RELIABILITY ENGINEERING

MODULE 4
LOPA / SIS / SIL

ASSET LIFECYCLE INTEGRITY PARTNER

PAGE 1

JANUARY 28, 2014

R&I Management Framework
Modifications
Replacements

Asset Register

Rules & regulations

Criticality Analysis

Compliance analysis

RBI

SIL

RCM

Risk Based Maintenance
strategies
Run to failure; Fixed
interval; Condition based
Maintenance tasks/ plans
Work planning

Adapt RBM
strategies

Adapt task frequencies
maintenance methods

Asset

Execute maintenance plans
Breakdown maintenance
Data logging

Maintenance Efficiency
Schedule compliance
Breakdown analysis RCA
Proactive analysis FRACAS
Condition monitoring/analysis
SOW analysis
ASSET LIFECYCLE INTEGRITY PARTNER

PAGE 2

JANUARY 28, 2014

Training Program
Asset knowledge

LOPA LAYERS OF PROTECTION ANALYSIS ASSET LIFECYCLE INTEGRITY PARTNER PAGE 3 JANUARY 28. 2014 .

Layered protection Background • • • • Piper Alpha Bhopal Seveso Texas City Accidents with catastrophic consequence that cost many lives. made it clear that for safe operation of high risk plants it is not enough to rely on proper design and operation of plants and to rely on normal process controls and alarms. 2014 . ASSET LIFECYCLE INTEGRITY PARTNER PAGE 4 JANUARY 28.

LOPA What is it? Layer of Protection Analysis (LOPA) is a Process Hazard Analysis tool. manual intervention Safety Instrumented Systems Active protection layer Passive protection layer Emergency response layers PAGE 5 JANUARY 28. initiating causes and initiating likelihood data developed during the Hazard and Operability analysis (HAZOP). event severity. • • • • • • • ASSET LIFECYCLE INTEGRITY PARTNER Process Design Basic Process Control Alarms. The method utilizes the hazardous events. 2014 .

If additional risk reduction is required after the reduction provided by process design.LOPA How do we use it? LOPA allows us to determine the risk associated with the various hazardous events by utilizing their severity and the likelihood of the events occurring. The safety integrity level (SIL) of the SIS can be determined directly from the additional risk reduction required. alarms and associated operator actions. the basic process control system (BPCS). pressure relief valves. LOPA analyzes the risk reduction that can be achieved from various layers of protection.. etc. a Safety Instrumented System (SIS) may be required. ASSET LIFECYCLE INTEGRITY PARTNER PAGE 6 JANUARY 28. 2014 .

LOPA What does it all mean? Intrinsic safety embedded in the design ASSET LIFECYCLE INTEGRITY PARTNER PAGE 7 JANUARY 28. 2014 .

2014 .LOPA Referenced Standards • IEC 61508 Functional Safety of Electrical/Electronic/Programmable Electronic Safetyrelated Systems • IEC 61511 Functional safety – Safety instrumented systems for the process industry sector • ANSI/ISA S84 Functional safety of safety instrumented systems for the process industry sector • IEC 62061 Machinery systems ASSET LIFECYCLE INTEGRITY PARTNER PAGE 8 JANUARY 28.

SIS SAFETY INSTRUMENTED SYSTEM ASSET LIFECYCLE INTEGRITY PARTNER PAGE 9 JANUARY 28. 2014 .

Health and Environmental(SH&E) consequences. • Safety Instrumented Systems must be independent from all other control systems that control the same equipment in order to ensure SIS functionality is not compromised. They are implemented as part of an overall risk reduction ASSET LIFECYCLE INTEGRITY PARTNER PAGE 10 JANUARY 28. • The specific control functions performed by a SIS are called Safety Instrumented Functions (SIF). 2014 .Safety Instrumented Systems SIS • A Safety Instrumented System is a set of hardware and software controls specifically engineered and used to put a safety critical process into a "Safe State" to avoid adverse Safety.

