The Real World Impact of ISA 18.2
on Process Industries
Kevin Brown
Matrikon Inc.
Agenda
•
•
•
•
•
•
•
•
•
•
Introduction
What is Alarm Management
What is a Lack of Alarm Management
OH&S & Legislation
An Example Plant Incident
Demystifying Standards & Guidelines
ISA 18.2 Compliance
Alarm Management Lifecycle
Steps to Compliance
Questions
Operators on alert
Operator response, alarm
standards, protection layers
keys to safe plants
Intech, September 2009
Kevin Brown - Introduction
• Manager – North America Alarm Management Team
• 4.5 years at Matrikon
–
–
–
–
Completed projects from upgrades to $2.8 MM
Audits
Alarm Philosophy development
Facilitate alarm rationalization
• Spent 20 years in plants in process control
– Experience with different computer control systems
– Bailey, Taylor, Advant, GE, Allen Bradley, Metso, TDC3000
– Experience with Historians
– Simsci, MOPS, OSI PI
– DMZ network design and setup
Matrikon Alarm Management
Matrikon has 20 years experience and is the Global Leader in the deployment of
Enterprise Wide Alarm Monitoring Solutions with the world’s leading
companies,…innovation, safety, commitment to
value and high ethical standards
Company Overview
Complete
Solution
Provider
Global
Presence
• 550 employees
• 300+ consultants with
extensive domain
expertise
• Complete services, from
planning to execution
•
•
•
•
18 offices
17 Partners
Strong Presence in
Toronto (25 Consultants)
TSE: MTK
Other
R&D
150+
100+
Consultants
275+
What is Alarm Management?
“Process by which alarms are engineered,
monitored, and managed to ensure safe, reliable
operations”
What is Alarm Management?
What else is Alarm Management?
•
•
•
•
•
•
•
•
Continuous lifecycle
Plant maintenance/reliability
Good process control
Outcome of a risk assessment
Related to equipment failure
A form of Enhanced/Advanced Control
Abnormal Situation Management
It has been “widely ignored” for a long time
What is a Lack of Alarm
Management?
What is a Lack of Alarm Management?
Example: Texas City Oil Refinery 2005.
Precursors:
- Maintenance cut by 25%
- Only one Control Room Operator for the whole plant
- Failed level switches
- Level transmitter reading incorrectly – no alarm
- Workers within exclusion zone
- Decided against installing safety flares
Outcomes:
- 15 people killed
- Could have spent a couple of $m but ended up costing $1.6b
- Oil Refining industry are now relatively proactive in AM
(Ref.) http://www.texascityexplosion.com/
Alarm Management: It’s about Safety!
An Example Plant Incident
An Example Plant Incident
• Plant is unstable, getting towards end of 12hr shift
• Tank containing hot material reaches HH level
• Trip on HH level interlock was disabled to replace the instrument and
inadvertently not re-enabled
• Operator misses the alarm because he/she is overloaded and there is an alarm
flood
• High level safety switches that trip the incoming pump have not been tested for
over two years and fail to operate
• Tank overflows and severely burns worker below
Possible Outcome
Employee Impact
• Possible Injury
• Potential Fatality
• Flow-on Family/Community effects
Employer Impact
• Operational Downtime/Loss of Production
• Investigation by the relevant authority
• Expert Witness in Court
• 1st Question to Employer: “Did you comply with an ISA Standards or Internationally
accepted Standard”?
• 2nd Question to Employer: “Did you follow known, good engineering practice”?
In recent cases there has been more use of expert witnesses. What would
an expert witness say in this case?
Key Features ISA 18.2
Key Features – ISA 18.2
•
•
•
•
•
•
•
•
•
•
Large focus on an Alarm System Lifecycle
Clear Alarm System Performance KPIs
Section on compliance
Alarm Philosophy – what must be included
Alarm System requirements Specification
Identification
Rationalization
Advanced Methods
Less examples are given
Complimentary to EEMUA 191
Matrikon & ISA 18.2
• Participation
–
–
–
–
Mike Brown
Jeff Gould
Michael Marvan
Alan Armour
• Section Leadership
– Operations
– Maintenance
– Management of Change
• Sub-Committees
– Monitoring & Assessment
– Audit
– Analysis (Annex)
• ISA’s Committee Website:
http://www.isa.org/MSTemplate.cfm?MicrositeID=165&CommitteeID=4627
ISA 18.2 Alarm Performance KPIs
Industry Benchmarks: Room to Improve!
