DCS System Function Testing and Safety Evaluation

Liu Na1

Tu Jingjing2

(Beijing Institute of Petrochemical Technology, Beijing 102617,China)

(China Power Engineering Consulting(Group) Technology Development Co.,LTD., Beijing 100088,China)

in

and national government to formulate industrial policy, but

petrochemical, electric, metallurgical and other industries, and

also the human pursuing ideal state in social production and

plays an important role for the stability, safety and reliable

lifecycle. Chemical industry, the petrochemical industry as

operation of the industrial production process. How to do a

one of the pillar industries in the national economy, is the

Abstract-DCS

System

has

been

widely

applied

correct evaluation to the functions, performance, reliability and

important material basis of the economic, social development.

safety of the DCS system, is basis and foundation to ensure the

However, the safety production situation of chemical

safety and reliable operation of the DSC system. This paper

industry,petrochemical industry still is not optimistic, various

mainly analyzed and discussed the DCS system function and

sizes accidents happens occasionally. Therefore, in adherence

safety evaluation . The safety evaluation in chemical and

to Safety first, Prevention central production principle,

petrochemical industries of the DCS system operation sectors,

under such premise, establishing and improving safety legal

belongs to the safety integrated evaluation of the status quo.And

system, and adapting socialist market economy conditions of

providing the main contents, the safety evaluation methods and

the new security management system, and strengthen the

the principles of choice.

safety production management, is very important. Safety

Key words-DCS system; system security; function; safety evaluation

evaluation is the key technology in the safety management, to

strengthen security evaluation techniques and methods of

I. INTRODUCTION

research, to improve and strengthen risk prevention measures,

From the perspective of the automatic control technology

to enhance the capacity of replying and handling disaster

development, DCS system, as an important reflection of the

situations, to improve production safety and minimize the

automation application level, has been widely used in Chinas

occurrence of accidents in particular the occurrence of major

chemical

equipments.

accidents, those are both chemical, petrochemical industry

Through the DCS system application, improved device

development necessity trend, but also are the urgent

control accuracy and smooth degree, and optimized the

requirement to resolve the current chemical industry,

technical indicators, so that sends the equipment management

petrochemical industry safety problems.

industry,

petrochemical

industry

to a new level. Nevertheless, under the control of the DCS,

At present, settling process safety problems of the DCS

the malfunction and accidents of the petrochemical process

system in chemical industry, petrochemical industry mostly

still occur from time to time. Because of the DCS system

adopt administrative means, but the studies of evaluation

inherent characteristics and the more stringent environmental

technology and method exist some problems, lacking of

requirements, certainly will determine their malfunctions

properly targeted, high reliability and easy operating

would not be so simple. For example, if communication

evaluation methods. With the rapid development of the

failures, power failures,cable faults occurred, may have an

modern applied mathematics, information science, artificial

impact on local equipments,part settings even the operation

intelligence, neural networks and other cross-disciplinary

safety of the entire system.

knowledge, domestic and foreign scholars have made

Safety,health,environmental protection is the starting

considerable progress on the study and application of the

point of the worlds economic,social development objectives

safety evaluation, there are theoretical and technical

978-1-4244-1718-6/08/$25.00 2008 IEEE

Pg 1348

foundation to establish safety evaluation model and methods.

are divided into direct control layer, operation control layer,

Therefore, to do dynamic analysis for the existing DCS

production management and decision-making management.

system safe situation, and do a scientific and accurate forecast

for its security, is an important scientific and technological

(1)The direct control layer of the site installation

management level (process control level)

research for the process safety in chemical and petrochemical

In this layer, process control computers directly connect

industry, and is also the must resolving problem of the safe

with the various scene devices to implement monitoring and

production.

measuring, control, but also upwards connect with second

II.

layer computers to accept upper management information,

DCS SYSTEM ARCHITECTURE

and to transfer the device characteristic data and the collecting

2.1 DCS basic structure

real data. Its main functions are: carry through collection of

A basic DCS system includes four major components: site

the process data, carry through process control of the direct

control station, operator station, engineer station (which can

numbers, carry through devices monitoring and measuring,

also use an operator station as an engineer station), a system

carry through system test and diagnosis, and implement

network. A typical DCS architecture is as shown in figure one,

measures on security and redundancy.

it shows the major components and connection relations

(2) Process management level (operation monitor layer)

between various parts.

The process management computers in this layer mainly

In addition to these four basic components, the DCS may

contain monitor computers, operation stations, engineer

also include certain stations of completing special function,

stations. It integrated monitors all information of process

the information network of extending production management

stations, centralized displays operation, control circuits

and information processing, and digital field bus network of

configuration and parameter modification, optimizes process

achieving local instruments, implement agencies.

treatment and etc. Its main functions embody in: optimizing

process control, adapting loop control, optimizing various
modules within the device to let them coordinate closely, and
through obtaining the real-time data of direct control to
monitor activities within the modules and archive fault
monitoring, historical data, make status reports and backup.
(3) Production management (Production management
level)
The management computers in this level harmonize
parameter enactment of various module-level according to the
characters of the various components of productions, they are
the coordinators and controllers of the product.
(4) Decision-making management(overall management of
the factory and operation management)
This level is upon the central computers, and connects
together

with

office

automation,

shoulders

overall

coordination management, including various types of business

Figure 1 Basic constitute of the DCS system

activities and personnel management.

