Early on the morning of Sunday, Dec. 11, 2005, a tremendous explosion rocked southern England. The blast, centered on Buncefield Depot, an oil storage terminal in Hertfordshire that supplied fuel to Heathrow airport, registered 2.4 on the Richter scale, and was reportedly heard as far away as France and The Netherlands.
Forty-three people were injured, 227 schools were closed and buildings were damaged five miles away. Two thousand people were temporarily displaced amid concerns over possible health implications caused by the smoke plume, which could be seen from space, and which eventually spread to France and Spain.
The explosion was ruled accidental, but that didn’t let the company managing the depot, Total UK Ltd, off the hook. In May 2008, a High Court judge ruled that Total UK and its partner, Hertfordshire Oil Storage Ltd, were negligent and responsible for the accident. The companies admitted negligence, but denied liability, claiming they didn’t realize how much damage they could cause. That didn’t fly, and in March 2009, the High Court found Total UK, which had sole responsibility for filling the tanks, liable for the blast, leaving the company facing damage claims of around £700 million.
High profile cases such as this one, and the BP Texas City refinery explosion—which killed 15 workers and injured 170 more in March 2005 and has already cost BP $50 million in fines and upwards of $1.6 billion in compensation—have heightened awareness of safety standards, and led to a sharp increase in demand for Safety Instrumented Systems (SIS).
An increased feeling of vulnerability following incidents such as these contributed to ARC Advisory Group Inc., Dedham, Mass., predicting the SIS market will grow at a compound annual growth rate of about 12 percent to reach $2.5 billion in 2012, despite the economic downturn.
According to ARC Vice President Asish Ghosh, numerous factors have combined to drive this growth, including increased demand for oil and gas to fuel economic growth in emerging markets such as China and India, greater environmental awareness, and increased awareness of safety standards such as IEC 61508, IEC 61511 (both promulgated by the International Electrotechnical Commission), and ANSI/ISA84, promulgated by the American National Standards Institute and International Society of Automation.
Safety is complicated
However, there is more to becoming compliant with safety standards than simply writing a request for proposal (RFP) and hiring a vendor. One of the greatest challenges with implementing safety standards in your production facility is simply knowing which standards apply to you and how.
For the average control engineer, the world of safety standards is a complicated and confusing morass that can vary widely by geographic region. Standards in Europe are not necessarily the same as those in the United States, Canada, Latin America or Asia. In fact, a multinational organization may have to incorporate two or three different standards for the same thing into its corporate standard.
What’s more, being standards-compliant is a moving target. Once you get your plant up to snuff, you have to keep up with the changes that will come with the inevitable revision that occurs every five or so years.
For example, a 2006 update to the International Organization for Standardization’s ISO 13849, which provides safety requirements and guidance on the principles for the design and integration of safety-related parts of control systems, including any software, will come into effect in Europe by October. Other significant changes are coming, demanding risk assessments be completed and incorporated into SIS designs, and that end-users take a lifecycle approach to their safety systems.
Other critical updates involve the demand for a risk assessment. Says Juergen Bukowski, program manager, Safety, for automation components vendor Sick Inc., in Minneapolis, “Every machine builder and end-user has to make sure a safety assessment is done. End-users and machine builders have to work together to make sure the assessment is done on a particular line, machine or production plan. That is one big change.
“Second: once you’ve done the risk assessment, you will have somewhere where the risk is still too high and you have to take protective measures and integrate them into your machine control. But what constitutes ‘acceptable risk?’ The standards give you guidelines that help quantify the risk. That is something that is pretty new for machine builders and end-users.”
Two-layer safety
There are two layers to the whole safety field, explains Bukowski. The regulatory layer is based on laws, and essentially says that companies are responsible for ensuring that their operations don’t endanger the public, for providing a safe working environment for employees and for minimizing any negative impact their operations may have on the environment. Many of these laws, such as those overseen by the Occupational Safety and Health Administration (OSHA) in the United States, were introduced in the 1970’s and haven’t changed appreciably since.
The standards layer interprets the laws and provides specific guidance on how to apply current technologies to meet regulatory requirements. As new technology is introduced to the market, industry wants to be able to take advantage of the new efficiencies on offer.
Due to their lack of reliability when they were introduced to the market, programmable logic controllers (PLCs) were initially banned from use in machine safety systems, which had to be hard-wired instead. But that was decades ago, and now PLCs are highly reliable, and the standards have been changed to reflect that. Not only have PLCs become the defacto industry standard for safety systems, but many varieties of them are available, from dedicated safety PLCs to general purpose safety PLCs that also manage other automation functions.
And the moving targets keep on moving.
