Mobile Navigation

Environment, Health, Safety & Security

View Comments PDF

Don’t Let Your Disaster Plan Collect Dust

| By Joy LePree

According to the Federal Emergency Management Agency (FEMA; Washington, D.C.) there were 95 Federal disaster declarations in the year 2013 in the U.S. The state-by-state disaster statistics show even higher numbers of events, emergencies and disasters in 2013 for many states in the U.S.

For the same year, there were at least four major explosions at chemical plants, including the West Fertilizer explosion and fire in West, Tex., which killed 15; the Williams Olefins plant explosion and fire in Geismar, La., which killed two; the CF Industries fire and explosion in Donaldsonville, La., which killed one; and the Danlin Chemical Plant fire and explosion in Thomas, Okla., in which no one was injured, but the facility was destroyed.

Obviously, when serious disaster strikes at a chemical processing facility, the aftermath can be tremendous, not only for the employees, emergency responders and the financial health of the company, but also for the communities surrounding the facility. According to the U.S. Environmental Protection Agency (EPA; Washington, D.C.), about 480 chemical facilities in the U.S. each could put about 100,000 or more people at risk both in the plant and in the surrounding communities if the chemicals produced or stored were to be released during an accident or by terrorists.

For this reason, it is of the utmost importance that chemical processors have emergency response plans in place. The good news is that most of them do. The bad news is that in some facilities, the plans are created, placed in a series of binders and set on a shelf. The experts will tell you that preparing for disaster is not something that is done once and then left to collect dust. Rather, it is an active and ongoing process in which both plans and safety technologies are updated on a regular basis. Fortunately, as automation systems and software are improving, becoming more advanced and increasingly more user friendly, these technologies can help chemical processors transfer those dated plans into realtime, active safety systems and software packages that can help the plant and its personnel react much faster to prevent disaster or manage an emergency, should one occur.

Layers of protection

Automation solution providers work diligently to provide safety systems with the primary function of preventing incidents that may cause damage, pollution or injury. For example, safety instrumented systems (SIS) are designed to detect an out-of-control process and take automatic action to ensure that the process and the plant are returned to a safe state.

“To prevent disaster, we design safety in layers, each one of these layers is designed to perform independently, providing its own safety function, so when we talk safety and disaster prevention, we talk about ‘layers of protection,’” notes Pete Skipp, engineering manager of applied technology with Rockwell Automation (Milwaukee, Wisc.;

A common industry illustration shows the layers of protection (Figure 1). The lowest two layers show the areas of prevention provided by the control system and operator intervention. The next two layers demonstrate where technology kicks in to prevent significant disaster from occurring. There is an SIS layer, in which the system will shut the plant down should the process exceed safe conditions. If any or all three of these layers have succeeded, then serious threat has been prevented. However, it is possible that there has been some sort of accidental leak during this time or that something did not go according to plan, and additional layers of protection, such as fire and gas system technologies, are required to prevent further escalation, says Skipp.

Figure 1.  Providers of automation and safety systems suggest looking at “layers of protection” to ensure the highest level of safety

“In the event of flammable or toxic gas detection, or flame detection, the SIS automatically takes action, or notifies operators to take action, which activates suppression systems and notification appliances such as alarms, strobes and public address systems,” explains Patrick Seiler, director of Global Safety Instrumented Systems with Emerson Process Management (McKinney, Tex.;

In the area of “layers of protection,” Rockwell Automation offers both control and safety technology, providing all of the functionality required for efficient and safe operation of processes. Under that umbrella, designed specifically for process safety applications comes the AADvance system, which is a distributed, scalable architecture comprised of both a hardware controller and a software environment that allows the user to apply different levels of module redundancy as required by specific parts of the application (Figure 2). Trusted is the company’s triple modular redundant (TMR) controller, designed to provide maximum safety and availability in all circumstances. Trusted incorporates a fault-tolerant architecture to help eliminate spurious system trips and provide high availability as part of the inherent safety-related function.

Figure 2.  Designed specifically for process safety applications, the ADDvance system is a distributed, scalable architecture comprised of both a hardware controller and a software environment that allows the user to apply different levels of module redundancy as required by specific parts of their application

Figure 3.  The DeltaV SIS platform takes a modern approach to safety, implementing comprehensive safety loop diagnostics, which maximize safety integrity and process availability

In the same area, Seiler stated that Emerson released a new controller in 2013 and now has two SIS platforms that address the smallest applications but scale to address the largest, distributed applications. The DeltaV SIS platform (Figure 3) takes a modern approach to safety, implementing comprehensive safety loop diagnostics, which maximize safety integrity and process availability. The system can act as a standalone SIS solution with any third party distributed control system (DCS) using standard communication protocols, or as part of a DeltaV DCS installation. Whether standalone or integrated with the DeltaV control system, the DeltaV SIS continuously monitors transmitters through final elements of the safety equipment and transforms these data into information actionable by all stakeholders in the facility. The logic solver, certified to safety integrity level (SIL) 3, uniquely uses electronic marshalling technology to cost-effectively allow late project changes while also reducing installation, commissioning, lifecycle maintenance costs as never available before.

