Andow

7/30/2019 Andow

1/31

Best Practicesin

Process Plant Alarm Management

Peter Andow

Honeywell Hi-Spec Solutions

7/30/2019 Andow

2/31

2 2003 Honeywell Industry Solutions

Best Practices

The EEMUA Guidancethe de factostandard multiple recommendations

Most effective options:

Create a realistic Alarm Philosophy documentoften based on performance analysis

Basic Alarm Rationalisation (based on AlarmPhilosophy). Initial focus on bad actors

Regular alarm configuration enforcement

Alarm suppression

Improved graphics

7/30/2019 Andow

3/31


Alarm Philosophy: Elements

Purpose of the AlarmSystem

Alarm designprinciples

Key performanceindicators

Approved techniques

Priority assignment

Alarm presentation

Operator roles

Interplay withprocedures

How people are trained

How alarm system will

be maintained

Management of change

Escalation policy

When to stop trying toreturn to normal

When to initiate disastermanagement

7/30/2019 Andow

4/31


Safety

Environmental

Production loss

Equipmentdamage

Inefficient

operation

Consequence

UrgencyNow ( < 5 min)

Next ( 5-15 min)

Later ( >15 min)

Minor Moderate Major Extreme

Philosophy Element: Consequence vs. Priority

Site-specific categories forEvents, Consequences and

Urgency

7/30/2019 Andow

5/31


Safety - - Safety Shower Out

of Service

Potential fatality or

worse

Environmental - Minor releaseinside boundary

Significant releaseinside boundary

Notifiable release

Production loss Lower efficiency,

Increased foulin

Non-spared

e ui ment tri

Non-spared

e ui ment will tri

Downtime more

than

Equipmentdamage Pump damage(spare on hand) Pump damage (nospare) Damage to majorequipment likely Critical equipmentdestroyed

Inefficient

operation

< $50k $50 to 100k > $100k -

Consequence

UrgencyNow ( < 5 min)

Next ( 5-15 min)

Later ( >15 min)



7/30/2019 Andow

6/31


Safety - - Safety Shower Out

of Service

Potential fatality or

worse

Environmental - Minor releaseinside boundary

Significant releaseinside boundary

Notifiable release

Production loss Lower efficiency,

Increased foulin

Non-spared

e ui ment tri

Non-spared

e ui ment will tri

Downtime more

than

Equipmentdamage Pump damage(spare on hand) Pump damage (nospare) Damage to majorequipment likely Critical equipmentdestroyed

Inefficient

operation

< $50k $50 to 100k > $100k -

Consequence

UrgencyNow ( < 5 min) High High Emergncy Critical

Next ( 5-15 min) Low High Emergncy Critical

Later ( >15 min) Low Low High Critical



7/30/2019 Andow

7/317 2003 Honeywell Industry Solutions

Alarm Rationalisation

The process by whichthe alarm database is

investigated

1. Reduce the number ofconfigured alarms

significantly

AND

2. Ensure that the remaining

alarm parameters are

correctly specified giving

fewer activations

Intent: Each alarm

activation

is informative and

provides proper

directional diagnosis

7/30/2019 Andow


Alarm Rationalisation: Safety-Related Alarms

Safety-Related alarms (as per the IEC61508 definition) need special

treatment. They should not be DCS-based. They will usually requirecareful engineering, dedicated

displays etc.

7/30/2019 Andow


Rationalisation Data

PIDs + HAZOP

etc.

Alarm performancedata (from AEA)

Operations

Expertise

Tag and Eventdata (from EA)

7/30/2019 Andow

10/31


Alarm Rationalisation Details

For each alarm:

Review the data may have used an analysis tool before

the meeting but additional queries may be required

What is the cause(s) of the alarm event?

What is the consequence(s) of no action?

What ACTION(s) is required? (No Action means No Alarm!)

Is the alarm TYPE correct?

Is the TRIP POINT correct? (May relate to other alarms etc.)

Is the DEAD BAND (if used) appropriate?

Is the PRIORITY correct? (As per the Philosophy)

Identify any housekeeping changes required

Document the results

7/30/2019 Andow

11/31


Definition of Alarm Settings

Normal Efficient Operation

(depends on other conditions)

PV

Time

7/30/2019 Andow

12/31



PV

Time

Current Operating Target Range

In many systems, theseare the alarm limits!

