Triconex Safety System Platforms

Transcription

1

2 Triconex Safety System Platforms Presented to OpsManage 13 ANZ User Conference Presented by Al Fung May 6, Invensys. All Rights Reserved. The names, logos, and taglines identifying the products and services of Invensys are proprietary marks of Invensys or its subsidiaries. All third party trademarks and service marks are the proprietary marks of their respective owners. Slide 2 Invensys 00/00/00 Invensys proprietary & confidential

3 PEOPLE PROCESS Certified People: +650 Safety Engineers +270 Certified Functional Safety Engineers +15 Certified Functional Safety Experts Certified Products: IEC61508:2010 Tricon SIS Trident SIS Tri-GP SIS Tristation software SafetyView software 30 years of Safety Certified Procedures: IEC61511 certified Certified Delivery centres: UK Singapore India Egypt Etc... Service & Support: Global Customer Support Customer First program Global support, delivered locally Safety Lifecycle Services Service Level Agreements TECHNOLOGY SUPPORT Continuously Safe, Reliable Production Think Safe Available Secure

4 1 Product Updates and Roadmap Security Overview and Roadmap Alarm and Bypass Management for Safety Systems Slide 4

5 Continuously Safe, Reliable Production pplications Process Safety Management APerformance visibility, reporting, KPIs and decision support Software Unified Control and Safety Configuration Tools Simplify configuration, maintenance and change management Controller Common Enhanced Main Processors Superior performance and on-line functionality Device & Sys Int. I/O subsystem. Triconex on the Control Network Simplify network implementation, reduce infrastructure costs Harmonize I/O & Reduced Footprint Optimize Total Cost of Ownership Think Safe Available Secure Invensys Proprietary & Confidential

6 Continuously Safe, Reliable Production pplications Continuously Safe, Reliable Production A Lower o e safety incident probability. Software Fewer personnel needed to engineer and maintain SIS operation. Controller Extend SIS lifecycle. Increase plant duty cycles for greater continuous operation and production Device & Sys Int. Faster SIS start-up schedules. Lower network infrastructure & maintenance costs. Faster post Trip Analysis I/O subsystem. Lower Total Cost of Ownership. Think Safe Available Secure Invensys Proprietary & Confidential

7 Trident / Tri-GP v3.0 Release Application New Communications Integration Module (CIM) Adds OPC-UA (Unified Architecture) communications Features Enhanced security features e.g. digital signature and authentication Improved performance of safety peer to peer communications Auto discovery on Enhanced Diagnostic Monitor application Benefits Freedom of choice - Open connectivity Safe and Secure Defense in depth Broad industry support Flexible integration with other systems Think Safe Available Secure Invensys Proprietary & Confidential

8 Trident / Tri-GP v3.0 New Communications Integration Module Media support for both Copper and Fiber Optic New Peer to Peer functionality Enhanced encryption algorithms New function blocks Supports both existing (for tie into existing systems) and new function blocks Performance improvements Certified by TUV for SIL3 applications Embedded OPC-UA functionality Embedded OPC-UA Server Supports up to 10 concurrent OPC UA clients Slide 8 Invensys Proprietary & Confidential

9 Trident / Tri-GP v3.0 Tristation V4.10 Support for Trident / Tri-GP 3.0 controllers and Communications Module Secure communication with Trident / Tri-GP 3.0 through windows security certificates New function blocks for alarms (safety view) and peer to peer 2 new I/O reports :- I/O utilization, Disabled points Verify download operation via comparison of control program elements in the Triconex controller with those in Tristation 1131 project Enhanced Diagnostic Monitor V2.7 Support for Trident / Tri-GP 3.0 systems Secure communication with Trident / Tri-GP 3.0 through windows security certificates Automatic discovery of Trident / Tri-GP 3.0 controllers (with CIM installed) on the network, eliminating the need to manually configure the network connection to the controllers. Slide 9 Invensys Proprietary & Confidential

10 Trident / Tri-GP Wireless Peer to Peer Application Wireless media for peer to peer communications between Trident / Tri-GP systems (e.g. Well head, Tank Farm) Features COTS equipment, dual frequency radio (2.4 GHz, 5.8 GHz) Wireless MESH configuration for resilience Equivalent performance to wired solutions Secured wireless network (proprietary wireless frame) Benefits Estimated 50-70% less cost than wired solution Flexible and easily adapted to future needs Easy to deploy and manage Safety for stranded assets Think Safe Available Secure Invensys Proprietary & Confidential

