SAFETY MIT 40 Safe state -What is it? -For whom? • Stop • Maintain – Train (Alarm operator) – Process – Airplane – Machines – Exothermal reactor – Drill-rig? – Airbag? Failure Modes • Dangerous failure – The system does not perform its function when activated • Spurious Trip – The system performs its function without beeing activated – Also, many spurious trips are negative for the overall safety of the installation Risk • Risk = Consequence x Frequency • Frequency = Demandrate x Probability of failure of the safety function EXAMPLE RESULT •Gas-leakage due to overpressure Gas-leakage due to •Overpressure once a year overpressure every •SIS failure every 10. demand 10. years Risk based Requires independence 1oo2 voting Safe state = off Safe state = on Good safety Bad availability 2oo2 voting Safe state = on Safe state = off Bad safety Good availability Qualitative requirements • When a safety function does not work, it is either broken or “wrong”. – Wrong location of detectors – Software mistakes – Operator blunders/typos • Systematic failures can not be calculated….only minimized and corrected Other requirements • independent and in addition to other systems (PSA, API, IEC 61508-1 (ch. 184.108.40.206 b)) • not to be negatively influenced by failures in other systems • Process safety to be done by two independent and different barriers (OD/API RP 14C) – Primary barrier (instrumented) – Secondary barrier (mechanical) Rules/regulations/standards PSA IEC61511 IEC61508 OLF 070 DnV API RP 14C Company standards (Statoil, Hydro, Phillips, Shell, BP etc.) Maritime Black Box MBB . The Maritime Black Box MBB system consists of the units described below. • Norcontrol Data Collection Unit (DCU) – Interfaces sensors and equipment for data collection and storage in the PSU, – Multi Serial Interface Module (MSI), Audio Recording Module (ARI), – Distributed Process Modules (DPU) and a video frame grabber card. – Operation and monitoring of the Maritime Black Box system (MBB) • Norcontrol Protected Storage Unit (PSU) – Storage of recorded data • Optional Replay and Evaluation Unit (REU) – Unit for replay and training using recorded data Data Recorded 1 • Data and Time Date and Time is derived from a device external from the ship, normally a GPS. • Ship's position Latitude and longitude, this is derived from an electronic position-fixing system (GPS). • Ship Speed Ship speed is normally recorded from the ships Speed Log • Ship Heading Ship heading is recorded as indicated by the ship's compass or gyro • Bridge Audio Recorded through microphone panels located on the bridge. Four microphones are included in standard delivery Data Recorded 2 • Communication Audio (VHF) • In and outbound communication from the ships VHF, one VHF set included in standard delivery • Radar Radar image as displayed to the operator, one radar included in standard delivery • Echo sounder This includes depth under keel, the depth scale currently being displayed and other status information if available. • Main alarms Including the status of all mandatory alarms on the bridge, more specifications in chapter 5.1.1 Data Recorded 3 • Rudder order and response Rudder order and response angle on rudder is recorded, including status and setting of autopilot if fitted. • Engine order and response Including position of engine telegraphs, both ordered speed and propeller response. Bow and stern thrusters are also recorded if fitted • Hull openings status Including all IMO mandatory status information of hull openings that's required to be displayed on the bridge. Data Recorded 4 • Watertight and fire door status • This includes all IMO mandatory status inforation that's required to be displayed on the bridge. • Accelerations and hull stresses • Where a ship is fitted with hull stress and response monitoring equipment all the data items that have been pre-selected within that equipment is recorded. • Wind speed and direction The wind speed and direction is recorded from the navigation system. Both true and relative wind is recorded, including each direction KONGSBERG MARITIME SAFETY SYSTEMS AIM Safe • The Kongsberg Maritime Safety System (AIM Safe) is a computerised system developed and designed specifically for the safe monitoring and automatic corrective actions on unacceptable hazardous situations. • The AIM Safe system being a part of the AIM family Basic Applications • An acceptable risk level must be established and means to achieve this acceptable risk level must be found. • The most common use of computerised safety systems is for Emergency and/or Process ShutDown (yellow) and Fire & Gas detection and protection systems (red). • Usually the systems are delivered with no interdependence, only information exchange between them takes place. • This way the different safety barriers are kept independent Typical topology for an offshore vessel • Installations on rigs usually centralize the HMI for safety systems to a central control room. • Non-explosion proof equipment such as fire central, computers and traditional IO cards are normally centralized in the non- hazardous areas. • Remote IO units and field sensors are physically distributed. • RIO units can be delivered for installation both in non-hazardous and hazardous areas Typical topology for cruise vessels • Installations on cruise vessels are usually physically distributed into the main fire zones. The solution reduces cabling cost and provides autonomous units to control the main fire zones. Emergency ShutDown (ESD) • The Emergency ShutDown System (ESD) shall minimise the consequences of emergency situations, – uncontrolled flooding, – escape of hydrocarbons, – outbreak of fire in hydrocarbon carrying areas or areas which may otherwise be hazardous. • Basically the system consist of field-mounted sensors, valves and trip relays, system logic for processing of incoming signals, alarm and HMI units. • The system is able to process input signals and activating outputs in accordance with the Cause & Effect charts defined for the installation – ShutDown of part systems and equipment – Isolate hydrocarbon inventories – Isolate electrical equipment – Prevent escalation of events – Stop hydrocarbon flow – Depressurise / Blowdown – Emergency ventilation control – Close watertight doors and fire doors Process ShutDown (PSD) • The Process ShutDown system ensures a rapid detection and safe handling of process upsets. • the system consists of field-mounted sensors, valves and trip relays, a system logic unit for processing of incoming signals, alarm and HMI units. • The system is able to process all input signals and activating outputs in accordance with the applicable Cause & Effect charts. • Typical actions from PSD systems are: – ShutDown the whole process – ShutDown parts of the process – Depressurise /Blowdown parts of the process Fire / gas Detection and Protection (FDP) • The Fire detection and protection system (FDP) shall provide early and reliable detection of fire or gas, wherever such events are likely to occur, alert personnel and initiate protective actions automatically or manually upon operator activation. Typical actions from FDP systems are: • Alert personnel • Release fire fighting systems • Emergency ventilation control • Stop flow of minor hydrocarbon sources such as diesel distribution to consumers. • Isolate local electrical equipment • Initiating ESD and PSD actions • Isolate electrical equipment • Close watertight doors and fire doors Safety Management (SMS) • The SMS combines information from multiple sources with decision support and lifeguarding actions. • SMS is useful for crisis management especially on cruise ships and other complex installations, but will be useful even in other applications. • The primary function of the SMS is to detect and announce the presence of a hazardous situation from multiple sources providing a homogenous HMI for all relevant subsystems. • The system is able to display information about location of firewalls and passive fireprotection equipment, escape routes, ventilation status etc. Functionality of the SMS • Emergency procedures / Decision Support System (DSS) • Automatic or manually initiated safety reports for incidents, routine checks and drills • Identification of escape routes from the areas • Location of manual fixed/portable fire extinguishing components • Integration of CCTV functionality (AIM Video) • Online -help • Safety Condition Parameters (SCP) • Integration of information from other control systems and subsystem Emergency procedures / Decision Support system (DSS) • Decision support is a tool to concentrate information to the decision-makers during incidents and to guide them through the situation.
Pages to are hidden for
"25 safety HIVE"Please download to view full document