Under control

So where do operators turn when their safety system starts to fail?

This is the situation threatening the large number of companies with safety systems nearing the end of their useful life, says Larry O’Brien, vice president of research at the ARC Advisory Group.

He predicts “sweeping changes across the process industries” in response to what he describes as a disturbing trend in the severity of plant incidents.

Old safety systems need to be replaced for many of the same reasons companies need to replace their existing distributed control systems (DCS), says O’Brien, such as withdrawal of system support.

But because the logic solvers in safety systems tend to be very reliable, “many safety systems are left in place for a long time, perhaps even longer than legacy process automation systems,” he says.

Unlike DCS upgrade projects, Safety Instrumented System (SIS) upgrade projects typically include the safety instruments, control valves, and the process safety system.

“Safety system migration projects are typically not done in a phased manner, they are done all at once,” says O’Brien.

In addition, many end users are choosing the same supplier for SIS as their business planning and control system (BPCS) in new projects to allow closer integration between these systems, he adds.

Integrated safety

The advantages can include a lower lifecycle and maintenance cost, easier time synchronisation and improved asset and event management.

On the downside, O’Brien says there is an increased risk of ‘common cause failures’ when the same fault affects more than one system.

They can also present greater management challenges, and a stronger focus on the cyber security risks is required.

Mikael Steiner, global product group manager from ABB, says although the market was not ready for integration between a DCS and safety system ten or 15 years ago, things have changed.

“ABB has always been thinking beyond the DCS, and when it comes to integrating safety systems as part of a wider offering, these types of solutions are becoming more and more accepted in the market,” he says.

While some companies are sceptical about the benefits of integrating the DCS with subsystems, upstream and downstream oil and gas refineries have been integrating safety into their control systems for a while, he says.

The benefits are that it can save them money by it tying up less capital associated with servicing and training, and help them run a tighter process.

“This is one of the main benefits of integrated solutions,” says Steiner.

Steiner says human factors, such as good ergonomics, are also likely to become more regulated over time, as part of the overall safety monitoring of a plant.

“We consider all systems that are beneficial to operators to be a valid integration target because of the revenue benefits in making them more efficient,” he says.

Beyond the control room

Mike Brown, global director of advanced solutions at Honeywell Process Solutions, says performance improvement technologies that sit above the DCS can also be key contributors to process safety.

“I think when people originally put in the DCS it was about providing better control of the process,” he says. “Then we had an explosion of process data.

That information doesn’t just go to the operator, but is now being used beyond the realms of the DCS to allow companies to make better operational decisions.”

He cites the example of alarm management data. “Alarms are typically directed at an operator so they can take immediate action,” says Brown.

He says monitoring data on the number of alarms staying active longer than they should be, or during shift changes are allowing companies to identify the situations most commonly associated with in incidents in plants.

“This data is now being used to improve overall safety management along with statistics on factors such as operator loading, which can be used to determine if there is a high risk of them missing critical information,” he says.

Applying data to create key performance indicators (KPIs) and industry standards is an example of the sort of information coming out of the DCS that can add value, says Brown. “We are already seeing companies take this information beyond the control room,” he says.

“So when a critical alarm for a piece of rotating equipment is triggered, it doesn’t just inform the operator, but also notifies a reliability engineer or expert who might be thousands of miles away.”

They can then examine its possible causes in a slower timeframe.

“Automated analytics reports can provide monthly reports on alarms, which also allows the company to become far more proactive on predictive maintenance,” he says.

Safe operating envelopes

“This is definitely a key trend we are seeing out there. Interest is now also developing around ‘safe operating envelope’ standards. This is about helping companies to understand how to manage the safe operational envelope in their corporation.

“There are multiple points operators have to manage, so we ask what limits we are pushing to so we can ensure we are operating within those envelopes.”

A standard called the ‘Integrity Operating Window’ (IOW) has been released to enable this.

Developed by the American Petroleum Institute (API), the IOW was created to help facility owners put into place, monitor, and maintain an IOW programme for each piece of equipment in their facility to avoid unexpected equipment degradation that could lead to loss of containment.

“We really think this will be the next stage of alarm management,” says Brown.

“It dictates how you manage the plant right from its design, and into the control and communication of what is happening to the processes. It really is tip to tail best practice.”

Brown says large oil companies have already been configuring solutions capable of doing this and the functionality is now being embedded into the DCS as a commercial offering.

“So in the next generation of the Experion DCS you will see much tighter integration for operators,” he says.

Safety systems and alarm rationalisation practices are key to this strategy, and Brown says the regulatory and compliance issues will slowly continue to evolve in the area of alarm management and safe operating envelopes.

“That practice of identifying causes and consequences of alarms is typically embedded into the DCS directly, so the situation comes through the whole loop and information becomes immediately available to control system operators,” says Brown.

“The companies on the forefront of this have a pretty good understanding of what they want to do and then use technology to enable it. Then there is a second tier of companies that don’t have that engineering expertise and are waiting for the industry to supply this as a commercial off-the-shelf product.”

Now as oil prices are going down, Brown predicts there will be a lot more focus on the level of efficiency companies are getting out of their operations.

“This is the next big thing for the next two years, and that is where the engineering time will go,” he says.

The other one is consistency across the enterprise. “People used to tackle these matters on a site-by-site basis, but now they are looking at enterprise-wide platforms,” he adds.

“You can’t do that unless have clear strategy around unified architecture. This means the whole IT backbone needed to support these applications is becoming critical.”