Petroleum and natural gas industries -- Offshore production installations -- Process safety systems

This document provides objectives, functional requirements and guidelines for techniques for the analysis and design of surface process safety systems for offshore installations used for the recovery of hydrocarbon resources. It also provides recommendations and requirements on support systems which complement the process safety systems in reducing risk. NOTE These are not intended to be exhaustive. The scope of this document is limited to specifying the methods by which the asset is protected against loss of containment of hydrocarbon or other hazardous materials. This document is applicable to a) fixed offshore structures, and b) floating offshore production installations for the petroleum and natural gas industries. This document is not applicable to mobile offshore units and subsea installations. NOTE Nevertheless, many of the principles contained in this document can be used as guidance.

Industries du pétrole et du gaz naturel -- Plates-formes de production en mer -- Systèmes de sécurité des procédés

General Information

Status
Published
Publication Date
19-May-2019
Current Stage
6060 - International Standard published
Start Date
20-Apr-2019
Completion Date
20-May-2019
Ref Project

RELATIONS

Buy Standard

Standard
ISO 10418:2019 - Petroleum and natural gas industries -- Offshore production installations -- Process safety systems
English language
17 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

INTERNATIONAL ISO
STANDARD 10418
Third edition
2019-05
Petroleum and natural gas
industries — Offshore production
installations — Process safety systems
Industries du pétrole et du gaz naturel — Plates-formes de production
en mer — Systèmes de sécurité des procédés
Reference number
ISO 10418:2019(E)
ISO 2019
---------------------- Page: 1 ----------------------
ISO 10418:2019(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2019

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2019 – All rights reserved
---------------------- Page: 2 ----------------------
ISO 10418:2019(E)
Contents Page

Foreword ........................................................................................................................................................................................................................................iv

Introduction ..................................................................................................................................................................................................................................v

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms, definitions and abbreviated terms ................................................................................................................................ 1

3.1 Terms and definitions ....................................................................................................................................................................... 1

3.2 Abbreviated terms ............................................................................................................................................................................... 5

4 Symbols and identification for protection devices ........................................................................................................... 5

4.1 Objectives..................................................................................................................................................................................................... 5

4.2 Functional requirements ................................................................................................................................................................ 6

5 Safety analysis concepts ................................................................................................................................................................................ 6

5.1 Objectives..................................................................................................................................................................................................... 6

5.2 General functional requirements ............................................................................................................................................ 6

5.3 Functional requirements for analysis using structured review techniques ...................................... 7

6 Process safety system design ................................................................................................................................................................... 8

6.1 Objectives..................................................................................................................................................................................................... 8

6.2 Functional requirements ................................................................................................................................................................ 8

Annex A (informative) Support systems ........................................................................................................................................................12

Annex B (informative) Toxic gases .......................................................................................................................................................................15

Bibliography .............................................................................................................................................................................................................................17

© ISO 2019 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO 10418:2019(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www .iso .org/patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to

the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see

www .iso .org/iso/foreword .html.

This document was prepared by Technical Committee ISO/TC 67, Materials, equipment and offshore

structures for petroleum, petrochemical and natural gas industries, Subcommittee SC 6, Processing

equipment and systems.

This third edition cancels and replaces the second edition (ISO 10418:2003), which has been technically

revised. It also incorporates the Technical Corrigendum ISO 10418:2003/Cor.1:2008. The main changes

compared to the previous edition are as follows:

— safety analysis tables (SATs) and safety analysis checklists (SACs), which previously were reproduced

from API RP 14C, have been deleted and replaced by references to the analysis methods included in

API RP 14C;
— simplification of annexes to avoid duplication of API RP 14C content.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/members .html.
iv © ISO 2019 – All rights reserved
---------------------- Page: 4 ----------------------
ISO 10418:2019(E)
Introduction

Effective management systems are required to address health and safety aspects of activities

undertaken by companies associated with offshore recovery of hydrocarbons. These management

systems are applied to each stage in the lifecycle of an installation and to related activities.

One key aspect of effective management systems is a systematic approach of identification of hazards

and the assessment of the risk, in order to aid decision-making on the need for risk-reduction measures.

Selection of risk-reduction measures entails the use of sound engineering judgement informed

by recognition of the particular circumstances, which can prompt variation to past practices and

previously applied codes and standards.

