We are in the process of upgrading the ESD system of an existing plant (20 years old) and have done a IPF study on the existing ESD system.

As per the same, we have initiators which are SILa1 or SILa2. My query is:

1) Can such tags be shifted to the DCS?


2) Some of the tags are for alarm only, can they be shifted to the DCS? (though that was common sense but my in-house expert thinks otherwise!!!!)

3) The IPF study does not include any recommendation or study for shifting of functions between the ESD to BPCS layer. Hence, will the SILa1 or SILa2 change if shifted to the DCS if the DCS was considered as an additional protection layer (say another transmitter on control function)during the study?

regards

 

I am a TUV FSeng.

The Sil rating of a function is the summation of the ratings (failure rates) of input(s), logic solver, output(s) and power supplies.

As your system is over 20 years old it probably has no rating and no certification.

What is your original system?
What is your new system?

Has your study identified your required safety functions?
Has your study placed a required Sil level to these safety functions?

Who is doing your safety verification? Are they TUV certified?

Basic answer is NO you cannot simply transfer safety functions out of one system into your DCS. That fact you are asking this means you lack some understanding of IEC 61508 & IEC 61511.

Get an FSEng to help. www.tuvasi.com

 

Hello,Tony.
Could you give me information about your real name and your company? I have a project you might be intereated in and we can cooperate. I really appreciated if you can contact me.

 

This may be a bit late however I'd like to add the following.

1) Judging from the language used in the post you have used a particular company methodology (which I have come across before) to determine your integrity levels for your safety function. Based upon this assumption, what is written below follows:

2) The international standards do not recognise the designation SILa1/a2. Its either SIL1,2,3 or 4 or the function is classifed as having no special safety requirements from an safety integrity prespective.

3) Therefore the decision about the allocation of these functions is likely to be down to an intepretation of the company methodology. This may mean that it might be possible to move the function to the DCS. But that is a decision to be made by examining the function to be implemented and the required risk reduction. Then evaluating it against the policy. Quality DCS systems can be configured to be very reliable and in some cases meet, for SILa1/2 functions, the integrity/risk reduction requirement.

4) It is possible for operators to be involved in the implementation of a safety function (rarely and not preferred) and act in response to an alarm. If this is the case and the function has a required integrity level it is not going to be possible to put it in the DCS. If it is just an "normal" alarm then the answer is you can probably shift the function into the DCS. PS don't forget to evaluate the reliability of the human in the function.

5) Be careful about "layers of protection" it is possible to easily miss dependencies between layers and therefore incorrectly specify the integrity requirements e.g. the are lower than that actually required.

In addition I would echo to a certain extent Tonys comments in his reply. However I would also caution about over reliance on somebody's designation as a TUV approved safety engineer. Like all certified items there is a variation in quality between individual items. Exercise judgement in the selection and examine things more carefully. Get as much information about the item with respect to the application as possible. This is in no way intended to cast doubt on the qualification which I regard as a good step in the right direction.

There are incidentally several schemes run by TUV, exida, and others run by engineering associations and universities so don't discount people qualified by other routes. There are also some good old timers with no official safety qualifications.

Hope this helps.

DaveMH
Contact me at hazael.automation((@))ntlworld.com without the brackets if you need further information.