| For those of you who have been entrusted with the | | | | hardware from the DCS. The same Instrument |
| task of selecting a safety instrumented system for | | | | engineer who maintained the instruments and controls |
| use in your plant, often run into a perplexing question. | | | | of this process plant, now had to be adept at both |
| Should I go for an integrated Safety Instrumented | | | | systems simultaneously. Plant modifications and |
| System, which will be totally different from my | | | | changes were a pain as any change had to be |
| Distributed Control system (or DCS for short)? Or | | | | implemented in both systems, with a lot of testing to |
| should I select one of the newer "integrated systems", | | | | ensure that the original interlocks and loops worked as |
| that comprise of both the Distributed Control System | | | | designed to. |
| and a Safety Instrumented System in one package? | | | | Making the two systems communicate with each |
| A Safety Instrumented System (or SIS) is a special | | | | other, also proved not so simple, since even after DCS |
| kind of control system that is used for the safety | | | | vendors had come out with open systems, the Safety |
| critical parts of process plants, turbo machinery, boilers | | | | Instrumented System vendors were reluctant to |
| and other machinery or equipment that has to be | | | | migrate to such systems, due to the extensive proof |
| controlled with a very high degree of reliability in order | | | | testing required to ensure that the "open" systems |
| to run it safely, as well as bring it to a safe state if | | | | were bug free. |
| something goes wrong. Emergency Shutdown | | | | Hence, most instrument engineers in these situations |
| Systems (ESD for short), can be considered a subset | | | | started wishing for a new deal, whereby both the SIS |
| of the SIS category of control systems. | | | | and the DCS could talk to each other seamlessly |
| On the other hand DCS (Distributed Control Systems) | | | | (even while remaining separate to conform to the |
| are those control systems that are used for normal | | | | standards) . Also, what if they could share a common |
| control and monitoring operations of process plants, oil | | | | engineering /programming platform as well? That |
| refineries, oil & gas production platforms, power | | | | would be the icing on the cake! |
| plants and so on. The DCS is the main system that | | | | The DCS vendors sensed this mood of the users and |
| measures, monitors and controls various process | | | | many of them came out with "integrated" DCS/SIS |
| parameters like flow, temperature, pressure and so on. | | | | systems, where the DCS and SIS controllers are |
| In standards related literature, this system is also | | | | different, but part of the same overall system. Some |
| referred to as the BPCS (short for Basic Process | | | | recent examples are Emerson's Delta V with SIS and |
| Control System). | | | | Siemens Safety Integrated system. These reportedly |
| In the view of the standards bodies (like IEC and ISA), | | | | have become popular, due to the fact that most of |
| these two systems have to be completely separate, | | | | these integrated systems have got third party (most |
| as these safety instrumented systems have to be | | | | commonly TUV) certificates for the SIS part, so users |
| dedicated to controlling only the safety critical parts of | | | | can have a worry free installation of these for safety |
| the plant .The ordinary DCS cannot be said to be | | | | critical applications. However, I have not yet seen any |
| robust, fail-safe and sure to operate the safety critical | | | | debate in the technical media, regarding this issue. Are |
| instruments at all times. This distinction between the | | | | these systems doing great, or are users now longing |
| DCS and SIS, led to separate markets for both types | | | | for the earlier separate DCS/SIS systems? I think we |
| of systems with separate suppliers for both, initially. | | | | need some more time and more data, to arrive at any |
| Thus companies like Triconex, HIMA, Pilz and ICS | | | | definitive conclusion. The advantages of an integrated |
| Triplex were the traditional vendors of these Safety | | | | DCS/SIS are obvious, as stated above. The |
| Instrumented Systems, whereas the BPCS or DCS | | | | disadvantages are somewhat less obvious. One |
| market belonged to the companies like Emerson, ABB, | | | | disadvantage is that if the SIS portion is really easy to |
| Honeywell, Yokogawa and Invensys. | | | | program, then there is a chance that unauthorized |
| This obviously, meant that now, if a plant had | | | | users (say a savvy DCS operator) might end up |
| instruments and controls that were designated as | | | | changing protected settings like interlock bypasses and |
| safety critical, it necessarily required a separate SIS; | | | | setpoints, which is really dangerous. Plus the thought of |
| the DCS would not do at all because of what the | | | | having an SIS with a standard "open" OS like |
| standards state. Thus now, one control room had two | | | | Windows, is rather uncomfortable, as the last thing one |
| control systems, completely different as chalk and | | | | wants is a system freeze during an emergency. |
| cheese. The SIS had separate power supply (or a | | | | Only time will tell, if the integrated SIS/DCS systems |
| UPS), separate panels, monitoring stations, separate | | | | were a better choice than the stand-alone SIS, as then |
| programming software and of course totally separate | | | | we would have enough data to have a balanced view. |