NAF Setball Ball Valves SIL Safety Manual

NAF Setball Ball Valves SIL Safety Manual
SIL SAFETY MANUAL
NAF Setball Ball Valves NFENDS4151-00-A4 05/15
NAF Setball Ball Valves
FCD NFENDS4151-00-A4 05/15
Experience In Motion
1
NAF Setball Ball Valves NFENDS4151-00-A4 05/15
Contents
1Introduction................................................................................................................... 3
1.1 Scope and purpose of the Safety Manual............................................................ 3
1.2 Skill level required............................................................................................... 3
1.3 Terms, abbreviations and acronyms.................................................................... 3
1.4 Product Support & Service.................................................................................. 4
1.5 Related Documents............................................................................................. 4
1.6 Reference standards............................................................................................ 4
2 Setball Ball Valve Description........................................................................................ 4
3 Designing a SIF using the Setball Ball Valve.................................................................. 4
3.1 Safety Function.................................................................................................... 4
3.2 Environmental limits............................................................................................ 4
3.3 Application limits................................................................................................. 4
3.4 Design Verification............................................................................................... 5
3.5 SIL Capability...................................................................................................... 5
3.5.1Systematic Integrity................................................................................... 5
3.5.2Random Integrity....................................................................................... 5
3.5.3Safety Parameters...................................................................................... 5
3.6 Connection of the Setball Ball Valve to the SIS Logic Solver............................... 5
3.7 General Requirements......................................................................................... 6
4 Installation & Commissioning....................................................................................... 6
4.1Installation........................................................................................................... 6
4.2 Physical location and placement.......................................................................... 6
4.3 Pneumatic Connections....................................................................................... 6
5 Operation & Maintenance.............................................................................................. 6
5.1 Proof Test requirement........................................................................................ 6
5.2 Repair and replacement....................................................................................... 6
5.3 Useful life............................................................................................................ 6
5.4 Notification of failures......................................................................................... 7
2
NAF Setball Ball Valves NFENDS4151-00-A4 05/15
1Introduction
1.1
Scope and purpose of the Safety Manual
This safety manual provides the information necessary to design, install, verify and maintain a Safety Instrumented
Function (SIF) utilizing the Setball Ball Valve. This manual provides necessary requirements to enable the integration of
the Setball Ball Valve when showing compliance with the IEC 61508 or IEC 61511 functional safety standards.
This Safety Manual indicates all assumptions that have been made on the usage of the Setball Ball Valve. If these
assumptions cannot be met by the application, the SIL capability of the Setball Ball Valve may be adversely affected.
1.2
Skill level required
System design, installation and commissioning, and repair and maintenance shall be carried out by suitably qualified
personnel.
1.3
Terms, abbreviations and acronyms
Basic Safety
Freedom from unacceptable risk of harm.
BPCS
Basic Process Control System - a system which responds to input signals from the
process, its associated equipment, other programmable systems and/or an operator and
generates output signals causing the process and its associated equipment to operate in
the desired manner but which does not perform any safety instrumented functions with
a claimed SIL ≥ 1.
Fail-safe State
State where solenoid valve is de-energized and spring is extended.
Fail Annunciation Detected
Failure that does not cause a false trip or prevent the safety function but does cause loss
of an automatic diagnostic and is not detected by another diagnostic.
Fail Annunciation Undetected Failure that does not cause a false trip or prevent the safety function but does cause loss
of an automatic diagnostic or false diagnostic indication.
Fail Dangerous
Failure that does not respond to a demand from the process (i.e. being unable to go to
the fail-safe state).
Fail Dangerous Detected
Failure that is dangerous but is detected as part of partial valve stroke testing.
Fail Dangerous Undetected
Failure that is dangerous and that is not detected as part of partial valve stroke testing.
Fail No Effect
Failure of a component that is part of the safety function but that has no effect on the
safety function.
Fail Safe
Failure that causes the valve to go to the defined fail-safe state without a demand from
the process.
FMEDA
Failure Modes, Effects and Diagnostics Analysis.