Risk reduction measures include those to minimize and eliminate hazards by design (i.e. use of

inherently safer designs), to prevent incidents (i.e. reducing the probability of occurrences), to control

incidents (i.e. limit the scale, intensity and duration of a hazardous event), and to mitigate effects (i.e.

reducing the consequences).

Extent of hazard identification and risk assessment activities will vary depending on the stage in the

installation lifecycle, as well as process conditions, degree of standardization, complexity, number of

persons on board and the installation’s overall estimated level of risk.

For installations in the early design phases, the evaluations will necessarily be less detailed than those

undertaken during later design phases. Design assumptions developed during these early stages are

normally verified before the installation becomes operational.

Process safety systems are provided to prevent, detect, control or mitigate undesirable events in

process equipment.

This document sets out three options for identifying appropriate process safety systems. The first

option is to adopt the prescriptive approach specified in API RP 14C. The second approach is to use

structured review techniques to identify hazards and evaluate risk, with process safety systems being

provided based on the results of this more specific analysis. The third option is to use a combination

of the first two. The use of the structured review techniques is likely to be of benefit for more complex,

novel or higher hazards systems.

Figure 1 illustrates the relationship of this document to other documents that play a key role in designing

offshore process safety systems. Under the overarching risk management principles of ISO 31000,

ISO 17776 provides a framework for managing major accident hazards throughout the facility lifecycle.

This document provides requirements and guidelines for process safety systems with more detailed

and specific guidance and requirements for particular elements provided in other documents, most

notably ISO 13702, ISO 23251 and the IEC 61511 series.

The approach described in this document is intended to be applied in an iterative way. As the design

proceeds, hazards that are introduced or changed are systematically identified and the need for

additional risk-reduction measures evaluated.

This document has been prepared primarily to assist in the development of new installations. It is not

always appropriate to apply certain requirements to an existing installation. During the planning of a

major modification to an installation, there can be greater opportunity to implement the requirements.

© ISO 2019 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO 10418:2019(E)
NOTE The lines between the standards illustrate the main relationships.
Figure 1 — Relationship between offshore-relevant standards
vi © ISO 2019 – All rights reserved
---------------------- Page: 6 ----------------------
INTERNATIONAL STANDARD ISO 10418:2019(E)
Petroleum and natural gas industries — Offshore
production installations — Process safety systems
1 Scope

This document provides objectives, functional requirements and guidelines for techniques for the

analysis and design of surface process safety systems for offshore installations used for the recovery of

hydrocarbon resources.

It also provides recommendations and requirements on support systems which complement the process

safety systems in reducing risk.
NOTE These are not intended to be exhaustive.

The scope of this document is limited to specifying the methods by which the asset is protected against

loss of containment of hydrocarbon or other hazardous materials.
This document is applicable to
a) fixed offshore structures, and
b) floating offshore production installations
for the petroleum and natural gas industries.

This document is not applicable to mobile offshore units and subsea installations.

NOTE Nevertheless, many of the principles contained in this document can be used as guidance.

2 Normative references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO 13702, Petroleum and natural gas industries — Control and mitigation of fires and explosions on

offshore production installations — Requirements and guidelines

IEC 61511 (all parts), Functional safety — Safety instrumented systems for the process industry sector

API RP 14C, Analysis, Design, Installation, and Testing of Safety Systems for Offshore Production Facilities

3 Terms, definitions and abbreviated terms
3.1 Terms and definitions
For the purposes of this document, the following terms and definitions apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https: //www .iso .org/obp
— IEC Electropedia: available at http: //www .electropedia .org/
© ISO 2019 – All rights reserved 1
---------------------- Page: 7 ----------------------
ISO 10418:2019(E)
3.1.1
abnormal operating condition

condition which occurs in a process component (3.1.21) when an operating variable ranges outside of its

normal operating limits
3.1.2
alarm

audible and/or visible means of indicating to the operator an equipment malfunction, process deviation,

or abnormal condition requiring a timely response
[SOURCE: IEC 62682:2014, 3.1.7]
3.1.3
blowdown
emergency depressuring
system discharging gas to flare or other disposal system
3.1.4
containment
situation in which the hazardous material is held safely in a pressurized system
3.1.5
control
limiting the extent or duration of a hazardous event
3.1.6
ESD system
emergency shutdown system

system, activated by automatic or manual signals, which undertakes the control actions to shut down

equipment or processes in response to a hazardous situation
3.1.7
emergency support system
ESS

portion of the overall facility safety system consisting of the ESD, fire detection, gas detection,

ventilation, containment systems, sumps, blowdown system, and SSSVs (3.1.28)
3.1.8
fail-closed valve

valve which will move to the closed position upon loss of the power medium or signal

