50 replies to this topic

[cea]

Dear All-

This refers to attached scheme, wherein regeneration gas is entering at 300 deg C, which is getting cooled in cooling water exchanger to 55 deg C & send to B.L. through regenaration gas separator.

The design temperature of regeneration gas separator is 85 deg (as per criteria of maximum operating +15 deg C). However, the safety valve capacity is decided based on block discharge.

A point is raised for the design temperature of regeneration gas separator in case of cooling water failure.

Can somebody guide me whether design temperature for downstream equipment of cooler shall be raised considering cooling water failure / else what shall be done to safe gaurd the down stream equipment in case of cooling water failure.

Thanks in advance.

Attached Files

•  Scheme.pdf   199.78KB   206 downloads

[fallah]

Dear All-

This refers to attached scheme, wherein regeneration gas is entering at 300 deg C, which is getting cooled in cooling water exchanger to 55 deg C & send to B.L. through regenaration gas separator.

The design temperature of regeneration gas separator is 85 deg (as per criteria of maximum operating +15 deg C). However, the safety valve capacity is decided based on block discharge.

A point is raised for the design temperature of regeneration gas separator in case of cooling water failure.

Can somebody guide me whether design temperature for downstream equipment of cooler shall be raised considering cooling water failure / else what shall be done to safe gaurd the down stream equipment in case of cooling water failure.

Thanks in advance.

If cooling water being failed,by TT-4012 probably there will be an action by TI-4012 on high alarm.Knowing this action make help to better clarification.

If TI-4012 on high alarm not followed by an action prevent the hot gas (due to cooling water failure) passing through separator,the design temperature of separator should be 300 C (not 85 C).

Anyway,the safeguard might be closing a SDV located at the regeneration gas inlet to exchanger by alarm high of TI-4012 and set point of 85 C (predefined design pressure of separator).

[cea]

Thanks Fallah-

We have added HH alarm on TI4012, thereby tripping regeneration gas flow towards condenser.

Well, in general, I would like to know the standard practice in refineries being adopted, wherein high temperature process fluids are cooled in water cooler. Whether to increase design temperature of downstream equipment or provide interlocks to avoid such situation, considering failure of cooling media.

Thanks & Regards

[Qalander (Chem)]

Thanks Fallah-

We have added HH alarm on TI4012, thereby tripping regeneration gas flow towards condenser.

Well, in general, I would like to know the standard practice in refineries being adopted, wherein high temperature process fluids are cooled in water cooler. Whether to increase design temperature of downstream equipment or provide interlocks to avoid such situation, considering failure of cooling media.

Thanks & Regards

Dear cea Hello/Good Morning,

May be you need to review the overall

SIL(Security Integrity Level) and

LOPA(Layers of Protection Analysis)&

FMEA(Failure Mode & Effect Analysis)

Considering the 'HAZOPS','What -If' analysis details (presumably already conducted)!

[fallah]

Thanks Fallah-

We have added HH alarm on TI4012, thereby tripping regeneration gas flow towards condenser.

Well, in general, I would like to know the standard practice in refineries being adopted, wherein high temperature process fluids are cooled in water cooler. Whether to increase design temperature of downstream equipment or provide interlocks to avoid such situation, considering failure of cooling media.

Thanks & Regards

Even though simultaneous cooling water interruption and instrument (TI-4012) malfunction could be considered as double jeopardy (according to API 521) and don't happen,in the cases i had seen it is preferred to increase design temperature of downstream equipment equal to that of cooler gas side for being more conservative conditions.

[Qalander (Chem)]

Thanks Fallah-

We have added HH alarm on TI4012, thereby tripping regeneration gas flow towards condenser.

Well, in general, I would like to know the standard practice in refineries being adopted, wherein high temperature process fluids are cooled in water cooler. Whether to increase design temperature of downstream equipment or provide interlocks to avoid such situation, considering failure of cooling media.

Thanks & Regards

Even though simultaneous cooling water interruption and instrument (TI-4012) malfunction could be considered as double jeopardy (according to API 521) and don't happen,in the cases i had seen it is preferred to increase design temperature of downstream equipment equal to that of cooler gas side for being more conservative conditions.

I feel although Conservative still safer to adopt indeed!

[fallah]

I feel although Conservative still safer to adopt indeed!

