The design of hydrocarbon gas detection systems using risk analysis methods is drawing a lot of attention because industry experts have come to a consensus that design codes used in traditional gas detection system design work are not sufficient for open-door process areas having serious hazards, such as fire, flammable gas and toxic gas. The ISA Technical Report TR 84.00.07 provides guidelines for the design of fire and gas systems in unenclosed process areas in accordance with the principles given in IEC 61511 standards. This paper presents an overview of the design of gas detection systems using risk assessment methods that are described in the ISA technical report. These methods are statistical in nature and are used to assign and verify targets for the performance metrics (detector coverage and safety availability) of gas detection systems. This paper also provides an overview of the performance based safety life cycle of gas detection systems from conceptual design stage to operations and maintenance.
Performance based gas detection for hydrocarbon storage
1. Performance Based Gas Detection
for Hydrocarbon Storage
Kenexis
Copyright 2011 - Kenexis
2. Presenter Introduction
• Edward M. Marszal, PE, ISA84 Expert
• President, Kenexis
• 20 Years Experience
• ISA Author “SIL Selection”
• ISA Committees - S84, S91, S18,
S84 WG7 Fire and Gas
• ISA Safety Division Past Director
• ISA Fellow
• AIChE, NFPA Member
• BSChE, Ohio State University
ISA84 Expert
Copyright 2011 - Kenexis
3. „Basis of Safety‟ for FGS
• All critical instrumentation / control systems require
a „basis of safety‟
• specify adequate equipment selection and design
• specify functional testing requirements
• For fire and gas systems „basis of safety‟ are
developed in two ways:
• Prescriptive „Basis of Safety‟,
NFPA/EN standards, etc.
• Performance Basis / Risk Assessment
Copyright 2011 - Kenexis
4. Prescriptive Standards in FGS Design
• Well-established guidance for
design of FIRE detection and
mitigation systems
• Provide detailed requirements for basis of
safety for most types of fire detection
and alarming function
• Allow for performance based alternatives to be used
(where appropriate)
• Generally not specific to chemical processing
• Very little guidance on gas detection
Copyright 2011 - Kenexis
5. Performance-Based Standards
• ISA TR 84.07 Provides guidance for gas detection
design in accordance with the principles of ISA84 /
IEC61511
• Specify and Verify Performance Targets
• Availability
(equivalent to SIL)
• Detector Coverage
• Written specifically for
process industry
• Not intended as
replacement for
prescriptive design;
intended as supplement
Copyright 2011 - Kenexis
6. Performance-Based or Prescriptive…
What‟s Better?
• A combination of both prescriptive and
performance-based methods in best
• Many FGS elements are adequately addressed by
prescriptive standards
• Many FGS elements (although addressed by prescriptive
standards) can be better designed using performance-
based methods
• Some FGS elements typical found in chemical processing
facilities are not adequately covered by prescriptive
standards
Copyright 2011 - Kenexis
7. Fire and Gas Design Lifecycle
Copyright 2011 - Kenexis
8. Fire and Gas Design Lifecycle
• Consistent with the
underlying principles of ISA
84.00.01 and IEC 61511
• Does not provide a
complete process for FGS
design – only intended for
application to process
areas
Copyright 2011 - Kenexis
9. Typical Workflow for FGS Design
Identify Requirement
for FGS
Design Specification
Develop FGS Philosophy
Procedure Development
FGS Zone Definition
Construction, Installation,
And Commissioning
Determine FGS
Performance Requirements
PSAT
Verify Detector Coverage
Operation, Maintenance
and Testing
Verify FGS Availability
Management of Change
Modify Design
(if required)
Copyright 2011 - Kenexis
10. Identifying Requirements for FGS
Identify Requirement
• Recommended from Previous for FGS
Design Specification
Safety Studies
Develop FGS Philosophy
• Process Hazards Analysis (PHA)
Procedure Development
• Layer of Protection Analysis (LOPA)
FGS Zone Definition
• Quantitative Risk Assessment (QRA) Construction, Installation,
And Commissioning
• Required by Government Determine FGS
Performance Requirements
Regulation
PSAT
• Required by Industry or Verify Detector Coverage
Corporate Standards Operation, Maintenance
and Testing
• Required by Insurance Provider Verify FGS Availability
Management of Change
Modify Design
(if required)
QRA / safety case analysis assumes performance for FGS. Performance
Based FGS analysis can be used to verify assumed performance.
