Abnormal Situation Management Abnormal Situation Management Today’s Distributed Control Systems are a product by tyndale


									Abnormal Situation Management

Today’s Distributed Control Systems are a product of evolution, they started life by
providing cost effective solutions to more traditional pneumatic and electronic controller
equipment replacement. The benefits they brought easily justified their existence as many
process plants demonstrated improved plant startup, accurate control and better
diagnostic capabilities.

A lot of the functions that are considered standard in many of the leading suppliers DCS
packages are direct replacements for traditional equipment such as alarm annunciators,
pen recorders, face plate controllers.

Often these standard functions did not quite meet the requirements as a replacement
system because of either changes in the operating environment or limitations in the total
system configuration.

The alarm system, for example, had inherent limitations due to configuration and system
capabilities. Having the ability to have thousands of parameter points focused to a single
source was good but often introduced throughput limitations, timing constraints, alarm
flood at the operations man machine interface, and because of sampling techniques, often,
the loss of sequence of events and “first-up” notification.

Trending of single parameters similar to a pen recorder soon became inadequate as
greater flexibility was required to evaluate data at different time periods and a need for
grouping of parameters for diagnosis of process problems. Soon scaling, data sampling
and history capability became a complex problem for the DCS suppliers to resolve.

The DCS suppliers provided the users with greater flexibility. Unfortunately this
flexibility has often been abused and many failures have been attributed to poor human
factors considerations, and system overload during abnormal conditions.

During one of Honeywell’s customer events “The Phoenix Worldwide User Group” a
group of customers back in the late 1980’s requested that a joint user/supplier group be
formed to collectively demonstrate enhancements to Honeywell’s TDC3000 alarm
management capabilities.

The group consisted of over forty key customers and they collectively with Honeywell
experts generated a prioritized list of improvements and enhancements to the current
alarm management capabilities. This list is being implemented and the first major release
of customer driven improvements will appear in Release 500 and subsequent software
The first release includes:

 Control & alarming annunciation
    Separate priorities on alarm limits
    New alarm priorities-print only, print/journal
    Enhanced contact cutout
    Change of state alarming

 Management from custom displays
   Alarm status collectors for alarm groups (Primmod)
   Alarm count collectors for alarm groups
   Unit alarm status using process status data point
   Unit alarm counts using process status data points
   Selected point on alarm summary available
   History collectors
   Configure button LED’s for alarm groups

 Alarm Summary Enhancements
    Freeze display
    Sorting - Chronological or alarm priority
    Filtering - By alarm priority
    Temporary suppression of horn for low, high priority
    Option of having low priority alarms in area summary
    Option of symbols for alarm priority identification
    Option of three alarm priority colors - configurable
    Disable alarming on selected point

 Management From Custom Displays
   Alarm/message window
   Scaleable window for alarms or CL messages
   Alarm status collectors
   Alarm count collectors

      Navigation from Alarm Summary to Schematic
      Configure schematic names to tag names
      Schematic invoked via SCHEMButton

   Point attribute Summary enhancements
   Process Alarm Group Support for Schematics and LED’s
   UCN I/O Processor Softfail Alarm Improvement
   Printer Alarm Annunciation Suppression
   Momentary Horn Option
   Pass Selected point from Alarm Summary to Schematics
These capabilities will go a long way to prevention of alarm floods if implemented
correctly. They will enable users to better categorize alarms and configure parameters in
a prioritized list using color codes and symbols for clear identification and improved
human factors performance. Having contact cut out facility and the ability to change
alarm limits via an application program which is monitoring plant status e.g. startup,
shutdown, production limit or demand options will greatly enhance the existing features.
However, these initiatives will only be successful if combined with alarm rationalization
project. We are starting to see personal computers connected to the Universal Stations
printer port enabling statistical analysis of alarms and improved techniques to remove
poor design or identify equipment malfunctions.

The customers who worked on the alarm management task force identified this as a clear
win win situation for all parties. With this success under their belt they decided that the
team should not be disbanded but should identify a new problematic area and continue to
work to provide solutions that truly meet their requirements.

In September of 1991 a subset of the large group formed a new task force representing
Amoco, Chevron, Exxon and Shell who decided to review plant operations that could
yield a potential problem and which to date has received little exploration. It is not
known at the start of this project how important it would be, what it would cost and what
the potential benefits would be to all concerned. The group decided to call this new
investigation Abnormal Situation Management. It has strong connections to the original
alarm management task force as we consider the challenge that operations and
maintenance groups have during a plant abnormal operation.

The group considered rough data which would justify their initial time reviewing this
subject and incidents such as the Union Carbide Bhopal incident and local Philips
Petroleum and Arco Channel View catastrophes that had recently been high profile in the
press and the customer safety reviews. The group new that large disasters happen and
some studies seem to indicate they are becoming more commonplace than industry would
like to acknowledge.

Because the group has a strong operations experience, they were aware that these
incidents are very costly and can cause loss of life, but they believed that plant hiccups,
interruptions, unscheduled shutdowns, equipment failures, small loss of containment, and
quality problems potentially could yield a very high payback for their companies.

To establish the facts behind abnormal situation management the team concluded the only
way to justify this research was to do detailed analysis of real plants. This presented a
problem as most Refiners are very protective of intellectual property, competitiveness,
technology advantages and confidential information. This could have been a large
stumbling block to the success of the project. Honeywell, who already has established
confidentiality agreements and has demonstrated integrity in handling propriety
information, proposed that they would conduct site visits and remove
confidential/propriety information and compile common requirements in the form of a
Core Team Summary Report which could be circulated widely within each of the
representative organizations.