Figure 4.  Schneider Electric provides safety protection via the Triconex safety instrumented system, which controls emergency shutdown to help prevent disasters

Schneider Electric (Houston, provides safety protection via the Triconex safety instrumented system (Figure 4), which controls emergency shutdown, to help prevent disasters and also via its Foxboro Evo process automation system, which can help companies recover from disasters. The company also offers software that can help customers verify, validate and generate safety requirements. “The software helps visualize the entire safety lifecycle, from design and construction of a new plant to the execution and delivery of the safety shutdown system, to operating and maintaining that system during production. They can use the software to verify that all the mitigations they’ve designed are still in working order,” explains Grant Le Sueur, director of control and safety software with Schneider Electric. “We see this safety management tool helping customers know that, based on their design principles and parameters, they are staying safely within their operating envelope. It serves as part of a holistic approach to safety management in that it makes sure that all is functioning as it should be to avoid process upset-related emergencies.”


Managing the disaster

“In many industries people invest in resources that plan for an incident, prevent an accident or that will reduce the probability of a disaster occurring,” says Sukh Grewal, CEO with Veoci, (New Haven, Conn.; “There’s obviously good reason to do that, but on the other hand, people have to realize that just because you invested in a safety system, it doesn’t mean a bad thing won’t happen. It is not enough to prepare for a disaster that might happen. You have to have technology in place for when disaster does happen. You need both. It’s not an either-or situation.”

The technology he is referring to is emergency management software, which transforms emergency response plans from notes in a binder into automated tasks and computerized actions. “In other words, instead of a line on a piece of paper that says you should call the plant manager, the software provides an automated phone call to him. If he doesn’t answer, it rings his home phone, if that doesn’t work, it texts his wife and so on. What we’re talking about is transforming the planning that people have already done into actual, realtime actions and tasks,” explains Grewal.

Veoci offers a Web-based emergency management solution that manages the four key stages of emergency management, including preparedness, response, recovery and mitigation. The preparation tool assists users in the creation of digitized plans that organize people, activities and information. It helps initiate a structured response based on a pre-designed plan at the click of a button and can be used to conduct drills, test runs and improvise plans before, during or after the event.

Possibly the most important aspect of emergency management, says Jim Paulson, president with Alert Technologies Corp. (Pleasanton, Calif.; is managing the information in real time, allowing the business to respond as quickly as possible following an emergency so that it may resume production and reduce costs associated with lost production. “We see organizations staffed with quality people who know what they’re doing and know how to solve problems, but as a situation unfolds, it’s hard to keep everyone informed and get the right information to the right experts,” he says. “When a critical situation is occurring, a large organization, like a chemical company, needs to be fairly nimble. They can’t take forever to make decisions or to respond. However, large corporations tend to be bureaucratic, which is often a problem.”

He cites, as an example, a large manufacturing facility that was knocked off line by flooding. The plant generated $1 million of revenue a day, but due to flooding was offline. They needed to buy $30,000 worth of tents and temporary shelters to store equipment and get things organized so they could get back online. It took over a week to get that $30,000 purchase approved and, during that week, they were losing $1 million a day.

“Someone could have made that happen at the snap of a finger to get them back online, but they had no clue how to get the information to that person. An emergency management solution allows businesses to gather and distribute information about the incident, the situation, what people need, what actions are taking place in response, the damage and the operational impact,” Paulson explains.

Alert Technologies’ OpsCenter allows users to manage response to emergency disruptions in an orderly, efficient and cost-effective way. Such responses often require cooperation and communication between parts of the organization that might not normally come into contact with one another. Internet-based OpsCenter provides a centralized information base to keep these groups informed and coordinated.

It’s a Virtual World

While some disasters, especially those that mother nature throws at a facility, can’t be prevented by technology, technology in the form of server virtualization can help save the day and decrease the cost associated with lost revenue.

“Our customers talk about the importance of business continuity and ask us, as suppliers of control systems, how we can help make sure that they can manufacture, process and deliver on a continuous basis,” says Grant Le Sueur, with Schneider Electric. “In addition to suggesting that they have plans in place to ensure they can remedy damages and get the plant back to its necessary running state, we suggest that disaster-recovery plans might also include an offsite storage mechanism for archiving and saving the latest backups of their control system.”

This practice, called server virtualization, can come in handy if the servers and workstations required for continuous production within a plant go down, notes Le Sueur. “For example, if a plant has a control system distributed across a site and all the collected information comes back into a central control room and that central control room was subjected to localized fire or various workstations were compromised through cyber attack, do they have a back up control room so that plant operations may continue?” asks Le Sueur. “It is becoming important to employ virtual servers to create a back up control room as part of disaster recovery strategy. Virtualization gives us the opportunity to get them back up and running using another location that is not compromised. ❏