Copyright 2011 - Kenexis
11. FGS Philosophy Development
Identify Requirement
Input Task Tools
for FGS Deliverable
Design Specification
Develop FGS Philosophy
Identify Requirement
Procedure Development
for FGS
FGS Zone Definition
Construction, Installation,
And Commissioning
Determine FGS
Risk Tolerance Performance Requirements
FGS Philosophy
Criteria Develop FGS Philosophy Template and FGS Philosophy
PSAT
HSE Philosophy checklist And Procedures
Verify Detector Coverage
Operation, Maintenance
and Testing
Verify FGS Availability
FGS
Management of Change
FGS Design Basis
Define FGS Zones Toolkit –
Modify Design
(if required)
PHA Pro Report
Copyright 2011 - Kenexis
12. FGS Philosophy Elements
• Standardized Methods for Categorizing FGS
Hazards and Risk
• Criteria for Hazard Identification
• Criteria for Risk Categorization
• Requirements for Safety Analysis and Risk Studies
• Standardized FGS Design Heuristics
• Criteria for FGS Zone Definition and Grading
• Criteria for Assigning Performance Targets to FGS
Equipment
• Criteria for Selecting Appropriate Sensor Technologies
• Alarming Requirements
• Manual Activation
• Detector Voting for Automatic Action Requirements
• Criteria for Detector Setpoint Selection
Copyright 2011 - Kenexis
13. Procedures Resulting From Philosophy
Hazard Identification (HAZID) Zone Definition and Grading
Performance Target Selection Performance Target Verification
Residual FGS
Release Detected? FGS Effectiveness Residual Fire Effectiveness Frequency
Early Ignition? ("Detector Coverage") ("PFD") Delayed Ignition? Detected ("PFD") (1/year)
