Hex 17 09 by Modiconlv

hazardexonthenet.net

Pharmaceuticals Production plant cybersecurity Gas detection Facility surveys and mapping Cybersecurity

Safety culture

Nuclear

Protecting SISs from cyber attack

Improve your standard operating procedures

New US reactors cancelled

September 2017

the journal for hazardous area environments

be ready for an extra-ordinary new world

• Extra-competitive • Extra-light • Extra-compact • Extra-flexible With the MAXIMUS MMX cameras, a new world of cost effective solutions is available for monitoring tasks in the most challenging conditions in onshore, offshore, marine and heavy industrial environments.

maximus mmx camera VIDEO SECURITY PRODUCTS www.videotec.com Made in Italy

contents september 2017 The announcement by the utilities building the V.G. Summer nuclear plant in South Carolina that they are suspending construction at the site [see page 5] is the latest blow to US plans to revive its nuclear sector. The utilities said the decision was taken after calculating that the plant could cost an additional $11.4 billion to finish, which would bring the final bill to more than $25 billion. This leaves only two other reactors under construction in the USA, in Georgia, where the companies involved have also announced a feasibility review in the next few weeks. All four of these reactors are AP1000s designed by Westinghouse, which filed for bankruptcy in March. Other planned AP1000 new builds, in the UK and India, now seem very unlikely to go ahead, although China is planning to complete four reactors of this design at two sites.

14 16

Westinghouse’s problems echo those of France’s EDF, which has also seen delays and cost overruns with its EPR reactor design in France, Finland and in the UK. In the USA, the Trump administration seems unwilling to provide the financial guarantees to the sector offered by previous administrations, without which nuclear new builds are unaffordable. With this economic situation come engineering and technical problems associated with supply chains that have not built new stations in decades.

Cyber attacks on the healthcare and pharmaceutical sectors have increased faster than in other industries

In most western countries it is becoming increasingly difficult to see a future for large-scale nuclear generation, as project after project gets mired in the sand. At a time of plentiful gas and falling renewable costs, whether these projects are a worthwhile focus of money and effort or not becomes an increasingly vital question. …Alan Franck, Editor, Hazardex

Standard operating procedures (SOPs) are all too often flawed in format, content and style, but can be fixed

in this issue

News Extra

• South Carolina utilities suspend construction of two new reactors in blow to US nuclear revival • Political unrest in Venezuela increases pressure on state oil company PDVSA • Explosion kills six in illegal Colombia gold mine • Colorado ranch owner claims pipeline oil spill sabotaged sale of property • Indian Army seeks attribution of responsibility for fatal ammunition depot blast • Nigeria to legalise mini refineries in Delta • Mining companies say new South African government charter could destroy sector • HSE served prohibition notice on Shell over Brent Charlie gas leak

Gas detection surveys are necessary to demonstrate that all has been done to protect operatives from risk

Standards: Awaiting Autumn

Regulatory compliance and cybersecurity in the pharmaceutical sector

Safety culture - Pull your SOPS up

Gas Mapping – is it worth it?

Defence in depth: protecting safety instrumented systems from cyber attacks

Event previews

• Tank Storage Conference - 28 Sept 2017 - Coventry, UK • WCCE10 – Joint Event Process Safety Symposium - 2-3 Oct 2017 - Barcelona, Spain • CCPS Middle East Conference on Process Safety 9-11 Oct 2017 - Bahrain

Users of automation and control systems seek ever-more open systems, but this increases the risk of cyber attack

Datafiles & Buyers Guide Hazardex is a controlled circulation journal published monthly. Completed print or online registration forms will be considered for free supply of printed issues, web site access and online services. Annual subscription for non-qualifying readers is UK £84.00, EU €113.00, Airmail £178.00 and single copy price is £17.00 plus P&P.

Hazardex content is the property of the publishers or relevant content providers. The publishers and sponsors of this magazine are not responsible for the results of any actions or omissions taken on the basis of information in this publication. In particular, no liability can be accepted in respect of any claim based on or in relation to material provided for inclusion.

