Home | About ICEweb | Acronyms | Actuators | Alarm Management | Analysers | Books | Burner Management | Can Open | Charges | Control | Choke Valves | Control Valves | Condition & Machine Monitoring | Composite Valves | Coriolis Flow | Corrosion | Data Comms | Data Loggers | EX Web | Education | Electrical Web | Emission Monitoring| Employment | Enclosures | Fieldbus | Fire & Gas | Fittings | Flow | Forum | Foundation Fieldbus | Fuzzy Logic | HART | Hazardous Areas | Health and SafetyHeat Tracing & Bundles | HIPPS | Humidity | Hydraulics | ICEnews | Industrial Ethernet | Instrument | Instrument Enclosures,Sunshades & Supports | Instrument Valves & Access | Laser Instrumentation | Level | Links | Manufacturing and Automation Safety | Modbus | Motion Control | Multiphase Flow | New | Networks | News | New Technology | Oxygen Analysers | Oil in Water Analysers | Optical Fibre Instrumentation | PH Measurement| Profibus | Pressure | Pressure Regulators | Pressure Relief Valves | Register | Rupture Discs | Safety Instrumented Systems | Samplers | Sample Systems | Security | Severe Service Valves | Shutdown/ESD Valves | Simulators | Solenoids| Suppliers | Surge & Lightning | Technical Information | Terminals | Temperature | Test And Calibration | Tools | TubingUltrasonic Flow | Valveweb | V-Cone Flow | Wireless | Wish List | Contact ICEweb |

Whilst every effort is made to ensure technical accuracy of the information supplied on iceweb.com.au, Keyfleet Pty Ltd and its employees accept no liability for any loss or damage caused by error or omission from the data supplied. Users should make and rely on their own independent inquiries. By accessing the site users accept this condition.

Burner Management Systems

Have a question on or need to purchase quality Burner Management Systems? Our Sponsors Triconex are Experts in this area!
Contact them here. 
Photo from TRICONEX User Conference, Werribee, 2002

Invensys is the only automation company with the experience and track record in Safety and Critical Control as demonstrated by its 28 years of experience in safety systems, in excess of 8,000 installed systems, the only approved Nuclear Regulatory Commission Commercial Off-The-Shelf controller for Nuclear 1E Applications, large number of TÜV Certified Functional Safety Engineers deployed worldwide and patented TMR technology. Invensys' safety and critical control Tricon™ and Trident™ platforms have the ability to provide a wide variety of critical applications including Emergency Shutdown, NFPA85 certified for Burner Management, NFPA72 and EN54 certified for Fire and Gas and Turbomachinery Control and Protection Systems. Triconex Systems have been installed on many Onshore / Offshore Oil and Gas Facilities and Power Industries.

Tricon - The Tricon is a State-of -the-Art Fault Tolerant Controller based on a Triple-Modular Redundant (TMR) Architecture - It was the first completely triple-redundant, industrially ruggedized and cost-effective system in the industry and our most trusted safety controller.TMR employs three isolated, parallel control systems and extensive diagnostics integrated into one system. The system uses two-out-of-three voting to provide high integrity, error-free, uninterrupted process operation with no single point of failure. For details on key benefits and capabilities click here.
Trident - Based on proven Triconex Triple Modular Redundant (TMR) technology, Trident is designed to fit small applications where, until now, price concerns had kept processes tied to the operating restrictions of dual and simplex architectures. Trident breaks through the budget barrier and provides customers with a powerful, cost-effective solution and an alternative control strategy to maximize both high reliability and high availability applications. For details on applications, key benefits and capabilities click here.


Burner Management Systems (BMS) Articles, Technical Papers, Multimedia and Applications from Triconex

