Table of Contents Table of Contents
Previous Page  918 / 1143 Next Page
Information
Show Menu
Previous Page 918 / 1143 Next Page
Page Background

optimum level (remember there is a balance and an ultra-safe organisation may quickly go out of

business if it is too risk averse). We want to know all this at a glance and we want to know that if

things are slipping, we know immediately. Let’s face it today’s society expects instant answers to

everything that is important to us.

Why can’t we? We have the people, we have the data, we have the technology so why is it not

possible today not tomorrow?

People need to be reading off the same page. We need openness and sharing of best practice and

information, across departments, across company, across industry. How is this possible? Ask your 16

year old son or daughter, they know what everyone of their friends have done recently, what they are

doing now and what they are doing tomorrow. They have discussed at length all of these subjects,

they are ‘in the know’ they are ‘open’. Indeed, Elon Musk at Tessla published all their patents to open

source in an attempt to further research into electric cars. His goal? ‘To save the planet from global

warming’? That lofty goal is still to be achieved I’m sure but safe operation of plant to protect people,

environment and asset is not a commercial advantage. A disadvantage if you don’t do it certainly.

There are secure applications available but built with an open philosophy. If we know what we’re

doing, when and why, we can only continue to improve.

A Cause & Effect actually contains an awful lot of data that in turn relates to an awful lot of other

data. It can only define the transition from one mode of operation to another i.e. running to shut down

and it only represents certain protective and mitigating barriers. It identifies a possible cause, say

‘high level in tank’. It represents a protective layer usually the SIF/SIS and it shows the action of

certain mitigating barriers such as alarms, ESDVs and possibly deluge systems.

There may be thirty or forty sheets of C&Es and if we represented all the modes individually like idle,

start up and reset maybe we have 120 sheets. Possibly as much as 2000 I/O on one SIS with 10,000

soft points. Add to this interfaces to third party systems, BPCS, DCS, alarm management, operator

interfaces. This is becoming big data, but I would argue that it is long understood data we just find it

hard to inspect, maintain and test in a manner that includes every combination and allows for all safe

modes and pre-conditions.

In addition, how do we visualise this data? If we trip due to a SIF (spurious or not) what do we have?

A sequence of events historian that streams 250 input and output points that have changed state during

a level 2 shutdown, a flashing symbol on a DCS screen and a GA in the CCR so we can’t think. The

operator hopefully knows his process has shutdown, but why, where, how, that may take some time

and the trip came without warning. If we do not know the current state of out protective systems and

devices how can we predict how fast we nearing our next unplanned shutdown?

If we can understand our protective barriers and the integrity of each of them and have analysed the

tipping points and the velocity with which each cause or threat can take us to a major accident hazard

then surely shutdown events should not be a surprise or take time to interpret.

1 913 914 915 916 917 918 919 920 922-923 924-925 926-927 928-929 1143  FlippingBook