ebook img

Safety Instrumented System Design: Techniques and Design Verification PDF

433 Pages·2018·10.047 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Safety Instrumented System Design: Techniques and Design Verification

Safety Instrumented System Design Techniques and Design Verification By Iwan van Beurden, CFSE William M. Goble, CFSE Notice The information presented in this publication is for the general education of the reader. Because neither the author nor the publisher has any control over the use of the information by the reader, both the author and the publisher disclaim any and all liability of any kind aris- ing out of such use. The reader is expected to exercise sound professional judgment in using any of the information presented in a particular application. Additionally, neither the author nor the publisher has investigated or considered the effect of any patents on the ability of the reader to use any of the information in a particular application. The reader is responsible for reviewing any possible patents that may affect any particular use of the information presented. Any references to commercial products in the work are cited as examples only. Neither the author nor the publisher endorses any referenced commercial product. Any trademarks or tradenames referenced belong to the respective owner of the mark or name. Neither the author nor the publisher makes any representation regarding the availability of any refer- enced commercial product at any time. The manufacturer’s instructions on the use of any commercial product must be followed at all times, even if in conflict with the information in this publication. The opinions expressed in this book are the author’s own and do not reflect the view of the International Society of Automation. Copyright © 2018 International Society of Automation (ISA) All rights reserved. Printed in the United States of America. 10 9 8 7 6 5 4 3 2 ISBN: 978-1-945541-43-8 No part of this work may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the publisher. ISA 67 T. W. Alexander Drive P.O. Box 12277 Research Triangle Park, NC 27709 Library of Congress Cataloging-in-Publication Data in process To my colleagues and friends at exida and in the industry for challenging and sup- porting me to further develop the field of SIS probabilistic analysis based on actual field data. Knowing all the effort is appreciated in your daily work is very satisfying. To my family Rachel, Noah, and Asher for your continued support. Iwan van Beurden To the many system design engineers in the field who understand the value of proba- bilistic analysis in SIS design. Let the numbers answer the question. Dr. William M. Goble Acknowledgments Dr. Julia Bukowski was the primary technical editor of the document, per- forming detailed reviews and suggesting rewrites of many sections. This book is vastly improved because of that work. The book also benefited from excel- lent reviews by Kate Hildenbrandt, Hal Thomas, Denise Chastain-Knight, Loren Stewart, Jessica Lo, Mike Medoff, Dave Johnson, Emily Smith, Steve Gandy, Steve Close, Dave Arner, John Benway, Gary Law, Sergio Diaz, David Park, Tina Todd, Rajendra Deokar, Dianne Eldridge, Eric Swanson, Bahram Nazmi, Nathan Eldridge, Azita Malek, Gitanna Wasserman, and Stephan Aschenbrenner. We thank Rick Smith for his creative graphics work. The ISA staff did a great job making the raw files into a real book. We thank Liegh Elrod and Susan Colwell for guiding us through the ISA process and providing encouragement. About the Authors Iwan van Beurden, CFSE Iwan van Beurden is the Chief Technol- ogy Officer, Director of Product Develop- ment at exida. He supports exida’s end user services, exida’s manufacturer ser- vices, and exida certification activities. He has more than 20 years of profes- sional experience in the functional safety field. van Beurden is responsible for the development, maintenance, and certifica- tion of the exSILentia® integrated safety life cycle tool and associated products. van Beurden performs IEC 61508 devel- opment support, IEC 61511 life cycle ser- vices, functional safety assessments, and a variety of reliability analyses. He is an active member of the ISA84 committee and teaches exida and ISA training classes. van Beurden is a Certified Functional Safety Expert (CFSE) and a senior mem- ber of ISA. He has published various papers and magazine articles. He holds a MS degree from Eindhoven University of Technology in Eindhoven, the Neth- erlands, where he majored in reliability engineering and graduated cum laude. xi xii Safety Instrumented System Design William M. Goble, PhD, PE, CFSE William M. Goble is Managing Director and Cofounder of exida, a company that engages in research, training, product certification, and system consulting for safety-critical and high-availability sys- tems. He has developed probabilistic analysis methods for functional safety that are widely used today. He has more than 40 years of experience in control systems, including product develop- ment, marketing, training, and functional safety certification. Goble received a BS in electrical engi- neering from Penn State University, an MS in electrical engineering from Villa- nova University, and a PhD in reliability engineering from Eindhoven Univer- sity of Technology. He is a registered professional engineer in the State of Pennsylvania and a Certified Functional Safety Expert (CFSE). He is an ISA Fellow. He has written hundreds of technical articles and several best-selling books on functional safety. About the Book This book was written to replace Safety Instrumented Systems Verification: Prac- tical Probabilistic Calculations by Harry Cheddie, PE, CFSE, and William M. Goble, PE, CFSE, 2005. The chapter sequence in the earlier book was partly maintained. A new book was needed, however, as a great deal of research has been completed in the field of SIF verification in the last 12 years. Far more field failure data is available, and the results of the field failure data studies have been included in recent updates of SIF verification methods and engi- neering tools. The performance-based approach with quantitative design veri- fication is now far more realistic and continues to allow designers the ability to optimize and innovate. The book covers the fundamental concepts from the field of reliability engi- neering, but does not get into the theory and development of those concepts. Other books cover those topics well; the intention in this book is to keep things practical. The book does cover recent advances in SIF verification modeling and strives to provide far more realistic approaches to this task. ix Contents About the Book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix About the Authors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi Chapter 1. The SIS Safety Life Cycle. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Functional Safety . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Functional Safety Standards. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 SIS Safety Life Cycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Analysis Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Realization Phase. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Operation Phase. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Benefits of the SIS Safety Life Cycle . . . . . . . . . . . . . . . . . . . . . . . . . . 14 SIS Safety Life-Cycle Adoption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Chapter 2. Safety Instrumented Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21 Safety Instrumented Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 BPCS versus SIS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 Safety Instrumented Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Equipment Used in a Safety Instrumented Function . . . . . . . . . . . . 27 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Chapter 3. Failure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31 Stress-Strength . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Stress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 xiii xiv Safety Instrumented System Design Strength . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32 Failure Rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35 Acquiring Failure Rate Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38 Random Failures versus Systematic Failures. . . . . . . . . . . . . . . . . . .38 Survey Failure Example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39 Exercises. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43 Chapter 4. Basic Reliability Engineering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 Successful Operation—No Repair . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 Probability of Success. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 Reliability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46 Unreliability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47 Mean Time to Failure (MTTF). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48 Constant Failure Rate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50 Successful Operation—Repairable Systems. . . . . . . . . . . . . . . . . . . . . . . .53 Mean Time to Restore (MTTR). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53 Mean Time between Failures (MTBF) . . . . . . . . . . . . . . . . . . . . . . . . .55 Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55 Unavailability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56 Steady-State Availability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56 Average Unavailability with Periodic Inspection and Testing . . . .57 Exercises. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64 Chapter 5. System Reliability Engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65 Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65 System Model Building . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .66 Reliability Block Diagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .66 Series System. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67 Parallel System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69 Fault Trees. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71 Fault Tree Symbols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71 Comparison of the Reliability Block Diagram and the Fault Tree .73 Fault Tree Solution Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73 Fault Tree Common Mistakes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77 Fault Tree Average Probability Calculation. . . . . . . . . . . . . . . . . . . .78 Time-Dependent Fault Tree Solutions. . . . . . . . . . . . . . . . . . . . . . . . .82 Markov Models. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84 Comparison of Fault Trees and Markov Models. . . . . . . . . . . . . . . .85 Markov Solution Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86 Realistic Safety Instrumented System Modeling. . . . . . . . . . . . . . . . . . . .90 Exercises. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93 Contents xv Chapter 6. Equipment Failure Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .95 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 Equipment Failure Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 Fail-Safe. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 Fail-Danger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 Annunciation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 No Effect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Detected/Undetected . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 SIF Modeling of Failure Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 PFS/PFD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 PFDavg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 Chapter 7. Obtaining Failure Rate Data. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 Failure Rate Estimation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 Manufacturer’s Field Return Data. . . . . . . . . . . . . . . . . . . . . . . . . . . 104 Industry Database Consortiums . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 Site-Specific/Company Data-Collection Systems. . . . . . . . . . . . . . 108 Failure Rate Prediction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111 B10 Cycle Testing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111 Failure Modes Effects and Diagnostic Analysis (FMEDA) . . . . . . 112 Calibrated FMEDA—Combining Estimation and Prediction. . . . 114 Manual Proof Test Coverage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 A Comparison of Failure Rates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 Chapter 8. SIF Design and Verification Process. . . . . . . . . . . . . . . . . . . . . . . . .125 Conceptual Design. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125 Modes of Operation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 Continuous Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 High-Demand Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 Low-Demand Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129 Safety Requirements Specification (SRS) . . . . . . . . . . . . . . . . . . . . . . . . . 130 Equipment Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 Application Suitability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134 Safety Integrity Evaluation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135 Architecture Constraints—Redundant Elements . . . . . . . . . . . . . . . . . . 140 Why Architecture Constraints? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 Architecture Constraints from IEC 61511. . . . . . . . . . . . . . . . . . . . . 142 Architecture Constraints from IEC 61508. . . . . . . . . . . . . . . . . . . . . 142 Probability of Dangerous Failure Analysis . . . . . . . . . . . . . . . . . . . 149

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.