Safety Analysis and Safety Functions

Slides:



Advertisements
Similar presentations
Functional Safety Demystified
Advertisements

1 BROOKHAVEN SCIENCE ASSOCIATES NSLS-II Shielding Workshop S. Buda Personnel Protective Systems March 27, 2007.
1 Safety Instrumented Systems ANGELA E. SUMMERS, PH.D., P.E. SIS-TECH Solutions, LLC We’re Proven-in-Use.
1 Personnel Protection System (PPS) – Definition Interlock system, to protect personnel from Ionising Radiation (and other hazards) –(Note: does not include.
Functional Safety Overview
March 14, 2003 MICE Absorber/Coil Integration MICE LH2 Absorber 1.Assembly 2.Safety 3.Staging 4.Instrumentation.
Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.
BUILDING SECURITY ALARM SYSTEM. BUILDING SECURITY ALARM SYSTEM Any electrical or mechanical device which is designed or used for the detection of an unauthorized.
© Palaniappan R Kannan PMP.,CFSE 1 IEC Standard – What is it? IEC is a Standard for the functional safety of Electric / Electronic / Programmable.
SESAME PSS Phase I : Microtron + Booster Morteza Mansouri SESAME PSS engineer on behalf of Safety group TAC Morteza Mansouri, SESAME TAC 2012, Nov.10th,2012.
CLIC CES Webex 12 Nov Summary: – Set of fire safety measures defined in CERN Safety Report – Proposed Structure for CLIC/ILC Fire Safety Report Fabio.
Asher Etkin DOE Accelerator Safety Workshop August , 2009 DRAFT DOE STANDARD APPLICATION OF SAFETY INSTRUMENTED SYSTEMS USED AT DOE NON-REACTOR.
Elder Matias Canadian Light Source University of Saskatchewan Control System Development.
Layers of Protection Analysis
Are You Ready for an SIS? What to do before starting on your SIS…and after it’s installed March 24, 2009.
SIPI61508 Soft computing based qualitative method for determination of SILs István Ajtonyi 1 – László Ormos 2 1 University of Miskolc, Institute of Electric.
Over View of CENELC Standards for Signalling Applications
Application of SIL assessment, Bow-tie and API 14C to ensure a thorough Safety Concept Prepared by: Fabienne Salimi & Tino Vande Capelle 26 January 2011.
Process system and safety laboratory
Fault Tree Analysis for Fatality Prevention Dr. Steven A. Lapp President - Design Sciences, Inc.
Personnel Safety Systems Stuart Birch Senior Engineer, Personnel Safety Systems November 6 th, 2014.
Safety - Lessons learnt from the design, commissioning and operation of the HIE-ISOLDE cryomodules Safety overview ESS 8 June 2016 AP.Bernardes/EN on behalf.
Process Safety Management Soft Skills Programme Nexus Alliance Ltd.
1 Interfaces, Engineering and Standards. 2 Interfaces LoKI Interface document description for deliverables Elements: PBS number, Deliverable description,
Chapter 9 Safety Permit Systems
PERSONAL SAFETY INTERLOCKS External EHS Expert Panel Workshop
Cryomodule test stand at ESS site
Software Specification and Configuration Management
Industrial Radiography
Safety Instrumented Systems
CENF – Personnel Protection System Preliminary Study
CENF – Personnel Protection System Preliminary Study
MICE Safety Review Meeting 4th Oct 2011 PJ Warburton - Daresbury Lab
A Risk-based Approach to Training Paul Cheeseman & Kerry MacDonald
HEL – Safety aspects Christelle Gaignant
Your Safety, Our Future.
Layers of Protection Analysis
Personnel Safety Systems at ESS
Safety Instrumented Systems
HSE Case: Risk Based Approach.
BU IS GIG Chemical, Oil & Gas
5-Year Process Hazard and Risk Assessment Approach NOVA Chemicals
Quantitative Risk Assessment
Risk Management and Mitigation
PSS1 overview Stuart Birch
Operations, Risks & Hazards
Personnel Safety Systems
TS2 PSS Architecture, Concepts of Operations and Interfaces
Personnel Safety system 0 for the Ion Source and LEBT (PSS0)
Accelerator PSS Radiation Monitoring
PSS0 Scope Stuart Birch 8th February 2018.
Layers of Protection Analysis
PSS0 Design & Concept of Operations
Introduction and Safety Plan
PSS verification and validation
PSS Verification and validation
Preliminary Hazard Analysis of Bunker
ODH Phase 1 Hazard Analysis, Monitor Placement, Installation Progress.
On behalf of protection systems
Radiation Protection Handbook
Safety Readiness Review (SRR) Thomas Hansson, ESH
Introduction, PDR Recommendations & TS2 PSS Safety Analysis
Deputy Group Leader for Protection and Safety Systems Group
PSS verification and validation
TS2 PSS; update on concepts of operation and system's architecture
Operation of Target Safety System (TSS)
Hardware integration and interfaces
TS2 PSS Software Requirements and Software Design
Mikael Olsson Control Engineer
ESHAC #8 Safety Readiness Review Thomas Hansson, ESH
Presentation transcript:

