The total solution for a HIPPS requirement

Standards Certification Education & Training Publishing Conferences & Exhibits

ir. Hein C. Steinz Sales & Marketing Solid Safety Solutions

Graduated master degree electronics 1978 Started safety systems development Holec 1983 Yokogawa since 1997, commercial since 2001 Born 1951, married, two kids, a boy and a girl Hobbys:

Introduction
Nowadays it is obvious that A chain is only as strong solving the HIPPS requirement or any other safety challenge is a matter of observing the total loop from process variable to as the weakest link process variable. It is, since a long time now, not a matter anymore of individual components or suppliers. Or, like the picture, the HIPPS chain is only as strong as the weakest link.
4

Contents
HIPPS, an overall loop requirement Manifolds Transmitters Logic Solver Solenoids and HIPPS Valves Partial stroke testing Communication and sequence of event registration Plant Resource Manager

Typical HIPPS solution

INPUTS OUTPUTS
T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4

INPUTS
T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4

OUTPUTS
T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4

Process Resource Management

DCS

T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4 T EXT 1 T EXT 2 T EXT 3 T EXT 4

Sequence of event

Communication Logic solver

Matrix interface

Fail safe outputs

Digital inputs Resets

Analog inputs voting

PV1 PV2 PV3

S S

S S

Important specifications
Safety Integrity Level (SIL), Process Safety Time,

Requirements
General description of the process to be protected. General description of how HIPPS is integrated into the process and other safety systems, including the objectives of what the HIPPS shall protect, and how and when it is activated. The required SIL level of the loop and the minimum acceptable initial loop average Probability of Failure on Demand (Pfd average). The required minimum proof test interval and a description on how the operator proposes to proof test the HIPPS. This is directly related to the production availability and therefore an important issue in the specifications. Specification of the system response time and the criticality thereof in relation to the time before over-pressure occurs. Detailed specification of the final element (shut-off valve) describing materials, design standards, actuator sizing/integration, details of the instrumentation such as solenoids and actuator. Specific safety aspects shall be addressed. Reference to a design standard like DIN 3381 can be considered. Detailed specification of the pressure transmitters and their safety aspects. Detailed specification of the controller including the required logging, local readout, test buttons, and communication to other controllers like the DCS. Event recorders shall be considered, also to record proof-tests. Components tests and integrated factory acceptance test (FAT) requirements for the complete system. Documentation requirements that may include procedures and checklists for the site acceptance test (SAT) and proof testing of the system.
8

Manifolds
Manifolds for the transmitters have to provide the necessary double block and bleed interlocking 2oo3 arrangement especially for HIPPS. Special attention has to be paid on the specifications and functionality of the manifolds to use.
measures against clogging such as
size of the process connection, mounting instructions temperature monitoring heating,

Double block and bleed on (most of the time) three transmitters with mechanical interlocking on the transmitter selection, limit switches to monitor the position of the mechanical interlocking and the capability of applying a test pressure to individual transmitters.
9

Transmitters
Pressure Measurement Component in Safety Instrumented Systems. To meet at least all requirements for a single instrument in SIL2 loop or two transmitters in SIL3 Loop.

10

Logic solver
Highest safety class available TV AK 1 7 / SIL 4 certification Inherently Fail-Safe Zone 2 applications Very high mechanical and electrical robustness High temperature range Very low power consumption Physical/Galvanic separations Very high EMC immunity Very long technical life span (> 30y) Test intervals many years Low Cost of Ownership Event Recorder (1 ms resolution)
11

Actuators and valves

Large valves Very fast closing time. Single component will not satisfy the safety requirements and there will be a need for configurations is series and parallel for safety but also for availability.

Specifically designed for fast reliable stroking over an extended service life. On failure, they are to close the final element.
12

Partial stroke testing

Every test done on a HIPPS will have to prove at least two things: its capability to close and within the specified time. Partial stroke testing can give you an indication and might remove some faults from the Pfd list to the known failure modes, but too often partial stroking will result in a vast data flow, which is to be stored and evaluated and, for higher SIL and fast acting applications, it cannot replace a real proof test.

13

Communication / sequence of event recording

Part of total instrumentation jobs Need for communication Existence of a firewall around the logic solver

Event registration is very useful, when synchronized with other process related systems, to determine what actual happened. Show the timed response Timing is the keyword Proper documented, can be used as a proof test
UNIX WorkStations

Firewall

PC Based Operator Interface

DDE

MBUS

CS-3000

MBUS

Logic solver

MODBUS

Flat Panel Operator Interface

ETHERNET

MODBUS

Plant Management Systems

OPC

DCS & PLC

DCS & PLC

14

Plant Resource Manager

PRM or Asset Management is a dynamic software tool that supports the daily business activities of maintenance personnel. The Plant Resource Manager Package for the digital network era of fieldbus efficiently handles field device management and maintenance work for the FOUNDATION fieldbus and HART devices, which helps reduce Total Cost of Ownership in the plant. Incorporating the transmitters and, if present for example for partial stroke testing or valve signatures, valve positioners will be a valuable add on the HIPPS functionality and especially maintainability. Advanced diagnostics on the transmitters and valves might reduce the necessary test intervals, however at least once per year is still recommended.
15

Conclusion
Dont go shopping for bargains when you want to realize a HIPPS solution. Go for the balanced solution for both functional and safety requirements. Be sure there is sole responsibility for your total loop and be sure this is a competent person or company.

The balanced

solution

16

Thank you for your attention.

Commitment means building the future to last.

17