Functional safety is not a ‘one and done’ exercise but an ongoing, iterative process. Given the potentially hazardous materials that are standard within the process industry, it is particularly important that industrial process safety be actively managed and funded throughout a facility’s lifecycle. But how do companies manage risks effectively to prevent or mitigate incidents that can harm workers, the environment, operability, or corporate reputation? It starts with a rigorous planning process to identify and address those risks.
Process safety may be easily integrated in the core requirements of a new facility. However, in the case of older facilities, it is time to revisit functional safety plans when automating processes, upgrading control systems, or where equipment and instruments have simply aged. Modifications typically raise issues including whether processes meet current safety standards or fall within the company’s acceptable risk parameters. While on-site engineers and staff can oversee and maintain existing control and protection systems, functional safety specialists can guide companies through some of the key components in reviewing the process safety lifecycle.
Functional safety assessments begin with a hazardous operability study, known as a HAZOP. This structured exercise takes an in-depth, systematic look at certain functions within the process or facility. It is designed to identify potential hazards and risks associated with the process that could harm personnel, operability of the facility, or the environment. Piping and instrumentation diagrams, 3D models, instrument datasheets, and other supplemental data are used to define scenarios of possible deviation from normal operating conditions in new, modified, or existing facility processes.
The study is performed qualitatively by a group of trained professionals and key stakeholders. It may be facilitated by in-house experts but should include a certified HAZOP facilitator brought in from outside the company to ensure all risk scenarios are adequately developed and explored. When a potential hazard is identified, and where it is perceived that the design has inadequate protection, these hazards are now referred to as Safety Integrity Functions (SIF) and are recommended candidates for further analysis.
Building on the HAZOP study outcomes, the second stage is to quantify the risk tolerance for each SIF. Risk tolerance is most often quantified by companies either through adoption of an industry-accepted standard risk matrix, but some choose to generate their own. The risk matrix weighs the severity of an emergency event against its anticipated frequency and produces a required Safety Integrity Level (SIL). SIL ratings are between 1 and 4 — the higher the SIL rating the greater the criticality of the failure and the number of safety protection layers required.
The Probability of Failure on Demand (PFD) is a key metric calculated for each SIF. It determines the risk gap remaining to be closed to reduce the likelihood of an emergency event to an acceptable level. The Risk Reduction Factor (RRF) is closely related to the PFD, one being the inverse value of the other. There are several different means to calculate the PFD and RRF, and two of the most common methods are Layers of Protection Analysis (LOPA) and Fault Tree Analysis. These processes identify the remaining risk gap of the SIF to meet its required SIL and sets the parameters for the Safety Instrumented System (SIS) that needs to be designed.
The third stage involves engineering a SIS solution to manage the remaining SIF risk gap. This is often the point in the process where most companies do not have the required expertise and will rely on the expertise of outside functional safety specialists. To aid the design of the SIS, specialized software is often used in conjunction with the IEC 61508 and 61511 standards to engineer a process solution that ensures the PFD and RRF are mitigated, and a tolerable level of risk is achieved.
In the engineering design of a SIS, the final step is the creation of a Safety Requirement Specifications (SRS) document. This core document contains the engineered solution for the SIFs and the mathematical modelling that proves the SIS solution resolves the PFD and RRF. It also provides all technical bases and assumptions that were used. It details the steps to implement the SIS solution, how to maintain and test all components of the safety system and includes information about how often to review the SIS and perform performance proof testing to re-evaluate the performance, as well as any working conditions that may impact the process or control system.
Given the importance of functional safety, there is a clear role for technical experts, but all key stakeholders in the facility need to be involved in the process. These include on-site technical leads who understand the processes such as design engineers, operations and maintenance staff. The engagement and commitment of senior management to a safety culture built around the safety lifecycle is equally important. Their participation is a crucial a part of the overall process, because equipment degrades and the ongoing management of the system of safeguards (from scheduled reviews to proof testing certain safety functions or safety verification for newly identified gaps) requires an investment throughout the lifespan of the facility.