• About the
  HART Protocol
  • What is HART?
  • How HART Works
  • Benefits of HART
  • Device Descriptions
  • HART Specifications
  • FAQ
• WirelessHART
  Technology
  • Overview
  • How It Works
  • Applications
  • Components
  • Getting Started
  • WirelessHART Resources
• Using
  HART
  • How to Choose HART Products
  • Device Commissioning
  • Configuration
  • Integration
  • Calibration
  • Wire Length & Capacitance
• Product
  Catalog
  • New Product Spotlight
  • All Products
  • Wired Products
  • Wireless Products
• HART
  Applications
  • Use Cases
  • Success Stories
• Training &
  Resources
  • Training
  • Resources
•  

• About the
  Organization
  • Mission & Values
  • Management
  • Board of Directors
  • History
  • Contact Information
• 
  Membership
  • Regular Membership
  • User Membership
  • Membership Documents
  • Member Directory
• Documents
  & Services
  • Specifications & Documents
  • 275 Programming Services
  • HART OPC Server
  • HART Server Application Developer
• News &
  Events
  • Press Releases
  • Events
  • Newsletters
• Plant of the
  Year Award
  • Nomination Form
  • Previous Recipients
•  

• HART Applications
• Use Cases
  • Overview
  • Inventory Management
  • Safety Integrity
  • Advanced Diagnostics
  • Unmanned Offshore Gas
  • Cost-Saving Applications
  • Open Architecture
• Success Stories
  • Overview
  • Petroplar Mejorador
  • StatoilHydro
  • Shell Petroleum Developmant
  • Appleton Paper
  • V-F Controls
  • BP Canada Energy
  • Sasol Solvents
•  

Continuous HART Communication Increases Safety Integrity Level

By Bud Adler
Moore Industries International, Inc.

Despite the reliability delivered by today’s process transmitters and valve controllers, devices do fail. The more risk associated with a failure, the more important it is to ensure the operational integrity of the device. For example, a runaway exothermic reaction is (of course) far more serious than an overcooked batch of cookies (although to some, burnt sweets is a major tragedy as well!).

HART DIAGNOSTIC ALERTS

All HART smart devices have diagnostic indicators that can alert users to a change in instrument status from a remote location. This data, in the form of status bits, is embedded in the HART digital messages superimposed on the 4-20mA signal.

The diagnostic status bits available in a HART communicating device are:

Bit 7—Device Malfunction
Bit 6—Configuration Changed
Bit 5—Cold Start
Bit 4—More Status Available
Bit 3—Primary Variable Analog Output Fixed
Bit 2—Primary Variable Analog Output Saturated
Bit 1—Non-Primary Variable Out of Limits
Bit 0—Primary Variable Out of Limits

Many users have discovered the value of accessing these diagnostics with their Hand-Held Configurator (HHC).

GOOD NEWS:
Users can detect a problem when the HHC is connected to the loop.

BAD NEWS:
Unless the control system or a loop monitor is communicating with the device on a continuous basis, the ability to detect problems ceases as soon as the HHC is disconnected.

CONTINUOUS FAULT MONITORING
HART-capable control systems and interfaces can continuously monitor the diagnostic status bits in important field devices and provide early warning if problems are detected. HART- capable Loop Monitors, such as the Moore Industries SPA, provide a cost-effective alternative if the control system is not HART-capable.

The SPA is typically mounted behind the panel and connected across the loop just like an HHC. When the HART status bits change, the SPA provides both LED indication and relay output(s). This relay action can warn of the situation and/or institute a shutdown, or transfer the instrument to a safe mode of operation pending resolution of the situation.

In addition to monitoring the diagnostic status bits, the SPA can also initiate an alarm or provide a 4-20mA signal based on any three of the Dynamic Process Variables available in HART devices. Device manufacturers define up to four process-related variables to be communicated in these Dynamic Variables.

MULTI-VARIABLE DEVICES

• Pressure: Pressure, Temperature and Differential Pressure

• PH Transmitters: Electrode output, compensation temperature and sensor impedance

• Coriolis Meters: % solids, density and temperature

• Valve Positioner: Actual Stem Position, Actuator Pressure, and Target Stem Position

• Temperature Transmitter: Cold junction compensation value HART communication allows monitoring of these Status Bits and
Dynamic Variables on a continuous basis providing valuable insight into both hard failures and subtle offsets.

EXAMPLE #1
Excess friction in a control valve often leads to surging conditions that can result in dangerous process upsets. Loss of actuator pressure from a clogged air filter or a torn diaphragm may also lead to a dangerous or costly control offset. The HART Loop Monitor can be configured to alarm on either or both of these conditions. It can also annunciate any of a variety of other performance-related situations.

EXAMPLE #2
Potentially catastrophic results can occur when an emergency shutdown valve does not close when triggered by a dangerous process upset. These critical valves often go for months, or even years, without being stroked to assure proper operation. Clogged air filters, corroded shafts or failed control wiring can all lead to a malfunction. Where the operation of this valve is safety critical, a prudent strategy is to upgrade it with a smart HART positioner complemented with a HART Loop Monitor. With this combination, the presence of adequate air supply can be verified and the valve can be partially stroked on a regular basis to insure its ability to move off of the seat. The loop monitor provides stem position feedback alarms to insure that the valve is only partially stroked thus avoiding a process upset.

EXAMPLE #3
Most temperature transmitters incorporate sensor diagnostics. In general, the main task of sensor diagnostics is to drive the 4-20mA output either upscale or downscale upon sensor failure. In a safety critical application, this high or low action would often trigger an expensive (and perhaps unnecessary) process shutdown. A HART Loop Monitor can be configured to use the status bits to provide a relay output indicating sensor failure. To avert a process shutdown, this strategy provides differentiation between a non-serious sensor problem and potentially dangerous process condition. For more safety critical applications, a dual non-voting scheme or a two-out-of-three scheme provides even more reliability.

EXAMPLE #4
A subtle failure that may go overlooked for days is a transmitter lock-up characterized by the signal being frozen at a given value. This can occur when a Hand-Held Communicator is used to perform a loop test and is disconnected before returning the transmitter to automatic operation. If the signal happens to be at either 0% or 100%, the condition will be quickly recognized. However, if it were left at 50%, the oversight may go unnoticed and possibly cause a dangerous situation. The HART Loop Monitor would call attention to this condition immediately with a relay output.

HOW SAFE IS SAFE
When performing a Risk Analysis on a process operation, each loop is analyzed for its potential contribution to an unsafe condition should a failure occur. This assessment will define an acceptable Safety Integrity Level (SIL) for each loop in that process. It is up to the design team to select the proper products and procedures to demonstrate the achievement of the required SIL. Guidelines are offered in the ISA standard SP84.01 and in the IEC standard 61508 for methods to improve loop reliability.

Every device in a loop has potential failure conditions. Sometimes increased maintenance will insure a higher degree of reliability. For many devices, online diagnoses of failures or potentially dangerous conditions is required to insure the level of reliability demanded by the SIL of the process. Using HART communication allows the diagnosis of potentially dangerous failures and conditions to be significantly increased. This increases loop reliability. By increasing the detection of potentially dangerous failures, the Safety Failure Fraction (SFF) is increased. This results in a reduced Probability of Failure upon Demand (PFD). [Refer to the standards for a complete definition of these terms.]