Application of IEC 61508 and
IEC 61511 in the Norwegian
Petroleum Industry
Lars Bodsberg
Research Director
SINTEF, Trondheim, Norway
lars.bodsberg@sintef.no http://www.sintef.no/
30 November 2005 Delft, the Netherlands
This is SINTEF
The Foundation for Scientific and Industrial Research
at the Norwegian Institute of Technology
The vision:
Technology for a better society
Business concept:
SINTEF sell research-based knowledge and related services to Norwegian and international clients.
Social perspective:
SINTEF wishes to contribute to the creation of value and to a society in healthy sustainable development.
Locations:
SINTEF has 1700 employees, mainly 350 situated in Oslo and 1350 in Trondheim.
Widespread use in the
Norwegian Petroleum Industry
• The International standard IEC 61508: Functional safety of
electrical/-electronic/programmable electronic (E/E/PE) safety-related systems“ (7 parts)
– Generic standard
• The International standard IEC 61511: Functional safety – Safety
instrumented systems for the process industry sector (3 parts)
– Sector specific standard
The Petroleum Safety Authority Norway recommends the use of IEC 61508 and 61511
Development of Safety System
Requirements
Isolate and depressurize vessel 9999 out of 10000 times EUC Hazard Risk EUC risk Over pressure Tolerable risk Safety requirements &Safety Integrity Level
E/E/PES Other Safety-related systems External facilities Not part of IEC 61508 Allocation R Design, etc Req. h/w s/w
IEC 61508 Implications on
Risk and Reliability Analyses
•
The IEC 61508 standard sets out a risk-based approach for
deciding the Safety Integrity Level (SIL) for systems performing
safety functions
– On-going R&D to improve Quantitative Risk Analyses (QRA) in Norway.
•
The IEC 61508 standard requires evaluation of reliability
performance of the safety instrumented systems
– The PDS method – Reliability Assessment of Safety Instrumented Systems
QRA FGD/ESD SYSTEM PSD SYSTEM PC SYSTEM Normal equipment condition Stable process Accident external to process Process upset (transient) Leak (Process equipment failure) Fire or explosion Pollution Failure of control or safety system Mechanical degradation Mistake by personnel Function Implementation (Example) CONTROL S PSL GD FD FD M M Loss of production Personnel injury Facility damage PSV FSV NORMAL OPERATIONAL SITUATION
HAZARD ACCIDENT CONSEQUENCE
Equipment Process function
Platform Extent of shut-down action Production Detectable conditon SHUTDOWN CM M S
CM:Condition Monitoring, S:Process sensor, PSV:Pressure relief, PSL:Pressure switch low, FSV:Check valve, GD:Gas detector, FD:Fire Detector, M:Manual
IEC 61508 Implications on
Risk Analyses
• Traditional offshore quantitative risk analyses
(QRA):
– Starts with assuming that a HC leak has happened
– Frequency of HC leaks from historical data
-causes of HC leak not modelled
– Safety systems often not explicitly modelled
• Risk analyses needs adaptation and
development
Guideline for use of
IEC 61508 and IEC 61511
• Joint industry project between operators and
the various suppliers of services and
equipment (PDS forum)
• The Norwegian Oil Industry Association
(OLF) provided financial support
Guideline Objective
•
Adapt and simplify the application of the IEC 61508 and IEC
61511
•
Guidance on
– Design
– Operation and maintenance – Modification
– Mangement activities to ensure that functional safety requirements are met.
•
Provide minimum SIL levels
•
Provide approach for reliability quantification of safety integrity
Guideline for the use of IEC 61508 and IEC 61511 in the
Norwegian Petroleum Industry
PDS
PDS is the Norwegian acronym for
"Reliability and availability of computer based safety systems"
• SINTEF has developed a
method for quantifying the
reliability/availability of
instrumented safety
system, called the PDS
method
• The method is
continuously updated
• Regular meetings in the
PDS Forum.
The PDS Forum's vision
is to become the
Norwegian centre of
force for development of
safety systems within
the petroleum industry.
PDS Forum Participants
Oil companies:
• BP Amoco Norge AS
• TotalFinaElf Exploration Norge AS • Norsk Hydro ASA
• Shell • Statoil • ConocoPhillips • Eni Norge Consultants / Engineering companies:
• Aker Kvaerner Engineering & Technology Oil
• Det Norske Veritas • NEMKO
• Safetec Nordic AS
• Scandpower Risk Management AS Vendor companies: • ABB • FMC Kongsberg Subsea • Honeywell • Invensys Triconex • Kongsberg Simrad • SAAS System AS • Siemens
• Simrad Optronics ASA
Governmental bodies:
• The Petroleum Safety Authority Norway (Observer)
• The Directorate for Civil Protection and Emergency Planning (Observer)
Reliability
Safety Maintenance
z
t
Balance between
Production and Protection
Reason (1998)
Protection
Safety vs. Life Cycle Cost
Acceptance criteria 0.006 0.005 0.004 0.003 0.002 0.001 100 200 300 400 500 LCC in 1 000 Norwegian kronerProbability of failure on demand
Primary Investment
Operation and maintenance cost Unavailability cost of trip
2oo2 voting
1oo1 voting
2oo3 voting
