FGS and ESD integration

I have a question regarding the integration between FGS and ESD. Can they reside in the same Delta V SIS or is it required to have two separate Delta V SIS systems?


    FGS & ESD are actually 2 different protection layers and mixing of layers is not recommended and Standards also suggests not to mix the 2 protection layers.
    Integration is a different meaning so while integration can be done for various systems but different protection layers shall not be mixed.
    In my experience FGS & ESD cannot reside in the same systems. Both can be implemented in Delta V SIS but as different systems.
  • Thomas et All,

    I saw many comments in here, so I would like to try to bring some more information and potentially clarify a little bit.

    A DeltaV SIS System is composed by multiple logic solvers, and a single logic solver can handle one or more Safety Instrumented Function (SIF), depending on the number of IO required. Emergency Shutdown (ESD) and Fire and Gas (FGS) are basically names give to a particular SIF or group of SIFs performing an particular application.

    The fact that the logic solvers reside on the same DeltaV SIS System, or even in the same SISNet or LSN (depending on the platform) does NOT mean a failure in one will automatically generate a failure in the other, therefore, they can be considered independent from each other, a SIF residing in one logic solver that has no interaction with another SIF is completely independent as well, what happens in real life though is many SIFs are interconnected, meaning a trip or failure in one SIF will affect another one, and here is where the System approach taken by DeltaV SIS makes it easier and reliable to deploy the application.

    It's also true that ESD and FGS are very often considered Independent Protection Layers (IPL), defined in a LOPA (Layers of Protection Analysis), therefore requiring to be completely independent. While they may reside in separate logic solvers, nothing prevent them on being on the same System, it's very common in the same DeltaV SIS System you have SIFs performing ESD application assigned to one logic solver and SIFs performing FGS assigned to another logic solver.

    Going further, one may ask if I can have ESD and FGS SIFs running in the same logic solver, and this is a not very common request, because as we discussed before, the LOPA requires independency from the layers. Lets take two Events, A and B, having the LOPA defined ESD_A and FGS_A as IPLs for the Event A, and ESD_B and FGSBB as IPLs for the Event B, it's not possible to have either (ESD_A / FGS_A) or (ESD_B / FGS_B) running in the same logic solver, in this case, the system will have to have at least two logic solvers to handle Events A and B separately, most likely running (ESD_A / ESD_B) in one logic solver and (FGS_A / FGS_B) in another. Although not very common, running (ESD_A / FGS_B) in one logic solver, and (ESD_B / FGS_A) in another logic solver would be an option, further assessment would be required to ensure separation, making it not really practical.

    I hope this helps answering the question.
  • In reply to Sanjay_Dehran:


    The benefit of SISNet/LSN is when it's required the interaction between multiple SIFs residing in multiple logic solvers, to do that over a SIL Rated network, therefore avoiding hardwiring, which is different than keeping independency from multiple layers of protection.

    Let us know if you need further help defining the proper architecture.