Your statement hasn't adequate capability in order to being understood.
Please submit your viewpoint with enough clarity and as simple as possible.

[jprocess]

The design temperature shall be decided based on maximum anticipated operating temperature(except the fire resultant temperature). So the cooling failure shall be considered for setting design temperature of cooler and separator. This approach is neither conservative nor double jeopardised!

[fallah]

The design temperature shall be decided based on maximum anticipated operating temperature(except the fire resultant temperature). So the cooling failure shall be considered for setting design temperature of cooler and separator. This approach is neither conservative nor double jeopardised!

Be specific in addition to being dynamic!

Your statement generally is right,but i thing in this post we shall discuss about the specific matter to be submitted.

Refer to attachment of first post.
TI-4012 is considered as a safeguard to prevent overheating of the separator tripping (probably by closing a SDV) regeneration gas flow towards condenser on HH alarm(as mentioned by post originator).

At above conditions,only simultaneous occurance of two unrelated causes (cooling failure and instrument malfunction) could lead to overheating of the separator.

Of course, if in process point of view there isn't the possibility of tripping regeneration gas flow towards condenser,we shall consider the same design temperature for condenser and separator.

[Qalander (Chem)]

The design temperature shall be decided based on maximum anticipated operating temperature(except the fire resultant temperature). So the cooling failure shall be considered for setting design temperature of cooler and separator. This approach is neither conservative nor double jeopardised!

Be specific in addition to being dynamic!

Your statement generally is right,but i thing in this post we shall discuss about the specific matter to be submitted.

Refer to attachment of first post.
TI-4012 is considered as a safeguard to prevent overheating of the separator tripping (probably by closing a SDV) regeneration gas flow towards condenser on HH alarm(as mentioned by post originator).

At above conditions,only simultaneous occurance of two unrelated causes (cooling failure and instrument malfunction) could lead to overheating of the separator.

Of course, if in process point of view there isn't the possibility of tripping regeneration gas flow towards condenser,we shall consider the same design temperature for condenser and separator.

Dear fallah,I remain conservative regarding

1) instruments failure possibilities be a TI or other basic measuring element generating signals to operate(your assumed SDV) on hot stream's inflow; after having seen 'Texas BP North America Refinery Raffinate splitter Bottoms level alarm failure back in March 2005 ';this catastrophe had more than 170 injuries around 15 fatalities.

2) Even From process angle it's definitely less credible a scenario to consider regenerating 'Hot' gas stream inflow's total shut-off.

On above two accounts it is worth considering to have higher design temperature in the case under discussion.
Hope here I stay clearer and Simple for understanding!

[fallah]

Dear fallah,I remain conservative regarding

1) instruments failure possibilities be a TI or other basic measuring element generating signals to operate(your assumed SDV) on hot stream's inflow; after having seen 'Texas BP North America Refinery Raffinate splitter Bottoms level alarm failure back in March 2005 ';this catastrophe had more than 170 injuries around 15 fatalities.

2) Even From process angle it's definitely less credible a scenario to consider regenerating 'Hot' gas stream inflow's total shut-off.

On above two accounts it is worth considering to have higher design temperature in the case under discussion.
Hope here I stay clearer and Simple for understanding!

Dear Qalander,

If you pay attention to my second post in current topic you will see my statement as:

"In the cases i had seen it is preferred to increase design temperature of downstream equipment equal to that of cooler gas side"

and if i were cea (topic originator) i preferred to take design temperature of condenser and separator only as per cooling failure.

About your first item,please be informed TI-4012 as described by cea is a part of safety system(not control system) and also is among shut down levels activates an interlock in the case of HH alarm that closes SDV upstream of the condenser and should be as much as reliable to be a safeguard for protecting separator subjected to temperature over than 85 C.
Cea is requested to submit detail description about safety system of his/her proposed regen gas cooling.

About your second item,credibility and possibility of tripping regen gas flow upstream of condenser should be explained by cea in detail.

[Qalander (Chem)]

Dear fallah,I remain conservative regarding

1) instruments failure possibilities be a TI or other basic measuring element generating signals to operate(your assumed SDV) on hot stream's inflow; after having seen 'Texas BP North America Refinery Raffinate splitter Bottoms level alarm failure back in March 2005 ';this catastrophe had more than 170 injuries around 15 fatalities.