Functional safety
Part of the overall safety relating to the process and the BPCS which depends on the
correct functioning of the SIS and other protection layers.
HFT
Hardware Fault Tolerance.
Low demand
Mode of operation, where the frequency of demands for operation made on a safetyrelated system is no greater than twice the proof test frequency.
MOC
Management Of Change - specific procedures often done when performing any work
activities in compliance with government regulatory authorities.
3
NAF Setball Ball Valves NFENDS4151-00-A4 05/15
PFDAVG
Average Probability of Failure on Demand.
PVST
Partial Valve Stroke Test.
SFF
SIF
Safe Failure Fraction - fraction of the overall random failure rate of a device that results in
either a safe failure or a detected dangerous failure
Safety Instrumented Function - safety function with a specified SIL which is necessary to
achieve functional safety. Typically a set of equipment intended to reduce the risk due to a
specified hazard (a safety loop).
SIL
Safety Integrity Level - discrete level (one out of four) for specifying the safety integrity
requirements of the safety instrumented functions to be allocated to the safety instrumented
systems. SIL 4 has the highest level of safety integrity; SIL 1 has the lowest.
SIS
Safety Instrumented System - instrumented system used to implement on or more safety
instrumented functions. An SIS is composed of any combination of sensor(s), logic
solver(s), and final element(s).
1.4
Product Support & Service
Please refer to the contact information on the back cover of this document.
1.5
Related Documents
Hardware documents:
Fk 41.51GB, Setball Ball Valve Datasheet
Fi 41.51GB, Setball Maintenance and installation instructions
Guidelines/References:
FMEDA report - NAF 14/05-134 R002
1.6
Reference standards
IEC 61508-2: 2010, Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems
IEC 60654-1:1993-02, second edition, Industrial-process measurement and control equipment – Operating conditions –
Part 1: Climatic condition.
2
Setball Ball Valve Description
The NAF Setball Ball Valve series consists of a single piece body housing and a V-port ball sector. The ball sector has top
and bottom bearings for low operating torque, so that low-torque actuators can be used. The standard Stellite seat can
easily be converted to PTFE after turning the ball sector by 180 degrees, without the need to dismantle the valve
The NAF Setball Ball Valve is supplied as standard in stainless steel and is also available in other materials, such as,
CG8M, Titanium, etc. The valves are available in sizes from DN25 to DN500 (1 inch to 20 inch) in PN10 to PN40 and ANSI
pressure classes 150-300. Flanged versions are available over the full size range and wafer versions up to DN 200.
3
Designing a SIF Using the Setball Ball Valve
3.1
Safety Function
The safety function for the valve and the additional components in the subsystem is to move the valve to the safe position
(which can be either open or closed as required by the application) within the specified safety time when the system is
tripped.
3.2
Environmental limits
The designer of the SIF must check that the product is rated for use within the expected environmental limits, maximum
working pressure and temperature. Refer to the Setball Ball Valve datasheet for this information.
4
NAF Setball Ball Valves NFENDS4151-00-A4 05/15
3.3
Application limits
The materials of construction of a Setball Ball Valve are specified in the NAF AB Setball Ball Valve datasheet. It is especially
important that the designer of the SIF checks for material compatibility considering on-site chemical contaminants and
air/hydraulic (as appropriate) supply conditions. If the Setball Ball Valve is used outside the application limits or with
incompatible materials, the reliability data and predicted SIL capability becomes invalid.
3.4
Design Verification
A detailed Failure Modes, Effects and Diagnostics Analysis (FMEDA) report is available from NAF AB for this product. This
report details all failure rates and failure modes as well as expected lifetime of the product.
The achieved Safety Integrity Level (SIL) of an entire Safety Instrumented Function (SIF) design must be verified by the
designer via a calculation of PFDAVG considering the architecture, proof test interval, proof test effectiveness, any automatic
diagnostics, average repair time and the specific failures rates of all equipment included in the SIF. Each subsystem must
be checked to assure compliance with minimum Hardware Fault Tolerance (HFT) requirements. The exida exSILentia™
tool is recommended for this purpose as it contains accurate models for the Setball Ball Valve and its failure rates.
