Take the Guess Work Out of Testing Your Safety Instrumented System
- Type: Conference Presentation
- Conference Type:
AIChE Spring Meeting and Global Congress on Process Safety
- Presentation Date:
April 30, 2013
- Skill Level:
Key Words Process Safety, IEC 61508, Programmable Electronic Systems, Architectural constrains, Periodic Automatic and Manual Testing, Safety Integrity Level, Probability of Failure on Demand Average, Failure Rates, common Cause, time between inspections. Abstract A Safety Instrumented System (SIS) is used to implement one or more safety instrumented functions (SIF’s). It is composed of three main components; sensor(s), logic solver(s), and final control elements(s) with the purpose of monitoring potentially dangerous operations and taking action if a dangerous condition is present. While that may seem simple enough, it’s often difficult to understand since these systems are typically dormant and may not be called to perform for months if not years (just how confident are you that the airbag in your car would still after 10 years?). Due to this, the only way to evaluate its performance is to utilize statistics to calculate the probability of successful operation over time. This concept is the focus of performance based standards such as IEC 61508, IEC 61511 and ANSI/ISA 84, which defines how to calculate performance throughout the system’s life cycle. One commonly used method to improve the overall SIS performance is to shorten the functional testing interval. Adjusting this test interval will have a direct impact on system performance, however much confusion exists on how one would go about actually testing a complex microprocessor based Safety PLC and what percentage diagnostic coverage can be claimed (would you trust any mechanic to test the airbag in your car, and if so, how confident are you that they covered every possible failure). This paper questions the validity of periodic functional testing of such microprocessor based, programmable systems, and evaluate the role of diagnostics and redundancy. It will shed light on the fact it’s virtually impossible to test a modern, state-of-art, safety PLC with any measure of success or performance improvement.