Integrated Control and Safety Systems (ICSS)

Introduction

Over the last decade, Floating Production Storage and Offloading Vessels (FPSO), Central Processing Platform (CPP) and Wellhead Platform (WHP) have increasingly peppered the oceans at oil well locations previously untapped due to enormous water depths.

On board these oil producing vessels is a Central Control Room (CCR), where all the daily activities are being carefully monitored and controlled to guarantee smooth oil production and to ensure environmental and personnel safety. At the heart of the CCR is the Integrated Control and Safety System (ICSS), which quietly regulates the production process by means of the Process Control System (PCS), Safety Instrumented System (SIS), Fire and Gas detection System (FGS) and High Integrity. Pressure Protection System (H IP PS).

Real Time Information & Control

Within the control room, a cockpit view of the production process is made available using ergonomically-designed Operator Control stations. Any disruption to the process can be closely monitored in the form of visual, alarm logs and historical archives. Operators are given real-time information necessary to make proper corrective actions to put the process back to track. Should any unwarranted process upset occur despite operator invention, the affected process units will be shutdown automatically by the highly

integrated SIS. The SIS prevents escalation of process upsets due to equipment failure, sudden fluctuation in process parameters or human error, whilst manipulating the control features. The smooth operation of the Plant is largely dependent on the effectiveness of the control strategies implemented by the PCS.

These include managing the start-up permissive, start-up bypass, sequence control, proper tuning of PID control loops, proper interlocking and recording functions such as sequence of events, historical archiving and alarm management.

In the emergency condition of hydrocarbon gas leakage, smoke or even fire outbreak, the Fire and Gas system (FGS) will detect any surge occurrence and execute protective actions. These include fire alarm sounding, fire beacons, fire or gas area indication and cascading signals to the SIS to protect process equipment by shutting down the affected units. 

Key Benefits & Highlights of an Excel Marco ICSS:

  • Seamless integration of PCS, SIS and FGS;
  • Operator-friendly Human Machine Interface;
  • Dedicated software library;
  • Real-time data acquisition and display;
  • Functionally separated safety systems approved by TUV to SIL3;
  • Optimized Performance to Cost of Ownership;
  • Fit for Purpose design 

Emergency Shutdown Hierarchy

Depending on individual plant practices, there are typically 4 levels of Emergency Shutdown Hierarchy. Integration is tantamount to the ICSS where the status of all subsystems is readily available real-time at the operator's finger tips. This is achieved through high speed Ethernet links between different sub-systems and seamless interfacing protocol that transmits data from controllers to Operator Stations.

ICSS Benefits

The benefits of ICSS include but are not limited to:

  • Operational and Cost Efficiency due to resource sharing such as Engineering Station (ES), PLC, Operator Station Client (OS Client), Operator Station (OS Server), Historian
  • Total Integration: Process and safety are totally integrated, allowing standard and safety programs to reside in the different part of same CPU.
  • Customized Solution: Dedicated software library developed based on industrial standards and has a wide range of field proven function blocks to cater for requirement of our customers.
  • Communication gateway is not required between the PCS and Safety System, thus eliminating another possible point of failure
  • Common EWS (Engineering Workstation) for PCS, SIS, EGS and HIPPS
  • Common hardware platform significantly reduces range of spares required 
Typical Integration of Process Control and Safety
System 
ICSS with Process Control and Safety
Systems

System Architecture

A typical architecture of ICSS includes Automation Station (AS), Redundant Operator Station Server (OS Server), Operator Station Client (OS Client), and Central Archive Server (CAS) and 3rd party OPC Server. "AS" refers to PLC and I/O modules whereas "OS" refers to HMI station and database server.

Communication between Servers and Clients, Servers and PLC is achieved through redundant ring network via Industrial Ethernet with speeds of 10 or 100Mbps. Ethernet Network Heartbeats for PC stations are constantly monitored, and their status displayed on the HMI. Safe communication between the safety program in the F-CPU and the fail-safe inputs and outputs takes place via the standard PROFIBUS DP with superimposed PROFI-safe safety profile. Since both standard and safety communication take place on the same bus, there is no additional hardware requirement.

Central Archive Server stores alarm messages, process values, reports and batch data. Historical data can be reviewed in trend view at the client station or exported to excel for data analysis.

Time synchronization can be configured via GPS Clock or Server PC Clock as Time Master. With GPS clock, the plant network is synchronized at a defined time interval with a GPS satellite signal and time resolution up to 1ms. The more economical solution will be "Assigning Server as Time Master". The accuracy of Server PC Clock cannot be as accurate as GPS clock unless PC time synchronizes with the Internet time server with time resolution up to is. 

High Integrity Pressure Protection System (HIPPS) is designed to control over- pressurization of a plant such as production header of FPSO. HIPPS can be placed in Zone 2 environment.