Safety Instrumented System Example In accordance with IEC 61508 IEC 61511 HIPPS – High Integrity Pressure Protection System ASSET LIFECYCLE INTEGRITY PARTNER PAGE 11 JANUARY 28. 2014 .

2014 .SIL SAFETY INTEGRITY LEVEL ASSET LIFECYCLE INTEGRITY PARTNER PAGE 12 JANUARY 28.

SIL level determination Risk graph ASSET LIFECYCLE INTEGRITY PARTNER PAGE 13 JANUARY 28. 2014 .

2014 . • RRF – Risk Reduction Factor • The risk will be reduced RRF times ASSET LIFECYCLE INTEGRITY PARTNER PAGE 14 JANUARY 28.What do the SIL levels mean? PFD and RRF • PFD – Probability of Failure on Demand • What is the probability that it will not do what it is supposed to do.

• Formula according to IEC61508: ASSET LIFECYCLE INTEGRITY PARTNER PAGE 15 JANUARY 28. 2014 . We will only find out that the SIS is not doing what it is supposed to do when we need it.Probability of Failure on Demand Hidden failure Probability of Failure on Demand is a hidden failure. For all the components that make up a SIS we will have to calculate a test frequency and describe a test procedure to reduce the probability of an undetected failure in the SIS that would result in Failure to Function on Demand. This of course is not acceptable.

• Through the CMMS or a dedicated software program timely execution of the tasks must be monitored. the test activities have to be implemented in CMMS or a dedicated software program in order to schedule and execute these activities. Axiom: IF IT ISN’T RECORDED. 2014 .SIL tests Implementation and record keeping • After having calculated the test frequencies and having described the test scenario’s. IT WASN’T DONE ! ASSET LIFECYCLE INTEGRITY PARTNER PAGE 16 JANUARY 28. • Test date and findings must be recorded in CMMS or dedicated software for reference in audits or RCA’s. • SIL testing activities are considered compliance tasks.

“false alarm”). 2014 . ASSET LIFECYCLE INTEGRITY PARTNER PAGE 17 JANUARY 28.SIL Reliability aspects not covered by IEC 61508 • It is important to understand that IEC 61508 and similar standards are only concerned with the safety aspects regarding Probability of Failure on Demand. (unjustified trip. • For reliability we also have to look at the consequence and probability of spurious trip. • For this reason relying on SIL testing alone may not be enough and an RCM or FMEA may be needed to identify risks and mitigating actions related to spurious trip.

providing application developers with the evidence required to demonstrate that the application including the device is also compliant with IEC 61508.SIL rated instruments and final elements Electric and electronic devices can be certified for use in Functional Safety applications according to IEC 61508. 2014 . ASSET LIFECYCLE INTEGRITY PARTNER PAGE 18 JANUARY 28.

SIS/SIL testing and maintenance Building block of the Asset Management Concept Asset Management Concept Criticality Analysis Maintenance Concept Compliance & Integrity Concept Data & Document Concept ASSET LIFECYCLE INTEGRITY PARTNER PAGE 19 JANUARY 28. 2014 .

Condition based Maintenance tasks/ plans Work planning Adapt RBM strategies Adapt task frequencies maintenance methods Asset Execute maintenance plans Breakdown maintenance Data logging Maintenance Efficiency Schedule compliance Root Cause Analysis Proactive analysis FRACAS Condition monitoring/analysis ASSET LIFECYCLE INTEGRITY PARTNER PAGE 20 JANUARY 28.R&I Management Framework Modifications Replacements Asset Register Rules & regulations Criticality Analysis Compliance analysis RBI SIL RCM Risk Based Maintenance strategies Run to failure. 2014 Training Program Asset knowlegde . Fixed interval.

ASSET LIFECYCLE INTEGRITY PARTNER PAGE 21 JANUARY 28. 2014 .

2014 .RELIABILITY ENGINEERING MODULE 4 THANK YOU FOR YOUR ATTENTION ASSET LIFECYCLE INTEGRITY PARTNER PAGE 22 JANUARY 28.