When using the Setball Ball Valve in a redundant configuration, a common cause factor of at least 5% should be included
in the safety integrity calculations.
The failure rate data listed in the FMEDA report is only valid for the useful lifetime of the Setball Ball Valve. The failure rates
will increase after this useful lifetime period has expired. Reliability calculations based on the data listed in the FMEDA
report for mission times beyond the lifetime may yield results that are too optimistic, i.e. the calculated SIL will not be
achieved.
3.5
SIL Capability
3.5.1 Systematic Integrity
The Setball Ball Valve has met manufacturer design process requirements of Safety Integrity Level (SIL) 3. These are
intended to achieve sufficient integrity against systematic errors of design by the manufacturer. A Safety Instrumented
Function (SIF) designed with this product must not be used at a SIL higher than the statement without “prior use” justification
by the end user, or verification of diverse technology in the design.
3.5.2 Random Integrity
According to IEC 61508 the architectural constraints of an element must be determined. This can be done by following
the 1H approach according to 7.4.4.2 of IEC 61508 or the 2H approach according to 7.4.4.3 of IEC 61508.
The 1H approach involves calculating the SFF for the entire element.
The 2H approach involves assessment of the reliability data for the entire element according to 7.4.4.3.3 of IEC 61508.
The Setball Valve is classified as a device that is part of a Type A element according to IEC 61508, having a hardware fault
tolerance of 0.
The Setball Valve can be classified as a 2H device when the failure rates listed in the FMEDA report are used for the
Design Verification calculations. When 2H data is used for all of the devices in an element, then the element meets the
hardware architectural constraints up to SIL 2 at HFT=0 (or SIL 3 @ HFT=1) per Route 2H. If Route 2H is not applicable
for the entire final element, the architectural constraints will need to be evaluated per Route 1H.
When the final element assembly consists of several components additional to Setball Ball Valve, the SIL must be verified
for the entire assembly using the failure rates of all components. This analysis must account for architectural constraints
by comparing both SFF and HFT with IEC61508-2, Table 2 if following Route 1H.
3.5.3 Safety Parameters
For detailed failure rate information refer to the FMEDA report for the Setball Ball Valve.
5
NAF Setball Ball Valves NFENDS4151-00-A4 05/15
3.6
Connection of the Setball Ball Valve to the SIS Logic Solver
The Setball Valve should be assembled with an actuator and logic solver where all components are safety rated. The
safety rated logic solver shall actively perform the safety function as well as automatic diagnostics (if any) designed to
diagnose potentially dangerous failures within the Setball Ball Valve, (i.e. partial valve stroke test).
3.7
General Requirements
The system and function response time shall be less than the process safety time. The Setball Ball Valve will move to its
defined safe state in less than this time with relation to the specific hazard scenario.
All SIS components including the Setball Ball Valve must be operational before process start-up.
The User shall verify that the Setball Ball Valve is suitable for use in safety applications by confirming the Setball Ball
Valve nameplate and model number is properly marked.
Personnel performing maintenance and testing on the Setball Ball Valve shall first be assessed as being competent to do
so.
Results from periodic proof tests and partial valve stroke tests (if any) shall be recorded and periodically reviewed.
The Setball Ball Valve shall not be operated beyond the useful lifetime as listed in paragraph 5.3 without undergoing
overhaul or replacement.
4
Installation & Commissioning
4.1
Installation
The Setball Ball Valve must be installed per the standard practices outlined in the Maintenance and Installation Instructions.
The environment must be checked to verify that environmental conditions do not exceed the ratings.
The Setball Ball Valve must be accessible for physical inspection.
4.2
Physical location and placement
The Setball Ball Valve shall be accessible with sufficient room for pneumatic connections to the actuator and shall allow
for manual proof testing to take place.
