Introduction
Safety is addressed in the first control objective, and some control decisions, such as controlling the pressure in the flash process, have been made to satisfy safety requirements. However, special control system features are required, because of the importance of this objective. These features are often implemented in multiple layers.
Basic Process Control System (BPCS)
The first layer involves the basic process control approaches discussed in prior sections, which employ standard sensors, final elements, and feedback control algorithms. This first layer maintains the process variables in a safe operating region through smooth adjustment of manipulated variables; this action does not interfere with, but rather usually enhances, the profitable production of high-quality material. However, the basic control system relies on sensors, signal transmission, computing, and final elements, which occasionally fail to function properly. In
addition, the process equipment, such as pumps, can fail. Even if all elements are functioning properly, the control system may not maintain the system in the safe region in response to all disturbances; for example, a very large disturbance could cause a deviation of key variables into an unacceptable region.The basic process control layer can employ standard techniques to improve its response to a fault.
Alarms
The second layer involves alarms, which start automatically when the variables exceed their specified limits. These alarms do not imply any automatic action in the process; its sole purpose is to draw the attention of the process operator to a specific variable and unit of process. The person must review the available data and implement the required actions. A great advantage of involving operators is their ability to collect data that is not available to the computer. For example, an operator can determine the values of the instruments that show values locally and can verify the reliability of some sensors as part of the diagnosis. The operator usually takes measures through the process control system; these actions could include placing a driver in manual state and adjusting the manipulated variable to a new value.
An alarm is shown on a process drawing with a three-letter identification; the second letter is “A” to designate alarm and the third letter is either L (low) or H (high). For example, PAH indicates an alarm when the pressure measurement exceeds its high limiting value. The alarm is usually annunciated by activating a visual indicator (e.g., a blinking light) and an audio signal, beeping horn. These signals continue until the operator acknowledges the alarm; thereafter, the visual indicator remains active (e.g., a nonblinking light) until the variable returns within its acceptable limits. The
blinking light indicates the variable involved, its current value, its alarm priority, and whether the variable has exceeded its high or low limit. Alarms can be arranged into three levels, depending on the severity of the potential consequences of the process fault or upset:
LEVEL 1 (HIGH). These alarms are designed to indicate conditions requiring prompt operator action to prevent hazards or equipment damage. Special colour and visual displays and a distinct audio tone should be used to alert the operator.
Examples of level 1 alarms are high pressure in a reactor; low water level in a boiler; and activation of a safety interlock system that has stopped operation of some processes (see next topic).
LEVEL 2 (MEDIUM). These alarms are designed to indicate conditions requiring close monitoring and operator action to prevent loss of production or other costly (but nonhazardous) situations. The operator typically has some time to an analyze the alarm, along with other measurements, and make corrections that can maintain the process in an acceptable region of operation. These alarms should be annunciated in the same general manner as the level 1 alarms, although with distinct colors and tones.
LEVEL 3 (LOW). These alarms identify conditions that are not critical to the operation of the process and require no immediate action by the operator. These can be entered directly into a database for occasional review by the operators and engineers. These alarms should not be annunciated.
Safety Interlock System (SIS)
The third layer involves automatic feedback control for situations when process variables approach “hard” constraints that should not be exceeded; these could cause injury to people or the environment or damage to expensive equipment.
Because of the importance of preventing such situations, the actions taken are extreme and disrupt the process operation; usually, they stop all or part of the process operation by immediately closing (or opening) key valves to move the process to a safe condition. These control systems are termed safety interlock systems (SIS) or emergency shutdown systems (ESS).
The manner in which a safety interlock system is shown on a process drawing depends on the complexity of the logic. If only one measurement is compared with its low or high limit, a two-letter designation is used, with the second letter being “S” for switch; for example, LS is a switch that changes state based on a level measurement. If the logic is complex, perhaps using many sensors, all measured signals are connected to an “SIS” symbol, and the SIS is connected via signal lines to all manipulated valves (or motors, etc.). Separate documentation is required for
the more complex SIS systems.
Also read
SIS (safety instrumented system) basics
Safety Valves
The fourth layer involves feedback systems that are self-actuating, that is, which do not require electrical, pneumatic, or hydraulic power sources and have no significant distance of signal transmission. These features contribute to very high reliability. The major application at this layer is the safety valve, which is a valve normally held closed by a spring. When the pressure reaches the preset limit, the force due to the process pressure is high enough to overcome the force of the spring, and the valve begins to open. When the process pressure decreases, the safety valve is designed to close. The engineer must be sure that the material flowing through the safety valve can be either (1) released to the environment safely (e.g., steam), (2) processed to eliminate hazards (e.g., combusting hydrocarbons), or (3) retained in a containment vessel for later processing (e.g., wastewater storage and nuclear
plant containment building). These layers should be carefully designed, properly installed, and meticulously maintained.
Types of pressure relief valves
what are pressure relief valves?
