aeSolutions co-founder, Ken O’Malley, and his wife, Chery, are giving back and supporting their passion for engineering along with Auburn Engineering through a scholarship benefitting underrepresented students.

aeSolutions is proud to announce we recently became an Alliance Partner of Schneider Electric in order to bring more value to our clients and more offer comprehensive solutions tailored to your facility. Founded in the mid 1830’s in France, the company has its earliest roots in steel foundries, the machine industry, and later ship building. In the late 1800’s the company expanded into the emerging electricity market. Today Schneider Electric is focused on software, critical power, and smart grid applications. Collaboration is crucial to keep up with the accelerating adoption of digital transformation. aeSolutions’ new alliance partnership with Schneider Electric is in the areas of Control Systems and the Modicon Safety System products. The Modicon M580 platform provides a compelling and cost-competitive SIL 3 SIS logic solver with controller and I/O module availability-redundant architectures. Program Levels: Alliance Industrial System Integrator Locator - Alliance Registered Alliance Industrial System Integrator Program - Alliance Registered

Industry Veteran to Lead Division Dedicated to Providing Top Tier Process Safety and Risk Management Solutions Greenville, SC –January 24, 2023 – aeSolutions, a consulting, engineering, and systems integration company, today announced the appointment of Ken Whittle to the position of senior director for Process Safety. Whittle will lead the company’s Process Safety business in value creation and business growth and will report directly to the company’s president. “Ken comes to us as a past client of aeSolutions with a strong track record of more than 30 years of process safety experience in an operating chemical company,” said Ken O’Malley, president of aeSolutions. “I am very excited for the impact Ken’s experience and passion for process safety will have on our business and in expanding our ability to better serve our clients.” As senior director, Whittle will have top, overall accountability for the performance of the company’s process safety business and will be a member of the company’s senior leadership team. He will work directly with the company’s Plant Protection Systems business leader to guide clients in protecting their employees, their communities, and the environment. Whittle’s 30-plus years of leadership roles in environment, health, safety and sustainability (EHS&S)/operations comprise experience with mechanical integrity, maintenance excellence, mergers and acquisitions, and leadership coaching and mentoring. Additionally, he has held increasingly senior and complex roles at the corporate and business levels, at both large and small upstream and downstream petrochemical facilities. “As a past client, I was already well aware of aeSolutions and its capabilities,” said Whittle. “I am excited to bring my process safety and chemical manufacturing experience to a firm so committed to process safety and critical safety systems.” About aeSolutions In business since 1998, aeSolutions is a consulting, engineering, and systems integration company that provides industrial process safety and automation products and services. They specialize in helping industrial clients achieve their risk management and operational excellence goals through expertise in process safety, combustion control and safeguarding, safety instrumented systems, control system design and integration, alarm management, and related operations and integrity management systems. For more information, visit www.aesolutions.com. Media Contact RedIron PR for aeSolutions Kari Ritacco kari@redironpr.com

When the COVID-19 pandemic began, many plant sites minimized on-site staff to essential personnel, and restrictions prevented in-person collaborations for projects. Following CDC recommendations, aeSolutions equipped its team to overcome technological hurdles and pivoted to meet client requirements amidst the circumstances. Through virtual meetings and ongoing learning, we were able to support client projects and maintain a range of deliverables—all while working remotely. One of the best examples of remote meeting success has been conducting virtual Process Hazard Analysis (PHA) studies. Here, aeSolutions and our clients not only overcame travel restrictions and technology challenges and lowered the risk of exposure to COVID-19 but also capitalized on the availability of highly leveraged staff working from home to produce high-quality process safety work products. Our Process Safety Management team was able to rearrange work schedules to coincide with the availability of client teams both in the US and internationally from the safety of their homes. The flexibility of working remotely has fueled innovation that led the team to provide additional services virtually, such as Factory Acceptance Tests (FAT), Compliance Audits, and site walk-downs with the use of modified work plans and a GoPro camera. Remote work has come with inherent challenges. We found participants are less likely to interact and engage in virtual meetings, especially when convenient features like the mute or camera button is just a click away. As our Senior Project Manager, Chris Hickling explained about the struggle facilitators faced with virtual meetings: “(they) do not get as much body language feedback.” If someone doesn’t agree, for instance, facilitators can’t see typical social cues because every member may not be visible on the screen. To counteract this relatively new virtual issue, facilitators made sure to pose questions that generated higher participation rates and engage with team members before the meeting, as they come back from breaks and outside the meeting on parking lot issues. To further ensure quality and maximize productivity, aeSolutions has learned to meticulously plan virtual meetings beforehand, which includes structuring meetings so participants can take breaks and refresh before continuing the session. As Hickling says, “we have to be very structured about the handling of client information and in our preparation for the actual PHA meetings.” We have to ensure access of information to all participants using available technology and establishing backup plans in case of technical difficulties. aeSolutions has found that remote PHAs with multilingual teams are far more effective with teamwork. aeSolutions has a multilingual team of facilitators and engineers on staff to bridge language gaps. The value of this has been even more important with the necessity of remote studies. aeSolutions uses our bilingual staff to lead or translate/scribe the meetings, as well as translate technical documents in-house or through a vetted partner. This collaborative teamwork enables an immediate one-on-one response to technical inquiries and accuracy on documenting the team input during the meetings. While there’s no substitute for traditional face-to-face communication and boots-on-the-ground activities, aeSolutions will continue to offer services through a remote interface when necessary or desired by a client. These alternative remote work plans have offered both a flexible and cost-effective way to keep projects moving forward during the COVID-19 crisis and will continue beyond. To learn more about aeSolutions Process Safety services - whether in-person or virtually—send us a message today or visit our website at www.aesolutions.com.