3.1.9
failure

improper performance of a device or equipment item that prevents completion of its design function

3.1.10
fire loop

pneumatic control line containing temperature-sensing elements which, when activated, will initiate

control actions in response to a hazardous situation

Note 1 to entry: Fusible plugs and synthetic tubing are examples of temperature-sensing elements.

3.1.11
functional requirements

minimum criteria which shall be satisfied to meet the stated health, safety, and environmental

objectives
[SOURCE: ISO 13702:2015, 3.1.24]
2 © ISO 2019 – All rights reserved
---------------------- Page: 8 ----------------------
ISO 10418:2019(E)
3.1.12
gas blowby
discharge of gas from a process component (3.1.21) through a liquid outlet
3.1.13
gas detection system

system which monitors spaces on an offshore installation for the presence and concentration

of flammable and/or toxic gases, initiates alarms (3.1.2), and might initiate control actions at

predetermined concentrations
3.1.14
leak

accidental escape from a process component (3.1.21) of liquid and/or gaseous hydrocarbons or other

hazardous materials to atmosphere
3.1.15
liquid overflow

discharge of liquids from a process component (3.1.21) through a gas (vapour) outlet

3.1.16
malfunction

condition of a device or equipment item that causes it to operate improperly, but does not prevent the

performance of its design function
3.1.17
maximum allowable working pressure

highest operating pressure allowable at any point in any process component (3.1.21), other than a

pipeline, during normal operation or static conditions
3.1.18
mobile offshore unit

mobile platform, including drilling ships, equipped for drilling for subsea hydrocarbon deposits, and

mobile platform for purposes other than production and storage of hydrocarbon deposits

Note 1 to entry: Includes mobile offshore drilling units, drillships, accommodation units, construction and

pipelay units and well servicing and well stimulation vessels.
3.1.19
overpressure

pressure in a process component (3.1.21) in excess of the maximum allowable working pressure (3.1.17)

Note 1 to entry: For pipelines, refer to relevant design code for the definition of the maximum allowable working

pressure.
3.1.20
PRD
pressure relief device

device actuated by inlet static pressure and designed to open during emergency or abnormal conditions

to prevent a rise of internal fluid pressure in excess of a specified design value

Note 1 to entry: The device can be a pressure-relief valve (pressure safety valve), a rupture disk device, or a

buckling pin device.
3.1.21
process component

single functional piece of production equipment and associated piping used on processing and injection

facilities
EXAMPLE Separator, heater, pump, tank.
© ISO 2019 – All rights reserved 3
---------------------- Page: 9 ----------------------
ISO 10418:2019(E)
3.1.22
process safety system

system consisting of devices used on a facility to prevent or mitigate the potentially undesirable events

(3.1.32) that can occur within the process
3.1.23
protection device
instrument or item of equipment used within a protection system
3.1.24
safety instrumented system
instrumented system used to implement one or more safety instrumented functions

Note 1 to entry: A safety instrumented system is composed of any combination of sensor(s), logic solver(s), and

final element(s).

Note 2 to entry: The primary function of a safety instrumented system is to detect and initiate control or

mitigation action when there is a potentially hazardous situation.
3.1.25
safety integrity level

discrete level (one out of four) allocated to the safety instrumented function (SIF) for specifying the

safety integrity requirements to be achieved by the safety instrumented system (3.1.24)

Note 1 to entry: Further details (including definition of SIF) are given in IEC 61511-1:2017.

3.1.26
sensor

device which automatically detects an operating condition and transmits a signal to initiate/perform a

specific control function

Note 1 to entry: Process component shutdown is an example of a control function initiated by a sensor.