11 Wireless Peer to Peer Tools for Wireless Configuration Virtual Switch (wireless mesh) Invensys Proprietary & Confidential

12 Triconex I/A Series Integration Application Triconex I/A Series Hardware Integration Features Direct integration of Triconex onto control network Triconex appears as a control station Exchange Interlock data with control stations Maintain Separation Benefits Lower Total Cost of Ownership Reduced physical space Faster installation & commissioning Tricon Trident Tri-GP Integrated and Separate you can have both! Think Safe Available Secure Invensys Proprietary & Confidential

13 Integrated Control & Safety Operator Workstations Engineering / Maintenance Workstation Real Time Data Historian Alarms / SOE Engineering Galaxy Repository Control Network Dedicated Safety Peer to Peer Process Controllers Safety Controllers Slide 13 Invensys Proprietary & Confidential

14 Virtualization Application Safety system software run in a virtual environment Safety visualization on Thin Clients Features Consistent and compatible with I/A Series DCS Qualified & operational on standard hardware Benefits Less cost, space, energy consumption Reduction in workstation maintenance activities Support multiple Triconex software versions from a single server Simplify software configurations Think Safe Available Secure Invensys Proprietary & Confidential

15 Virtualization Triconex Software & OS Tristation TS1131 v4.10 (or later) Enhanced Diagnostic Monitor v4.7 (or later) Excluded: TriLogger and SOE Windows 7 and Windows Server 2008 r2 Thin Client Support Remote Desktop Protocol (RDP) HP Thin Client Stations Specification to qualify other TC Hardware Architecture Guidelines Sizing Guidelines Performance Recommendations Virtualization Server HP DL380 Rack Mount Server Thin Client HP t610 Flexible Thin Client Slide 15 Invensys Proprietary & Confidential

16 2 Product Updates and Roadmap Security Overview and Roadmap Alarm and Bypass Management for Safety Systems Slide 16

17 Slide 17

18 Industry & Technology Trends Defense e Economic Liberalization Industrialization in Asia and Middle East Trend towards open communication Rise of networked solutions Corporate, IT, Automation Confusion between IT and Automation departments Continuous push to lower cost Human Element in Security Breach Certification becoming mandatory E.g. Achilles Level I and II, WIB, ISA Secure Speed of Change at IT level = Fast, at Automation level = Slow Standards continue to evolve E.g. ISA 99, NERC, ISA Secure Thr reat Cyber Attacks cost business an average of $2 Million per year Attacks are more hostile, frequent, and impact is greater Threats are more complex E.g. latest malware penetrated Firewalls Malicious Attacks increased by 81% in 2011 Slide 18

19 Where is Triconex today? Achilles Certification Secure Access Model Tofino Firewall Enhanced Security Slide 19

20 Security Application Continuous security hardening for Safety System and engineering workstation Features Consistent with standard practice for I/A Series DCS Operating System Patch and Anti Virus validation White listing TriStation engineering g workstation Benefits Continuous security updates mitigate external security threats to safety system assets Slide 20

21 Triconex Software Security Patch Management Scope Software: TriStation 1131 and Enhanced Diagnostic Monitor Versions Tested: current plus (2) prior Windows 7 Operating System Security Patch updates Anti Virus.dat virus signature file updates Process Monthly test of Triconex software against standard test procedure on standard PC (I/A Series workstation) ti Publish appropriate Sales Alert and Customer Notifications

22 Cyber Security Roadmap Product Secure tional Security Assessment Funct Ac chilles Test Kit.dat TEST TCX Achilles II Compliance TCX& IA ISA Secure TCX ISA Secure IA TCX OS & AV patch = IA Anti Virus on IA / TCX.dat TEST Strategic TCX ISA Secure SCADA ISA Secure PAC ISA Secure SYSTEM Secure e Service Secure Delivery ity Assessment TriStation 1131 White Listing Secure Tricon TCM ewib Compliance Functional Secur Global Windows Server Update Service Best Practices & Procedures Hardening TriStation 1131 & Enhanced Diagnostic Monitor International Docs ISO LEGEND: BLUE under development; YELLOW planned Continuous Validation Invensys Proprietary & Confidential

