Resources
Doubling Up On Safety
Submitted by Emerson
Adding two solenoid valves to your Safety Instrumented System keeps your equipment, facility and personnel safe and your system online.
In the context of the overall oil refinery, exercising the solenoid valve might not be at the top of your priority list. But the reality is all valves experience stiction if they remain inactive for too long. Although periodic exercise is crucial for any valve, the stakes are higher when it comes to the solenoid: if this valve experiences stiction-related failure, the Emergency Shutdown valve won’t be able to stop the flow of toxic, flammable or even explosive fluids—leading to possible catastrophe. Though critical for valve maintenance, the problem with exercising the solenoid valve is that it may introduce some downtime. Fortunately, there’s a simple and easy solution.
In this paper, we’ll explore a two-solenoid safety methodology that lets you exercise your solenoid valve online—protecting your plant, improving uptime and enabling you to better adhere to functional safety requirements.
SIS typically consists of the following components:
In many SIS applications, the solenoid valve remains energized in the open position during normal operation. (Note: This indirectly acknowledges energize to trip applications.) Should the system detect overpressure or other dangerous conditions, however, the valve moves to the closed position — activating the ESD valve to stop the process flow. But despite its critical role in ensuring the safety of the facility, equipment and nearby personnel, the solenoid valve rarely gets used. In fact, it can remain in the same position for months or even years — increasing the chances that it will fail to close on command. The biggest perpetrator of this failure is stiction.
In a typical solenoid valve, O-rings remain in direct contact with the chamber walls—creating a seal while the plunger is in motion. Therefore, the plunger must first overcome the stiction between the O-rings and walls in order to move. If the valve is at rest for an extended period of time, however, the stiction increases beyond its normal level until the forces generated by the solenoid coil can no longer overcome it—preventing the valve from properly closing. Add to this mix the presence of water and oil, both of which can create a sticky residue inside the valve.
Because the chance of stiction increases incrementally over time, infrequent testing raises the valve’s probability of failure on demand (PFD). Even without changing the architecture of your valving, more frequent testing will reduce stiction—lowering the average PFD (see Figure 1).
In addition to the potentially life-threatening safety concerns, including the risk of fires or explosions, solenoid valve failure in an emergency situation has vast productivity implications—especially if it leads to a plant shutdown. Not only would this scenario significantly disrupt your uptime, but you could potentially incur significant downtime costs.
The solution, fortunately, is simple: by adding a second solenoid valve to the design of your ESD valve, you can test each solenoid individually. You can even program your controller to run periodic tests automatically, preventing valve stiction, lowering the average PFD and avoiding plant accidents—all without ever taking your system offline.
Installing a second solenoid valve isn’t timeconsuming. Nor is it mechanically complex. Emerson even offers a pre-packaged solution: our Redundant Control System (RCS) is a proven pilot valve system that has no single point of failure and provides built-in redundancy and diagnostics to optimize your plant’s safety and reliability—all while maximizing uptime. The RCS incorporates a 2oo2D architecture and consolidates many components — including a maintenance bypass switch, pressure switches and redundant solenoid valves—into one easy-to-configure package that meets critical safety requirements.
Over the years, SIS architecture has evolved to increase overall safety and improve process reliability—but each emerging solution had its advantages and disadvantages:
1oo1—This basic architectural design features only one single element.
1oo2—This design adds redundancy for better safety. Although it reduces the average PFD, it does increase the Spurious Trip Rate (STR), in which failure of either solenoid valve will trip the system.
2oo2—This architecture adds redundancy for better process reliability. Although it reduces the STR, it increases the average PFD.
2oo3—This design adds advanced redundancy for better safety and process reliability, while reducing both the STR and average PFD. Because this architecture involves more components, however, it leads to higher I/O requirements, increased power consumption and more complexity.
2oo2D—The RCS features 2oo2D—one of the newer architectures that incorporates diagnostics for improved safety and high process availability. Its fault-tolerant design has no single point of failure and provides a much lower STR than 1oo2 and 2oo3 architectures.
Over the years, SIS architecture has evolved to increase overall safety and improve process reliability—but each design has its advantages and disadvantages when it comes to the average PFD and STR.
Some of the benefits of this redundant system include:
“The architecture of the RCS allows you to achieve very high safety and reliability,” says Dr. Summers. “And by designing it into the manifold, you can also eliminate many sources of maintenance errors—which further improves the reliability of your installation.”
