Safety in the chemical sector: what to consider, what to do?

28 May 2014

Ian Curtis, Process Safety Consultant at Siemens Industry, takes a broad look at some of the important process safety-related issues chemical companies need to consider, including defining safety, safety standards, legacy technology problems and workforce competency. He also highlights some of the solutions that are available to help organisations minimise or eliminate the potential for things to go wrong.

The UK chemical industry has a good track record on safety, but high consequence incidents, while rare, still happen regularly across the world. Subsequent investigations, however, often highlight recurring themes which the industry must take on board if safety improvements are to continue.

Process safety will always be a priority issue for the chemical industry because it aims to prevent fires, explosions and accidental chemical releases in chemical process facilities that deal with hazardous materials. The consequences of a loss of containment incident can be far reaching and costly potentially affecting local communities as well as plant personnel - not to mention the associated reputational damage.

The area of process safety is primarily concerned with addressing low likelihood, high consequence hazards and is effectively the outcome of a wide range of technical, management and operation disciplines coming together in an organised fashion.

Process safety and occupational safety are not to be confused. There is some overlap in as much as some of the tools used to manage both process and occupational safety are the same (i.e. work permit systems) but other approaches are more specific. For example, Layer of Protection analysis (LOPA) is specific to process safety. PPE (personal protective equipment) is specific to occupational safety. A good track record in occupational safety must not lead to complacency when addressing process safety.

Process safety covers, amongst other things, the prevention of leaks, over pressures, over temperatures, corrosion, metal fatigue and spills. It typically uses a layered approach with multiple barriers to either prevent a hazardous event or mitigate its consequences.

One important prevention layer often employed is functional safety; using a Safety Instrumented System (SIS) comprising sensors, a logic solver and actuators designed to either maintain the process in a safe state or, if necessary, take the process to a safe state in the event of a process excursion.

It is perhaps not surprising that some of the areas for improvement for overall process safety can also be found within functional safety. In particular there is now increased emphasis on issues such as functional safety management and also the competence of those employees involved in the various safety lifecycle activities.

Safety standard - IEC 61508

When implementing a SIS, the basis standard for achieving best practise in functional safety is IEC 61508. After its release in 1999, the IEC 61508 standard gave rise to a number of daughter standards such as IEC 61511, launched in 2003 as the process sector specific standard. Edition 2.0 of IEC 61508 was launched back in April 2010 and a new version of IEC 61511 is “in the works”.

Experience of working with these safety standards varies widely. Many chemical companies have ‘tried and tested’ safety management systems that undergo constant review and refinement, but some are not as prepared simply because they are less frequently involved with implementing safety instrumented systems.

One of the great strengths of IEC 61508 is that it is performance based and not prescriptive. However, performance based standards cannot be followed by rota and, as a direct result, can be more challenging to implement for the inexperienced user.

Over recent years there has been considerable focus on functional safety and much progress has been made in terms of using the current best practise standards. However, certain aspects of the implementation and operation of safety systems continue to present challenges to process sector companies, both large and small, hence the increased focus on functional safety management and competence.

Legacy technology and potential issues

Advances in safety management and safety technology

The ‘state-of-the-art’ can change rapidly over time as safety management techniques are refined and SIS vendors add new capabilities. This, in turn, can impact what is considered as being ‘reasonably practicable’ from a safety standpoint.

Newer standards such as IEC 61508 and IEC 61511 now provide a more effective benchmark for the management, specification, design, implementation, operation, maintenance and modification of safety instrumented systems than may have existed when legacy systems were originally installed.

Safety instrumented systems designed and installed before the publication of IEC 61508 and IEC 61511 are not required to be replaced or upgraded just because the standard has been published - but the adequacy of existing systems needs to be assessed. The organisation should be able to demonstrate that the measures in place to control the risks of hazardous events are adequate when seen in the light of the newer standards and the requirements of the law.

Eliminating risk

A periodic review of the technical suitability of any legacy safety instrumented system is required and this review should also cover functional safety management. The rigour of such an assessment should be proportionate to the hazards, risks and consequences of the process under consideration. An initial assessment to determine the required degree of rigour should be made and documented. Any recommendations for replacing or upgrading the existing safety instrumented systems or improving functional safety management should then be acted upon.

Competency within the workforce

Almost all high profile incidents and accidents in high hazard installations have some human error as a contributing factor. It’s not surprising therefore that competence is key to achieving process safety and is often high on the list of topics to be addressed during intervention meetings with regulatory bodies such as the HSE.

The importance of competence as it relates to functional safety is evidenced by the fact that it has been made a normative requirement within the latest version of IEC 61508. This aspect of the standard has been completely restructured with the addition of more comprehensive normative requirements aimed at clarifying responsibilities and ensuring the right level of competence. Identification of all persons undertaking defined activities is required and they must be deemed competent for the duties they have to perform.

Companies which use functional safety as part of their overall risk reduction must demonstrate that they have the necessary competences and have adequate functional safety management in place. Advances in technology and changes to regulations and standards require that companies manage competence over time via a formal competency management system to ensure appropriate levels are maintained.