Navigating the Learning Curve in a Growing Industry Hydrogen is highly explosive, easily undetectable and can self-ignite – a recipe for disaster! Is your hydrogen plant taking the right measures to ensure safety? We leverage our decades of industry experience to make your hydrogen plant safe and efficient. "Within industry, people have been producing hydrogen for 100 years, but there's really been a lot of interest lately in hydrogen for transportation and for energy. What we've seen is a lot of people enter the market that may not have that, that background of operating chemical facilities." "And they're trying to understand, how do you handle it? How do you transport it? Transfer it. How do you contain it? How do you keep it safe and under control? And these companies are going to be on a bit of a learning curve as they try to understand the properties of these molecules and how they behave. And this is something aeSolutions has done for a very long time. With our modeling team, what we're finding is these models are creating some surprising. Results. Gases, particularly indoors, do not behave necessarily in an intuitive way. And where an expert might think is a good location for a detector, the gas may go undetected, it may not collect in sufficient quantities in that location." "If the hydrogen is being generated with electrolyzers, normally those are in enclosed buildings that are ventilated, but you want to be able to detect hydrogen leaks inside those buildings. huh? Hydrogen is highly explosive volatile. It can actually self ignite. So, we put gas detection and flame monitoring inside the electrologist building. The hydrogen flames are also not easily seen with the human eye and outdoors it's almost impossible to see. We put in flame detectors to alert personnel that there is a flame gas detector to alert personnel that you know there are issues, gas leaks. You might want to shut the process down, you know, evacuate people, etc. We can do your process ESV's. We can handle all your fire and gas IO all in one box. You have common spare parts. You don't have external interfaces you have to worry about. It makes it more cost effective."

Navigating the Challenges of the Evolving Hydrogen Market - See how aeSolutions engineers are working to keep ammonia production safe as part of industries move towards a goal of net zero. The future of the hydrogen market is really exciting, but it has some challenges. We're seeing some new players come into this industry and they're trying to understand what does it take to handle ammonia? How do you handle it? How do you transport it? How do you contain it? How do you keep it safe? So one of the markets that we do a substantial line of work in is traditional ammonia manufacturing, most of it for either mining or AG Chem. It's a hazardous process. Almost all of the facilities are PSM covered, so there's need for risk assessment. And what we do there is we monitor for ammonia leaks both on the perimeter with open path gas detection and point detection near identified leak sources and our system can detect the leak. Alert personnel, can automatically release deluge or water. To knock the ammonia cloud down, the companies want to make sure that the ammonia stays on their property and the gas cloud does not go out off of their. Property and it's typically very high consequence if they have an event. Your risk mitigation around that involves high reliability and validated systems, whether it's an alarm that needs to be in compliance with your philosophy and rationalization of basic process control system that's operating on automatic. That, you know, doesn't have a bunch of errors. It's controlled and tuned well. Or a safety instrumented system that's really like that airbag system in your car that you never know is there until you need it, and then it deploys. And then, in many cases, these facilities should one of those barriers fail and you end up with the product outside of the pipe, have fire and gas detection systems that are kind of a mitigation layer. To help reduce the consequence of an event that occurs AE solutions partners with our clients to address all of those needs, whether it's front end consulting all the way through system integration and full system delivery.

