by Keith Brumbaugh Is our industry stuck in the past? The current industry trend is to only look at random hardware failures in safety integrity level (SIL) probability of failure on demand (PFD) ca lculations. No one would appear to be updating assumptions as operating experience is gained. Hardware failure rates are generally fixed in time, assumed to be average point values (rather than distributions), and either generic in nature or specific to a certain set of hardware and/or conditions which the vendors determine by suitable tests or failure mode analysis. But are random hardware failures the only thing that cause a safety instrumented function (SIF) to fail? What if our assumptions are wrong? What if our installations do not match vendor assumptions? What else might we be missing? How are we addressing systematic failures? One obvious problem with incorporating systematic failures is their non-random nature. Many functional safety practitioners claim that systematic errors are addressed (i.e., minimized or eliminated) by following all the pro cedures in the ISA/IEC 61511 standard. Y et even if the standard were strictly adhered to, could anyone realistically claim a 0% chance of a SIF failing due to a human factor? Some will say that systematic errors cannot be predicted, much less modeled. But is that true? This paper will examine factors which tend to be ignored when performing hardware-based reliability calculations. Traditional PFD calculations are merely a starting point. This paper will examine how to incorporate systematic errors into a SIF’s real-world model. It will cover how to use Bayes theorem to capture data after a SIF has been installed — either through operating experience or industry incidents — and update the function’s predicted performance. This methodology can also be used to justify prior use of existing and non-certified equipment. Click here to view the complete whitepaper

by Ken O’Malley , Founder, P.E. ABSTRACT A systematic database approach can be used to design, develop and test a Safety Instrumented System (SIS) using methodologies that are in compliance with the safety lifecycle management requirements specified in ANSI/ISA S84.01. This paper will demonstrate that through a database approach, the design deliverables and system configuration quality are improved and the implementation effort is reduced. Topics Include: ANSI/ISA S84.01 , Safety Instrumented Systems , Safety Instrumented Functions , Safety Integrity Levels, Safety Lifecycle Click here to view the complete whitepaper During the SIL Verification process, the type of equipment specified, voting architecture, diagnostics and testing parameters are verified by calculation, producing the Probability of Failure on Demand, and Spurious Trip Rate for each SIF. Additionally, we consider hardware fault tolerance (HFT) required. The SIL Verification calculation Reports are provided from all tools and calculations we perform. A Design Verification Report (DVR) details the calculation parameters, assumptions, limitations, and sources of data for SIL calculations performed. Recommendations for optimized SIF performance (taking into account both safety integrity and spurious trip evaluation), are also reported in this document. aeSolutions' SIS Engineers are trained and experienced in the fundamentals and the advanced parameters of SIL Verificat ion Calculations. Our engineers, many of which have CFSE, CFSP, and ISA84 Expert certifications, work with our clients to evaluate the SIS options for optimized investment.

by Ron Nichols Introduction to Using RAGAGEP for Overpressure Risk Mitigation : Process Hazard Analysis (PHA) is a key tool used by the chemical, oil, and gas industries to assist companies in identifying, implementing and managing the critical safeguards needed to achieve their risk tolerance criteria. The Process Hazard analysis for some sites may be regulatory driven (e.g., Occupational, Health and Safety Administration’s (OSHA’s) 29 CFR 1910.119 Process Safety Management of Highly Hazardous Chemicals (PSM), or the United States Environmental Protection Agency’s (USEPA’s) 40 CFR 68 Chemical Accident Prevention Provisions (RMP)). During the PHA the team identifies consequences of concern arising from potential process deviations, identifies existing safeguards, or if LOPA (Layer of Protection Analysis) is required, the Independent Protection Layers (IPLs) available to reduce the likelihood of the consequence to a tolerable risk level. If the team identifies a gap between the potential event likelihood, severity and the minimum target set by the company, the team will propose recommendations to close the gap. An overpressure scenario can be a significant contributor to the risk of a facility. Overpressure of pressure vessels, piping, and other equipment can result in loss of containment of flammable or toxic materials. This paper will develop guidance including related RAGAGEP (Recognized and Generally Accepted Good Engineering Practice) to help engineers and designers participate in the safety lifecycle for managing the risk of overpressure. Click here for the complete whitepaper

