In all industries where there are risks, safety needs to be independent of control. It is tempting to implement safety functions, such as emergency shutdowns, within (and through) the control system; as the sharing of hardware and networking resources can seem to make sense. However, such an approach will often compromise the responsiveness, effectiveness and even the very role of your safety system.
Integrated Control and Safety Systems in Action
While ICSS - as an overall practice/philosophy - has its roots in the petrochemical industry, increasingly other sectors are having to embrace layered safety protection; and are integrating these with process control, communications, security, site surveillance and other infrastructure elements. Bringing key operational/process and safety information together in a safe manner is of course key to an ICSS.
Over the years, Hima-Sella has developed a truly independent control and safety system (iCSS) philosophy that utilises diverse technologies in strict accordance with IEC61508. This means that safety can be an ever-present aspect of control, but its independence assures system immunity if the control system is ever compromised. In addition, Hima-Sella’s approach to delivering an iCSS gives customers unprecedented freedom of choice where hardware is concerned, enabling selection to be made on the merits of the products used (within the overall system).
Where ICSS is adopted it is becoming an issue to demonstrate the independence of the safety system from the control system. Hima-Sella's approach to providing iCSS with the safety system at its core can achieve this. With its capability of open communications to the major DCS systems the Hima-Sella solution provides clear independence.
Hima-Sella’s solutions, which all provide safety up to SIL 3, include:
- HIMax has virtually unlimited expansion potential and which features HIMA’s XMR architecture (meaning it can run with up to four CPUs and I/O to provide up to quadruple modular redundancy)
- HIQuad which also offers scalable redundancy and which is ideal for small to mid-size applications requiring high levels of process availability;
- HIMatrix the series of modular safety-related controllers and remote I/O modules, delivers cost-effectiveness and big system performance with dedicated modules for subsea applications, and;
- Planar4 the hardwired (i.e. no software) system with logic processing and I/O on every module.
In the Safety Business
There are essentially three business routes to realising an Independent Control and Safety System:
- The first is to engage with a Main Automation Contractor (MAC), Main Instrument Vendor (MIV) or an OEM of Distributed Control Systems (DCSs). The engagement model will tend to be sold as a ‘service plus hardware’, with the initial outlay low. However, system-level integration will typically be done using protocols which are proprietary to the MAC or DCS vendor; so you may have to use the same company for subsequent site/system upgrades (hence the temptingly low initial outlay). Hima-Sella has worked successfully with the MAC/MIV/DCS vendors on projects such as the Rosetta gas field, Egypt and the Buzzard field in the North Sea, as a subcontractor, delivering the independence and layered protection.
- The second option is to source and integrate the safety system and DCS yourself; which affords a great deal of freedom of choice when selecting safety and control systems - if you have the experience to tackle the integration and certification. Typical examples of our work under this scenario, assisting the end-user/EPC to achieve their goal have been the Karsto Expansion Project, Norway and Woqod LPG Plant, Doha.
- The third option, which is rapidly gaining most credence within the industry, is to put safety first and use the safety systems specialist as the overall integrator to ensure control system vendors deliver integration without compromising plant safety. Here, Hima-Sella is a well recognised choice of supplier having leveraged its engineering and integration skills on projects such as Hunterston A nuclear power station, Scotland and the ONGC (India) platform HIPPS solution, as subcontractor to the valve manufacturer to integrate a complete SIL certified solution.
Our Hierarchical Approach to Layered Protection
Within most systems ‘layered protection’ can be provided through independent safety functions, of varying priority and used to ring-fence critical hardware.
Hima-Sella’s engineering approach goes one step further; delivering technical and business benefits. Layered protection is used to protect plant processes using a hierarchy of safety functions. Each independent safety function has a dedicated role and is implemented using the most appropriate technologies (i.e. hardwired and/or software) for that role. Accordingly, each element of the system in turn is monitored by the layer of protection positioned immediately above it. Moreover, Hima-Sella ensures that the ‘hierarchy of safety functions’ is integral to your plant operations -and by extension, business objectives. Crucially, Hima-Sella’s engineered Independent Control and Safety System philosophy achieves safe, efficient and profitable plant operation.
Please contact us for further information