The Real World Impact of ISA 18.2on Process Industries
Kevin BrownMatrikon Inc.
Agenda
• Introduction• What is Alarm Management• What is a Lack of Alarm Management• OH&S & Legislation• An Example Plant Incident• Demystifying Standards & Guidelines• ISA 18.2 Compliance• Alarm Management Lifecycle• Steps to Compliance• Questions
Operators on alert
Operator response, alarm standards, protection layers
keys to safe plantsIntech, September 2009
Kevin Brown - Introduction
• Manager – North America Alarm Management Team• 4.5 years at Matrikon
– Completed projects from upgrades to $2.8 MM– Audits– Alarm Philosophy development– Facilitate alarm rationalization
• Spent 20 years in plants in process control– Experience with different computer control systems
– Bailey, Taylor, Advant, GE, Allen Bradley, Metso, TDC3000
– Experience with Historians– Simsci, MOPS, OSI PI
– DMZ network design and setup
Matrikon Alarm Management Matrikon has 20 years experience and is the Global Leader in the deployment of Enterprise Wide Alarm Monitoring Solutions with the world’s leading companies,…innovation, safety, commitment to
value and high ethical standards
• 550 employees• 300+ consultants with
extensive domain expertise
• Complete services, from planning to execution
Global Presence
Complete Solution Provider
Company Overview
Consultants275+
R&D100+
Other150+
• 18 offices• 17 Partners• Strong Presence in
Toronto (25 Consultants)• TSE: MTK
What is Alarm Management?
“Process by which alarms are engineered, monitored, and managed to ensure safe, reliable operations”
What is Alarm Management?
What else is Alarm Management?
• Continuous lifecycle• Plant maintenance/reliability• Good process control• Outcome of a risk assessment• Related to equipment failure• A form of Enhanced/Advanced Control• Abnormal Situation Management• It has been “widely ignored” for a long time
What is a Lack of Alarm Management?
What is a Lack of Alarm Management?
Example: Texas City Oil Refinery 2005.
Precursors: - Maintenance cut by 25% - Only one Control Room Operator for the whole plant - Failed level switches - Level transmitter reading incorrectly – no alarm - Workers within exclusion zone - Decided against installing safety flares
Outcomes: - 15 people killed
- Could have spent a couple of $m but ended up costing $1.6b - Oil Refining industry are now relatively proactive in AM
(Ref.) http://www.texascityexplosion.com/
OSHA leveraged fines for
this incident exceeded $87MM
Alarm Management: It’s about Safety!
Documented financial losses
estimated at $1.5 billion
An Example Plant Incident
An Example Plant Incident
• Plant is unstable, getting towards end of 12hr shift• Tank containing hot material reaches HH level• Trip on HH level interlock was disabled to replace the instrument and
inadvertently not re-enabled • Operator misses the alarm because he/she is overloaded and there is an alarm
flood• High level safety switches that trip the incoming pump have not been tested for
over two years and fail to operate • Tank overflows and severely burns worker below
Possible Outcome
Employee Impact• Possible Injury• Potential Fatality• Flow-on Family/Community effectsEmployer Impact• Operational Downtime/Loss of Production• Investigation by the relevant authority• Expert Witness in Court• 1st Question to Employer: “Did you comply with an ISA Standards or Internationally accepted Standard”?• 2nd Question to Employer: “Did you follow known, good engineering practice”?In recent cases there has been more use of expert witnesses. What would an expert witness say in this case?
Key Features ISA 18.2
Key Features – ISA 18.2
• Large focus on an Alarm System Lifecycle• Clear Alarm System Performance KPIs• Section on compliance• Alarm Philosophy – what must be included• Alarm System requirements Specification• Identification• Rationalization• Advanced Methods• Less examples are given• Complimentary to EEMUA 191
Matrikon & ISA 18.2
• Participation– Mike Brown– Jeff Gould– Michael Marvan– Alan Armour
• Section Leadership– Operations– Maintenance– Management of Change
• Sub-Committees– Monitoring & Assessment– Audit– Analysis (Annex)
• ISA’s Committee Website: http://www.isa.org/MSTemplate.cfm?MicrositeID=165&CommitteeID=4627
ISA 18.2 Alarm Performance KPIs
Industry Benchmarks: Room to Improve!
Other
900
35
180
25/40/35
5
Power
2000
65
350
25/40/35
8
PetroChem
1500
100
180
25/40/35
9
Oil & Gas
1200
50
220
25/40/35
6
ISA
144
5
10
80/15/5
1
Average Alarmsper Day
Standing (stale)Alarms
Peak Alarmsper 10 Minutes
Average Alarms/10 Minute Interval
Distribution %(Low/Med/High)
Alarm Management Lifecycle
Philosophy
Audit
Rationalization
Identification
Detailed Design
Implementation
Maintenance
Operation
Management of Change
Monitoring & Assessment
D
C
E
AJ
B
G
HF
I
Alarm Management Lifecycle
• Philosophy• Identification• Rationalization• Detailed Design• Implementation• Operation• Maintenance• Monitoring & Assessment• Management of Change• Audit
Entering the Lifecycle - Philosophy
Philosophy
Audit
Rationalization
Identification
Detailed Design
Implementation
Maintenance
Operation
Management of Change
Monitoring & Assessment
D
C
E
A
J
B
G
H
F
I
• Greenfield or Brownfield sites• Objectives of the alarm system• Design it correctly and keep it there
Philosophy
Audit
Rationalization
Identification
Detailed Design
Implementation
Maintenance
Operation
Management of Change
Monitoring & Assessment
D
C
E
A
J
B
G
H
F
I
Entering the Lifecycle - Monitoring & Assessment
• Focus on quantitative analysis to determine gaps• Follow Maintenance & MOC paths to resolve
Philosophy
Audit
Rationalization
Identification
Design
Implementation
Maintenance
Operation
Management of Change
Monitoring & Assessment
D
C
E
A
J
B
G
H
F
I
Audit
ISA 18.2 Compliance
Alarm Management is now a Compliance Issue
• Compliance: ANSI / ISA SP18.2– Similar to ANSI/ISA S84.01:
– nationally recognized standard
– qualifies as a nationally recognized standard for safety systems such that OSHA recognizes as “recognized and generally accepted engineering practice”
– Not a requirement to meet OSHA 1910.119 PSM requirements but bears substantial weight with regard to implementing safety/alarm systems
– burden of proof is on the User to demonstrate that they have followed generally accepted engineering practice
ISA 18.2 Compliance.
• Section 4.1: Conformance Guidance
To conform to this standard, it must be shown that each of the requirements in the normative clauses has been satisfied.
• Section: 4.2 Existing Systems (Grandfathering Clause)
For existing alarm systems designed and constructed in accordance with codes, standards, and/or practices prior to the issue of this standard, the owner/operator shall determine that the equipment is designed, maintained, inspected, tested, and operated in a safe manner.
Historical Findings
• Industry estimate: $10 Billion per year from abnormal situations
• Incident costs from $100K-$1 Million per plant per year• Refineries suffer a major incident once every three years
costing $80M• Insurance companies show industry claims >$2.2 Billion
per year due to equipment damage (North America)
ASM Consortium Findings
Personal Observations.
• Many process plants in North America are not doing enough
• Alarms form part of your plant’s layer of protection• There will be more prosecutions for OH&S breaches
What Steps Can You Take?
• Senior Management Sponsorship• Purchase ISA 18.02• Undertake an audit of your alarm system. Minimum do
Monitoring and Assessment• Prepare a Philosophy Document and then Functional
Specifications• Prepare a Strategic Plan• Just Do it
Questions?
Top Related