Safety Analysis and Safety Functions TS2 PSS Preliminary Design Review Safety Analysis and Safety Functions Dr Fan Ye PSS Safety Engineer, Engineering Safety Consultants Limited (ESC), UK ESS/ICS/PS 2019-02-11

Contents TS2 PSS Initiating Events Analysis TS2 PSS SIL Determination TS2 PSS SRS TS2 PSS SIL Verification (preliminary)

Initiating Events Analysis Route map TS2 Risk Assessment Initiating Events Analysis SIL Determination SRS SIL Verification

Initiating Events Analysis Route map TS2 Risk Assessment Initiating Events Analysis SIL Determination SRS SIL Verification

TS2 PSS Initiating Events Analysis Hazards requiring PSS Hazards identified from TS2 Risk Assessment A subset require protection from PSS TS2_HAZ01, Ionising radiation (X-rays) TS2_HAZ02, Non-ionising radiation (radio frequency) TS2_HAZ03, Oxygen deficiency (ODH) Lead to a list of overall safety requirements for PSS

TS2 PSS Initiating Events Analysis Overall safety requirements Req. ID Requirement Description TS2PSS_REQ01 TS2 bunker shall be searched prior to lock-up and search shall be controlled by PSS. TS2PSS_REQ02 TS2 PSS shall prevent access to TS2 bunker area during operation. TS2PSS_REQ03 TS2 PSS shall interface the RF waveguide during the Klystron testing outside of the TS2 bunker to ensure that the RF power to CM is disconnected. TS2PSS_REQ04 TS2 PSS shall have the interface with radiation monitors outside TS2 bunker area to switch off the RF power in case of high radiation. TS2PSS_REQ05 ODH detection system shall be installed outside the TS2 bunker (if the oxygen levels inside the bunker drop below 18% the ODH evacuation alarms shall be triggered). TS2PSS_REQ06 TS2 PSS shall provide means within TS2 bunker to switch off the RF power in case of emergency.

TS2 PSS Initiating Events Analysis IEs IE ID Initiating Event Description Hazard TS2PSS_IE01 TS2 operation started inadvertently TS2_HAZ01, TS2_HAZ02 TS2PSS_IE02 Intrusion into bunker during TS2 operation TS2PSS_IE03 failure to remove waveguide prior to Klystron testing TS2PSS_IE04 equipment failure leading to release of Helium into TS2 bunker TS2_HAZ03 TS2PSS_IE05 high radiation from bunker opening

TS2 PSS Initiating Events Analysis IE register IE ID IE Description Hazard ID Hazard IE Likelihood Conseq. Risk TS2PSS_IE01 TS2 operation inadvertently started TS2_HAZ01 Ionising radiation 1.2 per year Justification: 1 CM tested/month Max. 2 weeks (10 days) TS2 op. 1/day TS2 op. 120/year (=1 x 12 x 10 x 1) Human error 1/100 trained personnel following writing procedure, under low level of stress The overall frequency: >20mSv / event Ref. [RA] TS2_HAZ02 Non-ionising radiation Burns

TS2 PSS Initiating Events Analysis ETA – Intrusion into TS2 bunker IE: Intrusion into TS2 bunker TS2 Operation Warning TS2PSS_SIF04: PAD lock TS2PSS_SIF02: Intrusion Interlock Consequence