Standards Compliance and User Requirements for Industrial and Utility Boiler Control Systems - Dr. Issam Mukhtar & Geoff Rogers - AS61508 and AS61511 standards for Safety Instrumented Systems have been accepted by Australia as best practice engineering for general applications and as a basic requirement by the Energy Safety Authorities for “type B” appliance application approvals of gas fired plants. Considerations of multi-fuelled multiple-burner systems. This paper outlines Premier Consulting Services experience in implementing the standards on Industrial and Utility Boilers, Process Heaters, Furnaces and Gas Turbine applications, with and without Heat Recovery Steam generators. Issues and challenges in complying with AS3814/NFPA85 and AS61508 /61511 are also discussed highlighting some recommendations. Issues to consider when selecting and maintaining control system hardware and software. There are references to Australian Case studies on boilers, furnaces, gas turbines. This paper was originally presented at IDC Boilers Conference, Perth November 2008.
A Typical Burner Management Control Panel Layout - This drawing shows how a typical Burner  Management Control Panel may be laid out.
The Hidden Costs of Successful Safety - Luis Duran - This article describes many of the hidden costs and side effects associated with safety instrumented systems (SISs), especially those embedded with distributed control systems (DCSs). It covers some of the safety-related questions users need to ask their DCS vendors, even though many suppliers don’t want to answer them. Thanks to www.controlglobal.com 
*
Ten Truths of Safety Instrumented Systems - Selection and design of safety systems is not trivial, and it never has been. Operating companies in the process industries must face compliance with new safety standards such as IEC61508 and IEC61511, while implementing safeguards that provide asset protection without disrupting asset utilization or compromising production targets. What are the fundamental selection criteria for safety and critical control equipment? What key principles must be clarified in order to ensure successful selection and implementation of the system? Thanks to www.controlglobal.com
When a SIL Rating is not Enough - Robin McCrea-Steele, TÜV FSExp Invensys-Premier Consulting Services - SIL rating is a measure of the risk reduction capability and probability of failure-on-demand. It measures only the "Fail Safe" nature of the device and should not be the primary or sole measurement considered when selecting a safety system.
*
Quality of a SIS has a Direct Impact on Plant Performance - Quality isn't always implemented the same way by every company. Quality Assurance procedures differ between vendors, regardless of product compliance with safety standards and certifications. Nevertheless, a vendor must make sure that their SIS performs to the intended specification.
*
Many Companies will sell you a Safety System, but few are able to Address Your Specific Needs - Operating companies in the process industries that are pursuing regulatory compliance represent tremendous potential for any manufacturer that offers some form of process control technology or automation. Many such manufacturers are scrambling to ensure their products offer some level of compliance for use in safety applications. Unfortunately, while most of these "new" products offer solutions for the fail safe side, only a few of them can address the need for safety and process uptime simultaneously.
*
IEC61511 states that SIS Users must show Competence in Functional Safety - When it comes to Safety Instrumented Systems (SIS) logic solvers, the process industry reached a consensus in specifying that the equipment be third party certified to meet IEC 61508 parts 2 and 3. Most Process plant require that SIS certification be issued by TÜV, recognizing this lab as the safety systems "Mark," even when safety standards don't mandate certification of SIS equipment by any specific testing lab.What should be the process industry consensus around the personnel responsible for the design and implementation?
*
Your SIS should Protect Your Plant for its Lifecycle - Production assets are built to last, and even when the investment is planned for a 20-year lifetime, additional investments frequently extend their life beyond the original design specification. Few safety systems can extend their lifecycle and enhance their capabilities over the complete lifetime of the production asset. A Safety Instrumented system should quietly provide year after year of safe and extremely reliable performance in mission critical applications. Its performance should be consistent and the user should not have to think about them very often.
 
