Proven performance takes on special significance for SISs because most operate as dormant systems that only take action when a process demand occurs. In contrast, control system devices are expected to operate frequently, if not continuously so their failures usually are rapidly detected; if these failures cannot be managed by the control system or operator, an independent SIS often is implemented to mitigate any unacceptable process risk.
A debate now is underway on whether to integrate the SIS with the control system. One of the strongest arguments for separation is the common practice of using the latest technology in control applications. Many owner/operators that strive to adopt the newest control technology often find that the products are not as well developed as originally thought. New control system implementation can turn into an unplanned product development project. While necessary for production or quality reasons, this can be a hazardous practice for SISs. Do not under-value proven operating history.
A reality check
User approval is an important aspect of complying with ANSI/ISA 84.00.01-2004. This approval should balance predictive evidence, such as analysis and testing reports, with field operating history. While some manufacturers now provide devices that are certified for use in SISs, these devices are relatively limited in their range of application and technology. Many are not field proven and some are not demonstrating the robustness necessary for process industry applications. An IEC 61508 analysis often assumes an unreal operating environment: one that does not include the process impact, ambient conditions, stress, manufacturing defects, software errors, installation issues, electrical disturbances, instrument air or other support-system quality problems, etc.
Consequently, owner/operators in the process industry should always seek to achieve the proper balance of analysis/testing information and field experience. Whenever possible, they should rely heavily upon operating experience for selecting devices for SISs, especially for those devices installed in a process environment. The amount of information or experience required and the degree of rigor associated with an evaluation may vary depending upon the nature of the device and the required SIL. However, the user approval process must establish sufficient evidence to justify that the device can and does achieve the required performance in the intended operating environment.
Angela E. Summers, Ph.D., P.E., is president of SIS-TECH Solutions, LP, Houston, Texas. She is the recipient of ISAs 2005 Albert F. Sperry Award for outstanding contributions and leadership in the specification, development, and implementation of safety instrumented systems for the process automation industry. E-mail her at firstname.lastname@example.org.
Susan Wiley is a senior consultant with SIS-TECH Solutions, LP, Houston, Texas. E-mail her at email@example.com.