Many industries, including oil and gas, rely on functional safety—which is outlined by the IEC 61508 standard. Not only must equipment operate correctly in response to its inputs, but it must be able to detect potentially dangerous conditions and activate corrective mechanisms to prevent fires, explosions or other hazardous events from arising. For the IEC 61508 standard, four Safety Integrity Levels (SILs) are defined, with SIL 1 being the least dependable and SIL 4 being the most dependable. Two aspects of assessment according to this standard include systematic capability and random failure capability, which is based on the type of element, average PFD and architecture.
With its low STR and average PFD, the RCS is your best solution for meeting functional safety requirements in critical applications, as it provides high safety and reliability in one package. Thanks to its automatic diagnostic testing capabilities, its average PFD numbers are in the SIL 3 range, enabling the system to be used in even the most stringent safety application.
If you'd like to speak to one of Valin's technical specialists call (855) 737-4716, or fill out our online form.
In the context of the overall oil refinery, exercising the solenoid valve might not be at the top of your priority list. But the reality is all valves experience stiction if they remain inactive for too long. Although periodic exercise is crucial for any valve, the stakes are higher when it comes to the solenoid: if this valve experiences stiction-related failure, the Emergency Shutdown valve won’t be able to stop the flow of toxic, flammable or even explosive fluids—leading to possible catastrophe. Though critical for valve maintenance, the problem with exercising the solenoid valve is that it may introduce some downtime. Fortunately, there’s a simple and easy solution.
In this paper, we’ll explore a two-solenoid safety methodology that lets you exercise your solenoid valve online—protecting your plant, improving uptime and enabling you to better adhere to functional safety requirements.
The Role Of The Solenoid Valve
The Emergency Shutdown (ESD) block valve is part of the final element in a Safety Instrumented System (SIS), which is required by law on any equipment processing hazardous chemicals. While the Basic Process Control System is designed to prevent incidents by way of process alarms and operator intervention, the SIS provides an additional layer of protection to both prevent and mitigate the effects of potential danger.SIS typically consists of the following components:
- Sensors, which measure process parameters, including pressure, temperature, flow, level and gas concentration.
- Logic solvers, or controllers that read the signals from the sensors and execute preprogrammed actions to prevent or mitigate a process hazard.
- Final elements, which bring the process to a safe state. In addition to the ESD valve, they can include a pneumatic, electric or hydraulic actuator and solenoid valve.
In many SIS applications, the solenoid valve remains energized in the open position during normal operation. (Note: This indirectly acknowledges energize to trip applications.) Should the system detect overpressure or other dangerous conditions, however, the valve moves to the closed position — activating the ESD valve to stop the process flow. But despite its critical role in ensuring the safety of the facility, equipment and nearby personnel, the solenoid valve rarely gets used. In fact, it can remain in the same position for months or even years — increasing the chances that it will fail to close on command. The biggest perpetrator of this failure is stiction.
The Dangers Of Solenoid Valve Neglect
“Mechanical devices, like the human body, work well when they’re regularly exercised,” explains Dr. Angela Summers, President of SIS-TECH Solutions. “When you don’t exercise the valve, you’re increasing the potential that it could stick — which could prevent the valve from closing when it needs to.”In a typical solenoid valve, O-rings remain in direct contact with the chamber walls—creating a seal while the plunger is in motion. Therefore, the plunger must first overcome the stiction between the O-rings and walls in order to move. If the valve is at rest for an extended period of time, however, the stiction increases beyond its normal level until the forces generated by the solenoid coil can no longer overcome it—preventing the valve from properly closing. Add to this mix the presence of water and oil, both of which can create a sticky residue inside the valve.
Because the chance of stiction increases incrementally over time, infrequent testing raises the valve’s probability of failure on demand (PFD). Even without changing the architecture of your valving, more frequent testing will reduce stiction—lowering the average PFD (see Figure 1).
In addition to the potentially life-threatening safety concerns, including the risk of fires or explosions, solenoid valve failure in an emergency situation has vast productivity implications—especially if it leads to a plant shutdown. Not only would this scenario significantly disrupt your uptime, but you could potentially incur significant downtime costs.