Integrating Control and Safety - Where to Draw the Line - Robin McCrea-Steele, TÜV FSExpert - New digital technology now makes it feasible to integrate process control and safety instrumented functions within a common automation infrastructure. While this can provide productivity and asset management benefits, if not done correctly, it can also compromise the safety and security of an industrial operation. This makes it critically important for process industry users to understand where to draw the line. Cyber-security and sabotage vulnerability further accentuate the need for securing the Safety Instrumented System (SIS).
Dual SIS Technologies do not cost less than TMR; They almost always Cost More -Many companies advertise their Dual SIS technology (1oo2D (Dual), 1oo2DR (Dual Redundant), 2oo4D) as a lower-cost alternative to Triple Modular Redundant (TMR) systems. This is an unfortunate misrepresentation of the capabilities of Dual SIS architectures. Dual PLCs in a 1oo2 (1 out of 2) configuration were the initial solution of choice for "fail safe" applications, but they cannot overcome an inherent problem with false trips.
Is a TÜV Certificate Enough? - Robin McCrea-Steele, TÜV FSExp - SIS vendors advertise their TÜV certification, but rarely tell you about their implementation and operational restrictions - Most safety system vendors focus on how the system performs when it is healthy, but don't talk much about what happens when an internal failure is diagnosed; worst case, the entire system shuts down. Each SIS vendor must provide clear information on factors that might impair system performance, such as the system's implementation, specific programming or configuration requirements, module or architecture choices, and operational restrictions.
*
Given a Choice, the Implementation and Installation of your SIS should not be Entrusted to Strangers - Choosing an SIS implementer can be as important as choosing the product itself. No matter how well the system is designed or manufactured, failures are likely to occur if the implementation team is not following proper procedures, is not experienced, or lacks adequate technical qualification for the tasks they must perform.
What is the Importance of Third Party Certification and SIL rating of SIS devices? - Luis Duran - Based on the growing number of safety certified devices or systems in the automation marketplace, these are the times of Functional Safety Certification, especially in the process industries. However as basic as it might sound, is there a “one-size-fits-all” certification process? Or how useful is that “certified equipment” for your application? From the reasons that gave birth to third party certification agencies through the remaining fundamental need for their work today, the questions to answer are: what is the end user getting with the certification?; how can the end user benefit by utilizing certified equipment?; why this might be better than using “proven in use” equipment as defined by IEC61511? This paper presents a practical perspective to understanding certification and selecting and applying certified devices or systems while deploying a safety instrumented system, and highlights what else remains to be done by the implementation team and end users to fulfil the requirements of current safety standards as IEC61511 and best engineering practices.
Why is Conforming to Safety Standards Important? - Compliance to National and International safety standards is enforceable if the standards are listed or referenced in the country's legislation. These references are sometimes called "good engineering practices." The Occupational Safety and Health Administration (OSHA) USA law and the Australian Occupational Health and Safety (OHS) are examples of this legislation. Other countries e.g. Germany and the UK are required to adopt IEC-61508 /61511 when applying safety instrumented systems to process hazards.
Why should Process Safety Engineers be Certified?  - The typical answer to this question is initially very defensive. Certified to what? By whom? Who mandates certification of plant personnel? Why? What does this buy me?
Duke Power Upgrades Oconee Nuclear Station Turbine with a Digital Control System from Invensys Operation Management - Safe operation is the top concern of nuclear plants and reliability is a cornerstone of safety. Over thirty years ago, when most of the nation’s nuclear plants were commissioned, analog control systems were state of the art and ensured plant reliability. Analog control systems presented certain constraints, if a component failed under normal wear and tear, the entire system would be shut down. This would add risk and cost hundreds of thousands of dollars a day in downtime. Marlon Dempsey, Instruments and Controls Engineer, said, "We found that our analog turbine control system was one of the top three causes of trips and transients, primarily because its components presented a single point of failure. We knew that introducing more redundancy at key points would enhance reliability considerably and found that digital technology could provide that redundancy while at the same time reducing the cost of downtime."After evaluating alternative turbomachinery control solutions, Duke Energy began implementing a fault-tolerant control system from Invensys Operations Management, contributing to safe and reliable plant operations.
Tofino for the Triconex Safety System - Walt Boyes of Control magazine talks with Eric Byres of Byres Security and Joe Scalia from Invensys Operations Management about the introduction of a custom Tofino for the Triconex Safety System.
7.11High Security Integration Using OPC - Joe Scalia and Eric Byres - While control system manufacturers, integrators and end users were happily deploying OPC in their plants and factories, security researchers-- and the hacking community-- began noticing snakes in this network Garden of Eden. The first and most often quoted in the popular press was that OPC Classic’s underlying protocols, namely DCOM and RPC1, can be vulnerable to attack from virus and worms.
6.11 Safety Considerations Guide - This guide provides information about safety concepts and standards that apply to the version 2.x Triconex® General Purpose System however there is some really useful information contained in Chapters 1 and 2.
7.11Redundant OPC Connections to your Triconex System - Triconex Safety PLCs are known for their redundancy. Maintaining that level of redundancy when connecting to the process control layer can be a challenge. MatrikonOPC’s Server for Triconex enables you to maintain redundancy even at the OPC level. Not only can the OPC Server for Triconex handle redundant NCM connections, it is also the world’s only Achilles Certified OPC Server (cyber-security tested by Wurldtech). The MatrikonOPC Server for Triconex provides high-speed read and write access to the Triconex Tricon and Trident. The server supports all available point types, full communication redundancy and fail-over when a connection goes down. The server can communicate via the new TCM (Triconex Communications Module), and the NCM (Network Communications Module), with no DCOM issues.


TÜV Functional Safety Engineer (FSEng) Training 

The Invensys Premier Functional Safety Engineering course, in cooperation with TÜV Industrie Service GmbH provides the training your organization needs to meet compliance requirements. Dates for courses can be found here.


