response. Finally, this assessment has also provided something very valuable. It provided input on a detailed level about the system actions/response to avoid unnecessary production downtime.
Want to know more about how to deal with safety transmitter signal error?
Lastly, please do not hesitate to reach out to us here at ORS if you feel that you need more information or advice. We always take the time to answer, and we look forward to your message.
