Setting a new Standard for Performance, Safety, and Reliability with ISA-18.2
Alarm Management affects both the bottom line and plant safety. A well- functioning alarm system can help a process run closer to its ideal operating point – leading to higher yields, reduced production costs, increased throughput, and higher quality, all of which add up to higher profits. Poor alarm management, on the other hand, is one of the leading causes of unplanned downtime and has been a major contributor to some of the worst industrial safety accidents on record.
Changing the practices and procedures used in the plant has become easier and more important with the June 2009 re- lease of a new ISA standard on alarm management. The ISA-18.2 standard, which provides a blueprint for creating a safer and more productive plant, is ex- pected to be adopted by regulatory agencies (such as OSHA in the U.S. and the la- bour ministries in Canada) and insurance agencies as “good engineering practice”. This article will provide an introduction to the new standard and discuss how it will affect the process industry.
Good alarm management is a journey
Alarm management is not a one-time activity, rather it is a process that requires continuous attention. The new ISA-18.2 standard “Alarm Management for the Process Industries” provides a framework for effective alarm management following a lifecycle approach, which is similar in many respects to the process safety standard ANSI/ISA-84.00.01-2004 Part 1 (IEC 61511-1 Mod).
The key activities of alarm management are executed in the different stages of the lifecycle. The products of each stage are the inputs for the activities of the next stage.
The usual starting point in the alarm lifecycle is the development of an alarm philosophy document. It defines the stan-dards for how your site or company will perform alarm management through all phases of the lifecycle. It should contain the rules for classifying and prioritizing alarms, for using colour to indicate an alarm in the HMI, and for managing changes to the configuration. It should also establish key performance bench marks, such as the acceptable alarm load for the operator (average number of alarms / 10 min). For new plants, the alarm philosophy should be fully defined and approved before commissioning.
Identification and Rationalization
When it comes to alarms, more is not better. The purpose of Identification and Rationalization is to find the minimum set of alarms that are needed to keep the process safe and under control. Rationalization involves reviewing and justifying potential alarms to ensure that they meet the requirements and definition of an alarm.
Alarm: An audible and/or visible means of indicating to the operator an equipment malfunction, process deviation, or abnormal condition requiring a response.
Rationalization also involves documenting each alarm’s priority, classification, limit, cause, consequence, and corrective action in a Master Alarm Database.
Poor design and configuration prac- tices are a leading cause of alarm management issues such as “nuisance” and “stale” alarms. Following the recommendations in the standard can go a long way to eliminating and preventing com- mon alarm issues.
Alarm design includes basic alarm design, setting parameters like the alarm deadband or off-delay time, advanced alarm design, using process or equipment state to automatically suppress an alarm, and HMI design, displaying the alarm to the operator so that they can effectively detect, diagnose, and respond to it. During the design stage, the information contained in the Master Alarm Database (such as alarm limit and priority) is used to configure the system.
Implementation, Operation, and Maintenance
The standard describes the practices and procedures for putting an alarm into operation, working with it, and taking it out of service for repair, replacement, or testing. Requirements and recommendations for training and testing are defined, as well as the tools that should be made available to the operator for working with alarms (such as alarm shelving). The standard describes the procedures that must be followed to take an alarm out of service, including documenting why an alarm was removed from service, the details concerning interim alarms, spe-cial handling procedures, as well as what testing is required before it is put back into service.