2) Even From process angle it's definitely less credible a scenario to consider regenerating 'Hot' gas stream inflow's total shut-off.

On above two accounts it is worth considering to have higher design temperature in the case under discussion.
Hope here I stay clearer and Simple for understanding!

Dear Qalander,

If you pay attention to my second post in current topic you will see my statement as:

"In the cases i had seen it is preferred to increase design temperature of downstream equipment equal to that of cooler gas side"

and if i were cea (topic originator) i preferred to take design temperature of condenser and separator only as per cooling failure.

About your first item,please be informed TI-4012 as described by cea is a part of safety system(not control system) and also is among shut down levels activates an interlock in the case of HH alarm that closes SDV upstream of the condenser and should be as much as reliable to be a safeguard for protecting separator subjected to temperature over than 85 C.
Cea is requested to submit detail description about safety system of his/her proposed regen gas cooling.

About your second item,credibility and possibility of tripping regen gas flow upstream of condenser should be explained by cea in detail.

Thanks very much indeed!
We await OP's response to update now!

[cea]

Dear All-
As requested, here is brief process.
The plant is dehydration unit of C2-C3 by moleculare sieve adsorption, where the exhausted bed needs to be regenerated by regeneration gas at 300 deg C.

In updated scenerio, we have provided H alram (say at 60 degC) & HH alarm (say at 65 deg C) to TI4012, whereby it trips hot regeneration gas towards bed & subsequently to cooler.

However, on tripping of hot gas towards bed, a cold gas bypass valve (PCV) opens & allow some cold flow towards cooler.
These two provisions (such as tripping of hot gas & cold gas flow through bypass valve) can ensure that separator temperature will remain well within limit.

On reading all above your discussions (which are really worth reading), even I am of openion to increase the design temperature of separator considering cooling water failure.

Thanks & Regards

[Qalander (Chem)]

Dear All-
As requested, here is brief process.
The plant is dehydration unit of C2-C3 by moleculare sieve adsorption, where the exhausted bed needs to be regenerated by regeneration gas at 300 deg C.

In updated scenerio, we have provided H alram (say at 60 degC) & HH alarm (say at 65 deg C) to TI4012, whereby it trips hot regeneration gas towards bed & subsequently to cooler.

However, on tripping of hot gas towards bed, a cold gas bypass valve (PCV) opens & allow some cold flow towards cooler.
These two provisions (such as tripping of hot gas & cold gas flow through bypass valve) can ensure that separator temperature will remain well within limit.

On reading all above your discussions (which are really worth reading), even I am of openion to increase the design temperature of separator considering cooling water failure.

Thanks & Regards

Thanks cea,

You have done two greats here;
1) Fullfillment of our humble request(s)
2) Fullfillment of Forum adminstrator's suggestion in 'Bold red' on forum's top.

Best of luck to follow it up with inherent process safety culture approach.

[fallah]

On reading all above your discussions (which are really worth reading), even I am of openion to increase the design temperature of separator considering cooling water failure.

cea,

In your second post you mentioned as:

"We have added HH alarm on TI4012, thereby tripping regeneration gas flow towards condenser."
Considering two above statements,seems your opinion is against your action!

Let us know your final practical decision.

[cea]

On reading all above your discussions (which are really worth reading), even I am of openion to increase the design temperature of separator considering cooling water failure.

cea,

In your second post you mentioned as:

"We have added HH alarm on TI4012, thereby tripping regeneration gas flow towards condenser."
Considering two above statements,seems your opinion is against your action!

Let us know your final practical decision.

Dear Fallah-
The concern of design temperature was raised during Hazop. Presently, project have already gone ahead with vessel thickness calculation, civil foundation load calculation etc.
Any change at this stage will call for so many changes in other engineering.

Although, I am agreed to consider cooling water failure while deciding design temperature (which I will definately consider in future), I am making said arrangement (such as tripping the hot gas at HH alarm from TI-4012) to take care of separator during cooling water failure, without changing separator shell thickness & subsequently civil load etc.

I feel this is practical approach at this stage.

Regards,

[fallah]

Dear Fallah-
The concern of design temperature was raised during Hazop. Presently, project have already gone ahead with vessel thickness calculation, civil foundation load calculation etc.
Any change at this stage will call for so many changes in other engineering.

