One of my first assignments as a newly minted Electrical Engineer was to tend to a triple modular redundant (TMR) safety instrumented system (SIS) on an offshore Gulf of Mexico oil & gas gathering facility. This was back in the 1980s when these systems were introduced. Many manufacturers and producers have these older safety systems that have been in operation for decades.I mention this since I received a note from Emerson’s Andy Crosland. He presented at ACHEMA earlier this year on legacy SIS modernizations. In his presentation he opened with some of the challenges in these modernization projects from both a hardware and software perspective.
From a hardware perspective, is there space to install the new system while the old system continues running? Are there existing barriers, isolators, relays and other components and what level of SIL capability do they have? What risks will be incurred in disturbing wiring that is decades old? And unlike control system modernization projects, keeping the I/O and replacing the logic solvers with those from another supplier is not possible with safety instrumented systems. Like control system modernizations, online cutovers risk causing a plant shutdown and offline cutovers may cause delayed startups as issues are addressed.
Andy noted that innovations like Electronic Marshalling in DeltaV SIS can help minimize limited space challenges, often fitting into existing system or marshalling cabinets, in a variety of orientations, including horizontal, vertical and even 19″ rackmount.
From a software perspective, can we import existing safety logic, and even if we could, should we? For non-programmable systems, can we work with existing logic diagrams? Does the existing logic match existing documentation? And, do we have a clear specification of safety requirements?
Andy shared with me that the clients with whom the SIS consultants engage often provide the Cause & Effect (C&E) diagrams AND some kind of copy of their existing logic. Unfortunately, they are rarely certain that the C&E diagrams capture everything that is actually configured in the existing logic.
One approach which has been shown to have benefits over several projects is to use tools such as Process Safety Management Suite (PSMS) to analyze existing code and to use these tools to test the new code automatically and completely. These tools help the project team to identify differences between existing logic and the C&E document so that they can discuss and resolve with the client what the actual requirements are which should be programmed into DeltaV SIS. The same C&E model can also help them to test the new DeltaV SIS code against the revised C&E specification.
This auto-testing capability helps to identify and resolve any differences between existing documents and existing code and help to develop a clear specification for future projects. It also helps test the new DeltaV SIS logic to eliminate surprises during commissioning.
You can connect and interact with other SIS functional safety experts in the Control & Safety Systems group in the Emerson Exchange 365 community.