Greenfield
Factory Automation
Neil
Batch Processing
Hand
Process Automation
Reynolds
Packaging Automation
Campbell
On the Edge
Download this free 94-page Continuous Process Playbook loaded with industry expert advice on topics ranging from control systems, instrumentation, and industrial networks to energy management, security, and system upgrades.

The Great Safety Debate

Print Reprint
     
Some process controls vendors are touting a new class of integrated safety and control system architectures that promise lower costs for end-users. But critics contend that the approach may compromise safety.

A war of words is raging in the process control industry over the “integration” of safety and control systems. It’s a debate that has been ongoing for years, but the recent introduction of new integrated systems by several process controls vendors has lately added fuel to the fire. “This is a terribly controversial issue right now,” observes Bill Goble, principal partner at exida.com, a Sellersville,
Pa.
, safety services firm.  

Too far?

On one side are those who warn that some controls vendors and their customers may be compromising safety by going too far with the concept of integrated process control and safety instrumented systems (SIS). This group says that the traditional requirement for separate and independent operation of safety and control systems may be violated by some of the newer integrated architectures that rely upon “functional” or “logical” separation of safety and control, instead of actual physical separation. 

For one thing, the tight coupling of complex safety and process control systems—if not done correctly—could allow engineers, operators or maintenance personnel who are making control system changes or repairs to inadvertently make dangerous modifications to the safety system, these individuals suggest. For another, the approach could risk “common mode failures” that could affect both safety and control systems, they contend. A system that combines safety and control in the same hardware platform risks a failure “that could basically take out both your control and safety, and if that happens, then you must have a secondary means of shutting that process down in a safe and orderly fashion,” warns Lawrence Beckman, TÜV functional safety expert at SafePlex Systems Inc., a Houston-based safety systems integrator.

The traditional approach to separation is “like the belt and suspenders approach,” agrees Luis Duran, brand director for Triconex, a vendor of stand-alone safety systems that is an Irvine, Calif.-based unit of Invensys Process Systems. “But with what’s been happening lately, the problem is not so much the integration, but embedding the safety system into the controls, and making that fine [separation] line disappear,” Duran says. “Then you don’t have your belt and suspenders any more, so if you lose one, you lose them both.”

FUD spreading?