If you build any sort of process or machine control system there is a very good chance that when you first put it into service or test it you will be plagued by some kind of ‘bug” either in the wiring or in the software. The proper term (for such bugs) is:  “Systematic Error in Design”

Dear Colleagues

If you build any sort of process or machine control system there is a very good chance that when you first put it into service or test it you will be plagued by some kind of ‘bug” either in the wiring or in the software. The proper term (for such bugs) is:  “Systematic Error in Design”

I am grateful to Dave Macdonald, our safety control systems expert (and author of three highly praised books on the topic) who has kindly put together a short note on systematic errors, which is worth reading whether you are designing a control system for an instrumentation, mechanical or electrical system.

Some thoughts (by Dave) on Systematic Errors in Control Systems
Most of us are familiar with the routine of version upgrades or specification revisions.  It’s not too big a problem for a control system on a production process. “Sorry, just hold on a few minutes!  ” Says the control engineer “but I didn’t quite understand what you wanted”.

But it’s a different story if the bug is dormant in a functional safety system, better known as a safety instrumented system (SIS) or emergency shutdown system. We can’t afford to have a wrong response just when the plant is about explode!  So it’s not surprising that SIS projects involve some heavy duty quality assurance work to try to minimize the chances of systematic errors creeping into the design.  

Some examples may help us to see the problem:

1.  Faulty trip logic: An error in the trip logic diagram may not be revealed by testing the SIS as the faulty response will be built into the safety system. Testing the diagram with the (independent) process engineer might be a good idea here.
2.  Not separating the safety sensor from the regular control sensor. Whatever goes wrong with the control loop will also afflict the safety function. We call this a common cause failure but it originates from a systematic design error.
3.  Installing the trip sensor where it will not correctly read the process condition.
4.  Failure to consider all possibilities when scoping a safety function. See below for a notorious example from the London Underground.

EIT Stock Image

5.  Safety controls often employ redundancy to ensure fault tolerance for random failures in the instruments. The benefits of doing this are significantly limited if the redundant instruments are identical since they may both suffer the same failure for the same reason.

A systematic failure example from my own experience: Two identical diaphragm seals for pressure transmitters on a distillation column failed together when a severe vacuum occurred during a shutdown. The diaphragms were stretched leaving a 30% zero offset on both transmitters. Not much help if one is for control and the other is for safety!

How can you avoid systematic errors?

  • Always be on the alert for common cause failure possibilities between control and safety instruments. Always look for diversity between instruments on the same application.   
  • Use the best quality assurance methods in hardware specification and in application software projects. Check back at each step forward in the project.
  • Apply the safety life cycle guidelines of IEC 61511 and then find someone who is genuinely independent of your project to review the project stages for pitfalls.
  • Strictly manage all design modifications and evaluate them for impact on the original safety requirements.

The more you look at design projects, the more you see the potential for built in errors. Be alert!

Although the famous Economist, John Kenneth Galbraith, probably wasn’t thinking of systematic errors specifically, nonetheless this does apply: “If all else fails, immortality can always be assured by spectacular error”.

Thanks so much Dave Macdonald for this elegant dissertation above.

Yours in engineering learning

Steve

Mackay’s Musings – 3rd May’16 #598
780, 293 readers – www.idc-online.com/blogs/stevemackay

The Engineering Institute of Technology (EIT) is dedicated to ensuring our students receive a world-class education and gain skills they can immediately implement in the workplace upon graduation. Our staff members uphold our ethos of honesty and integrity, and we stand by our word because it is our bond. Our students are also expected to carry this attitude throughout their time at our institute, and into their careers.