6.11 Burner Management System Standards

The following is an edited copy of a blog by Emerson Process Management Systems, it covers the subject really well; 
In prior posts on safety and regulatory standards and burner management functional safety, it was highlighted that some of the developments in standards for burner management systems (BMS). These include:

In addition to the standards listed above, there are even more standards, guidelines, and recommended practices that apply to burner management systems. BMS-related standards, guidelines, and recommended practices are published by National Fire Protection Association (NFPA), International Society of Automation (ISA), American Petroleum Institute (API), European Committee for Standardization (CEN), and FM Global (FM) organizations. Here are a few examples:

The various BMS standards all serve the same purpose-they tell a process manufacturer how to avoid situations where dangerous failures could occur and they describe what to do when any of these situations are detected:

The standard process manufacturers choose to follow will be based on regulatory requirements, company policy, plant location, familiarity of standards, insurance requirements, and/or specific BMS application (e.g., boiler, furnace, type of fuel, etc.)

Chuck Miller noted that different BMS standards could also be used together, at the same time. For example, a prescriptive standard such as NFPA 85 can be used with a performance-based standard such as IEC 61511, and each standard has its own merits. In fact, one may bolster the value of the other to ensure best practices are being used for safety lifecycle management.

Chuck stresses that it’s also important to remember that product/system “certification” really means, “certified for use“, in a particular application. While this indicates that a system can meet the requirements of these guidance documents, the installer still has the challenge of configuring the necessary functionality. In addition, acceptance of the system and confirmation that the system does in fact meet the requirements typically lies with the local jurisdictional authority.

Andy Crosland summed up his views by pointing out that there are hazards associated with potential problems with fire-heated equipment, and the purpose of a BMS is to keep the equipment and personnel safe. Specific hazards for each burner, fuel, etc. should be analyzed and have appropriate protection measures applied.

IEC 61511 provides a framework for evaluating these hazards and implementing safety instrumented system (SIS) safeguards to protect against them. Prescriptive BMS standards provide requirements that state specifically what must be done. The prescriptive requirements can be used as the basis for the safety requirement specification in the IEC 61511 safety lifecycle management process.

The original full text blog can be found  at Safety Standards and Burner Management Systems 


6.11 Burner Management Systems Definitions, Abbreviations and Acronyms

λS : Rate of Safe failures (1/t)

λD : Rate of Dangerous failures (1/t)

λSd : Rate of Safe failures, detected (1/t)

λSu : Rate of Safe failures, undetected (1/t)

λDd : Rate of Dangerous failures, detected 

(1/t)λDd : Rate of Dangerous failures, undetected (1/t)

λDd : Rate of Dangerous detected failures (1/t)

λDu : Rate of Dangerous undetected failures (1/t)

ESD : Emergency Shut Down

 

Fault-Tolerant : A SIS or part of a SIS is considered as being fault-tolerant, if it continues to perform its safety functions in spite of the presence of one (or more) dangerous failures.

FMEA : Failure Mode Effect Analysis

FSM : Functional Safety Management

 

HIP(P)S : High Integrity (Pressure) Protection System

IEC : International Electrotechnical Commission

IEC 61508 : Functional safety of electrical/electronic/    programmable electronic safety-related systems

IEC 61511 : Functional safety- Safety instrumented systems for the process industry sector

PFDAVG : Average Probability of Failure on Demand

PLC : Programmable Logic Solver

SFF : Safe Failure Fraction: SFF = (λS+λDd)/(λS+λDd+λDu)

SIF : Safety Instrumented Function

SIL : Safety Integrity Level

SIS : Safety Instrumented System

SRS : Safety Requirements Specification

TMR : Triple Modular Redundant

 

Functional Safety Terms and Acronyms Glossary - exida - This list of functional safety terms and acronyms has been compiled from a number of sources listed at the end including the IEC 61508, IEC 61511 (ISA84.01) standards. It is meant to provide a general reference for engineers practicing safety lifecycle engineering in the process industry. As such it provides both safety and related non-safety term definitions in a clear useable form. It specifically highlights the most important terms and acronyms from the safety lifecycle standards with working level definitions. The reader is encouraged to pursue IEC 61508 or IEC 61511 for additional definitions and for additional information on applying the safety lifecycle to the process industry.