3.1.27
SDV
shutdown valve
automatically operated, fail-closed valve (3.1.8) used for isolation
3.1.28
subsurface safety valve
SSSV

automatically operated device installed in a well below the mudline and having the design function to

prevent uncontrolled well flow in response to a hazardous situation
3.1.29
SSCSSV
subsurface-controlled subsurface safety valve
SSSV (3.1.28) actuated by the pressure characteristics of the well
3.1.30
SCSSV
surface-controlled subsurface safety valve

SSSV (3.1.28) controlled from the surface by hydraulic, electric, mechanical or other means

3.1.31
surface safety valve

automatically operated wellhead valve assembly which will isolate the reservoir fluids upon loss of the

power medium
4 © ISO 2019 – All rights reserved
---------------------- Page: 10 ----------------------
ISO 10418:2019(E)
3.1.32
undesirable event

adverse occurrence or situation in one or more process components (3.1.21) performing a specific

process function which poses a threat to safety
EXAMPLE Overpressure, under pressure, gas blowby, liquid overflow.
3.1.33
vacuum
pressure less than atmospheric pressure
3.1.34
vent
pipe or fitting on a vessel or pipework that opens to the atmosphere

Note 1 to entry: A vent system can contain a pressure and/or vacuum relief device.

3.2 Abbreviated terms
AFP active fire protection
ESD emergency shutdown
FES fire and explosion strategy
ISA International Society of Automation
ISD inherently safer design
OEL occupational exposure limit
PFD process flow diagram
P&ID piping and instrumentation diagram
PSH pressure safety high
PSV pressure safety valve
SAC safety analysis checklist
SAT safety analysis table
SIL safety integrity level
SSC sulfide stress cracking
4 Symbols and identification for protection devices
4.1 Objectives
The purpose of graphical symbols and identification of protection devices is to
a) uniquely identify safety devices,

b) facilitate the recognition of safety devices throughout an installation and between installations, and

c) aid the systematic design and analysis process.
© ISO 2019 – All rights reserved 5
---------------------- Page: 11 ----------------------
ISO 10418:2019(E)
4.2 Functional requirements

A unique system shall be employed for identifying and symbolizing process safety devices and process

components. Individual process safety devices and process components shall be described by a unique

identifier (tag). This unique identifier shall be used during the development of design drawings, such as

PFDs and P&IDs.
5 Safety analysis concepts
5.1 Objectives
Objectives of a safety analysis are to

a) identify undesirable events that pose a safety risk, and define reliable protective measures that

will prevent such events or minimize their effects if they occur,

b) establish a firm basis for designing and documenting a process safety system, and

c) enable verification that the arrangements provided for the protection of process components

form an integrated system covering the entire platform through the application of proven analysis

technics.
5.2 General functional requirements

5.2.1 An analysis shall be carried out for each process component in order to determine the

arrangements provided to prevent, detect, mitigate or control undesirable events which can develop

within or external to a process component. The analysis shall be based on scenarios that are selected to

represent all reasonably foreseeable hazardous events.

5.2.2 The analysis procedure shall provide a structured method to develop a process safety system and

provide supporting documentation.
5.2.3 The analysis shall

a) identify those undesirable events which can compromise the integrity of the process component,

b) identify the safety measures required to prevent, detect, mitigate such events, and

c) establish a firm basis for designing and documenting the provisions of a process safety system.

5.2.4 The safety analysis, system design and protection concepts used shall be in accordance with one

of the following:
a) the approach specified in API RP 14C;

b) the approach involving the use of structured review techniques as described in 5.3;

c) a combination of both approaches.

The use of structured review techniques is likely to be of benefit for more complex, novel or higher

hazard systems. A combined approach whereby structured review techniques are used for these types

of systems, with API RP 14C being applied to simpler or lower hazards systems, is an option that can

potentially offer both effective risk reduction and resource efficiency.

5.2.5 Factors to evaluate when selecting the analyses approach, include the following:

a) severity of operating conditions, quantities of hazardous inventories, potential personnel exposure;

6 © ISO 2019 – All rights reserved
---------------------- Page: 12 ----------------------
ISO 10418:2019(E)
b) novelty and complexity of the process to be used;

c) requirements of the regulation authority having jurisdiction over the facility;

d) company requirements in excess of the applicable regulations;
e) skills, experience and competency of those undertaking the analysis;

f) in the case of analysis of a modification, the consistency with the original method of analysis.

