Steve Leech, business manager – Process Control Systems, Siemens UK & Ireland, believes plant owners need to take a longer-term view when developing an effective alarm management strategy

At one end of the operational scale, the ability of a plant operator to respond quickly, efficiently and correctly to alarms has had dramatic and well-publicised consequences. The famous nuclear incident at Three Mile Island in the 1970s is a prime example of an operator overloaded with too many alarms while dealing with misleading messages. It ultimately led to a partial core meltdown that cost over 1 billion euros. Likewise, many millions of pounds of damage was caused at Milford Haven when, in the last 11 minutes of the incident, over 275 alarms were activated. Poor alarm management has also been identified as a significant contributory cause in industrial accidents including explosions at the Texas BP refinery and the Buncefield disaster.
 
While these examples are some of the high profile incidents that have arisen from a poorly managed alarm strategy, it’s also important to recognise that a non-effective alarm management programme can also influence at a daily operational level by contributing to unplanned downtime, reduced plant productivity, and falling profits. A basic definition of alarm management is as follows: ‘alarm management systems support the operator in avoiding and controlling abnormal conditions’. Beneath this lies a number of areas that all contribute to effective and controlled alarm management, such as: operator training in responding to alarms; reducing the number of systems that can generate alarms; clear operation instructions for alarms; standardising the criteria for alarm prioritisation; eliminating or reconfiguring unnecessary alarms; change management for alarms; automatic alarm suppression and defining clear alarm thresholds.
 
With estimates suggesting that process plants lose significant sums due to unplanned downtime, and with much of it attributed to preventable human error, effective alarm management has never been more important. A vital part of every industrial process, alarm warning systems, if used effectively, can influence a company’s bottom line in multiple ways by reducing downtime, increasing productivity, preventing damage to equipment and, most importantly, protecting the lives of workers. Indeed, by taking advantage of the alarm management functions of a sophisticated distributed control system (DCS), companies are investing in risk management, making it possible for plants to operate closer to the limits than
ever before.
 
As technology has developed, the number of alarms designed into systems has increased. This has placed more emphasis than ever on the need to have a strong strategic answer to alarm management responsibilities. As process plants become more connected via, for instance, intelligent instrumentation,
plant operators are presented with vastly
increased levels of information.
 
CONTINUOUS MANAGEMENT
 
Increasingly, adopting a ‘lifecycle approach’ is viewed as the correct response for truly effective alarm management, and the ‘fit and forget’ answer is no longer considered viable. Operators need to accept the need for the continuous management, review and change of the system.
Industry guidelines and standards, such as the Engineering Equipment Manufacturers and Users Association (EEUMA) Publication 191 and ISA 18.2, are
both useful references for defining the terminology and models necessary to mdevelop an effective alarm system and to document best practice.
 
They clearly advocate the lifecycle approach for ongoing management as the best way forward for plant operators. Indeed, they reinforce the point that plant owners are the people responsible for the integrity of the system and the safety of the plant and their employees. Constant review of the alarm system and behavioural characteristics will identify which are the important alarms to take note of together with what is deemed
normal and abnormal behaviour. Alarm ‘hit lists’ can be established so operators can quickly identify what needs attention and what does not. This in turn will create a far more manageable and less stressed scenario for the operator, minimise the impact of ‘alarm avalanches’ on potential production stoppages and, over time, help optimise plant productivity.
 
This approach has been built into DCS systems on the market, including Siemens’ SIMATIC PCS 7. Siemens has developed intelligent lifecycle reporting tools alongside SMART alarm management capabilities to support a ‘plant state-driven’ alarm management strategy. These built-in tools help operators adhere to the ISA standards to build a sound alarm management strategy. To maximise the effectiveness of any alarm management strategy, it should seek to adhere to the five specific lifecycle-based capabilities. They are:
  • A focus on the most important alarms. Set a clear and prioritised order so the most important and fundamental alarms are recognised quickly
  • Suppress meaningless alarms as needed – so alarms do not activate before reaching a set measuring point
  • Quickly comprehend the situation based on clear, consistent, concise, and informative messages
  • Obtain useful information regarding probable cause and recommended corrective action
  • Evaluate the system and operator performance. Ensure built-in evaluation can check and assess both system and operator performance, and ensure operators get the required training.
By instilling a lifecycle approach, plant operators can be freed from dealing with false alarms and instead focus on critical alarms should a real emergency occur. While headline incidents reinforce the importance of alarms, for many owners and operators dealing with the business pressures of daily operation, the peace of mind associated with an effective lifecycle-based alarm management strategy cannot be under-estimated.