There are various individual qualifications that can be gained to help demonstrate individual competence. TUV’s Functional Safety Engineer (FSE) or the Certified Functional Safety Professional (CFSP) or expert (CFSE) qualifications are well recognised and are generally based on a combination of examined theoretical knowledge and experience. It is often the case that organisations involved in functional safety will have one or more such qualified engineers at their disposal, either in their organisation or hired in as a safety consultant. Siemens has developed its own Siemens Functional Safety Professional (SFSP) qualification which combines knowledge of the relevant standards with knowledge of the equipment used within a SIS.

The Health and Safety Executive working in partnership with the Institute of Engineering and Technology and the Chartered Institute of IT (BCS), has published guidance to help companies manage the competence of their staff who are involved with electronic safety-related systems. The publication “Managing Competence for Safety-related Systems” provides the essential requirements for a successful competence management system (CMS) suitable for all staff at all levels of responsibility within organisations working on safety-related systems.

The IET has also updated its industry leading publication “Competence Criteria for Safety-Related System Practitioners” to complement the above guidance. There are also schemes to help companies demonstrate that they know IEC 61508 and are able to develop product, systems or solutions in accordance with the standards.

Solutions

There are a number of solutions available to the chemical sector which seek to address some of the safety issues outlined above. They include:

Reducing risk of human error with safety lifecycle tools

- This emphasis on a safety lifecycle approach has prompted a move towards more use of safety lifecycle tools. Standards suggest that tools should be “selected so as to reduce human error in their practical application”. The traditional Cause & Effect Matrix (CEM) approach for documenting and defining safety logic is well established, but a move toward encompassing other aspects of the lifecycle has taken it beyond simply being a specification tool during the analysis phase.

The newer breed of safety lifecycle tools are not just planning tools to allow an engineer to document the CEM logic required for a SIS in a form that will be familiar to them, but they can now subsequently automate the creation of the logic for the SIS and allow testing and commissioning using the same CEM format for engineering, testing and visualisation. This approach can significantly reduce the engineering time as well as the possibility of human error and misinterpretation, thus significantly reducing systematic errors.

The enhanced functionality of such tools can also embed the mechanisms for implementing overrides and bypasses in a carefully controlled manner without this needing to be custom engineered within the code. Essentially, these tools tame the extra power and capability of state-of-the-art programmable safety logic solvers, and help keep the logic in a form that everyone, from the process engineer right through to the regulatory authorities, can understand.

Closer integration with control systems

- The recognised safety standards call for separation of process control and process safety. This has traditionally been achieved by a combination of physical separation and diverse systems, often from separate suppliers. Increasingly companies are seeking the benefits of a more integrated approach. The potential benefits, such as a reduction in spare parts, reduced training, simplified engineering and a more consistent, single window operator view on the process, offered by a single source integrated approach are compelling.

The innovative approach seen in Siemens’ Totally Integrated Automation Portal (TIA) engineering framework and systems such as Siemens PCS7 integrates safety functionality, but retains the necessary functional separation between control & safety to satisfy the intent of the standards regardless of whether the control and safety code resides in the same controller or, most likely, in separate but identical controllers.

Considering the whole safety loop

- A safety instrumented function is only as good as its weakest link so the safety instrumented system, as its name suggests, incorporates the field devices and the actuators. To complement its wide range of SIL 3 capable controllers, Siemens has an extensive portfolio of SIL capable instruments for pressure, temperature and level measurement along with SIL 2 capable valve positioners. These devices are typically connected to the logic solver by 4-20ma analogue signals but, should a digital safety fieldbus be required, there are also options available for using a PROFIsafe based safety fieldbus as an alternative.

Safety Lifecycle Services

- Having state of the art integrated technology and SIL capable hardware is only part of the equation. Competence throughout the supply chain is also essential. Whether supplying an engineered SIS or simply supplying related functional safety services it is vital that vendors have the right level of expertise to ensure safety. Vendors should be able to demonstrate that they have functional safety management in place and have addressed competency management. End users are obliged to address the competence of suppliers and contractors as well as their own staff. It is important to use suppliers who can demonstrate that they meet the requirements of IEC 61508 and IEC 61511 for their scope of work.

By getting the basics right, considering human factors, building on a sound foundation of effective functional safety management and competence, and by use of suitable tools, SIS designers and operators can help reduce complexity, deliver value and ultimately help prevent high consequence incidents by ensuring reliable operation of Safety Instrumented Systems throughout the lifecycle.

About the author:

Ian Curtis has more than 20 years of professional experience working for control, automation and instrumentation vendors. His expertise includes an in-depth knowledge of safety standards, with specific focus on safety instrumented systems and related equipment employed in the process sector encompassing applications in Oil and Gas, Chemicals, Pharmaceuticals and Power generation industries. Ian is a TÜV certified Functional Safety Engineer and his current position is Process Safety Consultant with Siemens Industry.