By Ted Hoffman, PE (AK, SC) A challenge in industry is prioritizing operating issues or the potential for an incident with fired equipment without incurring substantial assessment costs. A conceptual level compliance screening checklist is a cost-effective solution that systematically prioritizes fired equipment upgrade projects. This assessment tool determines conceptual compliance of a facility’s Burner Management System (BMS) with the National Fire Protection Association (NFPA) or American Petroleum Institute (API) standards. It highlights important findings for a facility’s fired equipment system. A conceptual compliance screening checklist is particularly beneficial for: Companies who recently invested in a new facility or purchased an existing facility Aging fired equipment that has not undergone recent upgrades Fired equipment with an uncertain adherence to codes and standards Personnel who are unfamiliar with the operation or condition of the fired equipment or want a better understanding of the unit Company managers are often faced with deciding which projects and actions items should take precedence at their facilities. If no action is taken or there are unknown issues, unaware personnel could be at risk. On the other hand, a full gap assessment on every piece of equipment can be an enormous undertaking and significant expenditure, and this level of detail may be premature. A screening checklist provides a balanced solution for identifying potential areas of deficiency and prioritizing those areas. It can also serve as a conceptual Basis of Design (BOD) for a potential upgrade/replacement project and may support an order of magnitude cost estimate for the subsequent project stage. As fired equipment ages and codes and standards evolve, companies may be completely unaware of a serious issue. A screening checklist allows companies to make informed decisions on their fired equipment and prioritize potential upgrades. It is the first step to being proactive to potential fired equipment hazards. Fired Equipment, NFPA 85, 86, 87API 538, 556 Gap Assessment Risk Combustion

Industrial companies are undoubtedly interested in running their facilities as safely and productively as possible. Projects of various size scopes at these facilities are driven by these motives as well as others, such as quality and profitability. Care should be taken in the course of project lifecycles to ensure that the project aims are accomplished while also ensuring that process safety is built into the project from its inception, design, construction, and ongoing operation standpoints. Safe design, construction, and operation of new plant facilities requires thoughtful consideration and collaboration of project teams with internal and external experts to ensure that project work proceeds with the right focus on process safety. One method commonly used to achieve this goal is periodic focused process safety reviews conducted during the project life cycle. There are many opportunities in projects for such reviews, to the extent that it can be confusing what to do, how to do it, and when to do it. It is not a simple one-size-fits all decision. The following discusses some of the available options for process safety reviews to help with these choices. The Challenges A systematic process for the selection and implementation of project lifecycle safety reviews is a basic requirement for project management. There are a variety of review types that may be appropriate at different times for most chemical process additions, including: A hazard identification (HAZID) study is typically the earliest process safety study. The HAZID should be performed in FEL-1 (Options phase of a capital project) and updated in FEL-2 (Concept phase or Feasibility Study phase). It is a brainstorming session based on current knowledge that identifies the potential hazards in the scope of a capital project. For capital projects, the HAZID typically kicks off the initial HSSE Risk Register, which lists the HSSE risks to be managed by the project team. The HSSE Risk Register is usually a subset of the Project Risk Register. Concerns typically addressed at this stage include chemical hazards, siting, traffic, staffing concept, safety concept, flammability concerns, chemical storage, reactivity/compatibility concerns, and waste handling. A conceptual process hazard analysis (PHA), also called a preliminary or design PHA, is normally conducted during FEL-2. This PHA is typically a HAZOP or What-If study facilitated from early-stage P&IDs or PFDs. However, it can even be facilitated from a process sketch. The depth of information available for the study impacts the specificity of the resulting recommendations. For this and all other project PHAs, engaging an independent, competent, and experienced facilitator is crucial for high quality recommendations to be developed. As a design progresses, the conceptual PHA should be updated regularly to reflect the increased degree of design and changes to the design, including vendor packages (such as skid-mounted compressors, dryers, heaters, material handling equipment, etc.) when the package information is available. FEL-2 can also include an early stage Facility Siting study, especially for projects involving new