Other Burner Management System Links

6.11SIL Application in Burner Management Systems - A Case Study -Thermal Burner- Jorge Sanchez - Boiler, furnaces and other burning equipments are considered as high-risk areas within the Process Industry. This is due to extreme operating conditions and processing of hazardous materials resulting in wide safeguarding measures being applied to prevent accidents. One of the best known and widely accepted technical solutions concerns the use of safety-related systems implemented through PES technology. New risk-based standards published in recent years control the design of these technical solutions. They include technology-oriented requirements with their ‘adequate’ implementation and the ‘fit-to-purpose’ tailoring of the equipment. However, to obtain functional safety this approach demands more management, competency and planning than the prescriptive requirements of original codes. This paper presents a case study about the identification of safety functions. It includes lifecycle activities carried out to achieve functional safety requirements and comply with the original approach for Burner Management Systems - thanks to IDC
6.11Burner Management – A Straightforward Approach for Typical Systems - David Sheppard - This powerpoint presentation covers the Purpose  of a BMS, Why one should implement BMS in a SIS, State Transition Approach to BMS Design and reviews an example Design of a typical BMS System - From Emerson Process Management
6.11Selecting Safety System Designs - Charles M. Fialkowski - It would be pretty easy to understand how process facilities operate at many different levels of risk depending on how and what they’re processing. In addition, there are also many different methods for designing safety instrumented systems to address this risk. Questions regarding which technology should be used – hard-wired relay, pneumatic or programmable; what level of redundancy is appropriate – single, dual or triple; and how often should the system be tested – monthly, quarterly, yearly or once per shutdown – are being asked by users and engineering firms alike. Debate continues as to how one even makes these choices (past experience, qualitative judgment, quantitative analysis, etc.) - from Seimens
6.11 Flame Safety - Christopher Filoon - Whether your plant has a heater, thermal oxidiser, sulphur recovery unit, incinerator, cracking furnace, waste gas boiler or any other type of combustor, one question remains: how well are your investments protected? The National Fire Protection Association (NFPA) Standard 86 and similar international standards partially address this concern by requiring flame scanning on burners and start-up burners for combustors firing up to 1,400°F (760°C)1 to help protect plant equipment and personnel. Flame scanners detect the presence or absence of a burner’s flame in order to provide an input for a burner management system to determine the state of the burner’s fuel valve – but how safe are the flame scanners supervising the burner’s combustion? - from Coen Company, Inc.
6.11Flame Safety - Many Industries burn large qualtities of hydrocarbon fuels to heat a wide range of materials. the most important consideration in the operation of combustors is safety - from Coen Company, Inc.
6.11Safety Controls and Burner Management Systems (BMS) on Direct-Fired Multiple Burner Heaters - Safety controls on direct-fired heaters have continuously evolved over the recent past, and the evolution has accelerated over the last five years. This has been due to the introduction of government legislation which actively enforces the application of existing codes. Although some detailed and prescriptive guidelines have been around for many years, the rate and degree of adoption varies significantly within the industry. Most operating companies have their own “standard”, which may still vary from facility to facility. In addition to this, for each installation, it is not unusual for adjacent heaters built two years apart to have a different BMS design, simply because different engineering contractors built them. With increasing government legislation and regulations as well as mounting lawsuits for accidents in which applicable codes and guidelines have not been adhered to, it is important to review the BMS requirements for both existing and new heater installations - from Born Heaters Canada Ltd.
6.11Microprocessor Based Burner Management Systems (BMS) - The National Fire Protection Association (NFPA) publishes national standards for safety systems. For boiler burner management systems, the applicable standard is NFPA 85: "Boiler and Combustion System Hazards Code". This document details specific requirements for devices used in burner management system logic. These requirements are addressed in this data sheet - from Micromod.

Upgrade Boilers with Energy Efficient Burners
, an interesting article from the US department of energy gives tips on how to save energy.

Introduction & Background to IEC 61508
  - Ron Bell - Over the past 25 years there have been a number of initiatives worldwide to develop guidelines and standards to enable the safe exploitation of programmable electronic systems used for safety applications. In the context of industrial applications (to distinguish from aerospace and military applications) a major initiative has been focussed on IEC 61508 and this standard is emerging as a key international standard in many industrial sectors. This paper looks at the background to the development of IEC 61508, considers some of the key features and indicates some of the issues that are being considered in the current revision of the standard. Thanks to crpit.com

Combustion Safety for Furnace Operation
- This article provides an overview of the requirements of NFPA Standard 86 with an emphasis on the theory of combustion safety as it applies to any type of combustion device, especially a direct-fired furnace- from www.industrialheating.com

Boiler Safety Intuition - Diagnosing Boiler Problems Sometimes Takes all the Senses
- John  R Puskar - This very interesting article gives some great tips on how to identify when your BMS is not working too well - from www.combustionsafety.com

Center for Chemical Process Safety
- The Global Community Committed to Process Safety - CCPS is a not-for-profit, corporate membership organization within AIChE that identifies and addresses process safety needs within the chemical, pharmaceutical, and petroleum industries. CCPS brings together manufacturers, government agencies, consultants, academia and insurers to lead the way in improving industrial process safety.