5.2.6 If process components that are not included in API RP 14C are used, or if process components

are used in a novel way, then use of the structured techniques as described in 5.3 shall be applied or new

SAT and SAC, as described in API RP 14C, shall be developed.
5.3 Functional requirements for analysis using structured review techniques
5.3.1 A risk management process shall be applied for
a) identification of hazards,
b) assessment of the risk (this may be qualitative or quantitative), and
c) control of risks.
Use of ISD should be applied to reduce the risk, if practical.
Guidance on application of ISD is in ISO 17776:2016, Annex D.

5.3.2 Structured review techniques shall be selected based on factors including but not limited to the

particular features of the installation and its process. Guidance on the selection of tools and techniques is

in ISO 17776:2016, Annex C.

5.3.3 A strategy for managing process hazards shall be developed based on the results of the risk

management process. The following elements shall be included or referenced in the strategy:

a) application of inherently safer design philosophy;
b) process control, plant start-up and shutdown philosophy;
c) ESD philosophy including plant segregation philosophy;
d) relief and blowdown philosophy;
e) flare and vent philosophy.

5.3.4 A systematic study shall be made to determine those credible undesirable events (such as, but

not limited to, overpressure, over filling) in the process that would result in hazardous events. The study

shall cover all anticipated modes of operation and assess the adequacy of protection systems for these

undesirable events. Guidance for relief is contained in ISO 23251 or API Std. 521.

5.3.5 Process safety system shall be designed to cater for all anticipated operating modes including

start-up and shutdown.
5.3.6 The design of the process safety system shall include
a) functional requirements of the process safety system,
b) SIL of each safety instrumented system shutdown loop,
c) bypasses required by the system, and
© ISO 2019 – All rights reserved 7
---------------------- Page: 13 ----------------------
ISO 10418:2019(E)

d) reliability, availability and maintainability of the process safety system components.

NOTE Bypasses prevent an automatic action, on a temporary basis, to allow continued operation.

5.3.7 The analysis technique shall be applied to all process components, from and including topside

wellhead or boarding valve to the most downstream discharge point and including injection systems,

and shall be incorporated into the overall safety system assessment.
6 Process safety system design
6.1 Objectives
The objectives of the process safety system are to
a) protect personnel, the environment, and the facility from process hazards,

b) prevent the release of hydrocarbons or other hazardous materials, and to minimize the adverse

effects of such releases, including escalation,

c) shut in the process or affected part of the process to stop the flow of hydrocarbons or other

hazardous materials to a leak or overflow,
d) prevent ignition of released hydrocarbons or other flammable materials, and
e) shut in the process in the event of a gas release or a fire.
6.2 Functional requirements

6.2.1 The design basis for the process safety system shall include the following:

a) good engineering practice based on relevant codes, standards and industry guidance;

b) use of proven analysis techniques to determine the minimum requirement for a process component.

6.2.2 Process components on a production platform, comprising the entire process from topside

wellhead or boarding valve to the most downstream discharge point and including injection systems,

shall be incorporated into the overall safety system assessment.

6.2.3 Protection measures shall be provided to protect each process component in order to

a) prevent the uncontrolled release of hydrocarbons or other hazardous materials, and

b) minimize the consequences of an uncontrolled release.
6.2.4 Protection measures shall be provided to

a) isolate the process in order to minimize the consequences of a leak or overflow,

b) initiate shutdown or isolation of ignition sources in the event of the release of flammable vapours,

c) shut-in the process in the event of a fire, or gas accumulation, and

d) depressurize the inventory, if necessary, based on risk evaluation, by connecting process safety

systems to the system for discharging gas to the atmosphere.

6.2.5 The process safety system provided shall be independent of and in addition to the process control

devices used in normal process operation. Failure of the normal process control system shall not cause a

8 © ISO 2019 – All rights reserved
---------------------- Page: 14 ----------------------
ISO 10418:2019(E)

dangerous failure of the process safety system or impede the process safety system from responding to

an abnormal event.
6.2.6 The location of SDVs shall be determined based on the following:
a) detailed flow schematic and operating parameters;
b) process segregation/isolation philosophy which consider
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.