TS2 PSS Initiating Events Analysis ETA – Failure to remove waveguide IE: failure to remove waveguide Occupancy factor TS2PSS_SIF05: Waveguide interlock Consequence

TS2 PSS Initiating Events Analysis SIFs TS2PSS_SIF01 Emergency switch-off button TS2PSS_SIF02 Intrusion interlock TS2PSS_SIF03 Key switch interlock TS2PSS_SIF04 Personnel Access Door lock TS2PSS_SIF05 Waveguide interlock TS2PSS_SIF06 High radiation interlock SIFs action (except TS2PSS_SIF04) Remove permit to energise the TS2 modulator and the LLRF TS2PSS_SIF04 action Electrically lock the personnel access door

Initiating Events Analysis Route map TS2 Risk Assessment Initiating Events Analysis SIL Determination SRS SIL Verification

TS2 PSS SIL Determination Methodology – LOPA Figure A.1 illustrates the general concepts of risk reduction. The general model assumes that: – there is a process and an associated basic process control system (BPCS); – there are associated human factor issues; – the safety protection layers features comprise: • mechanical protection system; • safety instrumented systems; • non-SIS instrumented systems; • mechanical mitigation system. IEC 61511-3

TS2 PSS SIL Determination Methodology – LOPA 9. Community Emergency Response 8. Plant Emergency Response 7. Fire & Gas System 6. Physical Containment (Bunds) 5. Physical Protection (Relief Devices ) 4. E/E/PE safety-related 3. Alarms & Operator Intervention 2. Basic Process Control System 1. Process Protection Layers: 1,2,3,4,5 Mitigation Layers: 6,7,8,9

TS2 PSS SIL Determination Methodology – LOPA Risks arising from dangerous failures in the process & in the BPCS Target Risk Demands F3 Risk Risk reduction achieved by Conditional Modifiers Risk reduction achieved by Other Risk Reduction Measures Risk reduction achieved by SIS/SIF

TS2 PSS SIL Determination Methodology – LOPA Risks arising from dangerous failures in the process & in the BPCS Target Risk Demands F3 Risk Risk reduction achieved by Conditional Modifiers Risk reduction achieved by Other Risk Reduction Measures SILs 4 3 2 1

TS2 PSS SIL Determination Results Low Demand (demands <1/yr) SIFs High Demand (demands >>1/yr) SIFs SIF ID SIF Description Risk Target (/yr) PFD Target SIL Target TS2PSS_SIF01 Emergency switch-off 1.0E-6 2.8E-2 SIL 1 TS2PSS_SIF02 Intrusion interlock 1.0E-3 SIL 2 TS2PSS_SIF05 Waveguide interlock 3.3E-5 SIL 4 TS2PSS_SIF06 High radiation interlock TBC SIF05 – IE 0.1/yr, occupancy 30%, no other IPLs; shutter switch, controlled access to bunker, etc. SIF06 – IE (design issue?? – redesign, limit power, exclusion zone, etc.) SIF ID SIF Description Risk Target (/hr) PFH Target SIL Target TS2PSS_SIF03 Key switch interlock 1.1E-10 3.7E-6 SIL 1 TS2PSS_SIF04 Personnel access door lock 1.1E-7 SIL 2

TS2 PSS Initiating Events Analysis ETA – Failure to remove waveguide (NEW) Proposed changes (1 additional layer): shutter switch, control room feedback, independent check, controlled access during RF testing

TS2 PSS SIL Determination Results – Updated for TS2PSS_SIF05 Low Demand (demands <1/yr) SIFs High Demand (demands >>1/yr) SIFs SIF ID SIF Description Risk Target (/yr) PFD Target SIL Target TS2PSS_SIF01 Emergency switch-off 1.0E-6 2.8E-2 SIL 1 TS2PSS_SIF02 Intrusion interlock 1.0E-3 SIL 2 TS2PSS_SIF05 Waveguide interlock 3.3E-5 SIL 4 3.3E-4 SIL 3 TS2PSS_SIF06 High radiation interlock TBC SIF05 – IE 0.1/yr, occupancy 30%, no other IPLs; shutter switch, controlled access to bunker, etc. SIF06 – IE (design issue?? – redesign, limit power, exclusion zone, etc.) SIF ID SIF Description Risk Target (/hr) PFH Target SIL Target TS2PSS_SIF03 Key switch interlock 1.1E-10 3.7E-6 SIL 1 TS2PSS_SIF04 Personnel access door lock 1.1E-7 SIL 2

