HIPPS

‡ Introduction ‡ Configuration ‡ Specification ‡ Codes & Standards

‡Flaring of hydrocarbons causes damage to the environment and the CO2 production is not in line with the Kyoto Protocol

‡HIPPS prevent over-pressurization by shutting down the source of the high pressure.

A mechanical and electrical safety instrumented system (SIS)

designed to prevent over-pressurization of a plant with isolating downstream (Piping & Pressure Vessels) from over pressure

HIPPS closes the source of over-pressure as fast as possible (within 2 seconds) with at least the same reliability as a safety relief valve .

€ When extremely high pressure and/or flow rate are involved When Sizing of relief device is difficult to define or inadequate due to chemical reactions or multiphase fluids On existing systems in order to avoid replacement of flare system when adding new units € € .

€ Reduces relief load by reducing frequency of overpressure events Reduces frequency that multiple relief devices will operate simultaneously Provide protection when a pressure relief device is ineffective € € .

requiring many components to work as designed Redundancy.€ HIPPS are more complex. inspection and proof test requirements increase long term operation and maintenance costs € .

Pressure Range 1480-15000 psi € Temperature Ambient € Valve sizes 2-52 inches € .

The HIPPS system is based on € € € Three pressure transmitters (Initiators) A logic solver Two shutdown valves (Final Elements) .

Logic Solver Initiators Final Elements .

Logic solver To providing the safety assurance of a pressuresensitive environment ‡ Noise reduction ‡ Velocity management .

.

An overall HIPPS loop requirement € Transmitters Manifolds € Logic Solver € HIPPS Ball Valves € Actuators € Solenoid valves € Communication and sequence of event registration € Plant Resource Manager € .

INPUTS OUTPUTS T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 INPUTS T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 OUTPUTS T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 Process Resource Management DCS T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 T E XT 1 T E XT 2 T E XT 3 T E XT 4 Sequence of event Communication Logic solver Matrix interface Fail safe outputs Digital inputs Resets Analog inputs voting PV1 PV2 PV3 S S S S .

€ Manifolds for the transmitters have to provide the necessary double block and bleed interlocking 2oo3 arrangement specially for HIPPS .

€ Pressure Measurement Component To meet over pressure at least in a single instrument in SIL2 loop or two transmitters in SIL3 Loop .

Used to detect high pressure The pressure sensing initiators should be electronic pressure transmitters € Two wire 4-20 mA € Mounted on an Interlock Manifold € Wired to separate card in the logic solver € .

€ Most HIPPS applications require 1oo2. 2oo2 or 2oo3 voting transmitters on all field inputs The 2oo3 voting logic is generally implemented in the logic solver .

such as plugged process taps € .€ Reduces the probability to fail on demand (PFD) for the field inputs Decrease common cause faults.

Two methods of process measurement:   Tradition method After evolution method .

variables were monitored using discrete switches as the input sensor to the safety instrumented systems (SIS) Switches used for three reasons: Relay systems and early PLCs processed discrete signal much easier than analog signals € Switches were usually less expensive than analog transmitters € .Traditionally.

. high and highhigh level) can replace multiple switches € . low.The evolution has made it easy to use analog PV inputs € Transmitters can be continuously monitored € A single transmitter providing multiple levels of trip/alarm functions (i.e.

Determines the proper steps to make changes to the final element .

€ The logic solver hardware must be designed to meet the assigned SIL3 as provided in IEC 61508 and IEC 61511 It can be Relays or PLC The system consist of a Central Processing Unit (CPU) and fail-safe redundant I/O € € .

electronic and programmable electronic equip This standard defines the functional safety requirements established by IEC 61508 in process industry sector € .€ IEC 61511 covers the application of electrical.

Defines functional safety as: € part of the overall safety relating to the EUC (Equipment Under Control) € The EUC control system which depends on the correct functioning of the E/E/PE safetyrelated systems Other technology safety-related systems and external risk reduction facilities € .

