About contact us Disclaimer Copyright Subscribe Submit Articles Forum

CATEGORIES ANIMATION BASICS  MEASUREMENT  CONTROL SYSTEMS  Q&A  ELECTRONICS  ELECTRICAL  TOOLS

Ads by Google

1 Questions and Answers

2 Safety Integrated Systems

 Home / Instrumentation Q & A / Interview Questions and Answers on Safety Systems

INSTRUMENTATION Q & A • SAFETY SYSTEMS

Interview Questions and Answers on Safety Systems

Ads by

1
 January 14, 2016  S Bharadwaj Reddy  4 Comments
2

Categories
What are the standards that de ne the best rules for installation of eld equipment of a SIF/SIS, on site?

CATEGORIES ANIMATION BASICS  MEASUREMENT  CONTROL SYSTEMS  Q&A  ELECTRONICS  ELECTRICAL  TOOLSSelect Categ
FORUM
IEC 61511 or ISA-S84-2003 (which is really the same thing, plus a
grandfather clause) are intended for application in the process Ads by
industry. They do the best job of de ning what one needs to be
1
concerned with for eld instruments. The guidance may be considered
somewhat minimal but the critical safety issues are there. Whatever 2
would make a good installation for the basic process control system 3
(BPCS) is a good installation for the SIS also. However, some di erent
issues need to be recognized. First, the instruments need to be
reliable. One measurement, referred to as “proven in use” means
reliability data must be available for safety integrity level (SIL) calculations. If not then SIL-rated instruments are an option. Next
one must consider fault tolerance requirements for the Safety Instrumented Function (SIF). This is a function of the SIL level for
Latest Com
each SIF in the SIS. There will of course always be the need to make sure the instruments are calibrated routinely and tested per
the proof test requirement. If this is online then the engineer needs to make sure that those facilities plus the ability to do
manish wadi
maintenance is designed into the project. Typically sensors need their own root valve and nal control elements may need dear, sir than
bypasses or means for partial stroke testing. abut,,,,loadce

quy
The routing of the individual cables of transmitter that is in a 2oo3 voting system–the same route, di erent routes? thats so grea
plss. i have a

Some reliability engineers would want to try to convince you that a di erent route is required. While everyone would like a diverse manish
routing from a common mode point of view, (a re, dropped crane load, chemical spill could destroy all the cables in the same dear, sir than

tray, etc.) it is many times impractical to route di erently. One deciding factor is availability. If high availability is require diverse S Bharadwaj
routine is a good idea, but again not mandatory. Some companies may have internal standards on this subject. The other factor is Hi, if you are
whether or not the SIS fails safe. If a loss of a cable, causes the System to have a spurious safe trip the system is safe, but you have please use la

to deal with the cost of the spurious trip. If the SIF is energized-to-trip, one needs to look at separate routing. Also, end of line Rahul Rathod
monitoring etc. Sir, The table
remidies is n

Can I install the three eld devices in battery or in di erent places to avoid, common failure, e.g., vibration, risk of re? Ricardo Olse
OSHMI - Ope
HTML5 open
Field instruments are designed for the outdoor industrial environment. Utilize them correctly for their application. If it is a bad
installation for the BPCS it is bad for the SIS also. While many SIS logic solvers have been industrially hardened to operate in a manish
dear, sir thnx
broad range of environmental conditions with numerous successful applications, it just stands to reason that putting them in
of level meas
environmentally controlled areas will improve potential reliability plus the ability to do maintenance.
Yes one must always be careful with respect to common mode. Common mode can wiped out the reliability gains of redundancy.
That is why it is required to do SIL Calculations to verify that the common mode e ect is not so strong that it renders the SIF
ine ective.
Download

Must I use the normal practices of engineering or do rules or recommendation exist for the installation of eld equipment for
the SIF/SIS?