2.2 The layered architecture of the DCS system

. DCS SYSTEM TESTING AND SAFETY REQUIREMENT

The function stratified hierarchy structure of DCS system

fully reflects its design ideas of decentralized control and

3.1 DCS System Evaluation

centralized management, from the bottom up the DCS system

Pg 1349

Carrying through system safety evaluation based on

measurement and control of the DCS system, needs roundly

DCS system test include: function test and performance test.

integrated assess the system or a class of mission-related of all

On the basis of meeting the testing conditions, should

kinds of system characteristic. This ability of confirming the

according to the test regulations to finish all the tests of

system accomplish certain mission is known as system

functions and performances of the DCS system. Performance

evaluation. The system evaluation is always linked with

tests mainly include: SFT (redundancy) capabilities, power

certain mission, and wishing get kinds of data for evaluation,

supply system switching functions, module maintainability,

so

system

system reset capacity, system reserve capacity, input-output

mission-related and general assess, which is so-called

connect rate and intact rate, system real-time nature, system

characteristic evaluation. Systematic character evaluation is

components load, anti-jamming capability test and etc.

enduing system characteristic to qualitative explain and/or

3.4 DCS system security requirements

that

needs

kinds

of

characteristics

of

quantitative indicators.

The security of the DCS system includes three aspects:

Function and performance are the main character of the

function security, life security and information security.

DCS system. Function is that the output of the system for the

(1) Function security indicates that system exactly responds

specific purpose. Performance is that a kind of ability of the

input, consequently, correctly output control capabilities. In

system to realize its capacity. For example: PID control is

the traditional industrial control system, safety usually

indicating a kind of function of control system; and among the

indicates function security. For example, in the interlock

SFT (redundancy) capabilities, such as fault-tolerance

system or the protection system, safety is the key indicator,

capacity abilities of keyboard operation, indicates a kind of

and its safety also means the function security. The control

performance of the system, it indicates a kind of capability

system of the poor function security, the aftereffect is not only

that when system operates any key without a definition in key

the economic losses of the system downtime, but also leading

boards of system operator stations, the system shall not wrong

to the damage of the equipment, environment pollution and

or out of usage.

even personal injury.

3.2 DCS basic functions

(2) Life security indicates that during the process of the

The basic functions of the DCS system are as follows:

normal use and operation, will not directly lead to personal

(1)Data acquisition and control functions.

injury. For example, the badness import of power system

(2)DCS human-computer screen display functions: process

grounding may result in undesirable electrical injury, that is

flow chart showing, trend showing, alarm monitoring, form

belongs to the must considering problem of the design of the

showing, log showing, variable lists, control operation screens

equipment personal safety. Usually each country will issue

and etc.

compelling standard criterions to equipments may lead to

(3)The alarm monitoring functions include technical alarms

personal injury on some occasion, the productions should

and DCS equipment failure: technical alarms include

satisfy these compelling normative requirements before

stimulant capacity parameters alarms, switch capacity status

manufacture and sale, and by the third party organization to

alarms and interior calculate alarms; DCS equipment failure

implement attestation, which is usually referred to the safety

refers to the DCS itself hardware and software faults and

criterion attestation, for short safety certification.

communication links in fault.

(3) Information security indicates the integrality of the data

(4)Log (incident) management functions.

information, availability and confidentiality. Information

(5)Incidents recall functions.

security issues will generally result in serious economic losses,

(6)Events sequence record functions.

or pose a threat to the countrys public safety.

(7)Secondary senior computing functions.

. DCS SYSTEM SECURITY EVALUATION

(8)Remote operate and control functions.

(9)Real-time database functions and etc.

4.1 The purpose and significance of the security evaluation

In the Safety Evaluation General Clauses, do the

3.3 DCS System Test

Pg 1350

specific stipulation of the safety evaluation definition, namely:

Safety checking and accepting evaluation is after the

the purpose of the safety evaluation is to realize the project

complete of the construction project, the testing operation

and system security, applying safety system engineering

comes into normal, through safety evaluation to the actual

principles and methods, to identify and analysis the dangerous

operation and management status of the establishments,

and harmful factors in the project and system, judging the

equipments, settings in constructing project, looks up the

accidents happened in the project and system and the

dangerous, harmful factors in this constructing project after it

possibility and its severity degree of the occupation harm,

puts into production, ensures that degree and puts forward

thereby can afford scientific basis for establishing preventive

reasonable and feasible safety countermeasures and suggests.

measures and make management decisions.

