Halma Latest PR Articles
Pipeline Safety & Security – The Role Of Key Interlocks
.jpg)
Introduction
As a general principle it can be said that pipeline operations which are safe when performed correctly can have catastrophic consequences when performed incorrectly.
The oil, gas and chemical processing industries generally have a disciplined approach to pipeline design and operating practice, governed largely by recognised international standards and enforced by regulators and certification authorities. While good practice begins with good design, both are inevitably hostage to the ‘human factor’.
The following often-quoted but unattributed statistic is an interesting illustration of this point: "70% of reported incidents in the oil and gas industry worldwide are attributable to human error and account for in excess of 90% of the financial loss to the industry."
Risk And Responsibilities
The UK Health and Safety at Work Act (1974) places responsibilities on people who design, manufacture or supply equipment for use at work to ensure as far as is reasonably possible that it is safe. Indeed, the new European ‘ATEX’ standards seek to reinforce those principles across the EU.
Internationally, there are strong indications of a fundamental shift of emphasis in safety legislation from prescriptive regulations to the risk management (goal setting) approach. This approach places primary legal responsibility on owners and operators to adopt ‘best available’ technology and methodology to ensure safety.
This evolving change ensures accountability but does not necessarily lead to accident prevention. Asset owners and operators are perhaps more liable than ever before and can no longer plead conformance to prescribed standards when things go wrong.
The
This legislative trend is set against an international trend of downsizing or contracting out of key functions for commercial reasons, suggesting a potential conflict of priorities. These contracting arrangements are characterised by a higher rotation of personnel because they tend to be relatively short-term agreements. The ‘job-for-life’ which produced the ‘25-year’ dedicated company employee is disappearing and is being replaced by higher levels of process automation and increasing dependence on partnering with contractors.
This 'casualisation’ of on-site labour inevitably increases the risk of accidents through human error and demands higher levels of applied safety systems to mitigate this risk.
Reliance on written safety procedures is an act of faith in the alertness and goodwill of the worker. Accident prevention and violation reduction requires physical systems that compel compliance – one such solution is mechanical key interlocking.
What Are Key Interlocks?
Many routine pipeline operating procedures are potentially dangerous if executed incorrectly or in unsafe conditions, with the scope for injury and/or damage significantly increased when high temperature, high pressure or toxic/flammable product is present.
Key interlock systems are dual-keyed mechanical locking devices which operate on a 'key transfer' principle to control the sequence in which process equipment may be operated. They are widely accepted as an effective safety management tool and are being adopted by many of the world’s oil, gas and chemicals majors. Interlocks are also recommended in a number of internationally recognised standards for specific process applications including:
API RP 14E - Design & Installation of Offshore Production Platform Piping Systems (
API RP 520 - Pressure Relieving Systems for Refinery Services (Part II: Section 4 - Isolation Valve Requirements).
NFPA 12 - National Fire Protection Association (
BS 5306 - British Standard - Part 4 1986 - Specification for Carbon Dioxide Systems.
BS 8010 - Code of Practice for Pipelines (Part 2 1992 - Sect. 2.8).
BS 8010 - Code of Practice for Pipelines (Part 3 1993 - Sect. 6.6).
1996 No. 825 - (
Key interlocks date back to the 1890's where they were first used in the French railway system to control track switching operations. Modern key interlock systems for oil and gas, chemical processing and pipelines systems did not emerge until the early 1980's. Since then, acknowledgement of their effectiveness has led to increasing levels of usage and growing recommendations within international standards and codes of practice. The hardware is relatively simple and is based on specialised mechanical locks designed as integral-fit attachments to the host equipment.
Typically they are applied to valves, closures, switches or any form of equipment which is operated by human intervention. The 'open’ or 'closed' status of an interlocked valve, or the 'on’ or 'off' status of an interlocked switch can only be changed by inserting a unique coded key; inserting the key unlocks the operating mechanism (e.g. handwheel or push-button) enabling operation of the valve or switch.