by Jacob Lindler Effective Process Hazard Analysis (PHA) facilitators combine soft skills with technical knowledge to guide PHA teams through a thorough identification and analysis of process hazards. PHAs for complex processing units place a significant demand on the time of valuable engineering, design, and operations personnel, so conducting an efficient PHA is key to minimizing team fatigue and maximizing available resources. Inevitably, there are hazard scenarios at which the team’s discussion begins to swirl, circling around multiple consequence definitions or risk rankings without coming to agreement. Facilitators should consider the following examples of tools successfully used to stop the swirl by providing the PHA team with the right information at the right time. Click here to view the complete whitepaper PHA studies are the core of process safety and risk management programs. They help companies identify hazard scenarios that could lead to a release of highly hazardous chemicals that can cause negative impact on people, the environment, and property. PHA is required by OSHA's PSM (29 CFR 1910.119) and EPA's RMP (40 CFR 68) regulations in the US and process safety and risk management regulations around the world. Companies that handle or process highly hazardous chemicals have a responsibility to protect employees, the public and the environment from exposure to accidental releases. aeSolutions specializes in various PHA methodologies, such as Hazard and Operability Studies (HAZOP) , Control Hazard and Operability Studies (CHAZOP) , Hazard Identification (HAZID), What-If, Checklist, Bowtie, and Failure Modes and Effects Analysis (FMEA) to meet regulatory and client requirements. Our experienced, trained facilitators specialize in the process safety lifecycle to fully integrate assessment, design, and operation of the facility.

by Sarah Manelick ‘Evergreen’ and ‘lifecycle’ have become two common buzz words in our industry. They are thrown around in a variety of topics, processes, and philosophies as descriptions of how management plans should be set up. But what does it really mean to have an evergreen process? How does one keep a lifecycle alive? This is especially relevant when it comes to topics such as alarm management, where it is commonly touted that once a plant rationalizes their entire system, they have completed alarm management. This paper will deconstruct the alarm management lifecycle and pinpoint key aspects that can be integrated into process safety management systems and work processes that already exist. Tying the alarm management lifecycle to what is already being done as part of process safety and good engineering practice will help to ensure it remains ‘evergreen’ and delivers the intended benefits. Click here to view the complete whitepaper aeSolutions offers services and systems to bring the client’s alarm management practices into compliance with the current ISA 18.2 standard s. Our services are designed to support our clients’ desires to encourage a culture of sustainable alarm management as an important component to their overall process safety strategy. Learn more here.

by aeSolutions Technical Team ​ A two‐prong templatized approach to multiple brownfield burner management system upgrades can result in significant cost savings. The first step requires coming up with an equivalent design for the safety instrumented burner management system following the ISA 84 safety lifecycle , as allowed in current NFPA standards. The second step utilizes a templatization approach for multiple units with common functionality that will allow an organization to further maximize savings. Actual experience doing this on repeat BMS projects indicate the level of overall savings can be as high as 75% on the safety lifecycle, 70% on the control system design and integration, and 35% on the operation and maintenance activities. The combined overall savings are roughly 60%. Click here to view the complete whitepaper Drive risk out of the business and maximize availability of your fired equipment by engaging aeSolutions Burner Management System and Combustion Control System experts. Our experts are active on NFPA, API, IEC and ISA committees to ensure that code compliance is built into everything we deliver. Learn More

by aeSolutions Technical Team This case study will discuss the application of the safety lifecycle as defined by ANSI/ISA 84.00.01‐2004 (IEC 61511 mod) to two single burner multiple fuel boilers. Each boiler is capable of firing natural gas, oil and/or waste gas, in order to supply the plant header with 1,365 psig steam at a maximum capacity of 310,000 lb/hr. The project team included the end client task force at the manufacturing facility, the engineering firm with design/procurement responsibility, the boiler OEM, the burner/gas train OEM, and the safety instrumented system consultant. This paper will cover: the development of a SIS front end loading package the project cost savings realized attributed to following the safety lifecycle the challenges encountered during the design process associated with the implementation of the safety lifecycle across a diverse project team Click here to view the complete whitepaper https://www.aesolutions.com/terms/burner-management-systems

by Brittany Lampson, PhD & aeSolutions Technical Team Implementing a Safety Instrumented Burner Management (SI‐BMS) can be challenging, costly, and time consuming. Simply identifying design shortfalls/gaps can be costly, and this does not include costs associated with the capital project to target the gap closure effort itself. Additionally, when one multiplies the costs by the total number of heaters at different sites, these total costs can escalate quickly. However, a “template” approach to implementing SI‐BMS in a brownfield environment can offer a very cost effective solution for end users. Creating standard “templates” for all deliverables associated with a SI‐BMS will allow each subsequent SI‐BMS to be implemented at a fraction of the cost of the first. This is because a template approach minimizes rework associated with creating a new SIBMS package. The ultimate goal is to standardize implementation of SI‐BMS in order to reduce engineering effort, create standard products, and ultimately reduce cost of ownership. Click here to view the complete whitepaper What is a BMS? What is Safety Instrumented Function (SIF) What is Function Safety?