According to Charlie Fialkowski, process safety manager at supplier Siemens Energy & Automation Inc., in Spring House, Pa., another change people should expect to see is the marriage of safety and security systems. “In 2004, when the Fire and Gas standard was released, they said that as long as you could quantify the levels of safety from your system, they didn’t dictate the level of integration you needed to meet it. Now, five years later, there are concerns about security. As things get more integrated...if your business network, which is connected to the Internet, is also connected to your plant control systems, then you may have a hacker issue.”
“A lot of people are combining safety with what they are doing for security,” says Mike Boudreau, product manager for Delta V SIS, Emerson Process Management, an Austin, Texas-based supplier. “ANSI/ISA-S99 (a security standard) has a similar model, looking at defense-in-depth. The risk-based approach to safety is very similar to security.”
One way to keep up with all these constant changes is to be involved in the process. Automation vendors, systems integrators and end-users are all well represented on various committees and working groups. For example, energy producer BP had incorporated IEC 61511, which provides guidance for fire and gas systems, into its corporate standard even before it was released.
But making that time investment is not easy for everyone, especially smaller companies. Complicating matters is the fact that safety systems and control systems can be very different, and demand different training and skill sets.
And it’s not always easy to hire safety experts either. According to Brian Hampshire, a control systems engineer involved with safety programs for BP, there is a real shortage of trained safety experts in the market, leading to a reliance on safety consultants.
“The major companies—Exxon, Chevron, the big oil and gas players—these are the companies that helped put the standards together,” says Paul Gruhn. “The people who are struck blind by this tend to be the smaller players who don’t participate. They are like ostriches with their heads stuck in the sand.”
During the day, Gruhn is Training Manager at SIS vendor ICS Triplex, in Houston. But in his spare time, he is a member of ISA84 Committee that wrote the standard on safety systems, he’s an ISA Fellow, he developed the world’s first safety software modeler system, he developed and instructs ISA safety courses and he’s the primary author of the ISA book on the subject.
“A lot of companies, with the downsizing, want to pawn this off on outside suppliers, and that’s a problem. I’m a little concerned when I see (that). It’s like letting the fox design the henhouse. Vendors and suppliers are going to make things work to their own best interests.”
Gruhn has three key pieces of advice for end-users looking to meet safety standards.
• Read them!
• Get your safety requirements specifications right
• Remember that you, the end-user, are responsible for making sure everything gets done.
“That doesn’t really seem to be happening. It’s clear from the poor specifications in the RFPs that the end-users aren’t knowledgeable about what they are looking for. They write in things like, ‘the system must meet safety standards’ and think that’s adequate. It isn’t.”
False assumptions
Many people assume—not unreasonably—that meeting international safety standards is expensive. After all, any such program is bound to have significant cost associated with it. However, the assumption that safety slows down production and reduces productivity by diverting people from non-value added activities is patently false.
“There’s this assumption that safety costs them money, but it’s not true,” says Gruhn, who insists that meeting safety standards has significant benefits that actually improve production efficiency.
“Such statements are a myth that should not be allowed to continue,” he adds. “End-users made the same complaint when OSHA introduced the PSM Process Safety Management (PSM) of Highly Hazardous Chemicals (HHCs) standard, 29 CFR 1910.119 regulation over a dozen years ago. OSHA has reported that not only have the number of accidents gone down over 20 percent, but companies are reporting that their productivity is higher [as a result of doing PSM].”
Gruhn also points to the experience of Houston-based ConocoPhillips. In 1997, Conoco put out an RFP for the construction of a refinery in Venezuela, including the required safety features. Managers at the winning contractor did not plan on implementing them, but once forced to comply, found that they’d had to do such a thorough job planning and organizing things that their productivity increased dramatically. In fact, they were able to complete the job at a lower cost than anticipated.
“As long as management believes that safety will cost them money, they won’t want to do the required tasks. However, once they realize that safety will save them money and improve their productivity, their attitudes and actions will change,” Gruhn contends.
“The safety standards make you more diligent in analyzing your process and your hazards,” adds Hampshire. “When you do that, you always find something you can change or re-engineer to improve safety or productivity. I see that a lot. You pick up things you might not have seen in the past.”
“Safety is always an issue for a company when there is an accident,” says Bukowski. “But if you do it right from the beginning, then you can avoid accidents and all the expenses that go with them.”
Related Sidebar - Additional Organizations and Links
To read the article accompanying this story, go to www.automationworld.com/feature-5489.
Related Sidebar - Some Safety Standards You Should be Familiar With
To read the article accompanying this story, go to www.automationworld.com/feature-5490.
Subscribe to Automation World's RSS Feeds for Feature Articles
Leaders relevant to this article: