800xa high integrity fgs and bms applications - abb … · 800xa high integrity fgs and bms...

© ABB© ABB GroupMay 31, 2013 | Slide 1

800xA High IntegrityFGS and BMS Applications

Luis M. Duran, Prodict Marketing Manager Safety Systems, February 2013

© ABB

§ Safety Systems

§ Safety Standards and Application-Specific Standards

§ Changes to Functional Safety Standards

§ ABB Offering

§ 800xA High Integrity Overview

§ What’s New?

§ Services Overview/SEC and FSMS

§ Fire & Gas Systems

§ Burner Management Systems

§ Conclusions

Content

© ABB GroupMay 31, 2013 | Slide 2

© ABB

What is Safety? What is Risk ?

§ Safety§ Freedom from

unacceptable Risk

§ Risk§ Combination of:

§ probability ofoccurrence of harm

and

§ the severity of the harm


© ABB

Risk Reduction

Residualrisk

Processrisk

RiskTarget

Increasingrisk

Necessary risk reductionActual risk reduction

Risk reductionleft to be

handled by theSafety

InstrumentedSystems

SIS

Risk reductiondue to othertechnology:-fire pumps,-foam systems,-water curtains,-deluge systems(hydraulic, pneumatic )

Calculated Process RiskAcceptable Level of Risk(Defined by user per application)

Risk reductiondue to mechanicalequipment like:- relief valve,- non return valve,- dyke…

© ABB Control SystemsMay 31, 2013 | Slide 4

© ABB

Safety Instrumented Systems (SIS)

§ SIS reduce risk andconsequently protect

• People,• Environment• Equipment and• Business

• SIS performance is measureby Safety Integrity Level (SIL)

• SIL 1 (Lower)• SIL 4 (Higher)


© ABB

Independent Protection Layers (IPL) to reduce Risk

§ Each IPL mustindependently protectagainst the hazard theyare designed tosafeguard

§ Hazard occurs when alayer fails to respond tothe process demand

§ Objective of SIS IPLmust be maintained

OperatorIntervention

Automatic SIS

Safety relief valveRupture disk, etc

ContainmentDyke, Bunker, etc

Plant responseCommunity response

Process variable BPCS

ALARMS

SIS


© ABB© ABB Control SystemsMay 31, 2013 | Slide 7

Safety Standards Timeline

USA

Inte

rnat

iona

lG

erm

any

UK

1995

IEC SC 65 IEC 61508

ISO 10418

DIN VDE 0801

DINVDE 19250

HSE PES

OHSA CFR1910.119

ISA dS84.01

API RP14C

1995Draft

1995Draft

1993

1991

1989

1987

1974

ANSI/ISAS84.01

1999

2005

IEC 61511 2003

1996

1992

1974

,Flix

boro

ugh

1976

,Sev

eso

1984

,Bho

pal

1986

,Che

rnob

le

1988

,Pip

erA

lpha

1989

,Pas

aden

a

PRESCRIPTIVE STANDARDS

PERFORMANCE STANDARDS

ANSI/ISAS84.00.01 (IEC 61511 Mod)

2004

1st Generation Systems

© ABB

§ © ABB Group

§ May 31, 2013 | Slide 8

Certificates800xA High Integrity – ABB Safety Certificates

§ TÜV Product Service, the foremost independentcertification agency in the business, has certified allproduct components on the 800xA Safety offering

Product SafetyCertificate

Development DepartmentSafety Certificate

Safety Manual


© ABB

§ © ABB Group

§ May 31, 2013 | Slide 9

800xA High Integrity – SIL3 CertifiedCertificate

Also NFPA certified forF&G and BMS

SIL3 Certified


© ABB

§ Functional Safety

§ IEC 61508

§ IEC 61511/ISA 84

§ UL1998

§ Basic Safety

§ IEC61131

§ EN50178

§ UL508

CertificatesIndustry Standards

§ Application Standards

§ NFPA72/EN54

§ NFPA85/FM 7605

§ IEC62061

§ NFPA79


© ABB

Nationally Recognized Testing Lab (NRTL)