by Ron Nichols Abstract: This paper discusses the identification, selection, implementation and management of Non-SIF IPLs through the process lifecycle . 1. Layer of Protection Analysis Layers of Protection Analysis (LOPA) in conjunction with the Process Hazard Analysis (PHA) is now a key tool used by the chemical, oil and gas industries to assist companies in identifying, implementing and managing the critical safeguards needed to achieve their risk tolerance targets. The LOPA is used to identify the number of Independent Protection Layers (IPLs) and their integrity needed to reduce the likelihood to an acceptably low frequency that an initiating cause will progress to an undesired consequence. 2. Lifecycle Management of IPLs Since the acceptance of ISA 84.00.01 / ISA/IEC 61511, the life cycle management of safety instrumented systems is now being implemented throughout industry. The required safety integrity level (dependability) for the safety instrumented functions (SIFs) are obtained by closing the LOPA gaps between the existing mitigated event likelihood (MEL) and the company’s target mitigated event likelihood (TMEL). Often a SIF is combined with non-SIF IPLs to achieve the risk reduction gap closure, reducing the SIL requirement assigned to that SIF. To maintain acceptable risk targets, all IPLs, not just SIFs, must be managed through the lifecycle of the process. This is because many LOPA gaps are closed by only non-SIF IPLs the SIL assignment for many SIFs depend on the use of non-SIF IPLs used in that LOPA. Click here to view the complete whitepaper

by Ken O’Malley , P.E., aeSolutions founder This paper will discuss the issues, decisions, and challenges encountered when attempting to initially apply the concepts of the Safety Lifecycle per ANSI / ISA S84.01 to the design of a Life Safety System at a state of the art fiber optic manufacturing facility. More specifically, the methodology / procedures utilized for identification of Safety Instrumented Functions (SIF) and subsequent Safety Integrity Level (SIL) determination will be discussed in detail. In addition, industry specific issues associated with the design of Life Safety Systems and the use of mitigation versus prevention techniques (typically encountered in the process industry) will also be discussed. Topics include: ANSI / ISA S84.01, Safety Instrumented Systems, Safety Instrumented Functions, Safety Integrity Levels, Life Safety Systems IDENTIFYING REQUIRED SAFETY INSTRUMENTED FUNCTIONS FOR LIFE SAFETY SYSTEMS IN THE HIGH-TECH AND SEMICONDUCTOR MANUFACTURING INDUSTRIES Click here to view the complete whitepaper

by aeSolutions Technical Team This paper will discuss how quantitative methods can be utilized to select the appropriate Safety Integrity Level associated with Burner Management Systems. Identifying the required amount of risk reduction is extremely important especially when evaluating existing legacy Burner Management Systems. Selection of an overly conservative Safety Integrity Level can have significant cost impacts. These costs will either be associated with increased Safety Instrumented System functional testing or complete removal / upgrade of the existing Burner Management System. In today’s highly competitive business environment, unnecessary costs of any kind cannot be tolerated. KEYWORDS: ISA/IEC 61511 , Safety Instrumented Systems, Burner Management Systems, Safety Integrity Level, Probability of Failure on Demand Click here to view the complete whitepaper BMS and Combustion Solutions Drive risk out of the business and maximize availability of your fired equipment by engaging aeSolutions Burner Management System and Combustion Control System experts. Our experts are active on NFPA, API, IEC and ISA committees to ensure that code compliance is built into everything we deliver. https://www.aesolutions.com/combustion

Functional safety engineers follow the ISA/IEC 61511 standard and perform calculations based on random hardware failures. These result in very low failure probabilities, which are then combined with similarly low failure probabilities for other safety layers, to show that the overall probability of an accident is extremely low (e.g., 1E-5/yr). Unfortunately, such numbers are based on frequentist assumptions and cannot be proven. Looking at actual accidents caused by control and safety system failures shows that accidents are not caused by random hardware failures. Accidents are typically the result of steady and slow normalization of deviation (a.k.a. drift). It’s up to management to control these factors. However, Bayes theorem can be used to update our prior belief (the initial calculated failure probability) based on observing other evidence (e.g., the effectiveness of the facility’s process safety management process). The results can be dramatic. Click here to view the complete whitepaper