inventories or uses of toxic or flammable chemicals. A siting study is a multi-faceted quantitative analysis of potential fire, explosion, and toxic hazards to personnel from releases of hazardous chemicals. This type of study is extremely helpful in assessing more inherently safe design options, including use of alternate process fluids, minimizing inventories, and location and layout of equipment. The facility siting study should be updated in FEL-3 (Front-End Engineering Design phase) as design decision and inherently safer design options are finalized. It is important for the project to engage well-qualified personnel for a siting study, as facility projects, including those that may impact an existing facility, can involve significant data gathering and complex calculations. In FEL-3 (Front-End Engineering Design phase), there is typically a series of Design Review Meetings that finalize the process description, controls narrative, and other aspects. The Design Review Meetings are often followed up with the Detailed Design PHA study. The end-point Detailed Design PHA (including a Layer of Protection Analysis (LOPA) study if needed) should be fully reflective of the final detailed design. Any design changes after the Detailed Design PHA need to be managed through the Project Management of Change (MOC) process and may result in MOC PHAs or detailed design PHA updates. Close engagement of process engineers, process control engineers, and process safety/Safety Instrumented Systems (SIS) personnel are critical at this stage. For larger projects, Construction Hazard Analyses (Construction HAZID, Construction PHA, simultaneous operations review, etc.) often occur during FEL-2 and FEL-3 in a parallel path to the more technical studies above. For projects that are expected to be executed in the vicinity of active processes, these activities are crucial to avoiding undesirable process safety incidents, as many construction contractors are not specifically trained in process safety concerns. At this stage, construction managers and contractor management and HSE personnel should be closely engaged. Pre-Startup Safety Review (PSSR) and Field Safety Reviews as part of a robust Management of Change (MOC) process are crucial to ensure that construction and equipment is in accordance with design specifications, that operating, emergency and maintenance procedures are ready for use by trained personnel, that all safety recommendations from prior safety reviews are resolved, and similar concerns. For any P&ID changes that are caught at this stage during P&ID walkdowns, an assessment of the impact on the Detailed Design PHA is important at this time. Many other types of project lifecycle safety review may be appropriate depending on the project scope: A Codes and Standards review is desirable for larger projects so that relevant industry requirements are identified and agreed early in the project Formal review of a 3D model by operating and maintenance personnel A Dust Hazard Analysis (DHA) in accordance with NFPA 652 for potentially combustible dusts Formal review of pressure relief device sizing At several project stages, Functional Safety Assessments (FSA) for Safety Instrumented Systems (SIS) in accordance with IEC 61511 / ISA S84 Independent Protection Layer (IPL) validation review to ensure that all IPLs defined in the LOPA for the project meet the requirements of IEC 61511 / ISA S84 Maintainability review Operability review PPE review Routine construction safety reviews including field walkthroughs, audits, checking for repeat issues, and follow-up on corrective actions Formal documentation review including verification of readiness of training, procedures, control system instructions, maintenance instructions, safe design limits, functional test results, spare parts readiness, etc. Companies with highly developed Process Safety Management Systems often have their own methodologies and names for the process safety review activities outlined above, but the concepts and expectations from company to company are generally similar. Finally, even the best safety reviews conducted during a project are not helpful if the recommendations and actions resulting from the reviews are not appropriately actioned, implemented and tracked to completion. The safety review itself is not the end of the process. A documented method for routinely checking on action status and progress, ideally by someone knowledgeable of the basis for the actions and the consequences of failure to complete them, is strongly recommended. The Stakes Failure to implement a strong system of project lifecycle safety reviews and action follow-ups has the potential to cause a higher likelihood of process safety incidents during operation and the corresponding business impacts. Timely project lifecycle safety reviews reduce the impact to project costs due to required safety designs such as inherently safe chemical and equipment options, safety instrumented systems, special piping and materials of construction, and changes to facility siting. Careful consideration and execution of appropriate reviews, including engaging external experts as needed, together with disciplined follow-up on recommendations, will lead to excellent project process safety outcomes.