The Redundant Control System: A DoubleSolenoid Solution
Periodically testing your solenoid valve serves two mechanical purposes: it prevents stiction and, at the same time, proves it isn’t there to begin with. Bringing the valve through a single cycle is all you need to do: de-energize the solenoid coil so the valve fully closes, and then re-energize the coil again to return the valve to the open position. But as simple as it is, cycling the solenoid requires you to take your SIS offline—causing downtime. For many plant owners, this disruption to productivity outweighs the threat of hypothetical catastrophe.The solution, fortunately, is simple: by adding a second solenoid valve to the design of your ESD valve, you can test each solenoid individually. You can even program your controller to run periodic tests automatically, preventing valve stiction, lowering the average PFD and avoiding plant accidents—all without ever taking your system offline.
Installing a second solenoid valve isn’t timeconsuming. Nor is it mechanically complex. Emerson even offers a pre-packaged solution: our Redundant Control System (RCS) is a proven pilot valve system that has no single point of failure and provides built-in redundancy and diagnostics to optimize your plant’s safety and reliability—all while maximizing uptime. The RCS incorporates a 2oo2D architecture and consolidates many components — including a maintenance bypass switch, pressure switches and redundant solenoid valves—into one easy-to-configure package that meets critical safety requirements.
Architectural Constraints and Considerations
Over the years, SIS architecture has evolved to increase overall safety and improve process reliability—but each emerging solution had its advantages and disadvantages:1oo1—This basic architectural design features only one single element.
1oo2—This design adds redundancy for better safety. Although it reduces the average PFD, it does increase the Spurious Trip Rate (STR), in which failure of either solenoid valve will trip the system.
2oo2—This architecture adds redundancy for better process reliability. Although it reduces the STR, it increases the average PFD.
2oo3—This design adds advanced redundancy for better safety and process reliability, while reducing both the STR and average PFD. Because this architecture involves more components, however, it leads to higher I/O requirements, increased power consumption and more complexity.
2oo2D—The RCS features 2oo2D—one of the newer architectures that incorporates diagnostics for improved safety and high process availability. Its fault-tolerant design has no single point of failure and provides a much lower STR than 1oo2 and 2oo3 architectures.
Over the years, SIS architecture has evolved to increase overall safety and improve process reliability—but each design has its advantages and disadvantages when it comes to the average PFD and STR.
Some of the benefits of this redundant system include:
- Automated online testing. This feature, which allows you to detect 98% of dangerous failure points, includes solenoid valve and partial stroke tests, as well as continuous monitoring and diagnostic feedback from pressure switches. No bypassing is required.
- Easy online maintenance. You can replace the solenoid valves, coils and pressure switches quickly and easily with no process interruption.
- No nuisance trips. Thanks to its fault-tolerant, redundant solenoid valve architecture, the RCS has no single point of failure that could lead to unplanned closure of the process valve.
- Stainless-steel construction. The system’s optional 316L stainless-steel valves and pressure switches are suitable for use in corrosive environments, such as the Gulf Coast, where oil and gas equipment is regularly exposed to salt, humidity and fluctuating temperatures.
- High safety availability. The RCS is SIL 3-certified and meets IEC 61508:2010 requirements for functional safety.
“The architecture of the RCS allows you to achieve very high safety and reliability,” says Dr. Summers. “And by designing it into the manifold, you can also eliminate many sources of maintenance errors—which further improves the reliability of your installation.”
Following Functional Safety Guidelines
Many industries, including oil and gas, rely on functional safety—which is outlined by the IEC 61508 standard. Not only must equipment operate correctly in response to its inputs, but it must be able to detect potentially dangerous conditions and activate corrective mechanisms to prevent fires, explosions or other hazardous events from arising. For the IEC 61508 standard, four Safety Integrity Levels (SILs) are defined, with SIL 1 being the least dependable and SIL 4 being the most dependable. Two aspects of assessment according to this standard include systematic capability and random failure capability, which is based on the type of element, average PFD and architecture.With its low STR and average PFD, the RCS is your best solution for meeting functional safety requirements in critical applications, as it provides high safety and reliability in one package. Thanks to its automatic diagnostic testing capabilities, its average PFD numbers are in the SIL 3 range, enabling the system to be used in even the most stringent safety application.
If you'd like to speak to one of Valin's technical specialists call (855) 737-4716, or fill out our online form.
Printer-friendly versionA lesson for me is that I need to involve you earlier in the program.
You were tireless in your support and it will not be forgotten!