Table of Contents Table of Contents
Previous Page  60 / 973 Next Page
Information
Show Menu
Previous Page 60 / 973 Next Page
Page Background

HYBRID APPLICATIONS OF IEC61511 WHEN OTHER STANDARDS ARE THE REGULATORY OR

CONTRACT REQUIREMENTS

INTRODUCTION:

In many parts of the world such as the USA, Brazil and Africa the regulatory basis for the design of

process industry instrumented safety systems is not usually IEC61511 but other standards such as

API RP14C or ISO10418. These proscriptive approaches have significant limitations when compared

to IEC61508/61511. Typical shortcomings include a lack of a performance specification, no lifecycle

requirements and a failure to address systematic or software issues.

To try to address some of these concerns operators are increasingly specifying IEC61511 in addition

to any other company or local regulatory requirements. This results in a hybrid design. The extent of

the IEC61511 lifecycle that is applied in these hybrid projects varies from part lifecycle such as SIL

assessment and SIL validation only, to full lifecycle. This can lead to confusion over the design basis

in areas where the standards contradict each other, as well as potential contractual conflict between

operator and design contractor over equipment scope and responsibilities. Further complications

can arise if the requirement includes asset protection as well as safety and environmental.

The author has been involved in several such projects and will present real examples including:

Full lifecycle implementation but with retention of all API protection

API design but with SIL assessment and validation only

API design but with pre-defined integrity level requirements plus validation

The challenges, benefits, shortcomings and results of these various approaches will be discussed, as

will be the general issue of including asset protection in what should be a safety system.

TYPICAL DESIGN BASED ON API RP14C

I will use API RP14C as an example of a proscriptive regulatory design basis since it (and its sister

standard ISO10418) are those with which I am most familiar. It is the one extensively used in the

offshore industry as the design basis for safety instrumented systems (SIS).

Equipment is categorised by type such as pressure vessels, pumps, heat exchangers etc. and for each

category the requirement for instrumented trips is pre-defined. Similarly, requirements for

mechanical protection such as relief valves are also defined. These standard designs are not related

to the level of safety risk that the equipment presents. Providing the design includes these trips

then it is API-compliant. No performance requirements are specified, the mere presence of the trip

regardless of the quality of the equipment is sufficient to comply. Similarly, software and systematic

fault concerns are not considered. By contrast, and maybe to compensate for potential quality

shortcomings, quite onerous test intervals are specified. SIS transmitters must be tested every 3

1 50-51 52-53 54-55 56-57 58-59 60 61 62 63 64 65 66-67 972-973  FlippingBook