by Judith Lesslie, CFSE, CSP Those who work in high hazard industries are familiar with the OSHA Process Safety Management (PSM) and EPA Risk Management Plan (RMP) requirements for routine audits to assess and verify compliance with these regulations. In a prior blog, we reviewed different strategies for accomplishing these audits. In this blog, we will cover specific types of concerns that have been identified at many manufacturing sites. The Challenges Companies conduct audits in order to assess the effectiveness of their process safety systems, with the primary goal of ensuring their covered processes are managed in a way that minimizes the risk of process safety incidents. In a review across many manufacturing segments, company, and site PSM and RMP audits, it has been found that the same types of concerns are present at many locations. These areas of concern occur across the entire range of PSM and RMP elements. In Part 1 we discuss PSM/RMP applicability, Employee Participation, Incident Investigation, Contractor Management and Hot Work, Emergency Response and Audits: In the area of PSM and RMP applicability, it is important for sites to assess and document their inventories of highly hazardous chemicals (HHC), keeping in mind that the PSM and RMP HHC lists are not identical. In a related vein, failure to analyze HHC inventories near occupied buildings and failure to completely assess interconnectivity of potentially covered process equipment can be serious concerns. Employee Participation is an important element of compliance. While most sites have a reasonable level of employee participation in their process safety programs, that participation is often not described in a procedure or road map. This represents a missed opportunity to document participation and to educate site personnel on their opportunities to get involved in process safety activities. Sites often have a one-size-fits-all Incident Investigation method, which may be either too simple or too complex for some incidents; this leads to the potential for missed root causes that need to be addressed or to spending too much time and effort on less severe incidents. Allowing for a range of investigation methods depending on the actual and potential severity of an incident is an excellent practice to consider. Management of Contractors is typically reasonably good across sites, with the possible exception of failure to consider past performance of contractors in ongoing selection processes. A process to define acceptance criteria and to assess past performance of contract firms via review of their OSHA logs is sometimes found to be a concern. One would think that compliance with the Hot Work element would be simplest of all since the requirements are clearly and prescriptively outlined in OSHA 29 CFR § 1910.252. Two of the most frequently identified concerns for this element are failure to maintain or document a fire watch present for 30 minutes after any welding or cutting operations. The other is failure to post additional fire watches on multi-level worksites where falling sparks may be a concern or conduction, or radiation may pose a concern to combustibles that cannot be removed or protected. Emergency Response is an area where the PSM and RMP standards diverge to some extent, including the distinction between offensive and defensive responders. Compliance with the PSM Emergency Response element is relatively straightforward and largely covered in 29 CFR 1910.38 - Emergency action plans. Where concerns are more often identified is in the RMP Emergency Response element, where the outward-looking activities are not always in perfect order. For example, all affected public receptors may not be identified and documented in the site emergency procedures, and/or the contact information for those receptors may not be tested on a regular basis. While not specifically a PSM or RMP requirement, the incident management plans for some companies do not take advantage of structuring their incident management systems in accordance with the National Incident Management System (NIMS); there is valuable free training offered through FEMA which will qualify site personnel to act in standardized ICS roles and enable good coordination with outside agencies in the event of a serious incident. Audits are deserving of their own blog article (which you can find here). The most common audit element theme found at various facilities is an audit that does not dig deep enough into process safety programs and into the evidence of execution of each program element. Audits are overdue more frequently than you might anticipate as well. When a good-quality periodic audit with actionable recommendations is executed, that is not the end of the process. The recommendations or actions from that audit then need to be tracked to completion and documented as complete in a reasonable period of time, and that is unfortunately lacking at a variety of facilities. The Stakes The PSM and RMP regulations have proven over time that they are excellent practices to drive the reduction of serious process safety incidents. It is far better for a company and sites to find and correct their own PSM and RMP system deficiencies than for a serious incident to occur or for a regulatory agency to identify it. Are you positive that the commonly found concerns reviewed above are not present at your facility? So What? If you have not previously taken a deep dive into the assessment of the topics above at your site, now would be a good time to do so. If you do not have the right expertise in your staff to assess PSM and RMP compliance in these areas, consider selecting a process safety consultancy with deep experience and expertise to assist you. Their range of experience enables external auditors to share the general methods proven to drive good PSM and RMP compliance across industry. This independence from the site and company has the best probability of a careful assessment with fresh eyes on the relevant critical systems and leads to more efficient compliance with the necessary standards. In Part 2 will include a review of common deficiencies in the elements of MOC/PSSR, Process Safety Information, Operating Procedures, Mechanical Integrity, Process Hazard Analysis, and Training.

