Download - Hipps - Azade to Ceo
HIPPS• Introduction• Configuration • Specification • Codes & Standards
•Flaring of hydrocarbons causes damage to theenvironment and the CO2 production is not inline with the Kyoto Protocol
•HIPPS prevent over-pressurization by shutting down the source of the high pressure.
A mechanical and electrical safety instrumented system (SIS)
designed to prevent over-pressurization of a plant
with isolating downstream (Piping & Pressure Vessels)
from over pressure
HIPPS closes the source of over-pressure as fast as
possible (within 2 seconds) with at least the same reliability as a safety relief valve
When extremely high pressure and/or flow rate are involved
When Sizing of relief device is difficult to define or inadequate due to chemical reactions or multiphase fluids
On existing systems in order to avoid replacement of flare system when adding new units
Reduces relief load by reducing frequency of overpressure events
Reduces frequency that multiple relief devices will operate simultaneously
Provide protection when a pressure relief device is ineffective
HIPPS are more complex, requiring many components to work as designed
Redundancy, inspection and proof test requirements increase long term operation and maintenance costs
Pressure Range 1480-15000 psi Temperature Ambient Valve sizes 2-52 inches
The HIPPS system is based on
Three pressure transmitters (Initiators) A logic solver Two shutdown valves (Final Elements)
Initiators
Logic Solver
Final Elements
Logic solver
To providing the safety assurance of a pressure-sensitive environment
• Noise reduction• Velocity management
An overall HIPPS loop requirement
Transmitters Manifolds Logic Solver HIPPS Ball Valves Actuators Solenoid valves Communication and sequence of
event registration Plant Resource Manager
Communication Sequence of event Matrix interface
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
INPUTS OUTPUTS INPUTS OUTPUTS
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
TEXT 1TEXT 2TEXT 3TEXT 4
Logic solver
Fail safe outputs
S
SS
S
Process ResourceManagement
DCS
Analog inputsvoting
PV2PV1 PV3
Digital inputsResets
Manifolds for the transmitters have to provide the necessary double block and bleed interlocking 2oo3 arrangement specially for HIPPS
Pressure Measurement Component
To meet over pressure at least in a single instrument in SIL2 loop or two transmitters in SIL3 Loop
Used to detect high pressure
The pressure sensing initiators should be electronic pressure transmitters
Two wire 4-20 mA
Mounted on an Interlock Manifold Wired to separate card in the logic
solver
Most HIPPS applications require 1oo2, 2oo2 or 2oo3 voting transmitters on all field inputs
The 2oo3 voting logic is generally implemented in the logic solver
Reduces the probability to fail on demand (PFD) for the field inputs
Decrease common cause faults, such as plugged process taps
Two methods of process measurement:
Tradition method After evolution method
Traditionally, variables were monitored using discrete switches as the input sensor to the
safety instrumented systems (SIS)
Switches used for three reasons:
Relay systems and early PLCs processed discrete signal much easier than analog signals
Switches were usually less expensive than analog transmitters
The evolution has made it easy to use analog PV inputs
Transmitters can be continuously monitored
A single transmitter providing multiple levels of trip/alarm functions (i.e., low, high and high-high level) can replace multiple switches
Determines the proper steps to make changes to
the final element
The logic solver hardware must be designed to meet the assigned SIL3 as provided in IEC 61508 and
IEC 61511
It can be Relays or PLC
The system consist of a Central Processing Unit (CPU) and fail-safe redundant I/O
IEC 61511 covers the application of electrical, electronic and programmable electronic equip
This standard defines the functional safety requirements established by IEC 61508 in process industry sector
Defines functional safety as: part of the overall safety relating to the
EUC (Equipment Under Control)
The EUC control system which depends on the correct functioning of the E/E/PE safety-related systems
Other technology safety-related systems and external risk reduction facilities
All safety communication between the control unit and the associated I/O cards must be redundant
Control Cabinet can be supplied suitable for hazardous area installation in EEx-d enclosure IP-66 or for safe area installation in standard 19” rack cabinet IP-54
SIL 4 or 3 certification Inherently Fail-Safe Zone2 applications Very high mechanical and electrical robustness High temperature range Very low power consumption Very long technical life span (>30y) Test intervals many years Event Recorder (1ms resolution)
Based on the ANSI/ISA S84.01, IEC 61508, and IEC 61511 the safety logic must be independent from the basic process control system logic
Independence of the safety logic reduces the probability of loss of the basic control
system hardware functioning Independence also reduces the possibility of inadvertent changes to the HIPPS safety functionality occured during modification
of basic process control functions
Performs the necessary steps to bring the process back to a safe state of being
Includes the valve, actuator and solenoids
Generally have a quick quarter-turn on/off ability
Generally have a soft seating
Generally have blow-out proof stems with radial operation
Should be two components, because the single component will not support the safety requirements (series and parallel components)
Designed to be opened against full differential pressure, so that there is no need for a bypass arrangement for pressurization and start-up as typically the case with ball valves
Safety Integrity Level (SIL) (in many HIPPS Systems SIL3)
Process Safety Time (PST) Probability of Failure on Demand
(PFD) Safe Failure Fraction (SFF) Hardware Fault Tolerance (HFT) Risk Reduction Factor (RRF)
The metric for measuring the performance of a safety function is called the average Probability of failure on demand (or PFDavg) and this correlates to the SIL level as follows
PFD=1/2 ( T ) T= Test Interval = Failur Rate
The relationship between the SIL, RRF and PFD
IEC 61508: Functional Safety of Electrical/Electronic/Programmable Electronic Safety Related System
IEC 61511: Functional Safety: safety instrumented systems for the process
industry sector
ANSI/ISA S84.01, Application of Safety Instrumented Systems for the Process Industries
ASME Code Case 2211
API 521
provide alternatives in the design of overpressure protection systems. These alternatives revolve around the use of an instrumented system that exceeds the protection provided by a pressure relief valve and flare system
If you need a pressure relief device for any scenario, it must be sized for the worst case
If no pressure relief device is installed, the MAWP (Maximum Allowable Working Pressure) of the vessel must be greater than the highest pressure reasonably expected
Applies to flare load and header sizing
requires evaluation of relief loads based on credible overpressure scenarios
requires sizing the main flare header for the worst case relieving scenario (involving the simultaneous venting of all affected vessels)
Recommends use of HIPPS only when the use of pressure relief device is impractical
A guide for plant engineers in the design, installation, and operation of pressure-relieving and depressuring systems
Suggests solutions to the immediate design and economic and safety problems involved in pressure relieving discharge systems
Includes a new section on flare gas recovery
General description of the process to be protected
General description of how HIPPS is integrated into the process and other safety systems
The required SIL level of the loop
Specification of the system response time
Detailed specification of the final element (shut-off valve) describing materials, design standards, actuator sizing/integration, details of the instrumentation such as solenoids and actuator
Detailed specification of the pressure transmitters and their safety aspects
Detailed specification of the controller including the required logging, test buttons, and communication to other controllers like the DCS
Components tests and integrated factory acceptance test (FAT) requirements for the complete system
Documentation requirements that may include procedures and checklists for the site acceptance test (SAT) and proof testing of the system
Don’t go shopping for bargains when you want to realize a HIPPS solution.
Go for the balanced solution for both functional and safety requirements.
Be sure there is sole responsibility for your total loop and be sure this is a competent person or company.