The Setball Ball Valve shall be mounted in a low vibration environment. If excessive vibration can be expected then special
precautions shall be taken to ensure the integrity of pneumatic connectors or the vibration should be reduced using
appropriate damping mounts.
4.3
Pneumatic Connections
Pneumatic piping to the valve actuator shall be kept as short and straight as possible to minimize airflow restrictions and
potential clogging. Long or kinked pneumatic tubes may also increase valve closure time.
Only dry instrument air filtered to 50 micron level or better shall be used.
The process air pressure shall meet the requirements set forth in the actuator installation manual.
The process air capacity shall be sufficient to move the valve within the required time.
5
Operation & Maintenance
5.1
Proof Test requirement
During operation, a low demand mode SIF must be proof tested. The objective of proof testing is to detect failures within
the equipment in the SIF that are not detected by any automatic diagnostics of the system. Of main concern are undetected
failures that prevent the SIF from performing its function.
Periodic proof tests shall take place at the frequency (or interval) defined by a SIL verification calculation. The proof tests
must be performed more frequently than (or as frequently as) specified in the SIL verification calculation in order to
maintain the required safety integrity of the overall SIF. Results from periodic proof tests and partial valve stroke tests (if
any) shall be recorded and periodically reviewed.
For detailed Proof Test information refer to the FMEDA report for the Setball Ball Valve.
5.2
Repair and replacement
Repair procedures outlined in the Maintenance and Installation Instructions must be followed.
5.3
Useful life
Based on general field failure data and a low demand mode of operation, a useful life period of approximately 10 to 15
years is expected for the Setball Ball Valve.
6
NAF Setball Ball Valves NFENDS4151-00-A4 05/15
For high demand mode applications, the useful lifetime of the mechanical parts is limited by the number of cycles. The
useful lifetime of the mechanical parts is > 10,000 full scale cycles or 8 to 10 years, whichever results in the shortest
lifetime.
5.4
Notification of failures
In case of malfunction of the system or SIF, the Setball Ball Valve shall be put out of operation and the process shall be
kept in a safe state by other measures.
NAF AB must be informed when the Setball Ball Valve is required to be replaced due to failure. The occurred failure shall
be documented and reported to Flowserve NAF representative or directly to NAF AB using the contact details on the back
cover of this safety manual.
7
NAF Setball Ball Valves NFENDS4151-00-A4 05/15
NAF AB
SE-581 87 Linköping
Sweden
Telephone:+46 13 31 61 00
Facsimile: +46 13 13 60 54
e-mail:[email protected]
Website: www.flowserve.com
www.naf.se
To find your local Flowserve representative
or for more information about Flowserve Corporation, visit
www.flowserve.com.
NFENDS4151-00-A4
Flowserve Corporation has established industry leadership in the design and manufacture of its products. When properly selected, this Flowserve product is designed to
perform its intended function safely during its useful life. However, the purchaser or user of Flowserve products should be aware that Flowserve products might be
used in numerous applications under a wide variety of industrial service conditions. Although Flowserve can (and often does) provide general guidelines, it cannot
provide specific data and warnings for all possible applications. The purchaser/user must therefore assume the ultimate responsibility for the proper sizing and
selection, installation, operation, and maintenance of Flowserve products. The purchaser/user should read and understand the Installation Operation Maintenance
(IOM) instructions included with the product, and train its employees and contractors in the safe use of Flowserve products in connection with the specific application.
While the information and specifications contained in this literature are believed to be accurate, they are supplied for informative purposes only and should not be
considered certified or as a guarantee of satisfactory results by reliance thereon. Nothing contained herein is to be construed as a warranty or guarantee, express or
implied, regarding any matter with respect to this product. Because Flowserve is continually improving and upgrading its product design, the specifications, dimensions
and information contained herein are subject to change without notice. Should any question arise concerning these provisions, the purchaser/user should contact
Flowserve Corporation at any one of its worldwide operations or offices.
© 2014 Flowserve Corporation, Irving, Texas, USA. Flowserve is a registered trademark of Flowserve Corporation.
flowserve.com
8
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement