Presentation is loading. Please wait.

Presentation is loading. Please wait.

Asher Etkin DOE Accelerator Safety Workshop August 18 - 20, 2009 DRAFT DOE STANDARD APPLICATION OF SAFETY INSTRUMENTED SYSTEMS USED AT DOE NON-REACTOR.

Published byAgnes Simpson Modified over 9 years ago

Similar presentations

Presentation on theme: "Asher Etkin DOE Accelerator Safety Workshop August 18 - 20, 2009 DRAFT DOE STANDARD APPLICATION OF SAFETY INSTRUMENTED SYSTEMS USED AT DOE NON-REACTOR."— Presentation transcript:

1 Asher Etkin DOE Accelerator Safety Workshop August 18 - 20, 2009 DRAFT DOE STANDARD APPLICATION OF SAFETY INSTRUMENTED SYSTEMS USED AT DOE NON-REACTOR NUCLEAR FACILITIES

2 22 INTRODUCTION  “Safety Instrumented Systems (SIS) that include both analog and digital control systems are.. used in the U. S. Department of Energy’s (DOE) non-reactor nuclear facilities for various safety controls”  “Therefore, DOE recognizes a need for establishing a Standard that defines practices to be applied for SISs used in safety class and safety significant non reactor nuclear applications.”  At the request of the Defense Nuclear Facility Safety Board Pranab Guha of HS-21 established a working group to develop such a Standard for SISs.  “DOE technical standards, such as this, do not establish requirements.”  “This Standard provides guidance for developing requirements for design, procurement, installation, testing, maintenance, operation, and quality to be applied for Safety Class (SC) and Safety Significant (SS) Safety Instrumented Systems (SIS) used in safety applications in the Department’s non-reactor nuclear facilities.”

3 3 OVERVIEW  The standard discusses design and life cycle requirements primarily for safety significant systems. The discussion is a high level introduction to the subject, that is dealt with more fully in consensus standards developed by national and international bodies. They are:  ANSI/ISA 84.00.01-2004 (IEC 61511 Mod), Functional Safety: Safety Instrumented Systems for the Process Industry Sector – Parts 1, 2, and 3 and the Technical reports in the ISA TR84.00.xx series. 3

4 4  IEC 61511, Functional Safety – Safety Instrumented Systems for the Process Industry Sector – Parts 1, 2, and 3 (this international standard and ANSI/ISA 84.00.01-2004 are compatible)  IEC 61508, Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems (Standard primarily applicable to vendor manufactured products)  And DOE orders and standards applicable to nuclear facilities.  Uses the requirements of ANSI/ISA 84.00.01-2004 Part 1 4

5 5 Step 1– Develop overall safety requirements (concept, scope definition, perform hazard and risk assessment) Step 2 – Allocate safety requirements to safety instrumented functions Step 3 – Design SIS Design Safety Instrumented Systems Step 4 – Testing, Installation, Commissioning and Safety Validation of integrated safety instrumented systems Step 5 – Operation and Maintenance, Modification and Retrofit, Decommissioning or Disposal phases of safety instrumented systems Figure 4.1-1: Life-Cycle Steps for Safety Instrumented Systems Design Safety Instrumented System Software

6 6 SIL Level and Performance Ranges for On Demand Mode SIL Level Designatio n Probability of Failure On Demand PFD(average) Risk Reduction Factor (RRF) SIL-1< 10 -1 to ≥ 10 -2 PFDavg > 10 to ≤ 100 RRF SIL-2< 10 -2 to ≥ 10 -3 PFDavg > 100 to ≤ 1000 RRF SIL-3< 10 -3 to ≥ 10 -4 PFDavg > 1000 to ≤ 10,000 RRF SIL-4< 10 -4 to ≥ 10 -5 PFDavg> 10,000 to ≤ 100,000 RRF

7 7 Application Safety Software for Instrumentation and Control Systems  The safety software should be designed to support the following.  Isolation — Critical components are separated from each other in a manner to preclude undefined interactions.  Independence — Independent hardware inputs are directed to independent software modules.  Inoperability — Abnormal conditions cause a component to become inoperable in a safe, predictable manner and before any isolation features are compromised.  Incompatibility — Components in different parts of the system cannot operate together in a satisfactory manner. To avoid incompatibility, consider that sensors, a logic device (such as a processor), and control devices may have embedded software that needs to be integrated in a networked system. The acceptability of the integration needs to be validated.

8 8 Software Quality Assurance Requirements Crosswalk With Industry Standards  Software Project Management and Quality Planning  Software Risk Management  Software Configuration Management  Software Procurement and Supplier Management  Software Requirements Identification and Management  Software Design and Implementation  Software Safety  Verification and Validation  Software Problem Reporting and Corrective Management  Training of personnel in the design, development, use and evaluation of safety software

9 9 Human Factors Engineering (HFE)  Application of HFE  HFE practices and principles need to be factored into each stage of the SIS development and design process, including planning, analysis, requirements and design, installation, and testing. Improvements for human performance concerns may continue throughout the operation and maintenance phases of the SIS life-cycle.  Human Factors Standards and Guidance Documents for each part of the life-cycle

10 10  DOE Procurement Requirements  Management Process  Personnel Competency  Maintenance

11 11 SIS DESIGN REQUIREMENTS  Safety Significant (SS) Safety Instrumented Systems (SIS)  Design  SS SIS Designed as a Defense-In-Depth (DID) Function  Setpoints  Commercial Grade Dedication  Safety Significant Power  SS Functions Not Covered By ANSI/ISA 84.00.01, Part 1 - 1.Evacuation alarms (e.g. nuclear incident monitors (NIM), fire alarms, and public address systems) - 2.Fire protection/detection systems - 3.Instruments whose sole function is to monitor initial conditions for process startup

12 12  Safety Class (SC) Safety Instrumented Systems (SIS) Design Requirements  Code of Record Guidance  Appendix A: Safety Integrity Level Determination Methodology  Appendix B: Safety Integrity Level (SIL) Verification Guidance  Appendix C: Illustration of an SIL Determination and SIL Verification Calculation

13 13 Conclusions  There is a lot of useful material in this standard.  There is also a significant amount of material that is directed at nuclear facilities and would be a source of confusion for accelerators.  For the accelerator community to benefit from this standard the useful material should be incorporated into a guidance document

14 14 PLC Code Management Software  Reviewing FactoryTalk AssetCentre and Proficy Change Management products  FactoryTalk AssetCentre is supplied by Rockwell Software the supplier of the software for the PLC’s used in our Particle Accelerator Safety System

15 GuardLogix and FactoryTalk AssetCentre Change Management RSLogix 5000 provides standard functionality PREVENTION CONTROL ACCOUNTABILITY DETECTION RECONCILIATION PREVENTION CONTROL ACCOUNTABILITY DETECTION RECONCILIATION VALUE REACTIVE PROACTIVE Archive Audit Verification Reporting Access Control Authentication –Archive –Audit Safety specific audit trail additions: –Safety Task Lock/Unlock –Safety Lock Password Changed –Safety Unlock Password Changed –Safety Signature Create/Delete –Tag Mapping Added/Deleted/Modified –GLX Serial Number Match Project Enable/Disable –Clear Safety Task Fault Log –Verification/Recovery –Reporting

Download ppt "Asher Etkin DOE Accelerator Safety Workshop August 18 - 20, 2009 DRAFT DOE STANDARD APPLICATION OF SAFETY INSTRUMENTED SYSTEMS USED AT DOE NON-REACTOR."

Similar presentations

PRINCIPLES OF A CALIBRATION MANAGEMENT SYSTEM

PRINCIPLES OF A CALIBRATION MANAGEMENT SYSTEM
Course: e-Governance Project Lifecycle Day 1

Course: e-Governance Project Lifecycle Day 1
Safety Software QA at BNL’s Collider-Accelerator Department (C-AD) Accelerator Safety Workshop E. Lessard Collider-Accelerator Department August 12-14,

Safety Software QA at BNL’s Collider-Accelerator Department (C-AD) Accelerator Safety Workshop E. Lessard Collider-Accelerator Department August 12-14,
ANSI/ASQ E Overview Gary L. Johnson U.S. EPA

ANSI/ASQ E Overview Gary L. Johnson U.S. EPA
1 Safety Instrumented Systems ANGELA E. SUMMERS, PH.D., P.E. SIS-TECH Solutions, LLC We’re Proven-in-Use.

1 Safety Instrumented Systems ANGELA E. SUMMERS, PH.D., P.E. SIS-TECH Solutions, LLC We’re Proven-in-Use.
International Energy Agency Hydrogen Implementing Agreement Proposed Task on Hydrogen Safety.

International Energy Agency Hydrogen Implementing Agreement Proposed Task on Hydrogen Safety.
Define & Compare Flowcharts of Each Method Tom Delong.

Define & Compare Flowcharts of Each Method Tom Delong.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Security Controls – What Works

Security Controls – What Works
Functional Safety Overview

Functional Safety Overview
1 Certification Chapter 14, Storey. 2 Topics  What is certification?  Various forms of certification  The process of system certification (the planning.

1 Certification Chapter 14, Storey. 2 Topics  What is certification?  Various forms of certification  The process of system certification (the planning.
SWE Introduction to Software Engineering

SWE Introduction to Software Engineering
Software life cycle processes Purpose n A new international standard (ISO/IEC 12207:1995(E) that –establishes a common framework for software life cycle.

Software life cycle processes Purpose n A new international standard (ISO/IEC 12207:1995(E) that –establishes a common framework for software life cycle.
Software Verification and Validation (V&V) By Roger U. Fujii Presented by Donovan Faustino.

Software Verification and Validation (V&V) By Roger U. Fujii Presented by Donovan Faustino.
Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.

Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.
Oconee RPS/ESPS Digital Upgrade Presented by: Michael Bailey June 3, 2013 1.

Oconee RPS/ESPS Digital Upgrade Presented by: Michael Bailey June 3,
Configuration Management, Logistics, and Universal CM Issues Larry Bauer Boeing Commercial Airplanes NDIA Conference Miami March 4-5, 2005

Configuration Management, Logistics, and Universal CM Issues Larry Bauer Boeing Commercial Airplanes NDIA Conference Miami March 4-5, 2005
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Introduction to Software Quality Assurance (SQA)

Introduction to Software Quality Assurance (SQA)
© Palaniappan R Kannan PMP.,CFSE 1 IEC 61508 Standard – What is it? IEC 61508 is a Standard for the functional safety of Electric / Electronic / Programmable.

© Palaniappan R Kannan PMP.,CFSE 1 IEC Standard – What is it? IEC is a Standard for the functional safety of Electric / Electronic / Programmable.

Similar presentations

Ads by Google