The impact of Industry 4.0 on safety instrumented systems
By Rafal Selega, ABB
Industry 4.0 aims to facilitate the interaction between humans and technology by providing information at all industrial plant levels. Persons or tools can access process sensors or final element information (such as measured value or configuration settings, etc.) from any part of the world if authorized to do so. Among other things, this allows device and system performance optimization though delivery of remote services for maintenance and upgrades or repair from a remote location via the “cloud.” Another part of this concept assumes that “smart devices” will communicate with neighboring devices to optimize their own performance based on information about surrounding conditions, e.g., a flow transmitter autonomously compensates its measured value with data from connected pressure or temperature sensors.
The benefit is faster and cheaper optimization than is possible with the current conventional approach because the location of the expert knowledge team doesn’t matter anymore; travel costs and time no longer come into play. Industry 4.0 goes even further. For example, a process operator wishing to optimize the settings for a proportional-integral-derivative controller may use a web-based tuning tool to analyze the current process conditions and dynamics and to provide the optimal tuning algorithm for the valve positioner configuration settings.
Supporters of Industry 4.0 expect inherent optimization features to increase the income of a medium-size process plant by several million dollars per year. In addition, Industry 4.0 should boost production flexibility, enabling a facility to rapidly adapt its operations to market changes. For instance, a plant control system could autonomously adjust output based on fluctuating utility prices, thereby optimizing the costs of production.
Challenges
However, as with any major shift, Industry 4.0 poses some issues. Many process plants handle flammable, explosive or toxic materials. So, they rely on safety instrumented systems (SISs) to prevent incidents that potentially could result in multiple fatalities or environmental disasters. Industry 4.0 impacts SISs in a number of ways.
Cyber security. The underlying principle of Industry 4.0 is that all systems, including those devices utilizing Internet-protocol addresses, are connected to the globally accessible Internet infrastructure. It is frightening to imagine what could happen if a cybercriminal broke into an Industry 4.0 plant system environment to access and control each and every device associated with the local area network.
Wireless communication. Industry 4.0 promotes the wireless communication layer. By its very nature, wireless communication is open to outside influences from Mother Nature such as lightning, adverse weather, solar magnetic storms and solar plasma ejection. Buildings and plant equipment also can pose obstacles; mobile equipment, new construction, overgrown vegetation, vehicles or temporary screens used for maintenance or repair work can interfere with a signal path. Increased wireless infrastructure also raises the risk of intrusion by hackers and terrorists.
Current functional safety standards don’t allow a risk reduction credit greater than 10 for wireless safety instrumented functions (SIFs). This means wireless devices presently can only be used in non-safety-integrity-level applications. (Refer to ISA TR 84.00.08 for further guidance.)
Real-time constraints. Industrial control systems require real-time reaction, making changes to the systems very difficult. Downloading the necessary data for plant system operation from the cloud requires the plant’s system to access “big data” in cyberspace in real time. Loading available software patches onto the system’s malware scanners and antivirus programs could influence the stability of the process. Any real-time communication must be fast enough to facilitate process automation requirements. For example, a SIF for turbine over-speed protection may need to respond within 10 ms on demand. Currently, the available safety fieldbuses that would form the core of Industry 4.0 are too slow for every process safety application.
Shorter device lifetimes. Some safety devices on the market lack a processor with fast enough response to process conditions or sufficient memory capacity for Industry 4.0; in a short time, they will require replacing. Industry 4.0 may actually lessen device serviceable lifetime, directly impacting capital deployed and increasing operating expenditure.
More-numerous software versions and shortened device lifetime will prevent the user from getting good “prior use” or “proven in use” evidence for a device to be employed in a safety application.
Systematic failure. Devices and systems will boast increased software complexity, due in large measure to powerful new software tools. This means most expected system failures will reside in the software lifecycle. We already depend heavily on software; our dependency will become much greater. Unfortunately, the reliability of current information technology software is far from perfect—Industry 4.0 will ratchet up the challenges.
As our software dependency increases, our incentive for higher levels of software reliability becomes greater. Ultimately, human factors may be the weakest link of Industry 4.0 for safety related systems.
Modularization. Industry 4.0 promotes system modularization. Plants will consist of intelligent modules that may be connected like bricks within the automation foundation. The modularization concept may conflict with the required performance-based approach for the design and development of a safety system. Standards for functional safety and cyber security represent a performance-based approach because experts in this field believe that the plant-specific risk must be first assessed and then the required risk-reduction measures applied to meet defined tolerable levels.
Operation and maintenance. The level of sophistication needed to design to the Industry 4.0 idea of control and safety instrumented systems will pose substantial challenges for manufacturers. The design will place a great emphasis on the competency of the designer, software developer, operators and maintenance personnel across the entire safety lifecycle. The design will include the creation of cyber-physical systems where field devices are programmable and connected to the Internet and modularized (different device parts from different providers) and also feature wireless connectivity as a default configuration. At present, traditional sensors or final elements allow easy diagnosis and timely repair because real-time on-line support from vendors isn’t necessary and the operators know how to run their plants with the system data presented in graphics and alarms. Operation and maintenance of Industry 4.0 systems likely will require much more in-depth support by vendors and third parties as the automation complexity increases the need for expert-level diagnostics. Operators won’t be able to carry out all tasks and supporting maintenance activities by themselves.
A measured migration
Industry 4.0 will first take hold at process plants in their basic process control systems because it will be much easier to apply the concept there than for the SISs. Currently, no standards can provide a framework for an Industry 4.0 safety system. After gaining experience from the first wave of basic control systems upgrades, functional safety committees will start to consider how to design Industry 4.0 for SISs.
Functional safety and the requirements for maintaining risk reduction in a cyber environment will require a more cautious approach. As further integration of the control, safety and business system environments occurs, end users will need to partner with leading manufacturers and service organizations to develop intelligent engineering and infrastructure and collaborative technical support centers and to encourage the necessary enhancements to supply-chain safety-related competency assurance.
RAFAL SELEGA is a functional safety consultant for the ABB Functional Safety Management Technical Authority, St. Neots, U.K. Email him at [email protected].
Acknowledgement
The author gratefully acknowledges the contributions of John Walkington, manager, ABB Global FSM Technical Authority, to this article.
REFERENCES
1. “Functional safety — Safety Instrumented Systems for the Process Industry Sector,” IEC 61511, 2nd ed., Intl. Electrotechnical Commission, Geneva, Switz. (2016).
2. “Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems,” IEC 61508, 2nd ed., Intl. Electrotechnical Commission, Geneva, Switz. (2010).
3. “Industrial Communication Networks,” IEC 62443, Intl. Electrotechnical Commission, Geneva, Switz. (2009).
4. “Cybersecurity Related to the Functional Safety Lifecycle,” ISA-TR84.00.09-2017, Intl. Soc. of Automation, Research Triangle Park, N.C. (2017).