§ TÜV SÜD Product ServicesGmbH (TUVPSG)§ 49-89-5008-4335

§ Ridlerstrasse 65, D-80339

§ Munich, Germany

§ List includes:§ CSA International

§ FM Approvals LLC (FM)(formerly Factory Mutual ResearchCorporation)

§ Underwriters Laboratories Inc.(UL)

§ For additional informationplease visit§ http://www.osha.gov/dts/otpca/nrtl/nr

tllist.html© ABB GroupMay 31, 2013 | Slide 11

http://www.osha.gov/dts/otpca/nrtl/nrtllist.html

http://www.osha.gov/

© ABB

Changes to Functional Safety Standards

§ Functional safety: Safety instrumented systems for theprocess industry sector

§ Consistency between IEC61511 and ISA 84

§ Performance Based Functional Safety Standards areapplicable to Fire and Gas Systems (NFPA 72),Burner/Boiler Management Systems (NFPA 85) andOven/Furnaces (NFPA 86)

§ Fire and Gas Systems

§ Check: ISA-TR-84.00.07-2010

§ Burner Management Systems

§ Check: ISA-TR84.00.05-2009

§ IEC61508 Edition 2 (2010)

§ IEC 61511 under revision© ABB Control SystemsMay 31, 2013 | Slide 12

© ABB

Access to information…Seamlessly and in contextIntegrated Control and Safety Systems

“Integrated but separate” architectures continue to gain traction… ARC© ABB Control SystemsMay 31, 2013 | Slide 13

© ABB

Thanks to a Common Operation Environment……Operator can take timely action

Monitor the Process and respond to Abnormal Conditions


© ABB

System 800xA HI – Integrated SafetyCustomer value of integration – available today

Plant-wideSequenceof Events

Same operationsinterface andengineering

CentralizedHistorian andData Archiving


Common, integratedasset management

strategy

Common systemtherefore reduced

spare parts, trainingetc…


Process control andsafety running in

separate controllers


© ABB

800xA High IntegrityDiverse Architecture, Diverse Implementation

§ The SIL 3 800xA High Integrity controllerhas parallel processing paths based ondiverse technology

§ Integrity voting between pathscompliments the built in activediagnostics

§ Controller and Supervision Moduledeveloped by diverse (different) teams(Vasteras and Malmo, Sweden) andtested by a third team (Oslo, Norway) bypeople with different backgrounds

§ The two channel architecture meets SIL3requirements for hardware fault detectionand reaction

1oo1D 1oo2D

90 - 9960 - 90< 60

0SFF (%)

SIL 3SIL 2SIL 1

1SIL 1SIL 2SIL 3SIL 4

HFT

> 99

IEC61508-2 Table 3

PM

SM Safety I/O SIL3

CBSIL3

AC800M HISIL3


© ABB

What do you mean Diversity?Example of Embedded Diversity

§ Software diversity inlogic solver§ PM865 & SM811

§ Different operating systems

§ Different base softwarelayers

§ Different un-packingprocedures

§ Different development andtesting teams with differentbackground in severallocations

§ Etc…

§ Embedded Diversity offersa significant contribution tooverall system integrity.

§ i.e. to execute the samelogic on / in diverse ways /software,


© ABB

What do you mean Diversity?More on Embedded Diversity

§ Hardware diversity in S800 High Integrity I/O modules

§ Each IO module has two diverse execution pathsbased on different hardware technology

§ MCU and FPGA respectively

§ Each individual single IO module has an internal 1oo2architecture


© ABB

§ © ABB Group

§ May 31, 2013 | Slide 19

AC800M High IntegrityRedundant Controller Configuration

SM811 BC810 PM865

Optical Modulebus

RCU LinkCEX bus

Redundant I/OTB 840


© ABB

§ © ABB Group

§ May 31, 2013 | Slide 20

SecuritySystem Security And Embedded Firewalls

§ Provides functions for protection of SILclassified applications in AC800M HIControllers

