Improve Safety Proof Test Capabilities with Intelligent Instrumentation

At the Emerson Exchange conference in Austin, Emerson’s Afton Coleman, Erik Mathiason and Tonya Wyatt presented, Improve Safety Proof Test Capabilities with Intelligent Instrumentation. Their abstract:

Safety Instrumented Systems are designed to be the most critical line of defense against a catastrophic failure. Ensuring that each component of the system is working properly is required, often leading to downtime and significant maintenance costs. Utilizing advanced features in Emerson’s intelligent instruments, such as smart meter verification and partial stroke testing, users can monitor for common failures in their safety instrumented function while also extending the period between proof tests.

safety-proof-test-intervalAfton kicked off this introductory level workshop explaining the concept of Probability of Failure on Demand (PFD), proof test intervals and the benefits of diagnostic technology for safety instrumented systems. A safety instrumented system consists of a sensor, logic solver and final control element. Unlike a basic process control system, it’s job is to take the process to a safe state based upon a demand.

The most dangerous condition is an undetected failure mode where a safety demand does not result in an action to take the state to a safe state. When designing a safety instrumented function (SIF) or safety loop, a safety integrity level or level of risk reduction defines the requirements for the loop. When designing a SIF, the failure modes for the sensor, logic solver and final element must be assessed for their failure upon demand. Failure rates of individual components can be combined to calculate the overall PFDavg.

50% of failure modes occur in the final element. Based on the global IEC 61511 safety standard, periodic proof tests are required to reveal undetected faults that prevent the SIF from operating. The frequency of these test is determined by the PFDavg. A proof test verifies that everything works the way it is supposed to work.

To determine proper proof test levels and intervals, the device IEC 61508 certification requires manufacturers to provide proof test procedures and the corresponding cover that those procedures provide. For example, a safety valve may have a partial stroke test performed periodically and test coverage may be in the 40-60% range. A comprehensive proof test provides on the order of a 99% test coverage. A partial stroke test is meant extend the comprehensive proof test interval.

The goal of a partial stroke test is to partially move the valve without affecting the process. Moving from a still position demonstrates the valve can break out from its normal position. 15% is the typical move requests by a partial stoke test. The test can check both the safety valve as well as a solenoid valve.

Tonya described in situ proof tests for sensors such as Micro Motion Coriolis meters. Smart meter verification (SMV) provides 91% test coverage. This verification extends the interval before a comprehensive proof test needs to be performed. SMV can detect erosion and corrosion conditions inside the meters. This SMV test, like a valve partial stroke test, helps uncover dangerous undetected failures.

Erik described the importance of turning on some configurable diagnostics to help detect dangerous undetected and move them into the dangerous detected category helping to extend the proof test interval.

You can connect and interact with other safety experts in the Safety Instrumented System group in the Emerson Exchange 365 community.

Posted Tuesday, October 25th, 2016 under Safety.