Safety Instrumented Systems (SIS) Engineering

Critical decisions made after the PHA/LOPA and before detailed design have significant impacts later in the lifecycle; aeSolutions can reduce your financial risk of late discoveries on capital projects.

aeSolutions has a unique process to design and implement ISA84/IEC 61511-compliant safety instrumented systems.  We integrate intimate knowledge and experience in PHA/LOPA along with control system hardware and field instrumentation to ensure that Safety Instrumented Functions (SIFs) are clearly defined.

aeSolutions works with clients in all aspects of the process safety lifecycle.  We understand that critical decisions made in the analysis phase have significant impacts later in the lifecycle, and we will help you reduce the financial risk of late discoveries on your capital projects.  Our full understanding of the process safety lifecycle prevents rework, saves time, and produces a more effective safety program, resulting in an overall cost savings to you.

The true value of aeSolutions’ integrated approach to SIS:

  • Ensures IPL verification and selection is well defined to minimize rework
  • Demonstrates that your designs comply with ISA84/IEC 61511 from the beginning
  • Optimizes capital costs against proof test frequencies
  • Ensures the optimization of process safety and runtime reliability

Corporate SIS Project Standards Development

For clients who do not yet have standards and procedures for the implementation of Risk Assessment and SIS on your projects, aeSolutions can consult with your team to collect pertinent data and develop Risk Assessment Standards, SIL Selection Standards, Functional Safety Assessment Templates, and SIS Design and Implementation Standards. We have worked with many companies to enhance their existing standards or develop new standards. We supplement the standards development with training of your staff at all levels – from executive management, to divisional management, to onsite management, operations, maintenance, and engineering staff.

Functional Safety Management Planning (FSMP)

Whether working on a major capital project or the day to day operations of SIS, functional safety management planning is critical to ensuring that each SIF is designed and operated correctly to obtain risk reduction. Creation of a functional safety plan will provide engineering, operations, maintenance, and auditing staff the road map to successful implementation of the safety lifecycle. In addition to detailing the roles and responsibilities of those involved in the safety lifecycle, it will provide the competency requirements for each role and auditing schedule throughout the lifecycle. aeSolutions has the experience with both execution of all sizes of projects and integrating with our clients within the engineering, operations, and maintenance staff to build this critical foundation for proper safety lifecycle execution.

Functional Safety Assessment (FSA) Facilitation

FSAs are formal audits, based on evidence, to judge the functional safety of an SIS. There are five stages of FSAs, that span the evaluation of risk assessment, design, installation, and operation of SISs. aeSolutions’ team of experienced professionals are capable of facilitating FSA, and assessing if the appropriate processes and procedures have been used to ensure that functional safety is achieved.

DCS/SIS Segregation and Independence Assessment

During PHA and LOPA meetings, the team is making quick assessments on the independence of causes and protection layers. Independence is a critical requirement of credited protection layers within a LOPA, and, on brownfield sites, may require additional research to determine whether the segregation and independence requirements are being met. By leveraging aeSolutions’ experience in both Engineering Automation and SIS, we have a fully competent staff to review the corporate independence requirements and assess the systems used as a layer of protection against these requirements.

Independent Protection Layer (IPL) Validation of Credits

When applying protection layers to a LOPA scenario, it is important to validate these layers against the five requirements for all IPLs; specific, independent, dependable, and auditable, and secure. By performing and documenting how IPLs perform for each of these criteria, requirement gaps can be identified and closed. IPL validation will also bolster the auditability of the IPLs by providing auditors with the information required to confirm that an IPL is still performing at least as well as required by the LOPA. aeSolutions can provide you with a standard validation form and report, or work with you to customize the validation effort to be more specific to your corporate IPL requirements.