§ SIL Access Control andAuthorization

§ Force Control / Override Control /Bypass Management

§ Confirmed Online Write / ConfirmedOperation

§ Embedded firewalls and confirmationprocedures protect the SIL applicationfrom inadvertent / accidental controlactions


© ABB

SecurityRoles & Responsibilities

§ Users can be assigned with differentpermissions according to theirresponsibilities

§ Restriction of access to the SIS(operation and engineering)

§ High flexibility

Proc

ess

Ope

rato

r

Safe

tyO

pera

tor

Proc

ess

Engi

neer

Safe

tyEn

gine

erOperate BPCS X X

Operate SIS X

Engineer BPCS X X

Engineer SIS X


© ABB

More Efficient and Effective TroubleshootingSafety relevant information is readily available

§ Alarms, Events, Audit Trail, andSOE displays for root causeanalysis

§ Real-time information

§ Standard functionality forinhibiting of specific safetyfunctions

§ Status supervision of SafetySystem Elements

§ Flexible Report Creation andScheduling

§ Valve Leak Test, Verification,Automatic ShutdownReporting, SIL status

§ © ABB Group

§ May 31, 2013 | Slide 22


© ABB

Installed BaseInstallations Across The Globe

§ ABB’s intimate knowledge of and experiencefrom all conceivable locations, environmentsand applications directly benefits end-users

§ With more 30 years on the market theinstalled base is spread across

§ …more than 55 countries…

§ …on all continents and across allregions…

§ …and all traditional safety systemsindustry segments such as oil & gas,petrochemical and chemical industries…

§ …as well as more non-traditional safetysystems industry segments such as pulp& paper, semiconductor and minerals &mining facilities.

“Reducing risk where it isneeded…”

More than 4,600 controllerssold since initial release inJanuary 2005


© ABB

Fast Adoption on a Conservative Market Space


© ABB

Small Independent HI system with engineering and DCS

§ HI Hardware§ TUV certified SIL 3

controller (single)§ 24 VDC DC I/O and 4-20

ma Analog inputs§ Control Builder Safety

§ IEC1131 languages§ Access control and

override control§ Certified Libraries

§ Safety and Supervision§ Application (F&G, BMS)

§ Connectivity and Interfacing§ ABB Control systems§ 3rd party software and

control systems§ Diagnostics

Independent High IntegrityScope of supply


© ABB

Automation can’t check for human intervention

§ Industrial plants are designed withthe highest accuracy in mind, withseveral separate safety loops oftenchecking the integrity of processsystems.

§ Can this apparatus check for humanintervention?

§ No, they can’t!

§ A small human error could cause anenormous catastrophe.

§ Bear in mind that 70% of reportedincidents in the oil and gas industryworldwide are attributable to humanerror and account for in excess of90% of the financial loss to theindustry.


© ABB

Primary Cause of SIS System Failure

43

15

15

6

21

Specification

Design and Implementation

Operation and Maintenance

Installation and Commisioning

Changes after operation

Source: Out of control: Why control systems go wrong and how to prevent failureHSE Books ISBN 0-7176-2192-8


© ABB

Functional Safety Management SystemOrganisational Structure


© ABB

§ Organizations shall appoint one or more persons withresponsibility for one or more phases…..

§ All persons, departments or organizations shall beidentified, responsibilities clearly defined andcommunicated

§ Activities related to management of functional safety shallbe applied at the relevant phases

§ All persons undertaking specific activities shall have theappropriate competence

§ The competence shall be documented

Source: IEC 61508

Management of Functional SafetyCompetency now normative


© ABB

Fire & Gas System – F&GSystem Configuration Example

Living Quarters

Addressable Firedetection loop

ControlRoom

GasProcessing

Local FireAlarm System

Sprinkler

SerialCommunication link

HVAC


© ABB

§ Usually divided into fire areas by geographical location

§ Hierarchical structure

§ Overview display

§ Detailed presentation of each detector with detailed status information

§ All alarms and overrides presented in one display

§ Inhibits and override functionality

§ Specific detectors or a group

§ Manual activation from call points in the field or by operator releasecommands from the control room

§ Voting mechanisms used on input channels to avoid spurious trips

§ 1oo2, 2oo3, 2ooN

§ Communication possibilities with addressable F&G stations

§ Safety Integrity Level

§ Typically SIL2

Fire & Gas System – F&GTypical Functional Requirements


© ABB

Fire & Gas System800xA HI – Safety Certified Libraries

§ Supervision Library

§ Detector input

§ System control andmonitoring

§ Output handling

§ Overview presentation

§ Libraries enable significantsavings during engineering

Fire & Gas LibraryModules for monitoring and control

of protection systemsCO2DelugeSprinkler

Override functionality built into the modules tosupervise the use of Force, Inhibit, Disable,and Manual Mode


© ABB

§ © ABB Group

§ May 31, 2013 | Slide 34

Fire & Gas System – F&G800xA HI – Operator Display

L11

L12

L13

M21

M10

M22

M11

M23

M12

D11

PlatformOverview

§ Displays organized in a hierarchy levels

1. Site overview display (the top level display)

2. At least one level of group of areas

3. Area detail displays (the bottom level)

Not only the condition ofthe detectors but also thephysical location

FIRE


© ABB

Group overviewGroup overview

Area

Area

Area

Area

Area

Area

Site overview

SiteOverview

GroupOverview

AreaOvreview

DetectorFaceplate

Fire & Gas System – F&G800xA HI – Display Structure


© ABB

§ Enable quick response to operational conditions througheasy access to information during all sequence steps

§ Enable maintenance and test procedures withoutcompromising process safety

§ Bypass management

§ Controlled access to bypasses, normally prohibited

§ Monitoring and Proof Testing

§ Valve Stroke Test

§ Verification of integrity of instrumented functions

§ Safety Integrity Level

§ SIL2 or SIL3

§ Have you performed a Safety Assessment?

Burner Management System – BMSTypical Functional Requirements


© ABB

DCSController

Emergency OffPushbutton

OperatorWorkplace

BMSController

OperatorWorkplace

AC800M HI AC800M

Burner Management System – BMS800xA HI - Example System Configuration


© ABB

Boiler Management System – BMS800xA HI – More Key Benefits

§ Easy Implementation

§ IEC 6-1131-3 supportedlanguages

§ SupervisionBasicLib

§ Display Structure

§ Shutdown System Overview through standard graphic elements

§ Flexible display design to reduce time to decision and action

§ Bypass management and Forced Control

§ Sequence of Events

§ Information Management for safety

§ Shutdown reports

§ Valve operation reports

§ Asset Optimization for monitoring

3

Supported Languages SIL2 SIL3

Function Block Yes Yes

Structured Text Yes Yes

Sequential Function Chart Yes No


© ABB

Process Safety SystemsARC Strategies for Success

§ Ignore the Dual(Duplex), TMR, QMR Arguments

§ Look for Industry Expertise and Project ExecutionExperience

§ Offer Certified Safe Sensors

§ Integrate Security with Safety

§ Get Your System Security Certified


© ABB

Conclusion

§ Best in Class companies link safety to their success andinvest in programs and systems to reduce their risk

§ Engineers have attempted to reduce risk by minimizing thepotential for common cause failures

§ Common cause failures can occur in products (hardware orsoftware) or the implementation of the application

§ The industry have conceived best practices (FSMS) tominimize the impact of human error

§ Human factors can’t be ignored in the design, particularly inthe project design

§ Enforcement of these best practices (FSMS) is a way toreduce the risk introduced by engineers… is vital!


800xa high integrity fgs and bms applications - abb … · 800xa high integrity fgs and bms...

Documents