1 / 19

Anne Funken, Marc Tavlet / BE-ASR-SU

User’s perspectives on the management of Elements Important for Safety ( EIS). Anne Funken, Marc Tavlet / BE-ASR-SU. Outline. EIS = Elément Important pour la Sûreté/Sécurité ~ Equipment or Element Important for Safety

owena
Download Presentation

Anne Funken, Marc Tavlet / BE-ASR-SU

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. User’s perspectives on the management of Elements Important for Safety (EIS) Anne Funken, Marc Tavlet / BE-ASR-SU AMMW - CERN 2013-11-14

  2. Outline EIS = Elément Important pour la Sûreté/Sécurité ~ Equipment or Element Important for Safety EIS & Access Safety Systems Quality assurance for the Access Safety Systems ; IEC 61508 Legal aspect Quality assurance for EIS (CMMS or AMM) Demo of the Layout DataBase Summary and conclusion

  3. The Beam Facilities at CERN

  4. Equipment Important for Safety (EIS) • Three categories: • EIS-Beam ; to protect people from the hazards generated by the beam (circulating or injected beams) • EIS-Machine ; to protect people from other hazards generated by the operation of the machine, such as RF power, HV, vacuum… • EIS-Access ; to prevent people entering into the machine : access doors, sas, (movable) shielding walls… (Access control system is not a safety system.) • Any other safety systems such as fire detection, water detection, transmission of alarms, automatic fire-fighting systems… are excludedhere. AMMW - CERN 2013-11-14

  5. Typical examples of EIS-M • beam-stoppers can withstand few beam shots • e.g. vacuum valves, MTV screens, TBSE • Beam-dump can withstand continuous beams • e.g. TED • Deflecting Magnets, may be fail-safe or not • Kicker magnets, septa magnets AMMW - CERN 2013-11-14

  6. EIS & Access Safety Systems • All EIS are instrumented and connected to an Access Safety System (ASS) • EIS are part of “safety chains” • Essential function of an ASS = ensure the following: • If Beam (“Beam Mode”)  No people permitted • If People (Access Mode”)  No beam possible • High reliability and availability • of the ASS required Including intrusion cases ! AMMW - CERN 2013-11-14

  7. Quality assurance for ASS • IEC 61508 : “Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems (E/E/PE)”addresses • the hazard & risk analysis  functions of E/E/PE safety system • the design and realisation of the instrumented (E/E/PE) system, • the operationof the system, including • ancillary equipment (e.g. cables, compressed air piping…), • maintenanceof these systems; must rely on • systematic techniques (procedures), • verification and validation. AMMW - CERN 2013-11-14

  8. ( Quality assurance & Legal aspect concerning ASS and EIS ) • According to the Tripartite agreement signed between CERN and its host states, the quality insurance related to the management of ASS and EIS is assessed by the official bodies of the CERN host states: • Autorité de Sûreté Nucléaire (ASN) and Institut de Radioprotection et de Sûreté Nucléaire (IRSN) for France • Office Fédéral de la Santé Publique (OFSP) for Switzerland AMMW - CERN 2013-11-14

  9. Quality assurance for EIS (1) • Clear identification of EIS • in database • in situ • Written procedure for EIS repair and maintenance, by the groups in charge • (accessible from Layout Database) • + Written maintenance reports • Written procedure for functional verification, by the group in charge of the ASS • + Written test reports of the safety-chains • Written procedure for validation, by the BE-DSO (process in BPMN) AMMW - CERN 2013-11-14

  10. Quality assurance for EIS (2) • Identification of EIS by “functional position” in the Layout Database related to the slot where the asset is indeed installed according to safety chains AMMW - CERN 2013-11-14

  11. Quality assurance for EIS (2) • Layout Database = entry point to • MTF : link between the slot (functional position) and the real piece of equipment (asset) which is installed to date • Infor EAM : data about specific asset and maintenance • NormaWeb : DB about “warm” magnets • Any other DB specific to equipment group • Maintenance documents in EDMS Tag : AMMW - CERN 2013-11-14

  12. Demo of the Layout DataBase • https://layout.web.cern.ch/layout/default.aspx?version=study&navigator=eis&id=&name AMMW - CERN 2013-11-14

  13. Summary and conclusion (1) • Operation of the accelerators  beam hazards (radiation)  other high-level hazards • The Access Safety System must guarantee the separation of the personnel from the hazards (= technical collective protection). • EIS are part of the ASS and are automatically operated and checked by the Access Safety System. • ASS and EIS need to be highly available and reliable. AMMW - CERN 2013-11-14

  14. Summary and conclusion (2) • High availability and reliability rely on • proper design  norms & qualified personnel • proper building & implementation qualified material & qualified personnel • proper maintenance documentation & qualified personnel • proper functional checks procedures & qualified personnel • proper validation  procedures & authority • For quality insurance and legal compliance all of these needs to be documented. • An CMMS or AMM tool is essential in this respect. AMMW - CERN 2013-11-14

  15. Optional additional slides / IEC 61508 Thank you AMMW - CERN 2013-11-14

  16. Quality assurance for ASS (1) • IEC 61508 : “Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems (E/E/PE)” : • Basic functional safety standard applicable to all kinds of industry. • Functional safety includes • the “Equipment Under Control” (~ EIS) • their control system, • other technology safety-related system, • other external risk reduction systems. AMMW - CERN 2013-11-14

  17. Quality assurance for ASS (3) • IEC 61508 usually implies • Redundancy of communication, both ways • (control and check of EIS status) • Avoid common mode of failure • (independent EIS based on different technologies) • Test or auto-test of the system • (this includes preventive maintenance) AMMW - CERN 2013-11-14

  18. ( The risk seen by IEC 61508 ) • Reminder:Risk = likelihood * severity of undesirable event • [ In many beam facilities, the severity may be very high = death! ] • IEC 61508 considers that • Zero risk can never be reached • Safety must be considered from the beginning • Non-tolerable risks must be reduced (ALARP principle) • IEC 61508 usually tends to reduce the likelihood of an event. AMMW - CERN 2013-11-14

  19. Quality assurance for EIS (2) • Written procedure EIS status change & check • The group in charge of the ASS and the Beams-Department Safety Officer have a constant clear view of the EIS status. • Any change of an EIS status (other than from the Beam-Operation group) has to be requested to and approved by the BE-DSO. • Any by-pass of an EIS status from a safety chain has to be requested to and approved by the BE-DSO and the ASS-group (GS-ASE). • After functional verification, the BE-DSO validates the system. AMMW - CERN 2013-11-14

More Related