Instrumentation safety may be broadly divided into two categories: how instruments themselves may pose a safety hazard (electrical signals possibly igniting hazardous atmospheres), and how Process Safety and Instrumentation and control systems may be configured to detect unsafe process conditions and automatically shut an unsafe process down.
What is Instrumentation Control System?
An instrumentation control system is an electrical, electronic, or programmable electronic system (E/E/PES) that may perform some or all of the following functions:
- Monitoring, recording, and logging of plant status and process parameters;
- Provision of operator information regarding the plant status and process parameters;
- Provision of operator controls to affect changes to the plant status;
- Automatic process control and batch/sequence control during start-up, normal operation, shutdown, and disturbance. i.e. control within normal operating limits;
- Detection of onset of hazard and automatic hazard termination (i.e. control within safe operating limits), or mitigation;
- Prevention of automatic or manual control actions that might initiate a hazard.
These functions are normally provided by, alarm, protection (trip, interlocks, and emergency shutdown), and process control systems.
These engineered systems are individually and collectively described as control systems, and maybe independent, or share elements such as the human interface, plant interface, logic, utilities, environment, and management systems.
The human interface may comprise a number of input and output components, such as controls, keyboard, mouse, indicators, annunciators, graphic terminals, mimics, audible alarms, and charts.
The plant interface comprises inputs (sensors), outputs (actuators), and communications (wiring, fiber optic, analog/digital signals, pneumatics, Fieldbus, signal conditioning, barriers, and trip amplifiers).
The logic elements may be distributed, and linked by communications, or marshaled together and maybe in the form of relays, discrete controllers or logic (electronic, programmable, or pneumatic), distributed control systems (DCS), supervisory control, and data acquisition (SCADA), computers (including PCs), or programmable logic controllers (PLC). The logic elements may perform continuous control functions or batch or change of state (e.g. start-up/shut-down) sequences. It should also be noted that logic functions may be distributed to be undertaken within smart sensors or actuators.
Utilities are the power supplies and physical elements required for the systems, such as electricity and instrument air.
The environment is the physical accommodation and surroundings in which the control systems (including the operator) are required to work, including physical accommodation or routings, environmental conditions (humidity, temperature, flammable atmospheres), and external influences such as electromagnetic radiation and hazards which might affect the operation of the control system during normal or abnormal conditions such as fire, explosion, chemical attack, etc.
Modern instrumented control systems are generally electrical, electronic, or programmable electronic systems (E/E/PES), but some purely pneumatic systems may still be in operation.
Process Safety and Instrumentation
In either case, the intent of this article is to help define and teach how to mitigate hazards encountered in certain instrumented processes.
I purposely use the word “mitigate” rather than “eliminate” because the complete elimination of all risk is an impossibility. Despite our best efforts and intentions, no one can absolutely eliminate all dangers from industrial processes.
It is impossible to eliminate all danger from life in general. Everything you do (or don’t do) involves some level of risk.
The question really should be, “how much risk is there in a given action, and how much risk am I willing to tolerate?”
To illustrate, there does exist a non-zero probability that something you will read in this book is so shocking it will cause you to suffer a heart attack.
However, the odds of you walking away from this book and never reading it again over the concern of epiphany-induced cardiac arrest are just as slim.
What we can do, though, is significantly reduce those risks to the point they begin to approach the low level of “background” risks we all face in daily life, and that is no small achievement. An important philosophy to follow in the safe design is something called defense-in-depth. This is the principle of using multiple layers of protection, in case one or more of those layers fail.
Applying defense-in-depth to process design means regarding each and every safety tool and technique as part of a multi-faceted strategy, rather than as a set of mutually-exclusive alternatives.
To give a brief example of defense-in-depth applied to over-pressure protection in a fluid processing system, that system might defend against excessive fluid pressure using all of the following techniques:
- A pressure-control system with an operator-adjusted setpoint
- High-pressure alarms to force operator attention
- A safety shutdown system triggered by abnormally high pressure
- Temperature control systems (both regulatory and safety shutdown) to prevent the excessive temperature from helping to create excessive fluid pressure
- Pressure-relief valves which automatically open to vent high pressure
- Pressure vessels built with “frangible” tops designed to burst in the safest manner possible
Note: Frangible roofs are a common design applied to liquid storage tanks harboring the potential for overpressure, such as sulfuric acid storage tanks which may generate accumulations of explosive hydrogen gas.
Having the roof seam rupture from overpressure is a far less destructive event than having a side seam or floor seam rupture and consequently spill large volumes of acid.
This technique of mitigating overpressure risk does not work to reduce pressure in the system, but it does reduce the risk of damage caused by overpressure in the system.
- Locating the process far away from anything (or anyone) that might be harmed by an overpressure event
Any one of these techniques will work to reduce the risk posed by excessive fluid pressure in the system, but all of them used together will provide greater risk reduction than anyone used alone.
Also Read: Why we use Intrinsic Safety?