Success 9.10E-06
Yes 0.9
0.85
Failure 1.01E-06
Yes 0.1
0.04
No 1.78E-06
0.15
Success 2.18E-04
0.9
Yes Success 7.43E-07
0.85 0.9
Release Yes
2.97E-04 0.85 Failure 8.25E-08
Yes 0.1
0.04
No 1.46E-07
Failure 0.15
0.1
No 2.33E-05
0.96
No Success 1.31E-06
0.96 0.9
Yes
0.85 Failure 1.46E-07
Yes 0.1
0.04
No 2.57E-07
No 0.15
0.15
No 4.11E-05
0.96
Total 2.97E-04
Copyright 2011 - Kenexis
14. Definition of Fire and Gas Zones
Input Task Tools Deliverable
Risk Tolerance FGS Philosophy
Criteria Develop FGS Philosophy Template and FGS Philosophy
HSE Philosophy checklist And Procedures
PFD
P&ID FGS
FGS Zone Definition FGS Zone List
Plot/Deck Plan Toolkit
Cause-and-Effect
Determine FGS FGS FGS Design Basis
Performance Requirements Toolkit Report
Copyright 2011 - Kenexis
15. Why is Zone Definition Important?
• Areas in processing plant have differing fire and gas hazards
• Building Fire Protection – zones where goal is protection of personnel and
assets from general building fire hazards
• Processing Area – zones where goal is incipient detection of fire and/or gas
releases in processing areas
• Process/Non-Process Segregation – zones where goal is segregator of process
hazards from non-process areas
• Requirement for clear communication of hazards to
operations and emergency responders
Copyright 2011 - Kenexis
16. FGS Zone Categories
• Zones are categorized to facility development of
basis of design
Zone Categories Area Definition Examples
H Hydrocarbon Possessing Area, General Fire / Flammable Gas, Production Separation,
Toxic Gas Hazard Gas Compression,
N Non-Hydrocarbon Fire Hazard Combustible Liquid Storage,
Lubrication Oil System
G General Occupancy, No Hydrocarbon Fire Hazard Accommodations Area,
Control Building
E Non-Hydrocarbon Special Equipment Protection
Non-classified Electrical Equipment
T Gas Turbine or Engine Enclosures
Gas Turbine and Turbine Enclosures
V Combustion Air Intake / Ventilation Air Intakes Combustion Air blower, HVAC Fresh Air
Intake
Copyright 2011 - Kenexis
17. FGS Zone List
• Complete list of FGS Zones, including:
• Identifier (tag, name)
• Description
• Category
Copyright 2011 - Kenexis
18. Fire and Gas Performance Targets
Input Task Tools Deliverable
PFD
P&ID FGS
FGS Zone Definition FGS Zone List
Plot/Deck Plan Toolkit
Cause-and-Effect
FGS Philosophy Determine FGS FGS FGS Design Basis
& Procedure Performance Requirements Toolkit Report
Verify Detector Coverage Effigy™ FGS Detector
Mapping Report
Copyright 2011 - Kenexis
19. Risk Modeling Requirements
• Desire a Risk Model that is sensitive to:
– Detector Coverage
– FGS System Probability of Failure on Demand
• Analysis Considerations include:
– Hydrocarbon Processing Equipment
– Fire and Gas Consequences
– Release Likelihood
– Level of Human Occupancy of Zone
– Ignition Probabilities
– Production Value for Process
Copyright 2011 - Kenexis
20. Performance Target Determination
• Two Common
Approaches
– Semi-Quantitative
(Similar to LOPA)
– Quantitative Risk
Analysis (QRA)
Copyright 2011 - Kenexis
21. FGS Performance Targets
• Performance Targets Specify requirements for
Risk Reduction:
• Fire and Gas Detector Coverage
• Geographic Coverage
• Scenario Coverage
• Equipment Probability of Failure
• Safety Availability
• Safety Integrity Level (SIL)
Copyright 2011 - Kenexis
22. Fully Quantitative Approach
• Targets calculated through rigorous modeling
of hazards
• Consequence characterized by
dispersion/consequence modeling
• Release likelihood characterized by equipment
failure database
• Mitigating factors characterized by site specific
factors
• Calculated risk compared against tolerability
criteria
• Design criteria are iteratively modified in order
to achieve the tolerable risk target
• Analysis based on Scenario Coverage and safety
availability
Copyright 2011 - Kenexis
23. Hazard Scenario Identification
• Hazard scenarios should include general release / fire scenarios
– Identify all credible release scenarios, including:
• Vessels, process piping, flanges, instruments,
wellheads, pumps, compressors, heat
exchangers, launchers/receivers, risers and
pipelines
• Identify specific factors effecting release scenario
– Hole size, location, orientation, phase, toxicity (H2S),
occupancy
• Release Scenarios with extremely low likelihood and/or
consequence need not be considered
• Result should be a detailed list of release scenarios with enough
detail to undertake consequence and likelihood analysis
• Identify potential incident outcomes:
– Jet fire, Flash Fire, …..
Copyright 2011 - Kenexis
24. Likelihood Analysis
• Based on Historical Offshore Data:
– Offshore Release Statistics, 2001. UK Health &
Safety Exec.
– PARLOC 2001: The update of Loss of Containment
Data for Offshore Pipelines. UK Health & Safety
Exec.
• Sensitive to hole size distribution
• Sensitive to Equipment Type
Fully-Quantitative Method Copyright 2011 - Kenexis
26. Risk Integration
• Join Consequence and Likelihood to generate a list of
possible scenario outcomes
– Each outcome has an associated level of risk (PLL, Financial
Loss)
– Event Trees are used to determine risk for each outcome
• Event outcomes are integrated to determine risk for a
FGS zone or Platform
– Risk for FGS zone/platform is compared against Customer
tolerable risk criteria
• Initially select low detector coverage and progressively
increase until tolerable risk achieved.
Fully-Quantitative Method Copyright 2011 - Kenexis
31. Semi-Quantitative Approach
• Team-Based approach employing calibrated
risk assessment tables
• Risk factors qualitatively ranked by team
• Likelihood
• Consequence
• Mitigating factors
• Selected categories determine the “zone grade”
• Zone grade defines geographic coverage and safety
availability
Grade Level of Risk Detection Coverage FGS Safety Availability
A High Risk 0.90
0.95 (High SIL 1 Equivalent)
B Medium Risk 0.80
0.90 (SIL 1 Equivalent)
C Low Risk 0.60
0.90 (SIL 1 Equivalent)