Guidelines help identify SIFs in Burner Management Systems
- Is your BMS an SIS? How do you ID SIFs in your BMS? - Sound like the latest text messages on your teenager’s mobile phone? To some perhaps, but for those involved in functional safety and safety instrumented systems (SIS) in the process industries, these questions need no translation and demand serious answers—many of which are to be presented a new ISA (International Society of Automation) technical report from the Burner Management System (BMS) Working Group under ANSI/ISA 84.00.01-2004 (IEC 61511 Mod) Functional Safety: Safety Instrumented Systems for the Process Industry Sector - from Seimens.

Successful Multi-Technology NOx Reduction Project Experience at New England Power-Salem Harbour Station
from Babcock Power - This paper presents the successes and lessons learned during low NOx burner and SNCR projects on generating units at New England Power’s Salem Harbor Generating Station.
  

NOx Reduction with Improvement in Plant Efficiency
- from Foster Wheeler - Texas Municipal Power Agency (TMPA) personnel developed a plan to lower NOx emissions at the Gibbons Creek plant as much as possible with only combustion modifications. This plan was to reduce NOx emissions without selective catalytic reduction (SCR). Gibbons Creek, a 480 MW unit, has reduced its NOx average from 0.35 lb/mmBtu to less than 0.12 lb/mmBtu for the 4th quarter of 2002, while at the same time improving unit operation and performance. Fuel delivery deficiencies were corrected, to provide balanced delivery to each burner. New low NOx burners, and separated over fire air was installed. Equipment to dynamically measure fuel flow and air flow to each burner level, and SOFA, was installed. After upgrades to the DCS system, a neural net system was implemented to adjust boiler firing while maintaining NOx and CO. This paper describes the methodology used, the equipment installed and the results of the performance testing.


The following links are compliments of Pilz    
Programmable Safety and Control Systems for Use in Burner Control - Adam Hallinan -There are many BMS systems running today which do not comply with current standards. They are either using non approved standard PLC’s or antiquated relay based control systems. Not only is the potential failure to danger a risk to man and machinery but even non dangerous sporadic failures can be difficult to fault find and lead to costly down time. Programmable safety and control systems (PSS) suitable for use in BMS have been available for well over 10 years now. These controllers can identify any dangerous failures before they create a hazardous situation, and also provide a level of diagnostics to minimise downtimes. By taking the I/O into the field, large distributed applications with many burners can be accommodated economically with minimum install time, and also safely.
Safe firing - Optimised Hardware and Software for Burner Management - Today’s modern burner controls for commercial and industrial gas and oil firing systems do more than just start the burner safely. They monitor and control all functions from ignition of the ignition burner through to the operating position of the main burner – all on the basis of the standards EN 298 and EN 230.
Programmable and Networkable Burner Management Systems- A Case Study
Safety systems for Burner Management
Paper Tank farms and Burner Management