ISA
Oil & Gas
PetroChem
Power
Other
Average Alarms
per Day
144
1200
1500
2000
900
Standing (stale)
Alarms
5
50
100
65
35
Peak Alarms
per 10 Minutes
10
220
180
350
180
1
6
9
8
5
80/15/5
25/40/35
25/40/35
Average Alarms/
10 Minute Interval
Distribution %
(Low/Med/High)
25/40/35 25/40/35
Alarm Management Lifecycle
Alarm Management Lifecycle
•
•
•
•
•
•
•
•
•
•
Philosophy
Identification
Rationalization
Detailed Design
Implementation
Operation
Maintenance
Monitoring & Assessment
Management of Change
Audit
J
A
Philosophy
I
B
Identification
C
Rationalization
Management
of Change
D
Detailed Design
Audit
E
Implementation
H
F
Operation
Monitoring &
Assessment
G
Maintenance
Entering the Lifecycle
- Philosophy
J
A
Philosophy
I
• Greenfield or
Brownfield sites
• Objectives of the
alarm system
• Design it correctly
and keep it there
B
Identification
C
Rationalization
Management
of Change
D
Audit
Detailed Design
E
Implementation
H
F
Operation
Monitoring &
Assessment
G
Maintenance
- Monitoring &
Assessment
Entering the Lifecycle
J
A
Philosophy
I
B
Identification
• Focus on
quantitative analysis
to determine gaps
• Follow
Maintenance & MOC
paths to resolve
C
Rationalization
Management
of Change
D
Audit
Detailed Design
E
Implementation
H
F
Operation
Monitoring &
Assessment
G
Maintenance
Audit
J
A
Philosophy
I
B
Identification
C
Rationalization
Management
of Change
D
Audit
Design
E
Implementation
H
F
Operation
Monitoring &
Assessment
G
Maintenance
ISA 18.2 Compliance
Alarm Management is now a Compliance Issue
• Compliance: ANSI / ISA SP18.2
– Similar to ANSI/ISA S84.01:
– nationally recognized standard
– qualifies as a nationally recognized standard for safety systems such that
OSHA recognizes as “recognized and generally accepted engineering
practice”
– Not a requirement to meet OSHA 1910.119 PSM requirements but bears
substantial weight with regard to implementing safety/alarm systems
– burden of proof is on the User to demonstrate that they have followed
generally accepted engineering practice
ISA 18.2 Compliance.
•
Section 4.1: Conformance Guidance
To conform to this standard, it must be shown that each of the requirements in the normative
clauses has been satisfied.
•
Section: 4.2 Existing Systems (Grandfathering Clause)
For existing alarm systems designed and constructed in accordance with codes,
standards, and/or practices prior to the issue of this standard, the owner/operator
shall determine that the equipment is designed, maintained, inspected, tested, and
operated in a safe manner.
Historical Findings
• Industry estimate: $10 Billion per year from abnormal
situations
• Incident costs from $100K-$1 Million per plant per year
• Refineries suffer a major incident once every three years
costing $80M
• Insurance companies show industry claims >$2.2 Billion
per year due to equipment damage (North America)
ASM Consortium Findings
Personal Observations.
• Many process plants in North America are not doing
enough
• Alarms form part of your plant’s layer of protection
• There will be more prosecutions for OH&S breaches
What Steps Can You Take?
• Senior Management Sponsorship
• Purchase ISA 18.02
• Undertake an audit of your alarm system. Minimum do
Monitoring and Assessment
• Prepare a Philosophy Document and then Functional
Specifications
• Prepare a Strategic Plan
• Just Do it
Questions?