Embed Size (px)
DESCRIPTION
Longwall 2014
Citation preview
▪ Part 1 – Functional Safety
▪ Part 2 – Case study (Application of
Functional Safety)
2
▪ Question – Why Functional Safety?
3
Source – Risk Management Model (Nertney Wheel, Bullock 1979)
▪ Question – How does this help?
4
▪ Definition (AS61508.0)
▫ Freedom from unacceptable risk of –
▪ Economic / business losses, and/or
▪ Physical injury, and/or
▪ Environmental sustainability.
5
▪ Objectives
▫ Improve WHSE and economic
performance
▫ Provide a risk-based approach
▫ Compliance with legislation
6
▪ Background
▫ Functional Safety gained traction in
the 1980’s (UK, USA, Germany)
▫ IEC v’s ISO
7
▪ Buncefield
▫ 40 people injured
▫ $1.6 Billion
▫ “Shutdown
systems failed to
operate.”
8
▪ Bhopal Disaster
▫ 8000 people died / 500,000 injuries
▫ “The safety systems failed to prevent /
control the toxic gas leak.”
9
10
Source –“Out of Control: Why control systems go wrong and how to prevent
failure”, U.K. Health & Safety Executive, 1995
11
Source – AS61508.1:2011 Functional safety of electrical / electronic /
programmable electronic safety-related systems
▪ What about mining in Australia?
▪ How do we compare to other
industries?
12
▪ In Australia –
▫ Started adopting these standards in
the late 1990’s
▫ Harmonisation, Legislation, Australian
Standards
▫ NSW has led the introduction of these
practices 13
14
▪ DRAFT Work Health and Safety (Mines)
Regulation 2014
▫ (m) that any electrical safeguards provided
to control the risk from both electrical and
non-electrical hazards have a safety
integrity sufficient for the level of risk being
controlled
15
▪ General comments –
▫ Application of functional safety?
▪ Overly cautious
▫ Understanding of functional safety?
▪ Mixed
16
▪ General comments (cont.) –
▫ Cost benefit analysis?
▪ Benefits not fully realised (E.g.
Safety improvements, productivity
gains)
17
18
Source –“Out of Control: Why control systems go wrong and how to prevent
failure”, U.K. Health & Safety Executive, 1995
▪ Background
▫ Design and construct an underground
high voltage substation
19
▪ Sample specifications
▫ The designer shall be responsible for completing all
necessary Functional Safety activities, in accordance
with AS61508, AS61511, AS4024, ISO13849.
▫ The designer shall use components that are listed in
the site’s preferred equipment list AND design an
Emergency stop circuit that meets the requirements
of SIL 2.
20
21
Source – AS61508.1:2011 Functional safety of electrical / electronic /
programmable electronic safety-related systems
▪ Objective
▫ Develop a level of understanding of
the substation and its environment
(physical, legislative etc.).
▪ Comment
▫ We generally do this well (E.g. AFE) 22
▪ Objectives
▫ Determine the battery limits of the
substation and specify the scope of
the hazard and risk analysis
▪ Comment
▫ This stage was re-visited 23
▪ Objective
▫ Determine the hazards, hazardous
events and hazardous situations
relating to the substation and its
control system (in all modes of
operation) for all reasonably
foreseeable circumstances
24
25
▪ FMEA
26
▪ Risk Graph
▪ Objective
▫ Develop the specification for the
overall safety requirements, in terms
of the overall safety functions
requirements and overall safety
integrity requirements
27
28
▪ Operational Manual
▪ Maintenance Manual
▪ Installation and Test Plans
▪ Commissioning Plans
▪ Training Plans
29
▪ Hardware / Software design
▪ System architecture
▪ Systematic fault avoidance
30
31
▪ Design
Validation
▪ Operational efficiency gain
▫ Section Isolator fitted upstream of
substation
▪ Design did not meet SIL target
▫ Emergency Stop function did not meet
SIL 2 requirements 32
▪ Solution
▫ Cost benefit analysis
▫ Conduct quantitative analysis (E.g.
LOPA), consider other risk reduction
measures and determine total level of
risk reduction
33
34
Zero Risk (R=0) Substation Risk (R=CxL)
Tolerable Risk
SRCF (SIL 2)
SRCF (SIL 1)
SRCF (SIL 1)
▪ Additional benefits
▫ Cost control (known inputs and a
controlled output)
▫ Increased communication between
the end-user and the designer/OEM
35
36
