(44a) Identifying, Evaluating, and Selecting SIF

Ogle, R., Exponent, Inc.
Carpenter, A. R., Exponent

For any given process hazard, the engineer has at his disposable three main categories of safeguards: operator actions, safety instrumented functions or SIFs (e.g., trips and interlocks), and physical safeguards. Careful consideration must be given to the interactions between these three components of safety. In an optimal situation, these three elements work together in concert to achieve the goal of controlling the hazard. However, our experience in chemical process accident investigations has shown that sometimes both engineering and operating personnel have a poor understanding of the system of safeguards dedicated to protecting a particular process unit. This situation can arise because the safeguards were implemented on a piecemeal basis instead of being the result of a systematic hazard analysis. Engineering and operating personnel need to understand the interaction between operator intervention, SIFs, and the physical safeguards.

A considerable number of guidance documents on evaluating the effectiveness and reliability of SIFs are available to the process engineer. There is very little guidance, however, on identifying, evaluating, and selecting SIFs for controlling a particular process hazard. This paper attempts to fill this gap by presenting a methodology based in part on chemical process safety guidance documents. We examine the common hazards found in three types of process systems:

? Fluid transfer equipment ? Heat transfer systems ? Process vessels.

For each process system, a methodology is presented for identifying, evaluating, and selecting SIFs. The identification of hazards is based in part on the concept that an accident is an uncontrolled release of energy or mass. The identification of potentially useful SIFs follows naturally from this concept. The evaluation and selection of SIFs explicitly considers the potential benefit of operator intervention and physical safeguards. Thus the methodology fits within the layer of protection analysis (LOPA) framework. We illustrate the use of this methodology with both hypothetical examples and case studies of accidents that could have been prevented with a single SIF.