'. PHP_EOL; } elseif ( strpos( $page_path, "deutsch") !== false) { echo ''. PHP_EOL; } elseif ( strpos( $page_path, "francais") !== false) { echo ''. PHP_EOL; } elseif ( strpos( $page_path, "italiano") !== false) { echo ''. PHP_EOL; } ?>

Technology Trends in Process Safety

by | Jun 25, 2010 | Safety, Technologies

Jim Cahill

Jim Cahill

Chief Blogger, Social Marketing Leader

Emerson’s Mike Boudreaux shared a Control Engineering Asia article written by the renowned process safety expert, Paul Gruhn. The article, Providing Process Safety, analyzes some of the latest trends in safety instrumented systems (SIS) designs for the process industries.

Mike manages the DeltaV SIS brand and highlighted many of the areas in the article where the process safety system design considerations were incorporated into the DeltaV SIS system.

With respect to the size of safety applications and fit of the SIS, the author notes:

However, not all systems are 1,000 plus I/O. Some vendors therefore developed safety PLCs targeted for small I/O applications. However, using one system for small applications and a completely different system for large applications in the same facility is hardly an ideal solution (even though they may be from the same vendor). A number of vendors have recently released systems that can be small and standalone, as well as large and distributed, all using the same hardware.

Mike explained that an early design consideration was to modularize the logic solver function to be able to scale from small to very large applications. In a whitepaper, DeltaV SIS Large System Capabilities the size range is described:

Each modular logic solver has 16 channels of configurable I/O. The smallest system could have a single logic solver with only 16 I/O, but logic solvers can be added as needed – up to 30,000 I/O…

This is very different from the traditional approach where hundreds of SIFs are all placed in a single safety PLC and the effect of changing a single register or the addition of a SIF could affect all of the logic that is running. The DeltaV SIS architecture isolates safety instrumented functions (SIFs), eliminates single points of failure, and simplifies change management.

The author goes on to describe how the first safety PLC’s that were designed in the mid-1980’s were triplicated, but the newer systems provide flexible redundancy to better fit the needs of the process:

Flexible redundancy, all within one system, allows the system to more closely match the safety and reliability requirements for each loop in a cost effective manner.

In the same DeltaV SIS Large System Capabilities whitepaper, the flexible redundancy that is provided by DeltaV SIS is described as follows:

For increased process availability, DeltaV SIS logic solvers are also available as a redundant pair. Both simplex and redundant logic solvers are SIL 3 rated, TÜV certified. Furthermore, the architecture allows for ‘flexible redundancy’ – that is, put redundant logic solvers only where you need them, and they can be on the same node as simplex logic solvers. In addition to protection against random hardware failures that might cause spurious trips, redundancy also provides the ability for online replacement, online proof testing, and online firmware upgrades.

The author describes the advantages and issues with the traditional approach in having separate control and safety systems:

Control and safety systems do need to communicate with each other, and this can be done using either an industry standard protocol (e.g. Modbus, OPC), or using the same proprietary highway as the control system (often using some form of gateway)…

This traditional approach has the advantage of allowing the user to purchase what they believe to be the best of both worlds, i.e., a control system from one company and a safety system from another. However, this means the user must deal with two different vendors, learn two different hardware and software platforms, send people to more training courses, experience the frustration of getting both systems to communicate together effectively, etc.

The analysis is spot on. Connecting disparate systems together has its challenges and troubleshooting communications issues over time is another challenge that process manufacturers often face. This communications is critical for historical data capture for post-event analysis. Mike pointed to another whitepaper, Business Issues Driving Safety System Integration that highlights the integration between the DeltaV and DeltaV SIS systems:

DeltaV SIS uses the same workstations for operations, engineering, and maintenance, with a rigorous user manager to ensure that only the right people have access to safety functions. The use of a common software platform gives the operational benefits of a high level of integration of control and safety.

The author points to the downside of the integrated approach:

However, this approach also introduces more potential common cause problems (a single failure causing multiple items to fail) due to errors with hardware, software and personnel.

In the same business issues whitepaper, it highlights how this design issue was addressed in DeltaV SIS through an integrated but separate architecture:

At the same time, the hardware and networks of the SIS and BPCS are kept separate, using entirely different technologies, software, and protocols. This architecture allows each SIS controller to be a standalone, self-contained logic solver with its own pair of redundant CPUs, power supply, and I/O processor. If required, it can be installed on the same carrier as standard BPCS modules, while maintaining complete independence of power supplies, communication networks, hardware, and operating systems. Non-safety related communications between SIS and BPCS are automatically implemented on the control network without the need for mapping of tags between SIS and BPCS. All alarm handling, configuration, time synchronization, security, and device health monitoring are provided invisibly and automatically. All of the data in the SIS is available to BPCS on a read only basis. Emerson’s DeltaV SIS offers separate control and safety hardware and networks along with a single set of engineering tools.

A final point to highlight in the article is with regard to diagnostics in the SIF sensors and final control elements. The author writes:

But how can a sensor communicate extensive diagnostic information on a standard 4-20mA signal? One such method is the use of Hart (highway addressable remote transducer), which combines additional information such as device diagnostics along with the standard 4-20 mA signal. Hart devices have been available for decades, but it has only been very recently that some safety PLCs have been able to incorporate Hart information directly.

These diagnostics were a key design consideration in DeltaV SIS, which has the only safety logic solver that provides direct access to HART information. Another whitepaper, DeltaV SIS HART Capabilities, summarizes these capabilities:

…to either pass on the diagnostics to an Asset Management System (AMS) or the Basic Process Control System (BPCS) or to use the diagnostics in the SIS logic. This capability has many added benefits over traditional SIS:

  • The SIS can use the HART diagnostics to determine if a field device is unhealthy. If the device is unhealthy the SIS can take action to remove the device from voting or trip the system if required.
  • The HART diagnostics can be displayed on detailed operator faceplates or displays to efficiently alert the operator and the maintenance group of unhealthy devices.
  • Historization of HART alarms can be recorded with the same tool as the BPCS and SIS alarms.
  • The alarm banner on the operator graphics can show HART alarms, which will quickly alert the operator of critical devices that are unhealthy and require greater monitoring from the operator.
  • Different HART signals can be used to monitor and alarm various conditions in the field without the requirement to run separate wiring for these signals – resulting in significant cost savings.

The article covers much more ground including safety fieldbuses, certification issues, redundancy levels, human issues, and fire & gas systems and is well worth your time to read if your responsibilities include process safety.


Popular Posts


Follow Us

We invite you to follow us on Facebook, LinkedIn, Twitter and YouTube to stay up to date on the latest news, events and innovations that will help you face and solve your toughest challenges.

Do you want to reuse or translate content?

Just post a link to the entry and send us a quick note so we can share your work. Thank you very much.

Our Global Community

Emerson Exchange 365

The opinions expressed here are the personal opinions of the authors. Content published here is not read or approved by Emerson before it is posted and does not necessarily represent the views and opinions of Emerson.