EmmanuelTop
Chemical
- Sep 28, 2006
- 1,237
I have come across one interesting subject that I have never experienced before in my career, and I would like to hear your opinion on this topic, particularly from those people having a hands-on experience with such systems.
Someone came up with an idea to provide an Automatic Restart Function (ARF) of all electrically-driven motors in the plant (pumps, fin-fans, lube oil systems, hydraulic systems etc.) in cases when power supply grid voltage falls below the minimum value and causes electrical motors to trip - but only if the voltage dip is shorter than 4 seconds (reason for such timing is unknown to me) and the grid voltage is restored within that time. This software system operates completely independently from DCS and IPS (Instrumented Protective System), which is a big concern for me. Somehow, I didn't like the idea of automatic (or almost like uncontrolled) restart in the first place, and here are my queries/observations so far:
1. As completely independent from IPS/DCS, the Automatic Restart Function system has not been reviewed as such, through a dedicated expert study (at least not by Operations/Process) , and confirmed whether it will or can act against the IPS, or adversely affect its performance. This is my strongest argument against implementation of the ARF.
2. In case there is a permissive for equipment start/restart (and many pieces of equipment have permissive conditions embedded in the start-up logic), will those permissive be ignored by the Automatic Restart system? If yes, this is unacceptable from Safety and Reliability point of view. Tripping of equipment usually requires resetting/clearing/permissive action and if these will be ignored by the ARF, it is direct confrontation with equipment protection/plant safety. As a matter of fact, can the restart of any equipment from remote point be executed without clearing all permissive requirements?
3. In case of simultaneous power loss and – indirectly – the trip of hydraulically operated systems, are there any concerns with respect to interaction of fail-safe position of motor-operated or hydraulically operated valves, and the ARF function, assuming that the equipment will be restarted by the ARF and the valves remain in the position caused by voltage dip/power loss?
Do you have thoughts on this, and have you ever seen such system being functional in any of the existing plants, and what would be the prerequisites for its successful implementation?
Thank you in advance,
Someone came up with an idea to provide an Automatic Restart Function (ARF) of all electrically-driven motors in the plant (pumps, fin-fans, lube oil systems, hydraulic systems etc.) in cases when power supply grid voltage falls below the minimum value and causes electrical motors to trip - but only if the voltage dip is shorter than 4 seconds (reason for such timing is unknown to me) and the grid voltage is restored within that time. This software system operates completely independently from DCS and IPS (Instrumented Protective System), which is a big concern for me. Somehow, I didn't like the idea of automatic (or almost like uncontrolled) restart in the first place, and here are my queries/observations so far:
1. As completely independent from IPS/DCS, the Automatic Restart Function system has not been reviewed as such, through a dedicated expert study (at least not by Operations/Process) , and confirmed whether it will or can act against the IPS, or adversely affect its performance. This is my strongest argument against implementation of the ARF.
2. In case there is a permissive for equipment start/restart (and many pieces of equipment have permissive conditions embedded in the start-up logic), will those permissive be ignored by the Automatic Restart system? If yes, this is unacceptable from Safety and Reliability point of view. Tripping of equipment usually requires resetting/clearing/permissive action and if these will be ignored by the ARF, it is direct confrontation with equipment protection/plant safety. As a matter of fact, can the restart of any equipment from remote point be executed without clearing all permissive requirements?
3. In case of simultaneous power loss and – indirectly – the trip of hydraulically operated systems, are there any concerns with respect to interaction of fail-safe position of motor-operated or hydraulically operated valves, and the ARF function, assuming that the equipment will be restarted by the ARF and the valves remain in the position caused by voltage dip/power loss?
Do you have thoughts on this, and have you ever seen such system being functional in any of the existing plants, and what would be the prerequisites for its successful implementation?
Thank you in advance,