Safety status integrated evaluation is to do safety

Namely, safety evaluation is objective to be achieved in

the following four aspects:

evaluation against the safety status quo of a production

management unit or part production management active,

(1)Promote intrinsically safe production.

looks for the existent dangerous, harmful factors and

(2)Achieve security control of the entire process.

determining their level, puts forward reasonable and feasible

(3)Establish the most optimal project of the system safety,

safety countermeasures and suggests.

to provide a basis for decision-makers.

Special safety evaluation is to do safety evaluation against

(4)Create conditions for the standardization and scientific

of realizing security technology, security management.

certain activity or place, and a specific industry, product,

production methods, production techniques or production

The signification of security evaluation is to effectively

equipments and etc, looks for the existent dangerous, harmful

prevent accidents, reduce property losses and casualties and

factors and determining their level, puts forward reasonable

damage. Safety evaluation is different from the ordinary

and feasible safety countermeasures and suggests.

safety management and safety supervision work, safety

4.2.2 The main contents of the DCS system security

evaluation is starting off from the negative effect brought by

evaluation

technique, and analyzes, demonstrates and evaluates the

The safety evaluation in chemical and petrochemical

resulting losses and the possibility of injury, the incidence, the

industries of the DCS system operation sectors, belongs to the

severity grade and the countermeasures should adopt.

safety integrated evaluation of the status quo. The main

4.2 DCS system comprehensive assessment of security

contents include:

situation

(1)Collecting and evaluating the information required,

4.2.1 The classification of the safety evaluation

adopting appropriate methods to carry through identification

According to the purpose of the project, system life cycle

of the dangerous, harmful factors.

and evaluation, safety evaluation can be divided into safety

(2)For accidents and hidden troubles that may cause

pre-evaluation, safety checking and accepting evaluation,

graveness results, adopting scientific and reasonable safety

safety status integrated evaluation, special safety evaluation.

evaluation methods to establish corresponding mathematical

Safety pre-evaluation is based on feasibility study stage of

model to do accident simulation, forecasting the impact of the

construction project, according to the relevant basis

accident, the biggest losses in the extreme circumstances, as

information, identifies and analyses possible dangerous and

well as the possibility and probability of incidents, giving

harmful factors of this construction project, and ensures the

quantitative security situation parameter values.

conformity with the safety production laws and regulations,

(3)For the occurred accidents and hidden troubles,

standards, administrative regulations, criterion, forecasts the

according to the quantitative security situation parameter

possibility and severity grade of occurring accidents or

values, conduct rectification of the optimization taxis.

causing vocation harms, puts forward scientific, reasonable,

(4)

Put

forward

safety

countermeasures

and

feasible safety countermeasures and suggests, and makes

recommendations, and accomplish safety evaluation report of

conclusions of the safety evaluation activities.

the status quo.

Pg 1351

4.3 Safety evaluation methods and the principles of choice

system for petrochemical industry.SH/T 3092-1999

Safety evaluation method is that through scientific

[2]Industry Criterion of China.Code for the design of distributed control

methods, finding out the dangerous, harmful factors of the

system.HG/T 20573-95

main body evaluated and its dangerous, harmful degree,

[3]Zhang jing-fang.Prevention and control of dangerous points in substations

carrying through the method of analysis and evaluation. For

utilizing health,safety and environment management system .Guangdong

getting good effect in the safety evaluation, making a

electric power. 2007,Vol.20 No. pp.74 -76

reasonable choice of security evaluation method is very

important.
The choice of the safety evaluation method should follow
the principles of the sufficiency, adaptability, systemic,
pertinence and rationality. Sufficiency means that, before
making a choice of the safety evaluation methods, should get
ready plenary information, to supply as reference and use
when making a choice; adaptability means that the safety
evaluation methods which been chosen should adapt the
system which been evaluated; systemic means that the
credible safety evaluation results which get through safety
evaluation method, must establish upon the truth, reasonable
and systematic basic data, and the evaluated system should be
able to provide the necessary systematic data and information;
pertinence means that the chosen method of safety evaluation
should be able to provide the required results; rationality
means that, under the premise of satisfying the purpose of
safety evaluation and being able to

provide the required

safety evaluation results, should choose the simplest

calculation process, the least basic data required and the most
easily accessible safety evaluation method, so that the
workload of safety evaluation and the obtaining results of
evaluation are all reasonable, and not let safety evaluation
appear useless work and unnecessary troubles.
.

CONCLUSIONS

To create good economic and social benefits of the

enterprise, meanwhile reducing labor intensity, improving
product quality, we must strengthen the process management
of the DCS system security in the chemical and petrochemical
industry, to achieve the process dynamic security evaluation,
so that will establish the safety management on the scientific,
systematic, comprehensive evaluation theory, with a view to
achieving essence security.
REFERENCES
[1]Industry Criterion of China.Code for the design of distributed control

Pg 1352