Safety Integrity Level (SIL) Verification

During the SIL Verification process, the type of equipment specified, voting architecture, diagnostics and testing parameters are verified by calculation, producing the Probability of Failure on Demand, and Spurious Trip Rate for each SIF. Additionally, we consider Hardware Fault Tolerance (HFT) required. The SIL Verification calculation reports are provided from all tools and calculations we perform. A Design Verification Report (DVR) details the calculation parameters, assumptions, limitations, and sources of data for SIL calculations performed. Recommendations for optimized SIF performance (taking into account both safety integrity and spurious trip evaluation), are also reported in this document.

aeSolutions’ SIS Engineers are trained and experienced in the fundamentals and the advanced parameters of SIL Verification Calculations. Our engineers, many of which have CFSE, CFSP, and ISA84 Expert certifications, work with our clients to evaluate the SIS options for optimized investment.

Safety Instrumented Function (SIF) Architecture Options Analysis (Redundancy, Diagnostics, Hardware Selection and Test Intervals)

The SIF List is a comprehensive list of all the Safety Instrumented Functions with their identification number, description, target, test intervals, and achieved RRF and IL. The SIF list encompasses sensor, logic solver, and final element voting, and provides a quick-reference to the Risk Assessment, SIL Verification Calculations, and Safety Requirement Specification data. aeSolutions provides this list as an efficient, single-document summary of safety functions. We also provide a BPCS IPL List for Basic Process Control System (BPCS) Independent Protective Layers (IPL), used generally in the same manner.

Cause & Effect Diagrams (C&Es)

C&Es depict, in a matrix format, the process deviation conditions that propagate logical interlock actions within (or between) safety systems, basic process control systems and hardwired systems. Our C&E templates have been developed from many years of experience to optimize ease-of-use for configuration, testing, operator training and turnover effectiveness. In cases where the functional complexity exceeds the capacity of C&Es, our staff is capable of selecting the most efficient alternate format.

Boolean Logic Diagrams/Process Logic Narratives

Similar to C&Es, Logic Diagrams and Narratives are often required to fully define the logical interaction between the sensors, logic solvers and final elements. Interaction between systems also can introduce extensive logic definition. These forms of logic definition are required when cause and effects cannot provide adequate and clear detail of the logic interactions within and between systems. They can also be used in conjunction with C&Es to provide the most complete and efficient documentation depicting process control and safety system logic for downstream users. The aeSolutions staff is capable of selecting the best format, or combination of formats, to best meet the requirements of our clients.

Fault Tree Analysis / Quantitative Risk Analysis for Complex Hazard Scenarios

Fault Tree Analysis is a top down, deductive failure analysis in which an undesired state of a system (also known as the “top gate”) is analyzed using Boolean logic in a graphical tree. The logic analyzes all possible failure combinations that lead to the top undesired event. Functions that involve complex sub-systems and inter-dependencies are modeled in Fault Trees. Quantitative Risk Analysis (QRA) takes Fault Tree Analysis to a higher level, modeling hazardous process initiating events while including enabling events and protective layers. The aeSolutions’ engineering staff utilizes Fault Tree Analysis and QRA when required, and is highly experienced in using this advanced calculation tool in meeting client Risk Assessment and SIL Verification requirements.

Safety Requirements Specification (SRS)

The SRS defines the integrity and functional requirements of SIFs. aeSolutions provides a detailed SRS datasheet for each SIF and a general SRS document for the project, logic solver, and/or facility. Together, they meet the requirements defined in Clause 10 of IEC 61511. Since many of our SIS Specialists have configuration, instrumentation, and operations experience, we have the expertise to specify feasible solutions to complex SIF implementation.

Application Program Requirement Specification Development

The Application Program Requirement Specification is an extension of the SRS, and includes requirements for software applications onboard manufacturers’ equipment, most prominently logic solvers. These requirements include application program self-monitoring for faults, actions taken on faults, enabling of testing, CPU capacity, scan time, bandwidth, and the monitoring of field devices. This document, compiled by aeSolutions, supplements the SRS, the SRS datasheets, and logic diagrams to provide the configuration team a comprehensive SIF and SIS requirement specification.

