Incident Learning: Addressing the Functional Safety Life Cycle Requirements in PDO

The complete lifecycle of Safety Instrumented Functions (SIFs) in process industry should be well managed to achieve the right level of risk reduction. The lifecycle phases in accordance to IEC60511 can be broadly divided in to Analysis, Realization and Operation. Normally, the main focus is on the Analysis phase wherein Safety Integrity Levels(SILs) are determined, Probability of Failure on Demand (PFD) is calculated to arrive at the optimum design, and Safety Requirement Specification is developed for detailed design. However, the rest of the phases in the lifecycle are not addressed with the same vigor. The lesser attention given to later phases of safety lifecycle worsen the PFD calculated in design phase and keeps safety systems vulnerable to failures. When failures become certain, incidents happen and can lead to catastrophic effects. During a vessel level high-high (LZHH) demand in PDO, the inlet valves (two in series) failed to close leading to carry over of liquid hydrocarbon to the flare stack that led to liquid release from flare in a form of fire balls. The incident investigation revealed that even though required risk reduction levels were achieved in design by installing two valves in series, the rest of the Safety Instrumentation lifecycle phases were not rigorously adhered to resulting in the incident. In this paper the Authors endeavor to present various actions taken by PDO in order to make sure that what is designed, is operated and maintained as intended and in the process fulfilling the SIF lifecycle requirements.