When Safety Instrumented Systems (SIS) were first adopted by the process industries in the mid 1980s, they typically were Triple Modular Redundant (TMR) systems. These systems were significantly more expensive than non-redundant, general purpose programmable logic controllers (PLCs), and generally were considered too expensive to have multiple distributed systems across a facility. The result was the implementation of single, large, centralized systems, since one large 1,000 I/O system was much cheaper than ten smaller 100 I/O systems.
“For full plant-wide safety in an oil refinery or chemical plant, a triplicated system may make sense; but for smaller applications with only a hundred I/O, large monolithic systems simply aren’t cost effective,” says Paul Gruhn, P.E., CFSE, training manager at ICS Triplex, a Rockwell Automation Company. Because of the costs, customers are looking for cost effectiveness through scalability—and that’s where new technologies are coming into play.
“We’ve had a four-year project developing a next generation system, AADVance, which is scalable, very economic, and applicable for small to large applications,” continues Gruhn. AADvance can be designed to be SIL 3 or SIL 2 compliant; in a SIL 2 configuration, the system would require much less hardware and no redundancy, dramatically reducing costs for those users whose application doesn’t require SIL 3.
“Most vendors have products that are rated SIL 3, which is the highest level people would want to have in the process industries,” notes Gruhn. “Lots of logic installations are SIL 3 rated, but there are very few applications that need true SIL 3 performance. Sensors, actuators, and other elements also had to get up to that level of performance. So for a lot of people, the idea of buying SIL 3 is overkill. Technologies such as AADvance enable them to make cost-effective decisions across the SIS.”
Gruhn emphasizes that AADvance is part of a comprehensive set of solutions Rockwell Automation offers to process manufacturers coping with applications of varying sizes and requirements:
• ICS Triplex Trusted is a TMR system certified for use in SIL 3 applications. This is the traditional solution for very large applications.
• ICS Triplex AADvance, as noted above, can be configured for either SIL 2 or SIL 3 applications, providing a truly scalable solution.
• Rockwell Automation ControlLogix is a simple, easy to implement, and affordable solution for SIL 1 and SIL 2 applications.
This solution set not only addresses issues of system size and requirements, but also integration between the control and safety systems.
Historically, companies had little choice other than to use separate, independent, and diverse systems for the basic process control system (BPCS) and SIS. Some users even required that the systems come from different vendors. But an increasing number of companies are finding compelling business and financial reasons for using more integrated platforms for safety and process control.
More tightly integrated systems save money because they can provide a common infrastructure with common bases or tag bases, alarms and events, networks, software, and development tools. This helps simplify asset management while driving down operations, maintenance, and training costs. “The key is to make sure the two systems are functionally separated but share common hardware, software, and networks,” says Gruhn. This allows the user to realize the operational benefits of a common platform while meeting the functional safety requirement for separation. According to Gruhn, Rockwell
Automation technology allows either integration approach. “If people want similar hardware and software, they’ll use ControlLogix and the RS Logix programming environment. If they want dissimilar, diverse systems for control and safety, they’ll use ControlLogix for control and either AADvance or Trusted for safety.”
Field Notes and Boots on the Ground
Using a SIL 3 certified controller does not provide a system with SIL 3 performance. “A chain is only as strong as its weakest link,” says Gruhn. “Field devices are typically the weakest link in most safety instrumented systems.”
In the past, there weren’t any device networks used in the implementation of safety systems. Most field device testing had to be done manually and periodically—an expensive proposition. The trend now is to do partial stroke testing of valves and apply remote diagnostic technology such as Highway Addressable Remote Transmission (HART) to help assure device performance across the system.
HART is a digital protocol that communicates on 4-20 mA to provide diagnostic information to the safety system. Rockwell Automation solutions incorporate HART and other fieldbus technologies for more detailed and effective diagnostics, helping improve and maintain overall system performance.
“A corollary to diagnostics on field devices is the human expertise needed for implementation and maintenance,” notes Gruhn. “Certified field devices and logic solutions do not necessarily provide a safe system if they are not implemented properly.” Increasingly, users are looking to vendors for this expertise for implementation, training, and lifecycle support. Rockwell Automation has a variety of process industry specialists, worldwide, with training certifications from such organizations as Technischer Überwachungs-Verein (TÜV), Certified Functional Safety Expert (CFSE), and the International Society of Automation (ISA).
“Companies aren’t looking for someone to sell them a box and disappear,” concludes Gruhn. “They’re looking for competent support from their vendors over the life of the system. From implementation through training and beyond, no one provides that support other than Rockwell Automation.”
