The ISA84 safety standard covers the activities involved in the design, operation and maintenance of safety instrumented systems (SIS)—from sensor through final element—used to improve the functional safety of volatile industrial processes. It is performance-based, complementing the NFPA85 standard’s prescriptive approach.
“A standard is a document that embodies requirements that, if not followed, could directly affect safety, interchangeability, performance and test results,” explained Farshad Hendi, functional safety director at Schneider Electric, who spoke, along with Muthiah Nagappan, safety instrumented systems lead, industrial control systems, at Phillips 66, about forthcoming updates to the ISA84 technical reports during this week’s Schneider Electric Innovation Talks for users of the company’s EcoStruxure Foxboro process automation systems and EcoStruxure Triconex safety systems.
Hendi distinguished between standards, which define what is required, and recommended practices, which are informative materials that explain how to meet these standards. “These change more frequently than standards,” he explained.
Technical reports discuss the hows of specific subjects within a standard, and ISA84 has seven of them:
-
02: SIL verification
-
03: automation asset integrity
-
04: guidelines for implementation (two parts)
-
05: burner management systems
-
06: safety fieldbuses (withdrawn)
-
07: fire and gas systems
-
08: wireless
-
09: security
Hendi and Nagappan focused on two specific technical reports: ISA TR84.00.02, Safety Integrity Level (SIL) Verification of Safety Instrumented Function (SIF); and ISA TR84.00.05, Guidance on the Identification of Safety Instrumented Functions (SIF) in Burner Managements Systems (BMS).
“Close to six years were spent on TR84.00.02,” said Nagappan. “It just passed the ballot and should be available in a month or two. It’s a great one-stop-shop reference for SIL calculations.” These can include metrics such as probability of failure on demand (PFD) and probability of failure on demand per hour (PFH).
“We have a consensus,” said Nagappan. “There’s a decision tree for PFH and PFD calculations based on mode of operation and automation asset integrity strategy.” This new technical report also includes examples of how to model devices such as motor controls and variable speed drives. “We have a way now that explains what the community recommends.”
While TR84.00.02 condenses usable examples for SIL verification, TR84.00.05 is more of a long-overdue update. “Technical report 5 was first published in 2009,” explained Hendi. “We only had NFPA then, and it wasn’t performance-based. We wanted to give guidelines for people to start using and embracing this performance-based standard. It wasn’t a goal to replace NFPA. This technical report is a complement to it.”
In 2018, the working group responsible for the TR84.00.05 report proposed to create a second edition, which is now close to publishing. “We updated system examples that align with the other standards,” explained Hendi. “NFPA had something new every five years. We needed to align ourselves with the standards revision time-line.”
Our editors are reporting live from the virtual events. Keep up-to-date with the latest news from the event here!
TR84.00.05 discusses different operation modes, including the pre-purging of burner management systems. “There was complexity in that we needed to define safety around these operation modes,” said Hendi. Going from prescriptive to performance-based safety, the group wanted to clarify the SIFs within the subtlety of the burner management system, making the technical report very heavy in the risk-management area, he explained.
“We wanted additional BMS-specific guidance related to each phase of the safety lifecycle where clarifications are warranted,” said Hendi, who stressed TR84.00.05 is an update from end users, based on lessons learned from attempting to apply the first edition of the technical report.
It includes guidance in addressing challenges with OEM-designed burner management systems and examples of hazard- and risk-analysis concept additions, such as hazards associated with low nitrous-oxide burners, effects of fuel-gas composition changes, continuous pilot used as an independent protection layer credit, flame impingement and burner plugging/fouling.
Updates to TR84.00.02 and TR84.00.05 should be published soon.