Excellent BMS Information follows from A E Solutions http://www.aesolns.com

Case Study: Safety Instrumented Burner Management System (Si-Bms) - This case study discusses the application of the Safety Lifecycle as defined by ANSI / ISA 84.00.01-2004 (IEC 61511 mod) to two (2) single burner multiple fuel boilers.
Industry Update BMS ISA04-P280 - This paper explores the current trends in the market place and the industrial process control industry in general with respect to Burner Management Systems and their relationship to Safety Instrumented Systems. The concept of a Safety Instrumented Burner Management System is introduced and explained in detail.
Safety Instrumented Burner Management Systems – Requirements For The Paper Industry - Bud Adler/ Michael D. Scott - What most of the companies do not yet realize is that all safety critical processes must be analysed and their potential risk determined. It has come as a surprise to many that Burner Management Systems (BMS) associated with fired devices in the pulp and paper industry such as, dryers, kilns, thermal oxidizers, power boilers and black liquor recovery boilers are all defined as Safety Instrumented Systems (SIS) if they contain sensors, a logic solver and a final control element according to ANSI/ISA 84.01. Additionally, FM Approval Standard 7605 requires that PLC based BMS must comply with IEC 61508. This paper explores the requirements for conformance to ANSI/ISA 84, IEC 61508, IEC 61511, NFPA 85, NFPA 86 and BLRBAC guidelines.
What is the Safety Integrity Level of my existing BMS? - Michael D. Scott, P.E./  Iwan van Beurden / David Cochran - Many facilities have existing legacy Burner Management Systems that utilize a General Purpose Safety Configured PLC as the logic solver. Most of these systems were installed prior to the development and finalization of ANSI/ISA 84.01, IEC 61511 and / or IEC 61508. This paper discusses the issues, decisions, and challenges encountered when attempting to apply the concepts of the Safety Lifecycle per ANSI/ISA 84.01, IEC 61508 and / or IEC 61511 to the design of an existing BMS for a single burner natural gas fired installation. In addition, development of a Markov model for a General Purpose Safety Configured PLC, identification of some typical BMS Safety Instrumented Functions (SIF) and subsequent Safety Integrity Levels (SIL) determination are discussed in detail.
Burner Management System  Safety Integrity Level  Selection
- Michael D. Scott - This paper discusses how quantitative methods can be utilized to select the appropriate Safety Integrity Level associated with Burner Management Systems. Identifying the required amount of risk reduction is extremely important especially when evaluating existing legacy Burner Management Systems. Selection of an overly conservative Safety Integrity Level can have significant cost impacts. These costs will either be associated with increased Safety Instrumented System functional testing or complete removal / upgrade of the existing Burner Management System. In today’s highly competitive business environment, unnecessary costs of any kind cannot be tolerated.
Standard's use spreading, but confusion still surrounds Fire and Gas Systems - Kimberly A. Dejmek and Richard Skone - Consistency is the hallmark of any great organization or process. When it comes to fire and gas systems (FGSs), consistency is not a desired goal; it is a must. But since the promulgation of ISA S84.01 in 1996, there has been confusion surrounding the treatment of fire and gas systems. Some believe that the standard excludes coverage in fire and gas systems, while others prepare FGS specifications that require compliance with ANSI/ISA S84.0.01-1996. This has led to inconsistency in the approach between and within operating companies - from the ISA and InTech
Safety Instrumented -Fire and Gas Systems
- A neat presentation from the ISA and InTech
A Database Approach to the Safety Life Cycle  - Michael D. Scott/Ken O’Malley - A systematic database approach can be used to design, develop and test a Safety Instrumented System (SIS) using methodologies that are in compliance with the safety lifecycle management requirements specified in ANSI/ISA S84.01. This paper demonstrates that through a database approach, the design deliverables and system configuration quality are improved and the implementation effort is reduced.


