The Real World Impact of ISA 18.2 on Process Industries Kevin Brown Matrikon Inc.

Agenda
Introduction What is Alarm Management What is a Lack of Alarm Management OH&S & Legislation An Example Plant Incident Demystifying Standards & Guidelines ISA 18.2 Compliance Alarm Management Lifecycle Steps to Compliance Questions

Operators on alert Operator response, alarm standards, protection layers keys to safe plants Intech, September 2009

Kevin Brown - Introduction

Manager North America Alarm Management Team 4.5 years at Matrikon
Completed projects from upgrades to $2.8 MM Audits Alarm Philosophy development Facilitate alarm rationalization

Spent 20 years in plants in process control

Experience with different computer control systems
Bailey, Taylor, Advant, GE, Allen Bradley, Metso, TDC3000

Experience with Historians

Simsci, MOPS, OSI PI

DMZ network design and setup

Matrikon Alarm Management

Matrikon has 20 years experience and is the Global Leader in the deployment of Enterprise Wide Alarm Monitoring Solutions with the worlds leading companies,innovation, safety, commitment to value and high ethical standards

Company Overview
Other R&D 150+ 100+ Consultants 275+

Complete Solution Provider

550 employees 300+ consultants with extensive domain expertise Complete services, from planning to execution

Global Presence

18 offices 17 Partners Strong Presence in Toronto (25 Consultants) TSE: MTK

What is Alarm Management?

Process by which alarms are engineered, monitored, and managed to ensure safe, reliable operations

What is Alarm Management?

What else is Alarm Management? Continuous lifecycle Plant maintenance/reliability Good process control Outcome of a risk assessment Related to equipment failure A form of Enhanced/Advanced Control Abnormal Situation Management It has been widely ignored for a long time

What is a Lack of Alarm Management?

What is a Lack of Alarm Management?

Example: Texas City Oil Refinery 2005. Precursors: - Maintenance cut by 25% - Only one Control Room Operator for the whole plant - Failed level switches - Level transmitter reading incorrectly no alarm - Workers within exclusion zone - Decided against installing safety flares Outcomes: - 15 people killed - Could have spent a couple of $m but ended up costing $1.6b - Oil Refining industry are now relatively proactive in AM
(Ref.) http://www.texascityexplosion.com/

Alarm Management: Its about Safety!

An Example Plant Incident

An Example Plant Incident

Plant is unstable, getting towards end of 12hr shift Tank containing hot material reaches HH level Trip on HH level interlock was disabled to replace the instrument and inadvertently not re-enabled Operator misses the alarm because he/she is overloaded and there is an alarm flood High level safety switches that trip the incoming pump have not been tested for over two years and fail to operate Tank overflows and severely burns worker below

Possible Outcome
Employee Impact Possible Injury Potential Fatality Flow-on Family/Community effects Employer Impact Operational Downtime/Loss of Production Investigation by the relevant authority Expert Witness in Court 1st Question to Employer: Did you comply with an ISA Standards or Internationally accepted Standard? 2nd Question to Employer: Did you follow known, good engineering practice? In recent cases there has been more use of expert witnesses. What would an expert witness say in this case?

Key Features ISA 18.2

Key Features ISA 18.2

Large focus on an Alarm System Lifecycle Clear Alarm System Performance KPIs Section on compliance Alarm Philosophy what must be included Alarm System requirements Specification Identification Rationalization Advanced Methods Less examples are given Complimentary to EEMUA 191

Matrikon & ISA 18.2

Participation
Mike Brown Jeff Gould Michael Marvan Alan Armour

Section Leadership
Operations Maintenance Management of Change

Sub-Committees
Monitoring & Assessment Audit Analysis (Annex)

ISAs Committee Website:

http://www.isa.org/MSTemplate.cfm?MicrositeID=165&CommitteeID=4627

ISA 18.2 Alarm Performance KPIs

Industry Benchmarks: Room to Improve!

ISA Oil & Gas PetroChem Power Other

Average Alarms per Day Standing (stale) Alarms Peak Alarms per 10 Minutes Average Alarms/ 10 Minute Interval Distribution % (Low/Med/High)

144 5 10 1
80/15/5

1200 50 220 6
25/40/35

1500 100 180 9

25/40/35

2000 65 350 8

900 35 180 5

25/40/35 25/40/35

Alarm Management Lifecycle

Alarm Management Lifecycle

Philosophy Identification Rationalization Detailed Design Implementation Operation Maintenance Monitoring & Assessment Management of Change Audit

J A

Philosophy
I B

Identification

Rationalization Management of Change Detailed Design Audit

Implementation

H F

Operation Monitoring & Assessment Maintenance

Entering the Lifecycle

A

- Philosophy
J

Philosophy

Greenfield or Brownfield sites Objectives of the alarm system Design it correctly and keep it there

Identification

Rationalization Management of Change

D

Detailed Design

Audit

Implementation

H F

Operation Monitoring & Assessment

G

Maintenance

Entering the Lifecycle

A

- Monitoring & Assessment

J

Philosophy

I B

Identification

Focus on quantitative analysis to determine gaps Follow Maintenance & MOC paths to resolve

Rationalization
Management of Change
D

Detailed Design

Audit

Implementation

H F

Operation Monitoring & Assessment

G

Maintenance

Audit
J A

Philosophy

I B

Identification

Rationalization Management of Change

D

Design

Audit

Implementation

H F

Operation Monitoring & Assessment

G

Maintenance

ISA 18.2 Compliance

Alarm Management is now a Compliance Issue

Compliance: ANSI / ISA SP18.2
Similar to ANSI/ISA S84.01:
nationally recognized standard qualifies as a nationally recognized standard for safety systems such that OSHA recognizes as recognized and generally accepted engineering practice Not a requirement to meet OSHA 1910.119 PSM requirements but bears substantial weight with regard to implementing safety/alarm systems burden of proof is on the User to demonstrate that they have followed generally accepted engineering practice

ISA 18.2 Compliance.

Section 4.1: Conformance Guidance

To conform to this standard, it must be shown that each of the requirements in the normative clauses has been satisfied.

Section: 4.2 Existing Systems (Grandfathering Clause) For existing alarm systems designed and constructed in accordance with codes, standards, and/or practices prior to the issue of this standard, the owner/operator shall determine that the equipment is designed, maintained, inspected, tested, and operated in a safe manner.

Historical Findings
Industry estimate: $10 Billion per year from abnormal situations Incident costs from $100K-$1 Million per plant per year Refineries suffer a major incident once every three years costing $80M Insurance companies show industry claims >$2.2 Billion per year due to equipment damage (North America)

ASM Consortium Findings

Personal Observations.

Many process plants in North America are not doing enough Alarms form part of your plants layer of protection There will be more prosecutions for OH&S breaches

What Steps Can You Take?

Senior Management Sponsorship Purchase ISA 18.02 Undertake an audit of your alarm system. Minimum do Monitoring and Assessment Prepare a Philosophy Document and then Functional Specifications Prepare a Strategic Plan Just Do it

Questions?