SIL Assessment (IEC 61508)

 

Burner Management Systems have been typically designed in the past through applying the prescriptive requirements contained in codes / standards such as BS 5885, EN676 and IGEM UP/12. These documents/procedures provide detailed guidance on the equipment required for the Burner Management System along with the logic necessary for the burner to safely proceed through its start-up sequence to a run condition

 

These codes /standards do not address different risk levels associated with a Burner Management Systems and their associated plant.

 

New performance-based standards such as. IEC 61508, IEC 61511 apply to the design safety systems in general. These standards provide a set of criteria that must be met depending upon the risk reduction level required by the plant user.

 

The Dangerous Substances and Explosive Atmospheres Regulations (DSEAR)) have forced plant owners/users to prepare risk assessments for new and existing plant. Obtaining a SIL analysis is one way of quantifying risk levels to meet this regulation. This has led to SIL assessments being applied to both new equipment, under design or being supplied, and to existing equipment. The means of assessment may differ. existing equipment may well be assessed by “proven-in-use” historical data whereas new designs will require the use of predictive techniques.

 

IIEC 61508 provides guidelines to classify these systems by Safety Integrity Levels (SIL levels). Four SILs can be defined according to the risks associated with the system requirements with SIL4 being assigned to the highest risks. The standard adopts a risk based approach to calculate the required SIL, which represents the Probability of Failure on Demand of the system in question.

 

The newly revised IGEM SR/15 also offers guidance applied for safety-related systems used in the gas industry, which contain a programmable element. Often referred to as Programmable Electronic Systems (PES) In practice, PESs consist of both electronic hardware and software code which provides the safety control functionality.

 

A SIL level can be predicted for new equipment but it also required to address the risks associated with a given facility.

 

For instance, if a boiler or other gas plant, were located next to a control room, which was staffed 24-hrs/day or in plant room within an occupied building, the risk to personnel, is significantly greater than if it was located in a remote unoccupied area of a factory. The hazard we may need to address is an explosion in boiler which could lead to a fatality of an operator or persons adjacent to the plant

 

Possible scenarios:

 

A flammable input into the boiler (faulty start up)

 

Rich fuel firing at start up or running.

 

The designer can address some safety issues by installing specific safety interlocks depending upon the physical characteristics of the firing

system and the type of fuel.

 

Burner Management Systems can ensure safe operation by:

 

Establishment of the appropriate start permissives for fuel firing

 

A pre- purge of the combustion chamber.

 

Establishment of the permissives prior to the ignition fuel (valve proving)

 

Proof of satisfactory ignition and flame establishment

 

Continuous monitoring of the firing conditions and key operating parameters.

 

Emergency shutdown of portions or all of the firing equipment when required.

 

 

A Safety Integrity assessment reviews the hazards, develops a fault tree including equipment failure/ human error and establishes a maximum tolerable risk and will assess whether this is met by the system in question.

 

Global Energy Associates Ltd are able to offer specific services for carrying our DSEAR surveys for gases, dust or chemical explosive atmospheres and for the provision of risk assessment reports with SIL assessments for new and existing plant, where required.