When I was working in Saudi Arabia, the 3000MTD gas based methanol plant was operated with state of the art DCS systems. Just before a planned turnaround, instrument personnel were working with some control room underfloor cables when, by mistake, all power to the DCS displays were lost. It was restored after 30 minutes. The plant parameters were maintained throughout the upset without any safety issue as the controllers in auto were doing their job. However a case study presented in 2012 by Shri KC Tripathy and others of NTPC shows how safety hazards cropped up during "complete and simultaneous DCS failure in two 500MW units"
The case study mentions among other useful learnings, the following:
"All processors (active and redundant) abruptly rebooted at once. Thereby both redundant network & redundant processor concepts of DCS design were defeated".
Read the case study in this link.
Contribute to the surviving victims of Bhopal by buying my book "Practical Process Safety Management"
The case study mentions among other useful learnings, the following:
"All processors (active and redundant) abruptly rebooted at once. Thereby both redundant network & redundant processor concepts of DCS design were defeated".
Read the case study in this link.
Contribute to the surviving victims of Bhopal by buying my book "Practical Process Safety Management"
No comments:
Post a Comment