23 3 Product Updates and Roadmap Security Overview and Roadmap Alarm and Bypass Management for Safety Systems Slide 23

24 Refinery Safety BP Refinery, Texas City 2005 refinery explosion 15 killed, 180 injured, $21 million fines, $1.5 billion loss Two of the four key hazard contributors: Failed management of instrumentation and alarm systems Allowing of non essential personnel in high risk areas Slide 24 Invensys Proprietary

25 Refinery Safety After BP Texas City Chemical Safety Board recommends Safety Metrics Results of survey, 51 of 159 U.S. refineries 90% at least one of the key contributor 43% had 3 of the key hazard contributor Slide 25 Invensys Proprietary

26 Current Issues with Safety Management in a Plant How safe is my plant running or operating? Is it safe at this point in time? Are there leading and lagging safety metrics? Safety impact of a device alert/failure/bypass What is the impact of a device alert/failure on a SIF? Are SIF assumptions valid? E.g. Proof testing is performed as per SIF design? Slide 26 Invensys Proprietary

27 Safety View Online tool to help clients run their plant safely: Operator tool for Priority Level 1 alarms Maintenance tool for bypass management Manage Operational Risk with Confidence Provides: Situational awareness and visibility of the risks being managed Contextual information to facilitate decision support Slide 27

28 Certification World s First TÜV Certified software based Alarm & Bypass HMI system: TÜV Certifiedto to IEC61508:2010 For use in applications up to SIL3 Systematic Capability Level 3 (SC3) Note: Systematic capability is the measure (expressed on a scale of 1 (low) to 4 (high)) of the confidence that equipment will not fail due to relevant systematic failure mechanisms when the equipment tis applied in accordance with the instructions specified in its safety manual. Slide 28

29 Priority 1 Alarms ISA 18.1 Annunciator Sequence and Specifications: Sequence Code M: Manual Reset Sequence Code A: Automatic Reset Sequence Code R: Ring Back Safety View allows you to: Acknowledge individual / group alarms Re activate alarms acknowledged by an operator during previous shift Clear first out alarms Silence Audible alarms Reset alarms in ring back state Slide 29

30 Features Independent from DCS Supports Redundancy for increased availability Records all operator actions Provides audit trail Configurable displays Grouped by Lines Of Equipment Detailed description for each alarm for greater context and understanding Effective Operator Response Slide 30

31 Bypass Bypass safety critical devices for: Maintenance Calibration During start up, shutdown etc. Clear indication of devices in Bypass Records all operator actions Provides audit trail Slide 31

32 Benefits Maximize Return on Assets: Lower equipment costs Lower installation costs Minimize footprint, power consumption, HVAC etc. Increase Overall Equipment Efficiency ReduceUnscheduled Downtime: Minimize production downtime due to operator error Provide contextual information Increase visibility of risks Reduce Maintenance Costs: Rd Reduce spares holding No LED / Lamp replacement No servicing required Slide 32

33 Safety View - Today Alarm zone, displays all configured alarms Bypass zone, displays all active bypasses Control zone, Information provides zone, displays controls for information acknowledging g about selected and bypassing alarm alarms Provides audit trail for operator actions Invensys Proprietary & Confidential Slide 33 Invensys Proprietary

34 Safety View Application Alarm and Bypass Management in compliance with ISA Annunciator Sequences and Specifications Standard Features Dedicated Operator view of Priority Level 1 (P1) alarms Maintenance tool for bypass management Provides audit trail of operator actions Easy to configure - Dedicated alarm function blocks available in TS1131 library for Tricon, Trident, Tri-GP Benefits IEC61508:2010TUV approved to SC3 Minimize production downtime due to operator error Easy for clients to standardize Manage operational risk with confidence Think Safe Available Secure Invensys Proprietary & Confidential

35 Operational Integrity (Process Safety Management) Functional Safety Process Safety Occupational Safety DCS Operations Trips, slips, falls Safety Systems Maintenance Working at heights Alarms Procedures Handling materials Performance and Reporting Slide 35

36