Improving safety shutdown valve reliability

Highly reliable, safety critical shutdown valves are a key component of these systems. This article discusses recent design enhancements that can dramatically improve reliability. These new safety valve accessories also provide an easy and inexpensive means of local proof testing, along with valve position indication.

Safety instrumented systems

A SIS is typically composed of one or more safety instrumented functions (SIFs). SIFs are designed to detect a developing hazardous condition and immediately respond to mitigate the condition. A SIF is composed of three major elements: sensor(s), a logic solver, and final element(s) (Figure 1). Each of these components must be certified to IEC 61508 or ISA 84.01, and each must include a calculated failure rate to demonstrate its ability to reliably perform the intended safety function between proof test intervals.

The sensors are instruments that measure various process parameters and transmit this information to the logic solver.

The logic solver can be an electronic safety controller or a simple, hardwired device. The logic solver monitors the sensor readings, determines if a trip is warranted and, if so, activates the final element(s) to bring the plant to a safe condition.

The final elements are usually valve assemblies, but can be pumps or motors. Valves are typically closed to isolate equipment, stop raw material feeds, or block steam to turbines. They may also be opened to vent reactors, divert gases to a flare, or perform other actions.

Reliability is obviously crucial for a SIF, as it is typically the last line of defence against a major incident. SIS calculations are used to determine the probability of failure on demand (PFD) – and the sensors, logic solver and final elements are chosen to satisfy the desired level of risk reduction. The probability of failure is driven by the reliability of the device and the frequency of proof testing. If the device is proof tested more frequently, it can be less reliable since a failure will be detected quickly. If proof test intervals are long, then the device must be much more reliable to ensure it will perform when called into service.

Figure 1. Many plants incorporate a safety instrumented system to provide an independent layer of protection against hazards. The system is composed of sensors, a logic solver, and final elements to shut down the process in the event of an issue.

SIS reliability

A SIF’s PFD is determined by calculating the PFDs of each component and adding them together. Historical data suggests the typical contribution of each component is not equal, with final elements usually responsible for over 50% of SIF loop failures (Figure 2).

Sensors are easily made redundant, have more diagnostics, and can usually be tested while the plant is running, so their reliability is quite high. Similarly, logic solvers can easily employ redundancy and diagnostics in their design, and have no moving parts, meaning they rarely fail.

Valves, however, tend to be significantly less reliable. They have constant contact with the process media, usually employ few diagnostics, and are typically only operated in the event of a safety incident. This means that years can elapse without operation. It is also difficult to test valves because, by design, their operation will often shut down the process. For these reasons, plants have a strong incentive to improve the reliability of the final element valves in a SIS and find ways to test valve operation without a plant shutdown.

Figure 2. Research shows that the final elements, typically valves, contribute approximately 50 – 70% of overall safety loop failures. This makes them a prime target for improvement when a plant seeks to extend proof test intervals.

Final element improvement through simplicity

One method to improve overall valve reliability is to make the design as simple as possible. Many safety shutdown valves must stroke fully in a very short time to successfully mitigate the hazard. Most positioners have limited air flow capability, so shutdown valves often use volume boosters. The volume booster accepts the low volume air flow signal from the positioner and amplifies it significantly, providing a 10- to 20-fold decrease in stroke time.

While a volume booster is clearly necessary to meet the stroke time requirements, it can also introduce failures to the shutdown valve assembly since it is one more component that can fail. If the volume booster can be eliminated, the entire assembly will be more reliable.

Recently, high-volume smart positioners with extensive diagnostics have become available. These positioners incorporate a host of design improvements, including multiple diagnostic sensors, and embedded partial stroke test capability – along with high air flow capacity to eliminate the need for a volume booster.

The enhanced diagnostics and simple design can improve PFD ratings, and partial proof testing using the embedded partial stroke test capability can extend full proof test intervals without interrupting the process.

Local trip reset and partial stroke testing

Many process plants and facilities require their operators to field check equipment before a safety valve is reset and returned to service. Most plants also prefer to have a local means to initiate a partial stroke test, and to quickly cancel it if necessary.

This has typically been accomplished by installing an enclosure (often explosion-proof) near the valve, and wiring a series of buttons and indicator lights back to the SIS controller. Such a solution is quite expensive when considering the cost of the enclosure, the lights and buttons, along with expensive SIS input/output (I/O) necessary to drive the lights and accept field commands.

A better solution has become available with the recent introduction of explosion-proof local control panels (LCPs). These types of panels communicate directly with the valve’s diagnostic positioner through a digital data link to perform these same functions. This device is wired in series with the shutdown valve’s analogue signal, with a digital HART signal superimposed. It incorporates buttons and lights to perform local trip – and test and reset functions – and to provide indications of valve position.

Since the LCP communicates with the SIS valve positioner directly, it can obtain valve position status and initiate a partial stroke test without any additional I/O, minimising complexity and cost. If desired, a contact indicating the status of each button can be wired to the SIS to inform it that a stroke test has been initiated, or to allow a local trip or reset of the shutdown valve.

Improving final element reliability

Final element reliability can be further improved if the entire valve is specified as a single engineered assembly. The fully integrated assembly may initially cost more, but since it is designed and tested as an integrated and engineered solution, it provides a significantly improved PFD when compared to the same combination of devices purchased separately. In some cases, the failure rate of the assembly will be reduced by 50%.

The combination of high capacity, high diagnostic positioner, local partial stroke test capability, and certification as an engineered assembly can result in dramatic improvements in final element reliability. This allows process plant and facilities to safely extend outages and perform less frequent proof testing, while still satisfying the reliability requirements of their SIS.

Conclusion

Satisfying high safety integrity level requirements with long proof test intervals can be very challenging, and many plants are searching for ways to safely extend test intervals. SIS final elements offer the opportunity to extend proof test intervals. Devices such as high-volume positioners with extensive diagnostics, local proof test control panels, and engineered SIS valve assemblies can dramatically improve final element performance – while continuing to meet the required level of safety system reliability and protection.

Read the article online at: https://www.hydrocarbonengineering.com/special-reports/17122021/improving-safety-shutdown-valve-reliability/