🔥 Need PLC Experts? → Start Consultation 🚀 Industrial Automation Support

Common Mistakes in SIS Design According to ISA-84

Avoid pitfalls in your SIS design by understanding the common mistakes in SIS design based on the ISA-84 standard.

Viral Nagda
Safety Instrumented System (SIS)
No Comments
8 Min Read

In an industrial plant’s automated system, safety is a crucial factor. It has been designed in various departments according to their functions to align with the safety levels. One such department is instrumentation. A design specifically suited for this function is SIS, or Safety Instrumented Systems. This design is being developed and compiled in accordance with the ISA-84 international standards. But, there are many mistakes that are made in this SIS design when following the ISA-84 standard. In this post, we will see the common mistakes in SIS design according to ISA-84.

Contents

What is a Safety Instrumented System?

Common Mistakes in SIS Design According to ISA-84

First of all, let us understand what SIS is. SIS stands for safety instrumented systems and is used generally in critical processes. Let us take a simple example. You have a process that has a sensor available in a line for monitoring and sending feedback to a controller for eventually controlling an output, which indirectly controls the process. If the sensor fails, then the whole closed-loop monitoring will fail and hamper the process. Such critical processes cannot tolerate such failures.

For that, SIS is implemented to check and control these failures by implementing the following conditions:

  1. Implementing redundancy in sensor, control element, or controller loop evaluation, or simply, using multiple such components instead of a single one.
  2. Bringing the system to a safe stop state, rather than an abrupt stop.
  3. Acting as the worst-case backup to stop or control the process if mechanical or controller logic fails.
  4. Meeting the safety integrity levels (SIL level) to identify potential safety hazards and resolve them.

This function is governed and implemented by the ISA-84 standard. If SIS needs to be used in a process, then the standard will give its guidelines and rules to follow the same. When you read the guidelines, you will then know how SIS is implemented, what the hazard assessment and when it is required, which SIL level to implement for reference to SIS, and documentation and validation of the SIS process to be implemented. In spite of all this, ISA-84 has recognised some common mistakes which have been followed in most of the organisations when implementing SIS. Let us have a look at them in the topic below.

Common Cause Failures in Safety Instrumented Systems

Common cause failures in safety instrumented systems

Not concentrating on functional safety management

FSM or functional safety management is a method to document the safety process of the system. Not dealing properly in FSM means either people do not read the document, or do not update any changes in it frequently, or insufficient training and unclear responsibilities are defined for the staff. So, working without a regulated FSM procedure itself is the first place to fail the SIS, as the operator will not know what to do in case of the prevention of hazardous situations.

Inadequate proof testing

You have installed the sensors, controllers, and control elements for implementing SIS. But you are not testing their functionalities on a regular, planned basis by shutting the system down during maintenance. The device must have either failed, given false outputs, or the wire is broken. If you do not check it, then the next process running will immediately fail and cause a hazard. This can also happen if you test regularly, but use the wrong method.

Neglecting systematic capability in terms of software

Even if your hardware components are intact and tested regularly, it can also happen that the program written in the controller may have some faults. These issues may not be visible during normal conditions but can arise under abnormal or unexpected scenarios. For example, as per your logic document, you have tested the safety logic. But think like if that happened, then what? This logic may not have been implemented by the programmer. Accordingly, the configuration of SIS, wiring of the IOs, or proper logic implementation may be inadequate. This will not comply with the standard and could fail the system.

Incorrect SIL assignment

Safety integrity levels range from 1 to 4, with 1 being the lowest and 4 being the highest. According to the hazard analysis and risk plans, if you implement a lower SIL rating to a process requiring a higher SIL rating, then the system will fail. Wrong assumptions, rising costs, poor hazard analysis, and failing to read the documents properly lead to such circumstances.

Sensor, controller, and control element issues

The devices mentioned above are properly selected and found working initially, but they can be affected by the outside environment, process fluids, and contaminants. Failing to recognise them, or not calibrating them on time, or maintaining them poorly, will cause the failure to comply with SIS and hamper the system.

Poor operator graphics interface

The HMI or SCADA system is designed to show the alarms occurring and safely maintain the system. Sometimes, due to the wrong or unwanted configuration of the alarms, the operator can get confused. He will misinterpret the meaning and operate the system in the wrong way. However hard the SIS is designed, if the information you show on screen is not proper, then that itself is a complete failure.

Ignoring common cause failures

Bugs like using the same power source for the instruments, avoiding power supply redundancy, not taking backup of the controller regularly, not using diverse technologies for redundancy (like the sensor or control element will be of same technology), wrong configuration of the electrical cables and not logically separating the IOs in the program properly can lead to catastrophic results and a complete SIS failure.

ISA-84 SIS standards

Some other causes of SIS failure, as mentioned by ISA-84, are:

  1. Improper hazard analysis study and risk assessment methods afterwards.
  2. Miscommunication in reading the correct control devices.
  3. Improper design of control loops.
  4. Lack of participation from the workers in training themselves.
  5. Improper graphs or trends of the sensor or control element readings shown on the HMI.

In this way, we saw some common mistakes in SIS design according to ISA-84.

Read Next:

Don't Miss Our Updates
Be the first to get exclusive content straight to your email.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address

Continue Reading

High Reliability of Safety Instrumented Systems
Failure rate and MTBF of Safety Instrumented Systems
Safety Instrumented Burner Management System
A Good Practice on Override Safety Signal (Automation System)
SIS Component Selection – Safety Instrumented System
Automated Block Valve (ABV)
Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Connected

Categories

Explore More

S84 / IEC 61511 Standard for Safety Instrumented Systems
What is Burner Management System (BMS)?
Importance of Safety Integrity Level
Test Questions on Safety Instrumented System
Voting Logic in Safety Instrumented System (SIS)
Safety Instrumented System Handbook – SIS Tutorials
SIS Sensors
Safety Bypass Management System (Instrument & Control)

Keep Learning

Learn More

 
Share via
Send this to a friend