The companies agreed to this strategy, Honeywell IAC and it’s Scientific Technology
Group (HTC) with a blend of human factor experts and cognitive scientists developed a
methodology to investigate Abnormal Situations and the management techniques and
practices that are used to respond to abnormal conditions and to identify best practices
that prevent abnormal situations or limit the escalation of incidents.

The methodology involved reviewing two years history of plant incidents for each plant
visited. A systematic and statistical review of these incidents together with operations
personnel interviews identified root causes of incidents, problems introduced by today’s
technology, a review of enabling technologies and the impact of system integration. The
site visit also included human factor and personal performance reviews and how people
and systems communicate.

The methodology has proved to be a very powerful tool that has since been used to justify
a large research program. It has subsequently been developed into a Honeywell service
which has provided a very profitable payback to plants that have been through this
process. The Honeywell team soon realized that it could identify a pattern of best
practices which could benefit each of the team members. Since this has been
implemented a new age has dawned. After identification of the best practice the company
with this has been encouraged to share this information with other core team members.
Each company has benefited from this approach and all recognize the value of the site

The basic study identified human performance as one of the common problems that needs
to be urgently addressed. It has been estimated by safety groups as responsible for 80%
of previous catastrophic incidents. People not following procedures, procedures being
too complex and unusable, lack of knowledge or understanding, insufficient time to make
accurate decisions and information overload are the result of poor context sensitivity.

The DCS and associated control equipment suffered from inherent design considerations
that effectively produced a reactive system with either no or insufficient predictability and
preventative tools. The MMI offers a very limited view of the process and adding extra
small windows via additional monitors was not helpful. The benefits that the old panel
technology offered had been lost and the casual users ability to quickly recognize patterns
to determine plant health was lost. This actually impacted the Supervisors ability to help
an operator during a plant disturbance. We discovered the only effective supervisors
were ones who actually rotated and took a turnin becomming familiar with the features
and design of the control system.
As we got closer to generating an R&D proposal to address a lot of these issues several
new companies joined the program and we have others who would also like to join and
receive the benefits that this initiative offers. Hence, a consortium has been formed
consisting of Amoco, Chevron, Exxon, Mobil, Novacor Chemicals, Shell, Texaco and
two software vendors Gensym and Applied Training Resource (ATR).

We have identified that abnormal situations are costing the USA over $20billion/year and
that most of these situations are preventable. Hence, our program is initially aimed at
reducing these by a factor of 10. We believe that 64% of the $20billion are directly
preventable and we are developing a technology that will address each of the issues.

The R&D program was still however, considered high risk and needed funds in the order
of $20MM. Honeywell and the rest of the consortium have raised over $8MM to develop
an Abnormal Event Guidance Information System (AEGIS). The USA government
through a National Institute Science Technology (NIST) advanced technology program
(ATP), has raised an additional $8MM and the short fall has been made up by Honeywell
and developing relationships with other consortiums here and overseas. The research is
scheduled over the next 3.5 years with the deliverable of a proof of concept in the form of
a prototype system that Honeywell would eventually productize.

The research program will also address issues such as the impact of using a predictive
plant state estimator on the alarm philosophy and MMI. Usability testing will determine
human performance based on today’s technology and the impact of elements of AEGIS.
The AEGIS system will also understand process operations and the production goals and
their relationship to Safety, Quality, Environment, and Economic conflicts.

AEGIS is not just another attempt to introduce an “EXPERT” AI device, it is a culture
change and its success will stem from its embedded design into today’s DCS technology.
Integration is not enough. Old ways of doing control will be replaced as we move from
the tag.parameter into a world of product and production systems and operations.

Other management techniques such as incident investigation reports and the plants
corporate memory will be a source of knowledge for AEGIS, extracting the useful design
understanding from Process Hazard Analysis will be captured within the system and used
as rules for maintenance and operations activities.

AEGIS will also address the communication issues identified in the site studies and will
provide solutions for inter plant communication and Field Operator to Control Room
communications. The existing DCS technology from a wide selection of suppliers does
not take into account casual users of the system. The same MMI is provided for all users.
AEGIS will have the intelligence to recognize a user and provide information suitable for
that persons discipline and knowledge of the DCS.

The problem we are trying to resolve is not a Honeywell problem. It is a common
problem that the industry working cooperatively must address. The solution we
anticipate, therefore, must be generic and using Honeywell’s OpenUseTM form we will
make AEGIS platform independent and available to any DCS solution.
The Consortium’s experience in the application of the required technologies in the real
world can not be equaled:-
        We represent about half of the US Petrochemical industry
           (including the top six companies).
        Honeywell is the leading controls vendor in this industry
        Gensym the leading AI Company and
        ATR the leading Computer Based Training (CBT) and document delivery

Every company has contributed its most talented personnel in this area.
We have been involved with all the relevant previous attempts to solve this problem.
The problem we will solve has enormous impact on the competitiveness of the US
Petrochemical Industry. The potential impact is growing due to continuous consolidation
in the industry. The timing is perfect, the required control system infrastructure is now
being designed by Honeywell in Phoenix.

The benefits far exceed the cost of this program and the changes will impact the way we
control and operate plants in every market sector throughout the world.

Ian Nimmo

ASM Program Director

To top