Those who work in high hazard industries are familiar with the OSHA Process Safety Management (PSM) and EPA Risk Management Plan (RMP) requirements for routine audits to assess and verify compliance with these regulations. Completion and follow-up on findings from audits are an important element for continuous improvement and regulatory compliance. The Challenges Routine audits are an important element of regulatory compliance. A quality audit is based on specific regulatory requirements and related Recognized And Generally Accepted Good Engineering Practices (RAGAGEP), with an adequate review of site processes and evidence for each of the requirements. Evidence reviews don’t mean that every single item of evidence is reviewed, but that a suitable and typically random range of evidence is thoroughly reviewed to determine if there is a pattern of compliance or non-compliance. Then, if justified, findings and recommendations are developed against specific requirements. Depending on company expectations, recommendations may also be developed to help bring site processes in line with industry best practices. The Stakes A variety of staffing strategies for completing PSM and RMP required audits are possible, including those handled by site personnel, those handled by company personnel independent of the audit site, and those conducted by personnel with external companies. Based at least partly on who conducts an audit and their relationship with the site, a variety of audit outcomes are possible. Reports and findings or recommendations that are so comprehensive (even overly picky at times) are more common than you might think. This type of audit, if unchallenged by the site, may drive expending excessive resources on PSM and RMP system improvements that may or may not be truly needed. At the other end of the spectrum, “check the box” audits are also more common than you may think. This type of audit and report may be so lacking in-depth review that they might lead a site to believe that their PSM and RMP systems are fine and need few or even no improvements, even when that’s not true. In one case, you may over-invest in changes that may or may not drive improvements that are really needed; and in the other case, you may under-invest and have a false sense of confidence in your systems to manage risk. Neither case is desirable from a business perspective. So What? Who should conduct your PSM and RMP audits to have the best probability of an outcome that will drive truly necessary site improvements? This question is best answered by each organization and should be based on site and corporate goals and expectations for their regulatory compliance. Review by external auditors with wide-ranging experience has proven at many sites to provide the best-case outcome of an audit, resulting in findings and best practice recommendations that drive true compliance with right-sized resource needs. In many cases, external auditors can also offer specific methods and techniques for efficient and speedy resolution of concerns identified at sites. Their range of experience enables external auditors to share the general methods proven to drive good PSM and RMP compliance across industry. Companies that have lean or less-experienced workforces or that are unsure where they stand versus industry norms for PSM and RMP compliance may benefit from engaging a firm with experienced auditors. This independence from the site and company has the best probability of a careful assessment with fresh eyes on the relevant critical systems and leads to efficient compliance with the necessary standards.

According to the World Robotics 20211 reports, published by the International Federation of Robotics (IFR), South Korea, Singapore, Japan, Germany, and Sweden are the most automated countries in the world. While the U.S. lags behind, it is rapidly picking up pace as technology advances and organizations search for solutions to labor shortages. We live in a time where automated manufacturing is gaining momentum and robot integration is becoming more popular in the sector, with new robot applications invented daily. However, just as robotics exhibit a tremendous potential for applications, they also represent a tremendous potential for risk of injury. As part of the machinery safety lifecycle, a robotics system Risk Assessment (RA) identifies the proper risk-reduction safeguards to reduce the high level risks (e.g., crushing, shearing, trapping, striking) that are associated with certain robotic operational scenarios. The robot user – which is typically the employer – is responsible for the safety of the plant; therefore, it is of utmost importance that an application-specific and site-specific RA is carried out by the robot user. One of the horrific examples of past robot accidents has been published in the OSHA Technical Manual Section IV: Chapter 4, where a worker accidentally tripped the power switch while another worker was servicing an assembly robot. As a result, the robot manipulator struck the maintenance worker’s hand, resulting in a severe injury. This would have been prevented if a RA had been conducted through identifying the need for proper lockout/tagout to prevent repowering the assembly robot, relocating the power switch since it was easy to inadvertently change its power state, or ensuring the application met electrical safety standards. An effective RA starts with including knowledgeable employees with expertise in the operations, specific robotic application, RA methodology, and any specialized experience. The assessment team identifies all of the tasks to be performed as part of the robot operations and maintenance, with special attention given to any tasks that may be particularly hazardous or complicated. RAs are completed for hazardous situations associated with each stage of the robot development (i.e., assembly, integration, operation, and maintenance). The potential for harm and likelihood of occurrence of each hazardous situation is identified along with the most appropriate risk reduction technique. The documented RA is distributed to and accepted by the team and all affected employees, ensuring that all personnel involved with the robot operations and maintenance understand the associated hazards and safeguarding. Furthermore, similar applications within the same plant should each have their own individual robotic system RAs, analyzed on an application-specific and site-specific level. Although the equipment may be of the same make and model, the robot applications may work on different parts or processes, be integrated into different upstream and downstream equipment, or perform unique automated functions that expose workers to particular hazards. Additionally, a robot’s end-effector, programming, or physical placement in the facility may be different from another robot with otherwise identical characteristics, which must be properly and individually analyzed for the potential for serious injury and risk mitigation. Safeguards must be tailored specifically to protect against each hazardous situation, meeting the organization’s safety requirements and those dictated by industry consensus standards. Preferred safeguards may change based on the application and on the robot user’s risk tolerance. For example, the access frequency, orientation of the robot within a facility, and organizational disposition may dictate whether the preferred safeguard for access to the robotic cell is an interlocking gate or presence-sensing device, and whether or not the robot is designed and programmed to reset automatically. The RA defines the required safety functions and safety requirements specifications, both of which depend on the application. The RA team develops the safety system design requirements and selects the safeguards to perform each safety function. ANSI/RIA R15.06 Safety Requirements for Industrial Robots and Robot Systems provides detailed steps for conducting a task-based RA to conform with the industry consensus standards and includes examples that apply to many common robot applications. The IFR estimates that there were more than 2 million robots in the worldwide workforce at the end of 2018, which continues to increase yearly as robotic systems appear in even more industries. As more workers become exposed to robots, assuring compliance with industry consensus safety standards is of paramount importance as a means of reducing the risk of injury associated with robot interaction. An application-specific, site-specific RA identifies the hazards, risks, controls, and safeguards that apply towards the proper safety system design. The robot user is responsible for plant safety, which is why it is imperative that the user ensures that the RA is properly performed. aeSolutions offers robotic risk assessments and can provide expert guidance and training to help you effectively perform an application-specific, site-specific RA for your robotic systems. 1. The International Federation of Robotics. Executive Summary World Robotics 2021 Industrial Robots. 2021, ifr.org/img/worldrobotics/Executive_Summary_WR_Industrial_Robots_2021.pdf

Guidelines for a Safety Instrumented BMS Design by Shahid Saeed, CFSE Fired equipment such as industrial boilers, incinerators, process furnaces, and fluid heaters are used everywhere. They are a crucial, complex, and integral part of the industrial operations and therefore require a meticulous approach to the design, operation, and maintenance of their associated safety systems. Although some detailed and prescriptive guidelines for designing safety systems, such as a Burner Management System (BMS) for combustion safety of fired equipment, have been around for many years, the rate and degree of adoption varies significantly within the industry. Most operating companies have their own practices, which may vary from facility to facility or even within the same facility. In addition, for each installation, it is not unusual for adjacent fired equipment built two years apart to have a different BMS design, simply because either they are obtained from different Original Equipment Manufacturers (OEMs), or different engineering contractors built them. With increasing government legislation and regulations, as well as mounting lawsuits for accidents, these inconsistencies can become a challenge for operations and maintenance personnel to operate their fired equipment safely and reliably. One solution is to standardize the BMS design for combustion safety of the fired equipment. The standardization for BMS design, operation, and maintenance of the fired equipment requires a holistic approach considering all aspects of combustion safety, including compliance with applicable National Fire Protection Association (NFPA) or American Petroleum Institute (API) prescriptive codes/standards (NFPA 85, 86, 87, or API 556), performance criteria for achieving design objectives, fuel train, field devices, logic solver platform, control panel, startup sequences & shutdown interlocks logic, Human Machine Interface (HMI) displays, Combustion Control System (CCS) interaction, training, operation and maintenance procedures. A brief description of these aspects is given below: 1. Perform a compliance check for the BMS of fired equipment (specifically brownfield) against applicable prescriptive codes/standards (NFPA 85, 86, 87, or API 556). The compliance check needs to look at all applicable requirements, for example, manual emergency shutoff valve at a safe location, manual equipment isolation valve, sediment trap (drip leg), filter (Y-strainer), separation as well as location of vents, proof of closure switches and means for leakage testing of safety shutoff valves, etc. which will help in standardizing the fuel train and field devices for different fired equipment using the same type of fuel and burner draft configuration (i.e., natural draft, forced draft, induced draft, and balanced draft). 