Operating the unlocked equipment immediately traps the initial (i.e. inserted) key; when the operation is complete, a secondary (previously trapped) key may then be released thereby locking the equipment in the new position. This secondary key will be coded in common with the next lock (item of equipment) in the sequence. By this simple coded key transfer principle a ‘mechanical logic' system is created which denies any scope for operator error.
While padlocks and chains provide a lock-off capability, they do not provide any control over the sequence of operations, nor do they assure or confirm the status of the equipment to which they are fixed. So, removing a key from a padlock ensures neither that the equipment is locked nor its ‘open/closed' or 'on/off' status. While a padlock and chain may be suitable and sufficiently robust in low risk applications, they have virtually no mechanical integrity and are a minimal solution offering (at best) a visual restriction against unauthorised operation.
Mechanical key interlock systems are ideally suited for integration with Permit-to-Work (PtW) procedures; indeed, the Cullen Report on the public inquiry into the Piper Alpha offshore rig disaster (1990) strongly recommends the use of locking systems integrated with PtW procedures, especially where routine procedures cannot be accomplished in the time-scale of a single work shift.
In the same vein, ongoing surveillance of the UK chemicals industry by the Health & Safety Executive (HSE) found that one third of all accidents in the chemical industry were maintenance related – the most significant factor being the absence of, or an inadequacy in, PtW systems.
In addition to the standards referred to earlier, the Technical Guidance Notes (published by the HSE) supporting interpretation of the UK Pipeline Safety Regulations (1996) Act [PSR 1996] recommend interlocks as a suitable safety system in the operation of pig traps.
Primary And Secondary Safety Systems
Whether a pipeline or process module is of simple design with basic functions controlled by manually-operated valves, or of complex design controlled by sophisticated mainframe Distributed Logic Control (DLC) systems, key interlocks can provide a totally reliable mechanical assurance of safe operating practice in which the operator's scope for error is eliminated.
Indeed, within DLC controlled systems, which invariably incorporate electrical interlocking ('trips'), these are usually limited to governing only the operation of high-criticality motorised valves. Associated sundry services valves (e.g. for venting) may be manually-operated valves and will therefore not be recognised by the DLC management system. Correct operation of these valves may still be critical or semi-critical and may be dependent solely on the operator following written operating instructions.
In DLC-managed systems, key interlocks can form a vital link between managed and unmanaged valves. In these circumstances, the key interlocks are not intended as the primary safety system but as a secondary back-up system to the primary (DLC) system. Designs have been developed in recent years to provide key interlocking solutions that offer the only total form of interdependent control over the operation of motorised and manually operated valves in one fully integrated system. When applied to motorised valves, the interlock design ensures that the failsafe function of the valve is never compromised.
In process systems where the valving and/or control components are all manually-operated (i.e. not DLC controlled), key interlocks become the primary safety system. They are particularly suitable as the primary safety system for remote locations where power is unavailable.
Whether adopted as a primary or secondary safety system, key interlocks can be customised to intelligent format by electronic tagging of the individual keys. This is done by fitting each key with an ID chip which is read by a tag reader in the control room key cabinet. The key cabinet system incorporates a standard PC which manages the system software. This can be interfaced with the mainframe DLC system by a simple twin-wire connection.
Conclusion
The global trend of contracting out site operations inevitably translates into the 'casualisation’ of labour, which in turn leads to an increased risk of accidents through human error or deliberate violations. Well designed interlocking systems can mitigate these risks – either by eliminating error or by greatly inhibiting the potential for violations.
Well designed key interlock systems are always operator-friendly – they require no additional work effort from the operator than normal procedures would require and, most importantly, should never permit more than one key to be free at any one time. The message is, ‘keep it simple’.
Smith Flow Control Ltd, 6 Waterside Business Park, Eastways Industrial Estate, Witham,