Copyright 2011 - Kenexis
32. Calibration
• Parameters and
performance target
calibrated by full
QRA of typical
zones
• Safety Availability
and Geographic
Coverage Set
Copyright 2011 - Kenexis
33. Extents of Graded Areas
• Define extents of area the overall zone that are
required to be covered by fire and gas detection
• Limits analysis to location where risk is high
• Function of process equipment with potential to leak
and process conditions
• Similar to electrical area classification
Grade C Grade B Grade A
Copyright 2011 - Kenexis
35. Why Verify Detector Coverage?
• Failure of Gas Detection Systems to Function are
related to one of two Mechanisms:
• Inadequate Coverage - Failure to detect hazard due to
inadequate sensor type, number and/or location
• Inadequate Availability - Failure of component
hardware to function as intended
• Proposed detector layout should be assessed to
ensure adequate coverage:
• The coverage footprint is sufficient to provide the
required hazard alarms and control actions
• Detectors are appropriately located considering leak
sources, wind directions, and other site specific factors
The Maginot Line
HSE Statistics Indicate that 40% of Major Gas Release in North Sea Offshore
Installations are Not Detected by Gas Detection Systems
Copyright 2011 - Kenexis
36. Verifying Detector Coverage for Process Areas
• Two methods of coverage verification are defined by ISA TR
84.07:
• “Detector Geographic Coverage – The fraction of the geometric area
(at a given elevation of analysis) of a defined monitored process area
that, if a release were to occur in a given geographic location, would
be detected by the release detection equipment considering the
defined voting arrangement.”
• “Detector (Scenario) Coverage – The fraction of the release
scenarios that would occur as a result of the loss of containment from
items of equipment of a defined and monitored process area that can
be detected by release detection equipment considering the frequency
and magnitude of the release scenarios and the defined voting
arrangement.”
Copyright 2011 - Kenexis
37. Gas Detector Mapping Assessment
• Detector Performance characterized
based on data from FM approval testing
• Detector Coverage calculated based on 3-
dimensional modeling
• Achieved coverage is compared against
performance target
• Geographic Coverage considers leak
sources and “Design Basis Cloud Size"
Copyright 2011 - Kenexis
38. Calculating Gas Geographic Coverage
Design Basis
Cloud
Leak Point
(Covered)
Leak Point
(Not Covered)
Copyright 2011 - Kenexis
41. Conceptual Design
• Purpose
– Select equipment appropriate for
performance target
– Specify how the system operates
– specific and general
– Basis for detailed design
• Result
– FGS Requirements Specification
Copyright 2011 - Kenexis
45. Detailed Design and Specs
Input Task Tools Deliverable
Specification
Design Specification Detailed Design
Templates
Procedure
Procedure Development Templates – Procedure
Word, DB
• Loop Sheets
• Internal Wiring Diagrams
• Cable Schedules
• PLC Programs
Copyright 2011 - Kenexis
46. Procedure Development
Input Task Tools Deliverable
Specification
Detailed Design Specs Detailed Design
Templates
Procedure
Procedure Development Templates – Procedure
Word, DB
• Develop procedures for
– Operation of FGS (startup, reset, bypass)
– Response to detected failures of FGS
– Maintenance and testing of FGS
Copyright 2011 - Kenexis
47. Construction, Installation and
Commissioning
Input Task Tools Deliverable
Construction, Installation,
And Commissioning
PSAT
• Purchase equipment
• Install on site – location and orientation
• Load software
• Connect wiring
Copyright 2011 - Kenexis
48. Pre Start-Up Acceptance Testing
Input Task Tools Deliverable
Construction, Installation,
And Commissioning
Checklist
Validation Plan PSAT Punchlists
Template
• Verify that installed equipment and software conform to
safety requirements specifications
• Review software and hardware
• Review all relevant equipment
• Generate deviation record (punchlist)
Copyright 2011 - Kenexis
49. Operation and Maintenance
Input Task Tools Deliverable
Operation, Maintenance
And Testing
Management of Change
• Periodic function testing
• Respond to overt faults
• NOTHING!!!!
Copyright 2011 - Kenexis
50. Management of Change
Input Task Tools Deliverable
Operation, Maintenance
And Testing
Management of Change
• Follow management of change procedures
Copyright 2011 - Kenexis