Online/Offline Proof Test Philosophy & Design

The Testing Philosophy is a collaborative document including input from the client’s process experts and maintenance team. It defines the approach to testing SIFs including online/offline limitations, data collection requirements, proof test coverage and acceptable bypassing practices.

A section for Proof Test Coverage (PTC) is included in the Testing Philosophy. It details the methodology used to determine PTC and defines the type of testing required to achieve the specified PTC.

aeSolutions’ experts have the field experience to discuss the testing requirements, site practices and available technologies to determine and document a comprehensive testing philosophy and achieve the highest possible PTC. It is important the testing philosophies are collaborated up front in the project, because the methodologies of testing need to be known and incorporated into the development of the SRS.

Test Procedures include detailed test steps to fully test for undetected failures for either a full function or for the individual devices that comprise that function, depending on customer requirements. The limitations and constraints of testing are explored and documented during the development of the Proof Test Philosophy and taken into account in the SRS.

aeSolutions has a library of proven proof test procedures to choose from when providing a testing package, and we have the expertise to work with clients to implement effective testing, failure classification, and feedback mechanisms to validate reliability data claimed in Risk Analysis and SIL Verification.

Factory Acceptance Test (FAT) & Site Acceptance Test (SAT) Plan Development

The FAT and SAT plans provide a holistic approach to testing the logic and installed field instrument system.  Detailed steps are documented for each test plan.  At this stage of the project, the system design will be coming together for the first time and may have multiple contractors working together on a tight schedule. aeSolutions understands how crucial it is to execute these tests with a solid plan and thorough, yet concise, testing steps. aeSolutions SIS engineers have the experience to develop these plans, oversee their execution as an independent 3rd party, or execute these tests.

SIS/SIF Equipment Specifications

The solicitation of quotes and procurement without knowing all of the equipment requirements can be very costly. aeSolutions works with clients and multiple manufacturers to assure that all equipment manufacturers know their requirements in meeting the Safety Lifecycle standards, regulations, and codes that may apply. We assist in identifying these requirements and develop specifications to be used in comparison of competitive quotes to ensure compliance with project requirements, standards and code compliance. As an additional benefit to our clients, we provide code assessment services.

Estimating Process Safety Times and Safety Function Response Times

The effectiveness of a SIF is dependent on its ability to respond to a hazardous process excursion quickly enough to prevent a catastrophic consequence from ever occurring. Estimating the shortest credible elapsed time from a hazard scenario’s initiating event to the time when the consequence can no longer be averted, and estimating a safety function’s maximum response time, are both crucial in the design of robust SIFs. aeSolutions has the experience and tools to model the dynamics of typical hazard scenarios and safety functions and, together with our client’s engineering staff, will facilitate the calculation and documentation of these safety-critical time parameters. Our experience has sensitized us to the importance of these analyses being performed early enough in the life of a project for the correct and timely specification of the field instrumentation which will ensure a plant’s safety.

Lifecycle Cost Analysis/Benefit-to-Cost Ratio

Assessment of the overall SIF lifecycle cost, including the initial costs (design, installation, commissioning) and long-term costs (maintenance and testing) is performed for the various options of SIF design. A subsequent analysis utilizes the Lifecycle Cost Analysis, risk criteria, and the costs of spurious to determine the benefit-to-cost ratio. The analysis allows the end user to identify the best architectural and testing options for SIS investment.

SIS Training

The design and operation of Safety Instrumented Systems (SIS) requires an understanding of instrumentation failure characteristics, the Safety Lifecycle, probability mechanics, and the relevant international standards.

aeSolutions offers instruction in all SIS areas including: Safety Requirements Specification (SRS), Calculations of the Probability of Failure on Demand (PFD), Fault Tree Analysis, Determination of Architectural Constraints, Identifying and Modeling for Common Causes of Failure, Degraded Voting, and Failure Rate Estimation.

aeSolutions has developed training courses designed to build these skills and is an authorized provider of several SIS-related ISA courses.