Institute of Measurement and Control Functional Safety Conference 2016

Challenges in Achieving Safety Instrumented Function Response Time for a Fast-Acting Process

Page 12

The IEC 61511-2 (2016) sections 15.2.4 and A.13.1 require that validation testing against the SRS should

also include testing of the response time, to ensure that the SIS can implement all the required SIFs within

the required process safety time. The response time of individual components can be validated

independently during their respective factory acceptance tests (FAT), but the end-to-end performance of

the entire SIF must also be validated during installation. The results of these tests should be clearly

documented.

The IEC-61511-2 (2016) section A12.5.3 requires that the application response time should be checked

for all safety functions to ensure that the data route through the application is such that the process safety

time can be met.

Recommendations

The preceding sections of this paper discussed the main challenges and design considerations for

achieving SIFRT for a fast acting process. Following is a summary of the main recommendations for

achieving SIFRT:

a.

Guidelines

-

Additional guidelines are needed in the industry’s functional safety standards to address the

margin between process safety time and SIFRT, and should be incorporated in future revisions.

-

SIFRT should be considered throughout the safety lifecycle; design, implementation, operation

and maintenance of the SIF.

-

Evaluation of SIFRT should be performed in parallel with SIL Verification exercises, because

both are essential to qualify the SIF as adequate to mitigate the particular hazard.

b.

Determining the PST

-

PST evaluation should be performed for all SIFs. This can be a preliminary estimation in early

phases, prior to HAZOP and LOPA reviews, with more detailed analysis while the project

progresses.

-

Several cases may result in a particular hazard with some developing more quickly than others.

As a result, all cases which result in the particular hazard should be assessed for early

identification of the defining case for the hazard and early identification of any fast acting SIFs.

-

Existing plant information should be used when available.

c.

Relationship PST and SIFRT

-

The design margin between PST and SIFRT should be evaluated and defined early in the design

phase.

-

Re-evaluate the design margin while the design progresses, to account for uncertainties in sensor

accuracy, installation and supplier guarantee of device response time and to incorporate any

additional scenarios that may be identified during the HAZOP.

d.

Achieving SIFRT

-

The device process measurement method, technology selection, architecture and installation

method should be evaluated during the design of the SIF to ensure that response time targets are

satisfied.

-

Set-point determination, requirement for diagnostics, alarm priority selection and operator

response determination should all take into account the target SIFRT.

-

Device response time should be specified on instrument specification sheets and thoroughly

evaluated during the procurement cycle. It is important that suppliers guarantee response time