You are about to design your plant’s first safety instrumented system (SIS). So what is some of the initial information that you need before you can efficiently start? No doubt you have the hazard and risk analysis document that describes the necessary safety controls, alarms and interlocks (SCAI) used to protect against the process safety hazards. P&IDs that show the locations of the proposed sensors, valves, and motors? Certainly! You even have logic diagrams ready that show all the process automation functions for your unit-operation, so you can easily verify independence.
Would you be surprised if I said that the facility maintenance and repair strategy for SCAI is also essential to have at the beginning of SIS design?
Too often, the mechanical integrity program for instrumentation is considered as an “after thought” to a project. Indeed, some may think that there will be plenty of time to develop maintenance procedures and spare part plans after the project is installed and returned to operations. Nothing could be further from the truth when it comes to this element of SCAI Management.
As all SCAI devices are subject to periodic testing, the instrumentation maintenance and repair plan for the facility is a necessary input to SCAI design. The following SCAI automation design decisions will be based on performance assumptions that depend on having an effective instrument mechanical integrity program:
- Approving instrumentation to be used in SCAI, based on reliable performance and appropriately low dangerous failure rates
- Adding instrument redundancy to facilitate online testing and repair and to achieve desired test intervals
- Incorporating isolation valves, taps and bleeds into piping design to facilitate planned preventive maintenance (PPM) and periodic device testing
- Laying out process equipment and piping so that failed SCAI devices are accessible in a timely fashion
- Designing compensating measures to manage the process safety risk while SCAI devices are out of service for testing or repair
Having a hardware design that accounts for testing and repair requirements is not the only thing that must be planned for in advance. SCAI instrument reliability management must also be worked into the facility staffing plan. Competent resources must be available to perform:
- Production management that ensures equipment will be ready to test on schedule and to manage exceptions to plan
- Execution of PPM, proof testing and visual inspections
- Capture and analysis of as-found/as-left data to ensure abnormal instrument performance is promptly escalated
- Timely repair of instrument failures
- Management of a spare parts program that avoids unplanned instrument changes
- Management of change (MOC) reviews for changes to SCAI instrumentation, including programming, configuration, or procedures
- Audits of the mechanical integrity program to identify longer term systematic failures and discrepancies from the initial design assumptions
Finally, there must be ongoing commitment from facility leadership to maintain sufficient staffing resources and competency to ensure that testing occurs according to plan and approved procedure, and to take timely corrective action upon notification of unacceptable results from the ongoing tests or the periodic audits. Some spot-audit interview questions facility leaders may want to address to their maintenance personnel include:
- Do the maintenance procedures contain clear pass/fail criteria for inspecting the device?
- Is the maintenance and repair program clear on how “bad actors” should be escalated? Do you know who to go to and what information to provide if you spot a “bad actor”?
- If the make/model/version/configuration of a SCAI device needs to be modified during a repair, does the maintenance procedure clearly indicate this a “change” that must follow MOC? Are PPM and test procedures updated and maintenance notified or retrained if necessary when such a change occurs?
In summary, all instrumentation and controls in safety applications must have a robust mechanical integrity program. Maintaining the device correctly is inseparable from claiming risk reduction for the function that uses it. The reader may refer to ANSI/ISA-84.91.01-2012 “Identification and Mechanical Integrity of Safety Controls, Alarms, and Interlocks in the Process Industry” and ISA TR84.00.03 “Mechanical Integrity of Safety Instrumented Systems (SIS)” for more guidance on this safe automation management practice.
Eloise Roche