S

7/30/2019 Andow

13/31



PV

Time


Fastest rateof changethat operatoris expectedto handle Slower rate

of change

D fi i i f Al S i

7/30/2019 Andow

14/31



PV

Time


Trip System Limit

D fi i i f Al S i

7/30/2019 Andow

15/31



PV

Time


Possible alarm limit .. could be lower ..

but should not overlap the green areaA

T

D fi iti f Al S tti

7/30/2019 Andow

16/31



PV

Time


Operator + Plant Response Time

(for fastest disturbance)

A

T

D fi iti f Al S tti

7/30/2019 Andow

17/31



PV

Time


A

TUpper Margin

If there is no upper margin the chanceof the trip occurring will increase

D fi iti f Al S tti

7/30/2019 Andow

18/31



PV

Time


A

T

Lower Margin

If there is no lower margin alarms will occur too often

D fi iti f Al S tti

7/30/2019 Andow

19/31



PV

Time


A

T

R ti li ti R

7/30/2019 Andow

20/31


Rationalisation Resources

Can typicallyrationalise from 15

to 40 alarms perday

Data gathering andannotation can take to 4 days or more.Dont forget time to

verify plant drawings& P&IDs

Enhancedtechniques

and graphicsmodifications

- too variableto estimate.Depends on

plantstandards

and currentsystem

Add time for:APPROVALS

MOCTESTINGTRAININGCUTOVER

Add time for

validation and postaudit

Regular Monitoring and Enforcement

7/30/2019 Andow

21/31



Regularly compareEngineered and DCSsettings:

By scheduling

On demand

Generate exceptions

list and display tooperator

Alarm SettingManagement

Engineered AlarmSetting Database

DCSAlarming

Sensors

DCS Alarm Settings

?


7/30/2019 Andow

22/31





DCS

Alarming

Sensors

DCS Alarm Settings

Conditional Alarm Enforcement:Operator views list of exceptions(e.g. at end of shift)

Can selectively restore theEngineered alarm settings

Can retain as is settings (ifrequired by temporary plantoperating conditions)

Example exceptions list from ACM

7/30/2019 Andow

23/31


Example exceptions list from ACM

All exceptions in

the To BeEnforced pane

initiallyOperator can overrideexceptions by moving

them to the OverrideEnforcement pane When ready theoperator starts theenforcement


7/30/2019 Andow

24/31





DCS

Alarming

Sensors

DCS Alarm Settings

Enforcement results form

basis for shift handover

Tracking Plant Operational Modes

7/30/2019 Andow

25/31


Tracking Plant Operational Modes



DCS

Alarming

Sensors

DCS Alarm Settings

As modechanges

When the plantoperational modechanges, the alarmsettings should

follow but on mostplants the alarmsettings dont

change.

Alarm Suppression

7/30/2019 Andow

26/31


Alarm Suppression

Use of multiple modes is one way of

suppressing alarms that are not relevant to aparticular plant operating configuration

Custom code for suppression of

consequential alarms is also possible butno general agreement on the best techniques

Improved Graphics

7/30/2019 Andow

27/31


Improved Graphics

Graphics style and effectiveness variesenormously

The ASM Consortium has producedguidelines for graphics that are intended to

improve operator effectiveness duringabnormal situations

The ASM guidance includes

recommendations for alarm display andmanagement

7/30/2019 Andow

28/31

Abnormal Situation Management

Joint Research and Development Consortium

Plant

Sensors

PlantActuators

FI

1211

LI

1167

TI

4367

Operations Personnel

Innovating and FieldingASM Solution Concepts

Abnormal Situation Management and ASM are U.S. registered trademarks of Honeywell Inc.

BAWArchitecture

ASM Graphics Guidance Groups

7/30/2019 Andow

29/31


ASM Graphics Guidance Groups

Each of the16 groups

has a

number ofseparate

guidelines around 90

guidelines in

all.

G1. Display Types

G2. Task Appropriate Information

G3. Display StyleG4. Display Layout

G5. Navigation Techniques

G6. Use of Color

G7. Use of Symbols and Process Connections

G8. Use of Text and NumbersG9. Interaction with Displays

G10. Configuration Scheme

G11. Audible Annunciation

G12. Visual Annunciation

G13. Training Program

G14. On-line Guidance

G15. Design Methodology

G16. Management of Change

An ASM-Style Schematic Display

7/30/2019 Andow

30/31


An ASM-Style Schematic DisplayProcess values and abnormal conditions have the most contrast with backgroundbringing them to the foreground.

Summary and Conclusions

7/30/2019 Andow

31/31


Summary and Conclusions

The EEMUA guidance is the accepted sourceof Alarm Management best practice

The most effective options for improvementrequire a coherent Alarm Philosophy and a

rationalised alarm system

Alarm configuration management, alarmsuppression and better graphics can also

yield significant improvements

Substantial improvements are possible

Date post:	04-Apr-2018
Category:	Documents
Upload:	behnam-rezaei
View:	217 times
Download:	0 times

Andow

Documents