Thursday, June 27, 2013

How many different problems can you handle in a workday?

I currently have some problems with my spine. A month ago it was a pain just to sit down or to stand up. Then I went to a chiropractor. Now after half a dozen visits I am much better. Each visit is rather short, but it appears he schedule patients at 20 or 15 minute intervals. Which means, that during a normal workday he see between 20 and 30 patients or 3-4 patients per hour. This means that each hour the chiropractor deals with 3-4 unique problems. Why am I concerned with this? and what is the relation to process safety?

In recent years the process safety community have seen a new version of the EEMUA guide on alarm design and also a new ISA standard on alarms in the process industries. Both of these state that the maximum number of alarms an operator should handle in a workday should be less than 300 alarms per day, and that an acceptable number would be 150 alarms per day. That is equivalent to a maximum of 12 alarms per hour and an acceptable number of 6 alarms per hour. This means each hour the operator must solve 6 unique plant problems.

Now that we have the numbers let us compare. The workload of the plant operators in terms of unique problems to solve is 50-100% higher than that of the chiropractor. Do you think that is sustainable over a whole shift or over several shifts? I don't!

The EEMUA guidelines and the ISA 18.2 standard ask operators to handle one new problem every 10 minutes. I don't think process engineers can cope with this type of workload. So why do we believe that operators can?

My first process plant experience was with an integrated oil company in North America. The control room should be a quiet place for easy communication between the board operator, instrument technicians and field operators. The shift supervisor had a separate office. The logging printers were placed in a separate room. The only sound in the control room, which was not communication to or from the board operator was the sound of the coffee machine. In this environment the operator as far as I recall handled less than two alarms per hour!

At this plant a Honeywell PMX II process control computer was used together with TDC 2000. This made for very easy implementation of alarms both on computer control application points and on TDC 2000 image points. So the low number of alarms were not due to difficulty of implementation. The low number was due to management! No alarms on a TDC point was implemented without the process engineer specifying the required operator action. That turned out to be a very effective filter.

Now, that was 30 years ago or so. Since then there has been control room consolidation projects, control computer modernization projects, and many other project. I believe the control room also went from one board operator to two board operators during a normal shift. However, I don't believe the filter on alarm implementation has changed. - Oh, yes. These days a younger person have taken over.

Key to achieving the low number of alarms is in my view a well functioning system of primary control loops (flow, temperature, level) and secondary or supervisory control loops (quality, production) using best available technology.

Tuesday, June 11, 2013

Would you design a storage terminal using a checklist?

In the March issue of Hydrocarbon Processing Vinod Ramnath, who works for Aker Solutions in India publish an article titled "Key aspects of design and operation safety in offsite storage terminals". My first reaction was why distinguish between offsite storage terminals and other storage terminals? The design and operational safety issues should be the same - except for possibly the presence of in-house emergency responders at an onsite facility.

The article is 2½ pages long and start with an introduction which mention two major terminal accidents from the last 10 years: Buncefield in the United Kingdom on December 11th, 2005 and Jaipur in India on October 29th, 2009. The fire at Buncefield injured 40 people and burned for several days, but fortunately killed no one. It was head line news on TV stations across Europe, and the results of the investigation is still available on the Buncefield Investigation Homepage thanks to the UK government. The fire at Jaipur killed 12 people, injured more than 200 people and burned for more than a week, and unfortunately all we have is a wikipedia page. It was not mentioned on the TV stations in my country of residence.

After the accident descriptions the rest of the article are should do lists for
  • terminal design - prevention layers (that is a new term to me - what does it mean?)
  • basic control systems
  • alarms
  • safety instrumented systems
  • embankment
  • emergency responses
However, as far as I can see these lists are very general, and are pertinent for any storage facility for hydrocarbons. They are a good starting point for thinking about design of  a storage facility, but I don't think they are key aspects of such a design, nor are they key aspects of offsite design. So I really don't know the purpose of an article such as this one.

However, if each item on each one of the lists were supplemented with references to  the standard or standards relevant for that particular item, then indeed it would be a very valuable tool for design of any storage facility.