One has to ask whose normal practices?? If we mean industry best normal practices the answer is yes again but one needs to
follow the entire IEC-61511 Life Cycle to determine what that really means for each project. What is an acceptable solution for one Download
plant may not work for another. The questions you ask really points out that to safely design a plant, the project needs to execute
the IEC61511 Safety Life Cycle. Hazards are identi ed early in the project and solutions are designed around those hazards. The
questions you asked should all be covered in the Safety Requirements Speci cation (SRS). There are 27 questions that cover the
topics you have asked and more, much more. Inexperienced engineers may not be aware of this list of questions that de ne an
IEC61511 SRS. This is why you should work with experienced organizations. A study done by the Health and Safety Executive in the
UK has shown that the majority of problems with SIS systems today are actually speci ed into the project. (Or shall we say not
speci ed into the project, one does not know what one does not know.) Failure to execute the life cycle activities early and
properly can have serious safety, schedule and cost implications on a project.

Installation Guidelines:

Sensor-To reduce common mode each sensor should have a separate process connection. There have been some good
arguments made with regards to using di erent technologies in order to reduce common mode but one must look at practicality
vs. bene ts and risk reduction. Also, although the use of diverse technologies can reduce common cause it will not eliminate it
completely.

Transmitters-For sensors integrated (or separate) with the transmitter, the geographical locations of the voted transmitters
should be away from each other to the extent possible (so that in the event of a re–all transmitters are not a ected–as an

example!)

Junction Boxes-Separate JBs for each transmitter / 2 core cable is preferred.

Multicore Cables-If separate JBs not possible, run each transmitter pair in separate multicore cables to the control room.

Cable Trays-Run the multicore cables in separate trays which have separate routes to the control room when practical. Availability
would be the determining factor.

Safety Logic Solver-Each transmitter signal could be connected to separate SLS, on separate carriers. This would slightly
compromise on the PFD value however and could also make the SIF con guration more complicated, but reduces common cause.
SLS installed in two di erent cabinets in di erent control rooms would be even better! However common sense needs to be used
and practicality. Same logic could be used for the output signals.

The extent to which one would go in segregating will depend on ALARP – As low as reasonably practicable (here ‘low’ refers to the
risks involved). The Risk Reduction Factor (RRF) of the SIF and how much of the risk is the engineer / company ready to absorb, will
dictate the decision. The common cause calculator (based on such segregation) is given in IEC 61508-6, Table D.5.

When is a Safety Integrity Level Rating of a Valve Required?

Basic Process Control System (BPCS)

A system which responds to input signals from the process, its associated equipment, other programmable systems and/or an
operator and generates output signals causing the process and its associated equipment to operate in the desired manner but
which does not perform any safety instrumented functions with a claimed SIL = 1.

This de nition leads us to conclude that a BPCS is any system that has a SIL<1. Therefore, SIS systems employing Safety
Instrumented Functions with a speci ed safety integrity level, which is necessary to achieve safety function, need to have a SIL
rating equal to or above 1.

DMCA
Based on this de nition,
1. Why are control valves that are used in a BPCS required to be SIL certi ed?
As per IEC de nition, a SIL rating is not required but it is possible that reliability data for a valve may be required. Industry or
end user may require failure rate data of equipment or in loose term MTBF (Mean Time Between Failure).Essentially MTTF
(mean time to fail) is the right term to de ne product reliability. It is usually furnished in units of hours. This is more common
for electronic components, but trends are seen even for mechanical items.
2. How can MTTF provide useful data for the calculation of PFDavg (probability of failure upon demand)?
MTTF can be simpli ed to 1/(sum of all failure rates) or equal to 1/λ…
MTTFs calculations provide plant availability, which is a very important measurement of process plant up-time capability. A
spurious trip that is considered a safe but unplanned trip may be too strenuous for piping and other equipment. Not only are
production and quality a ected, pro ts may be as well. Also, it is important to consider the higher risk associated with plant
start up. IEC 61508 stresses more on “safety event”, in case of demands, which relates to dangerous undetected failures and are
used to compute PFDavg.As such, mechanical equipment like valve bodies and actuators do not have any diagnostics
capabilities. According to IEC 61508 part 2, table 2, with a hardware fault tolerance (HFT) of zero, with a single valve without
additional diagnostics, only SIL 1 is achievable per IEC 61508. A digital valve controller mounted on a “Final Control Element”
improves the diagnostic coverage factor, which in turn improves the SFF number, allowing the possible use of higher SIL rated
applications (Per IEC 61508 part 2, table 3) by use of the Partial Stroke Test.If control valve is designated to carry out a safety
function then it should meet the SIL level of the Safety Instrumented Function loop. In this case, failure rate numbers will be
required to compute the total PFDavg of the loop. The end user may possibly ask for third party certi cation to comply with IEC
61508 requirements to meet certain SIL suitability.

What is SIL?

A Safety Integrity Level (SIL) is a measure of safety for a given protective function. Speci cally, the extent to which the end user can
expect the protective function to perform, and in the case of a failure, fail in a safe manner? This protective function is known as
the Safety Instrumented Function (SIF). A Safety Instrumented System (SIS) is a collection of components ( eld devices and logic
server) that execute one or more SIFs. In order to de ne the required SIL value, the SIF’s must be well de ned and have undergone
a Safety Analysis. Note that the SIL belongs to a speci c SIF, not the whole SIS.

SIF veri cation can be optimized by the selection of components certi ed for use at the desired SIL value. For example, assume
there is a SIF with a desired SIL value of 2. By using components that are SIL 2 certi ed, this goal may be achieved. However, it is
important to note that simply combining components certi ed for a given SIL level does not guarantee the process will achieve the
speci ed SIL. The SIF SIL value must still be veri ed by an appropriate method such as Simpli ed Calculations, Fault Tree Analysis,
or Markov Analysis.

How is SIL di erent than reliability?

While the main focus of the SIL number is the determination of process safety, an important byproduct of the statistics used in
calculating SIL ratings is the statement of a product’s reliability. In order to determine if a product can be used in a given SIF, the
product must be shown to “BE AVAILABLE” to perform its designated task. In other words, how likely is it that the device in
question will be up and functioning when needed to perform its assigned task? Considerations taken into account when
determining “AVAILABILITY” include: Mean Time Between Failures (MTBF), Mean Time To Repair (MTTR), and Probability to Fail on
Demand (PFD). These considerations, along with variations based upon system architecture (i.e. 2oo2 versus 2oo3, or TMR
installation), determine the reliability of the product. Subsequently, this reliability data, combined with statistical measurements of
the likelihood of the product to fail in a safe manner, known as Safe Failure Fraction (SFF), determine the maximum SIL
environment in which the device(s) can be used.

SIL ratings can be equated to the Probability to Fail on Demand (PFD) of the device in question. The reciprocal of the PFD is known
as the Risk Reduction Factor (RRF).

When does a Fire & Gas system become a SIS?

When an RRF greater than 10 is required

How does SIL relate to individual components?

It should be noted that a SIL number applies to a complete function (SIF), i.e. the eld sensor, the logic solver and the nal
element. It is therefore incorrect to refer to any individual item or equipment having a safety integrity level. An individual
component can be certi ed for use in a particular SIL application, but such a certi cate constitutes only part of the veri cation
e ort, since the target SIL must be veri ed for the complete SIF.

Why would a customer want SIL certi ed products?

Products certi ed in accordance with the requirements of IEC 61508 have been assessed by a third party (TÜV) for use up to a
speci ed SIL. This assessment includes not only the FMEDA, but also software.

A third-party SIL certi ed product o ers several bene ts to the customer. The most obvious bene t is the product has already had
its’ reliability calculations performed and reliability statistics determined. The results are available for the SIS designer to derive the
SIF SIL number. This can signi cantly cut lead times in the implementation of a SIS. Another bene t is the reliability statistics have
been validated by a third party with expertise in SIL certi cation and reliability engineering. Probably the most important bene t to
using a SIL certi ed product is the certi cation report. Each certi ed product carries with it a report from the certifying body. This
report contains important information ranging from restrictions of use, to diagnostics coverage within the certi ed device, to
reliability statistics. Additionally, ongoing testing requirements of the device are clearly outlined

Also Read: Safety Instrumented System Interview Questions

SHARE  Facebook  Twitter  Google+  LinkedIn

 Need Some Training?

Ad www.ptainc.com

Sand Making Machine

Ad www.hxjqchina.com

Safety Instrumented
System Interview
Questions &...
instrumentationtools.com

Avertic® Chainsaw
Protection - Applied
in the biggest brands
Ad avertic.com

Overview of Safety
Integrity Level
Instrumentation Tools
instrumentationtools.com

Probability of failure
in Safety Control
Circuit...
instrumentationtools.com

Instrumentation
Engineers Interview
Questions &...
instrumentationtools.com

Importance of Safety
Integrity Level
Instrumentation Tools
instrumentationtools.com

Difference between
Availability, Reliability
& SIL...
instrumentationtools.com

Basics of Valves
Interview Questions &
Answers –...
instrumentationtools.com

How to calculate
Thermocouple
Temperature by...
instrumentationtools.com

Layers of Protection
Analysis (LOPA)
Interview Questions...
instrumentationtools.com

Field Instrumentation
Interview Questions
and Answers...
instrumentationtools.com

Author

S Bharadwaj Reddy
O cer - Instrumentation, GSPC - Oil & Gas, Kakinada, India.

   

Previous Post: Next Post:

 Instrumentation Earthing Overview of HIPPS System 

Related Articles

ANALYZERS • INSTRUMENTATION Q & A INSTRUMENTATION Q & A • LEVEL MEASUREMENT

Gas Analyzers Interview Questions Ultrasonic Level Technology Basic Questions
 September 21, 2015  December 29, 2015

COMMUNICATION • INSTRUMENTATION Q & A INSTRUMENTATION Q & A

Pro bus Communication Interview Instrumentation Interview Questions – 2
Questions & Answers  March 18, 2015
 December 11, 2015

INSTRUMENTATION Q & A • INSTRUMENTATION Q & A

TEMPERATURE MEASUREMENT Siemens PLC Interview Questions &
RTD Questions and Answers Answers
 March 13, 2017  February 2, 2017

4 comments

James 1 year ago

This is the rst time I am nding some good stu on safety systems. Very useful for interviews. Excellent Website.

Reply

RAMASAMY GANAPATHY 1 year ago

very useful and easy to understand about safety system.

Reply

Prasenjeet Sen 10 months ago

Dear Sir,

I am very happy to see this good materials are now available from internet and from this site as well.
In the eld of Instrumentation , we are doing a common Earthing / Grounding and a separate earthing for
Instrumentation.

I have 4 questions I. e,

1) Why we need a separate instrumentation earthing than electrical earthing” ????

2) Why each/individual eld instrument’s need earthing/grounding than a common earthing and how it is to be done ???
3) How the electrical surge is to be identi ed for a continuous and which occurs rarely ???
4) How the electronic equipment’s to be protected from power surges, what are the protective devices and how to
calculate to choose the protection device ???

Awaiting for your reply at earliest as per the points ……

Reply

 S Bharadwaj Reddy 10 months ago

1. Electrical earth are designed to handle any short circuit or other situations which are generally in ten’s
or in thousands’s of volts but ours are in max 24Vdc so we cannot combine these two. If combined then
sometimes our earth voltage will impact and unnecessarily our earth voltage levels may vary because of
common ground. Separate earthing means say we have Instrument earth or Intrinsic safety earth, panel
earth and system earth. Here we are protecting the system from any short circuits that may happen in
panel earths or others.
2.Field instruments earthing provided in marshalling cabinet and transmitter side it will be disconnected
to avoid earth loops or ground loops.
3. Protection circuits are there to handle these things like zener, optocouplers, surge protectors etc , if
required.
 4.I hope No extra protection required for electronic components as now a days every equipment comes
with inbuilt safety circuit and calculation depends on its design speci cations. Point 3 & 4 are relatively
same.
Thank You.

Reply

Leave a Reply
Your email address will not be published. Required elds are marked *

Comment

Name *

Email *

Website

Post Comment

Copyright © 2016. Created by Bharadwaj.