Initiating Events Analysis Route map TS2 Risk Assessment Initiating Events Analysis SIL Determination SRS SIL Verification

TS2 PSS SRS (ESS-0288460) Safety Requirements Specification (SRS) for TS2 PSS SIFs Inputs Results from SIL Determination Requirements from IEC 61511 ConOps Outputs SRS (ESS-0288460), used for Design and engineering SIL Verification (ESS-0478596) To confirm the design meet SIL targets from SIL Determination Subsequent safety lifecycle stages FAT, SAT, commissioning, operation, maintenance, etc.

Initiating Events Analysis Route map TS2 Risk Assessment Initiating Events Analysis SIL Determination SRS SIL Verification

TS2 PSS SIL Verification 1oo1 PLC vs 1oo2 PLCs Low Demand SIFs High Demand SIFs SIF ID PFD Target SIL Target PFD ach’d (1oo1) Arch. (1oo1) PFD ach’d (1oo2) Arch. (1oo2) TS2PSS_SIF01 (e-switch off) 2.8E-2 SIL 1 2.0E-4 SIL 2 1.9E-4 TS2PSS_SIF02 (intrusion) 1.0E-3 4.9E-5 4.2E-5 TS2PSS_SIF05 (waveguide) 3.3E-5 SIL 4 5.9E-4 SIL 3 3.1E-4 TS2PSS_SIF06 (radiation) TBC SIF ID PFH Target SIL Target PFH ach’d (1oo1) Arch. (1oo1) PFH ach’d (1oo2) Arch. (1oo2) TS2PSS_SIF03 (key switch) 3.7E-6 SIL 1 2.5E-8 SIL 2 2.4E-8 TS2PSS_SIF04 (door lock) 1.1E-7

Questions? Thank you for your attention!

Backup slides Proposed changes (1 additional layer): shutter switch, control room feedback, independent check, controlled access during RF testing

TS2 PSS Initiating Events Analysis (ESS-0468688) Inputs TS2 Risk Assessment (ESS-0488867) (hazard identification and analysis) TS2 PSS Concepts of Operations (ConOps) (ESS-0304995) TS2 PSS Assumptions and Technical Details (ESS-0508222) Outputs List of initiating events (IEs) and associated hazards requiring PSS protection, and their frequencies List of high level safety requirements for TS2 PSS List of TS2 PSS safety functions (SIFs in IEC 61511 terms)

TS2 PSS SIL Determination (ESS-0288441) Safety Integrity Level determination for TS2 PSS SIFs Inputs TS2 PSS Initiating Events Analysis (ESS-0468688): list of SIFs list of IEs and frequencies List of Independent Protection Layers (IPLs) ConOps Assumptions and Technical Details Outputs SIL targets for SIFs Safety Requirements Specification (SRS) (ESS-0288460)

TS2 PSS SIL Verification (ESS-0478596) To verify that the design meets the SIL targets Inputs SIL Determination (ESS-0288441) results Outputs SIL Verification (ESS-0478596) Updated SRS (ESS-0288460) with SIL Verification results Method Fault Tree Analysis (FTA) Reliability Block Diagram (RBD)

TS2 PSS Initiating Events Analysis ETA – TS2 operation inadvertently started

TS2 PSS Initiating Events Analysis ETA – ODH

TS2 PSS SIL Verification RBDs TS2PSS_SIF01, emergency switch-off button TS2PSS_SIF02, intrusion interlock

TS2 PSS SIL Verification RBDs TS2PSS_SIF03, key switch interlock TS2PSS_SIF04, personnel access door lock

TS2 PSS SIL Verification RBDs TS2PSS_SIF05, waveguide interlock TS2PSS_SIF06, high radiation interlock

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.