Programmable electronic and hardwired emergency shutdown systems: a quantified safety analysis

Emergency shutdown systems (ESDs) for mining machinery provide critical functions to safeguard miners. Traditionally, ESDs were realized with simple hardwired circuits; today, there is a growing trend to use programmable electronic technology such as programmable logic controllers (PLCs). This paper describes an analytical study to quantify the safety integrity of a PLC-based ESD and a hardwired ESD. The safety integrity level of each design approach was determined by quantifying the average probability of failure on demand (PFD_avg) as described by the recommendations for programmable electronic mining systems published by NIOSH and the IEC 61508 international standard The safety analyses addressed system architecture, hardware failure probability, proof test interval, diagnostic coverage, and human error probability. The results indicated that a same level of safety, safety integrity level 3 (SIL 3), could be attained when evaluating random hardware failures. Neither approach could attain SIL 3 if manual activation was used. Human error was the limiting factor where, using human reliability analysis, PFD_avg≤1×10^-1; thus, the ESD does not meet SIL 1. It is apparent that automatic verses human-activation of the ESD is a very important safety consideration. Manually actuated ESDs can only achieve SIL 1 regardless of the technology; therefore, additional independent safety layers of protection are needed to exceed SIL 1. Secondly, it is apparent that the technology choice is very important The PLC-based ESD was much simpler to design and to validate safety.