2. Treat the BMS for the fired equipment as a Safety Instrumented System (SIS) application and apply the SIS safety lifecycle concepts following the industry consensus performance-based standard (ANSI/ISA 61511:2018 or IEC 61511) for achieving the BMS design objectives. A Safety Instrumented-BMS (SI-BMS) design process involves the following steps: a) Perform a Process Hazard Analysis (PHA) such as Hazard and Operability (HAZOP) study to identify the potential hazards related to the fired equipment operation. b) Apply Layers of Protection Analysis (LOPA) commonly used risk assessment technique to determine existing Independent Protection Layers (IPLs) in preventing the potential hazards. It will also identify whether there are deficiencies in the existing design requiring new IPLs for closing the determined risk level gaps between the current risk and the tolerable risk of the potential hazards. c) Identify Safety Instrumented Functions (SIFs) and select their target Safety Integrity Level (SIL) to close the LOPA gaps of the hazardous scenarios. d) Perform SIL verification calculations of SIFs using approved & certified SIS logic solver, field devices, and desired test interval to calculate the achieved SIL and verify that it meets the target SIL of each SIF. e) Develop Safety Requirements Specification (SRS) to provide SIF integrity and functional requirements, including cause & effect diagram, sequential function charts, and BMS instruments list. f) Develop Proof Test Procedures (PTPs) for performing regular functional testing of the SIFs based on the desired test interval. g) Perform Functional Safety Assessment (FSA) at specified stages of the SIS safety lifecycle. The above activities and corresponding deliverables can be standardized for different fired equipment having common hazardous scenarios. For example, loss of flame due to inadequate air-fuel ratio and inadequate purge during startup are typical common hazards applicable to single, fuel gas-fired, and forced draft burners used in different fired equipment. 3. Standardize the fuel train & field devices based on client’s approved, IEC 61508 certified (SIL rated) and/or listed for combustion safety service to achieve a consistent BMS solution for different fired equipment. 4. Select BMS logic solver platform certified to IEC 61508 for SIL 2 or greater and approved by the client for the BMS control panel to achieve a standard BMS for different fired equipment. 5. Implement BMS logic related to startup sequences and shutdown interlocks (SIFs & non-SIFs) using standard and approved function blocks to achieve BMS logic consistency for different fired equipment. 6. Develop standard HMI displays with ease of use providing all required information for the startup, normal operation, shutdown, and troubleshooting of the BMS for different fired equipment. 7. Implement seamless CCS interaction and required control for proper functioning of the startup sequences and shutdown interlocks using typical interface signals (e.g., Purge Request) for BMS of different fired equipment. 8. Conduct trainings for operation and maintenance personnel on startup, normal operation, shutdown, and troubleshooting of the standard BMS 9. Update and/or develop operation and maintenance procedures to achieve consistency regarding BMS operation and maintenance By standardizing a BMS design, operations and maintenance personnel can translate their skills and knowledge about combustion safety of one fired equipment to multiple types of fired equipment installed within the same facility or different facilities. This can drive consistent practices and improve the quality of work (e.g., by minimizing human factors), resulting in safer and more reliable operations. It is also more sustainable in the sense that the extent of training may be reduced – operators may not need to be trained on every individual fired equipment with consideration to differences in design and procedure, and the standardization would provide greater clarity to newly hired employees. Maintenance costs could also be minimized if there are common spare parts for the instrumentation & logic solver of the standard BMS, rather than needing separate spare parts for the non-standard BMS of the fired equipment. There are multiple levels of safety benefits, operational efficiencies, and cost savings. Despite the possible benefits, there can be resistance to changing a fired equipment’s existing BMS to a standardized BMS design. Operating companies may contend that they have been operating the fired equipment for many years without any incidents or issues, but that should not necessarily suggest it is safe. There could be unknown issues that simply have not been revealed or identified yet. Brownfield fired equipment needs to be evaluated against latest industry codes/standards to reveal potential gaps, accompanied by proactive steps to ensure the fired equipment is properly operated and maintained. Some existing instrumentation and logic solvers of the BMS are becoming unavailable as manufacturers go out of business or no longer produce obsolete parts, so proactive replacement measures may prevent aging components from failing. In addition, the existing BMS instrumentation and logic solver lack built-in diagnostics, alerts, and functionalities essential for the safe operation and maintenance of the fired equipment. Operating companies might also believe that their operations and maintenance personnel are already trained on the existing BMS and procedures, but this may not be the case with older systems that are poorly documented. The benefits of standardizing BMS design for fired equipment are a worthwhile investment to avoid potential future safety incidents and related financial impacts. Standardizing BMS for combustion safety of the fired equipment has both short and long-term benefits. In the short term, standardization can drive consistency and save on training, operational, and maintenance costs. In the long term, applying the SIS safety lifecycle concepts to standardize the combustion safety via the SI-BMS approach ensures that fired equipment follows Process Safety Management (PSM) regulations as defined by Occupational Safety and Health Administration (OSHA) and ultimately provides operating companies with safe, reliable, and resilient industrial operations. Biomass station image used: Bava Alcide57 at English Wikipedia, CC BY-SA 3.0