Although, I am agreed to consider cooling water failure while deciding design temperature (which I will definately consider in future), I am making said arrangement (such as tripping the hot gas at HH alarm from TI-4012) to take care of separator during cooling water failure, without changing separator shell thickness & subsequently civil load etc.

I feel this is practical approach at this stage.

Regards,

Dear cea,

As i understood,now the separator is designated based on design temperature of 85 C (lower than design temperature of upstream condenser),and the safegurad of separator from being overheated during cooling water failure is HH alarm from TI-4012.Please confirm/correct me if i am wrong.

If you confirm my above understanding i have a question:
Is the TI-4012 accepted as a safeguard against overheating of separator during HAZOP study?

Regards

[cea]

Dear cea,

As i understood,now the separator is designated based on design temperature of 85 C (lower than design temperature of upstream condenser),and the safegurad of separator from being overheated during cooling water failure is HH alarm from TI-4012.Please confirm/correct me if i am wrong.

If you confirm my above understanding i have a question:
Is the TI-4012 accepted as a safeguard against overheating of separator during HAZOP study?

Regards

Dear Fallah-
Your understanding is right.
Well, we are still awaiting reply from client on this issue. I will let you know.
Regards,

[fallah]

Is the TI-4012 accepted as a safeguard against overheating of separator during HAZOP study?

Dear cea,

Thanks for your reply,but my above question remained without any answer.Please reply to it,if is possible.

Regards

[Qalander (Chem)]

Is the TI-4012 accepted as a safeguard against overheating of separator during HAZOP study?

Dear cea,

Thanks for your reply,but my above question remained without any answer.Please reply to it,if is possible.

Regards

I must appreciate this great discussion on process safety

as I derive that Most Probably 'cea' has abstained to clearly accept the reliance scheme on your identified Instrument safeguard;Dear fallah.

Cea Please come up with clarification here,Thanks.

[cea]

Is the TI-4012 accepted as a safeguard against overheating of separator during HAZOP study?

Dear cea,

Thanks for your reply,but my above question remained without any answer.Please reply to it,if is possible.

Regards

I must appreciate this great discussion on process safety

as I derive that Most Probably 'cea' has abstained to clearly accept the reliance scheme on your identified Instrument safeguard;Dear fallah.

Cea Please come up with clarification here,Thanks.

Dear Fallah , Qalander-

I really thankful to you for pushing me until I take right decision.
I got the point what both of you want to highlight. As per my understanding, Fallah want to know the Safety Intigrity Level (SIL) for TI4012. In short, the apprehension is for failure of TI-4012 during cooling water failure. Am I right in my understanding?

In that case, I must add one more TI point on line to take care. Well, this is discussed within our group & we may have to do it. However, we are awaiting reply from client to know whether client is going to accept with additional TI point or may be emphasizing for increase in design temperature of separator.

I think now I made crystal clear picture about my overall approach. Your suggestion are welcome if still I am missing something.

Thanks & Regards

[fallah]

I must add one more TI point on line to take care. Well, this is discussed within our group & we may have to do it. However, we are awaiting reply from client to know whether client is going to accept with additional TI point or may be emphasizing for increase in design temperature of separator.

Dear cea,

Do you mean you are going to consider voting system (1oo2 or 2oo3) by adding additional TT for protection of separator?

Regartds

[jprocess]

Be specific in addition to being dynamic!

Your statement generally is right,but i thing in this post we shall discuss about the specific matter to be submitted.

Refer to attachment of first post.
TI-4012 is considered as a safeguard to prevent overheating of the separator tripping (probably by closing a SDV) regeneration gas flow towards condenser on HH alarm(as mentioned by post originator).

At above conditions,only simultaneous occurance of two unrelated causes (cooling failure and instrument malfunction) could lead to overheating of the separator.

Of course, if in process point of view there isn't the possibility of tripping regeneration gas flow towards condenser,we shall consider the same design temperature for condenser and separator.

In my view your statement is due to misunderstanding of process design rules.
By definition the "Design" conditions shall cover all of the operating cases such as normal, start-up, shut down and upset conditions. Setting design conditions belong to "Passive" protection concept while the instrumentation is "Active" in nature. These two corrective actions belong to two different layers of protection. So statements like what you said (simultaneous occurance of two unrelated causes (cooling failure and instrument malfunction) are wrong.

Let us raise a similar case study:
Consider two pressure vessels with different design pressure values which are connected together through liquid outlet line from the first vessel (a typical example can be gas sweetening plants and absorber tower and downstream flash separator)

In this case based on your justification we can rely on proper operation of instrumentation at the onset of very low liquid level for the absorber and ignore about level control valve failure for downstream flash gas separator BUT as you know we never ignore about this contigency. Do you confirm? (In this case process shutdown due to very low liquid level belongs to active protection philosophy while considering level control valve failure belongs to passive protection philosophy and can not be mixed up together)

Am I specific now?!

[Qalander (Chem)]

Be specific in addition to being dynamic!

Your statement generally is right,but i thing in this post we shall discuss about the specific matter to be submitted.

Refer to attachment of first post.
TI-4012 is considered as a safeguard to prevent overheating of the separator tripping (probably by closing a SDV) regeneration gas flow towards condenser on HH alarm(as mentioned by post originator).

At above conditions,only simultaneous occurance of two unrelated causes (cooling failure and instrument malfunction) could lead to overheating of the separator.

Of course, if in process point of view there isn't the possibility of tripping regeneration gas flow towards condenser,we shall consider the same design temperature for condenser and separator.

In my view your statement is due to misunderstanding of process design rules.
By definition the "Design" conditions shall cover all of the operating cases such as normal, start-up, shut down and upset conditions. Setting design conditions belong to "Passive" protection concept while the instrumentation is "Active" in nature. These two corrective actions belong to two different layers of protection. So statements like what you said (simultaneous occurance of two unrelated causes (cooling failure and instrument malfunction) are wrong.

Let us raise a similar case study:
Consider two pressure vessels with different design pressure values which are connected together through liquid outlet line from the first vessel (a typical example can be gas sweetening plants and absorber tower and downstream flash separator)

In this case based on your justification we can rely on proper operation of instrumentation at the onset of very low liquid level for the absorber and ignore about level control valve failure for downstream flash gas separator BUT as you know we never ignore about this contigency. Do you confirm? (In this case process shutdown due to very low liquid level belongs to active protection philosophy while considering level control valve failure belongs to passive protection philosophy and can not be mixed up together)

Am I specific now?!

Dear mojtaba hello/Good afternoon& Khoosh Aamdeed,

Definitely it is good to see you joining forum discussion in a somewhat different,positive contributory way.

Keep it up it will help many as you help with spread sheets sharing already.

[fallah]

In my view your statement is due to misunderstanding of process design rules.
By definition the "Design" conditions shall cover all of the operating cases such as normal, start-up, shut down and upset conditions. Setting design conditions belong to "Passive" protection concept while the instrumentation is "Active" in nature. These two corrective actions belong to two different layers of protection. So statements like what you said (simultaneous occurance of two unrelated causes (cooling failure and instrument malfunction) are wrong.

Let us raise a similar case study:
Consider two pressure vessels with different design pressure values which are connected together through liquid outlet line from the first vessel (a typical example can be gas sweetening plants and absorber tower and downstream flash separator)

In this case based on your justification we can rely on proper operation of instrumentation at the onset of very low liquid level for the absorber and ignore about level control valve failure for downstream flash gas separator BUT as you know we never ignore about this contigency. Do you confirm? (In this case process shutdown due to very low liquid level belongs to active protection philosophy while considering level control valve failure belongs to passive protection philosophy and can not be mixed up together)

Am I specific now?!

Be informed,the Integrated Plant Control System (IPCS) consists of control systems and safety systems.

In the case of any malfunction of the plant equipment the safety systems will bring automatically the relevant units or part of the units to a safe condition.

The lowest level of protection (among safety systems) generally acts as an additional loop that protects and/or trips equipment.

Contrary to your statement and as i mentioned earlier,relying on HH alarm by TI-4012 that closes a SDV is not relying on proper operation of instruments that are covered by Control Systems.

TI-4012 and relevant SDV are instruments belong to Safety Systems (not belong to Control System, as you think) and depending on the condition should have proper SIL certification to cope with expected malfunctions.

Per above,LCV,you mentioned as an example,is among Control System and doesn't relate to current discussion.