€ All safety communication between the control unit and the associated I/O cards must be redundant Control Cabinet can be supplied suitable for hazardous area installation in EEx-d enclosure IP-66 or for safe area installation in standard 19µ rack cabinet IP-54 € .

€ SIL 4 or 3 certification € Inherently Fail-Safe € Zone2 applications € Very high mechanical and electrical robustness € High temperature range € Very low power consumption € Very long technical life span (>30y) € Test intervals many years € Event Recorder (1ms resolution) .

and IEC 61511 the safety logic must be independent from the basic process control system logic  Independence of the safety logic reduces the probability of loss of the basic control system hardware functioning  Independence also reduces the possibility of inadvertent changes to the HIPPS safety functionality occured during modification of basic process control functions .€ Based on the ANSI/ISA S84.01. IEC 61508.

€ Performs the necessary steps to bring the process back to a safe state of being Includes the valve. actuator and solenoids € .

€ Generally have a quick quarter-turn on/off ability Generally have a soft seating Generally have blow-out proof stems with radial operation € € .

so that there is no need for a bypass arrangement for pressurization and start-up as typically the case with ball valves € . because the single component will not support the safety requirements (series and parallel components) Designed to be opened against full differential pressure.€ Should be two components.

.

€ € Safety Integrity Level (SIL) (in many HIPPS Systems SIL3) Process Safety Time (PST) € Probability of Failure on Demand (PFD) € Safe Failure Fraction (SFF) € Hardware Fault Tolerance (HFT) € Risk Reduction Factor (RRF) .

€ The metric for measuring the performance of a safety function is called the average Probability of failure on demand (or PFDavg) and this correlates to the SIL level as follows PFD=1/2 ( PT ) T= Test Interval P= Failur Rate .

The relationship between the SIL. RRF and PFD .

Application of Safety Instrumented Systems for the Process Industries € € .€ IEC 61508: Functional Safety of Electrical/Electronic/Programmable Electronic Safety Related System IEC 61511: Functional Safety: safety instrumented systems for the process industry sector ANSI/ISA S84.01.

€ ASME Code Case 2211 API 521 € .

€ provide alternatives in the design of overpressure protection systems. These alternatives revolve around the use of an instrumented system that exceeds the protection provided by a pressure relief valve and flare system you need a pressure relief device for any scenario. it must be sized for the worst case no pressure relief device is installed. the MAWP (Maximum Allowable Working Pressure) of the vessel must be greater than the highest pressure reasonably expected € If € If .

€ Applies to flare load and header sizing  requires evaluation of relief loads based on credible overpressure scenarios  requires sizing the main flare header for the worst case relieving scenario (involving the simultaneous venting of all affected vessels) € Recommends use of HIPPS only when the use of pressure relief device is impractical .

installation.€ A guide for plant engineers in the design. and operation of pressurerelieving and depressuring systems Suggests solutions to the immediate design and economic and safety problems involved in pressure relieving discharge systems Includes a new section on flare gas recovery € € .

€ € General description of the process to be protected General description of how HIPPS is integrated into the process and other safety systems The required SIL level of the loop € .

€ € Specification of the system response time Detailed specification of the final element (shut-off valve) describing materials. design standards. details of the instrumentation such as solenoids and actuator . actuator sizing/integration.

test buttons. and communication to other controllers like the DCS € .€ Detailed specification of the pressure transmitters and their safety aspects Detailed specification of the controller including the required logging.

€ Components tests and integrated factory acceptance test (FAT) requirements for the complete system Documentation requirements that may include procedures and checklists for the site acceptance test (SAT) and proof testing of the system € .

€ Don·t go shopping for bargains when you want to realize a HIPPS solution. € Be sure there is sole responsibility for your total loop and be sure this is a competent person or company. for the balanced solution for both functional and safety requirements. € Go .