We have in utility plant several Boilers. We want to install PLC (or PLCs) to manage the ESD and Burner Management System (BMS) for these Boilers. Please note that the current system is based on hardwired logic.

Does the NFPA standard restrict the design of ESD and BMS functions, in terms of having dedictaed PLC for individual Boiler?
Can we have a bigger PLC to manage all Boilers?

Please advise me on the best technical and economical solution to the above problem that will reflect good design practices. You can
also suggest a certain Brand of PLCs that can manage such functions.

Regards

Mufeed AL-Ghumgham
Email: [email protected]

 

Per NFPA you must have individual PLC's for each BMS/Boiler. You can use just about any manufacturers PLC. A few of the more common are AB SLC 5/04, PLC Direct, ABB/Bailey, etc. If you have any more questions feel free to email me.

Regards,
Mark P. Smith
Systems Engineer / CFM-SF, Inc.

 

If you are talking about ESD you have use standard ISA 84 or the IEC 61508 wich one talk about design of ESD.

The principal concept is to separate the control PLC and ESD PLC, the PLC you use to ESD have to be certified by a independent labotory like Factory Mutual or TÜV to do ESD.

My economical option to you are:
SLC500 A-B for control
QUADLOG (www.mooreproducts.com) for ESD and amazing SAFETY PLC.......

 

NFPA 8502 " Prevention of Furnace Explosions / Implosions in Multiple Burner Boiler-Furnaces" (1995)states the following:

Failure Effects (4-3.2.1) - The logic system designer shall evaluate the failure modes of component s where considering the design application of the system. As a minimum, the following failures shall be evaluated and
addressed:

(Note: these are the sort of things most general purpose PLCs can't handle.)

* Interruptions, excursions, dips, recoveries, transients, and partial losses of power,
* Memory corruption and losses,
* Information transfer corruption and losses,
* Inputs and Outputs (fail-on, fail-off),
* Signals that are unreadable or not being read,
* Failure to address errors,
* Processor Faults,
* Relay Coil Failure,
* Relay contact failure (fail-on, fail-off),
* Timer Failure,

Design (4-3.2.2) - The design shall include as a minimum the following:

(Note: these are also the sort of things most general purpose PLCs can't handle.)

* Diagnostics shall be included in the design to monitor processor logic function
* Logic system failure shall not preclude proper operator intervention
* Logic shall not be changed while the associated equipment is in operation
* Logic shall be protected from unauthorized changes
* System response time (throughput) shall be sufficiently short to prevent negative effects on the application
* Protection from the effects of noise shall be adequate to prevent false operation
* Any single component failure within the logic system shall not prevent a mandatory MFT
* Operator shall be provided with dedicated manual switch(es) that shall actuate the master fuel trip relay indepdently and directly

Requirement for Independence (4-3.2.3)

4-3.2.3.1: The logic system performing the safety functions for burner management shall not be combined with any other logic system. (This answers your main question.)

4-3.2.3.2: These burner management safety functions shall include, but not be limited to, proper purge interlocks and timing, mandatory safety shutdowns, trial timing for ignition, and flame monitoring.

4-3.2.3.3: The logic system shall be limited to one boiler only. (This also answers your main question.)

4-3.2.3.4: The burner management system shall be provided with independent logic, independent input/output systems, and independent power supplies, and shall be functionally and physically separate from other logic systems (i.e.
boiler control system).

Note: FM has a new standard (7605), released in December 1999, on PLC based burner management systems. Section 1.4.2 states: "Compliance of the hardware and software to the requirements of IEC 61508 standard on Functional Safety of Programmable Electronic Systems."

In summary: Kludging together a general purpose PLC to do all these things is rather complex and relatively costly, and still doesn't meet
certification requirements. There are cheaper, smaller, simpler solutions available, that are certified to the IEC 61508 standard. You can find out what vendors and systems are certified by visiting www.tuvps.com, and digging through a couple of their menus.

Paul Gruhn, P.E.
Safety System Specialist
Siemens Moore Process Automation, Inc.
8924 Kirby Drive
Houston, TX 77054
[email protected]
713-666-7686 (phone)
713-666-8421 (fax)
www.smpa.siemens.com

 

Dear Sir,

Does the NFPA standard restrict the design of ESD and BMS functions, in terms of having dedictaed PLC for individual Boiler? Can we have a bigger PLC to manage all Boilers?

NFPA 8502 - STANDARD FOR THE PROVENTION OF FURNACE
EXPLOSIONS/IMPLOSIONS IN MULTIPLE BURRER BOILERS
provides the guidelines for the design of BMS.

Clause no.: 4.3.2.3.1. under " Requirement for Independence" specifies that " The logic system performing the safety functions for burner management shall not be combined with any other logic system"

Clause no.: 4.3.2.3.3. under " Requirement for Independence" specifies that " The logic system shall be limited to one boiler only"


Dharmalingam,
BHEL, TRICHY.