We thank HIMA for the following high quality technical papers.
Integration of Burner Automation into the Safety System - The Combustion Engineering Centre at BASF AG commissioned HIMA to install a safety related automation system for the burner controller in its thermal exhaust cleaning plant at the Ludwigshafen production facility. The plant operator decided to install the combustion plant’s regulating and control equipment in one compact, centralised system and to replace the conventional burner controller with a safety-related automation solution.
Integration today - Integration solutions - For years people have been discussing the subject of “integration” in automation technology. There are a variety of solutions available for the integration of safety and control systems. Provided the right decision is made you can take advantage of all the opportunities and potential synergies of integration, long-term.
Boiler Management Systems for Queen Mary 2 - The Queen Mary 2 is a luxury liner of superlatives, and the world’s longest passenger ship. Two H41q controllers from HIMA Paul Hildebrandt GmbH + Co KG are installed in its new systems for heating the fuel and the hot water system, which Saacke GmbH has supplied for the Queen Mary 2. The two safety-related controllers act as a boiler management system, guaranteeing dependable operation and functional safety for the application.
Next Generation Safety Controller Maximizes Availability for Demanding Process Applications - The nemesis of all continuous processes is unplanned stoppage resulting from controls malfunction, equipment failure, or operator error. System availability can be improved significantly through the use of redundant control architectures – especially those that allow hot-swapping or on-the-fly program changes. Modern process safety solutions provide comprehensive diagnostics that help users to recognize safety-critical situations and act quickly and accordingly to avoid unnecessary system shutdowns. This paper from ARC highlights why companies should invest in process safety.
Complete Burner Automation with Safety Controllers-A new solution for simple single and multi burner arrangements through to complex BMS applications, e.g. for power plants, waste incineration plants or processing plants.
Functional Safety: A Practical Approach for End-Users and System Integrators- Tino Vande Capelle,Dr. M.J.M. Houtermans - The object of this paper is to demonstrate through a practical example how an end-user should deal with functional safety while designing a safety instrumented function and implementing it in a safety instrumented system.
Modern 2oo4-Processing Architecture for Safety Systems-Prof. Dr.-Ing. habil. Josef Börcsök -This paper provides an overview of two out of four system architecture and associated considerations. 
Safety Bus Systems -Prof. Dr.-Ing. habil. Josef Börcsök - Modern distributed control systems are connected via bus systems, which need effective and uninterrupted communication between all subscribers. Therefore it is necessary for these communications to be fault tolerant and safe. For safety related systems, additional safety layers are required to fulfil these requirements.
Introduction in Safety Bus Systems-Prof. Dr.-Ing. habil. Josef Börcsök - This paper discusses how modern distributed control systems are connected via bus systems, and need effective and uninterrupted communication between all bus stations. Therefore it is necessary that these communications are fault tolerant and safe. 
Safety Critical Software-Prof. Dr.-Ing. habil. Josef Börcsök -This paper discusses the methodical analysis of hardware architectures used in safety-related applications. It provides an excursus on a safe computer system’s software technology and specifies the overview in greater detail.
Safety Systems -Prof. Dr.-Ing. habil. Josef Börcsök - This technical paper gives an excellent overview of Safety Systems covering development history, the fundamental considerations required, fault avoidance basis and measurement, fault control basis, along with external influences such as environmental demands, electromagnetic, mechanical and climatic considerations.
Comparison of PFD calculation -Prof. Dr.-Ing. habil. Josef Börcsök - This paper discusses the compares calculation methods.
Sharing Control & Safety Instruments-Are your layers overlapping?-Dirk Schreier - Since its release as an Australian standard in July of 2004, AS61511 is rapidly being accepted and applied on Safety Instrumented Systems throughout the process industry. Principles such as independence between control and protective instruments have existed for many years; however they continue to often be overlooked even with the introduction of this standard.
Risk Prevention and Mitigation-Where does gas detection fit in?-Dirk Schreier - It is quite common in today's process industry to see the terms fire and gas (F&G). These terms have been used hand in hand for many years and are also combined when referring to applications involving safety-instrumented systems. This article challenges the thinking behind this concept and demonstrates that although fire systems and gas detection systems both reduce risk; their methods are actually quite different.
Legal Implications in Australia for Companies and Individuals under “Industrial Manslaughter”-Dean McNair - There has been a lot of discussion in Australia recently over proposed new occupational health and safety (OH&S) legislation which will include the provision to prosecute corporations and individuals under industrial manslaughter laws. State and territory governments are enacting these new laws in response to workplace deaths in the hope that it will force company directors and senior executives to improve the safety cultures within their organisations.
Safety standard IEC 61508 - Consequences for automation technology and implementation at HIMA -This white paper provides an overview of IEC 61508 and how HIMA have addressed it's requirements.
SIL Assessments -Identification of Safety Instrumented Functions-Dirk Schreier - Since its release as an Australian standard in July of 2004, AS61511 is rapidly being accepted and applied on Safety Instrumented Systems throughout the process industry. AS61511 is a performance based standard with a risk-based approach to safety. Performance based standards are by nature very open to interpretation, and therefore allow for more than just one analysis technique. Some of the techniques currently applied in industry have some shortfalls in achieving the objective of the standard. This article looks at some common problems encountered during the analysis phase of the AS61511 safety lifecycle.
Communication with SafeEthernet -Franz Handermann- The application of SafeEthernet paves the way for the open automation- and network systems of the future.
Safety Considerations
Dr. Josef Börcsök,-Statistical evaluation of HIMA systems in the context of IEC 61508. This article contains the first comprehensive description of IEC 61508-compliant calculation of errors in safety-related systems in general and describes how relevant values for the H41q/H51q systems currently available from HIMA can be calculated. 
Critical Aspects of Safety, Availability and Communication in the control of a subsea gas pipeline- Requirements and Solutions - This is a large zipped file of 2.5 Meg so will take a while to download,  however it is worth it as shows safety related satellite communication
Integrated safety controllers with safeethernet - By combining the world's fastest safety controllers "HIMatrix" with the world's fastest safety bus "safeethernet", HIMA is creating a hitherto unknown level of flexibility for safety-related automation. This flexibility is the basis for the development of new potential. The current system limits of safety-related automation concepts are disappearing, paving the way for truly application-based safety solutions. This creates new potential for increasing productivity and reducing the total costs for safety technology.


Specific Australian Burner Management System Regulations

Guidelines for Approval of Industrial Gas Appliances (Type B Appliances) in Western Australia- Director of Energy Safety, Office of Energy, Western Australia


Looking for more safety related information?  Try ICEweb's Safety Instrumented Systems or Manufacturing Safety pages