Editor Alan Franck alan.franck@imlgroup.co.uk

Group Publisher Russell Goater russell.goater@imlgroup.co.uk

Sales Executive Kathryn Startin kathryn.startin@imlgroup.co.uk

Circulation subscriptions@imlgroup.co.uk Tel: +44 (0)1732 359990

Production and Events Sara Clover sara.clover@imlgroup.co.uk

Design Graham Rich Design www.grahamrichdesign.co.uk

IML Group plc Blair House, High Street, Tonbridge, Kent TN9 1BQ, UK Tel: +44 1732 359990 Fax: +44 1732 770049 Email: events@imlgroup.co.uk ISSN 1476-7376

Trusted Advisors in Process Safety since 1986

www.chilworth.co.uk +44 (0) 23 8076 0722 DEKRA Insight represents the collective expertise of our member companies, each an institution in safety.

News Extra V.C. Summer Nuclear Station - Image: Westinghouse

projections put the total at $11.4 billion. Earlier in July, Westinghouse’s parent company Toshiba Corp. had agreed to a $2.2 billion guarantee for the reactors in a bid to ensure construction went ahead, but the utilities said despite this costs would still have been too high and that they will save about $7 billion in charges they would have had to pass on to customers by suspending the project. The two utilities plan to maintain and protect the site in the event that a party wishes to purchase some of the unused equipment or

South Carolina utilities suspend construction of two reactors in blow to US nuclear revival O

n July 31, the utilities involved in the construction of two new nuclear

not before March 2024 - four years after the most recent completion date provided by

if a decision is made to revive the project. This leaves only one new nuclear project under construction in Georgia, where Westinghouse has also gone over budget and missed deadlines. Plant Vogtle Unit 3 is now tentatively scheduled for completion in 2019 and Unit 4 in 2020. Georgia Power has taken over construction of the two new reactors from Southern Nuclear and has said it will review the project’s viability later this year. In Virginia, Dominion Energy has proposed a new reactor, North Anna 3, but with the cost estimated by a state regulator to be about

reactors at the V.C. Summer Nuclear Station in Jenkinsville, South Carolina, said all construction work would halt

Westinghouse.

on the site because of delays and cost overruns. South Carolina Electric and Gas Co. (SCG&E) and partner Santee

best case scenario shows this project would be several years late and [cost] 75% more than originally planned,” Lonnie Carter,

It would seem that the main obstacles to new nuclear power projects are primarily economic and technical. At a time of cheap

Cooper commissioned Westinghouse Electric Co. to build two AP1000 reactors at the site nine years ago.

Santee Cooper president and CEO, said. “We simply cannot ask our customers to pay for a project that has become

gas and falling renewable costs, a hollowedout nuclear supply chain (which last built a new reactor in the 1980s) is facing serious

uneconomical.”

difficulties in bringing viable new plants on stream.

SCANA group subsidiary SCG&E has a 55% stake in the project, and Santee Cooper a 45% stake. Construction is around a third complete. SCG&E considered completing Unit 2 and abandoning Unit 3, but that option was killed when partner Santee Cooper’s board voted to cease all construction and no other partner could be found to take its place. Santee Cooper said the decision to suspend

$25 billion, there is considerable opposition to the utility’s proposals.

“After Westinghouse’s bankruptcy…, the

Westinghouse’s president and CEO José Emeterio Gutierrez said the company is “extremely disappointed” in the decision. “The South Carolina economy is sure to feel the negative impact of losing over 5,000 high-paying, long-term jobs, as well as not having available the reliable, clean, safe and affordable energy these units would provide,”

And despite insistence from Energy Secretary Rick Perry that he is fully supportive of the nuclear sector, Trump administration budget proposals will slash nuclear research and development, and federal production tax credits and loan guarantees originally designed to promote new projects by the Obama administration

construction was based in large part on analysis of schedule and cost data from Westinghouse and subcontractor Fluor Corporation after Westinghouse filed for Chapter 11 bankruptcy protection in March. That data showed unit 2 would not be

he said. “Also, at a time when other nuclear plants are being retired, the US energy sector is sure to feel the stunting impact of walking away from these two nuclear units.”

are unlikely to be extended.

Santee Cooper’s contribution was originally

Some industry observers think the Trump administration’s lukewarm support for nuclear is partially due to its primary focus on the coal sector, which would face competition

completed until December 2022 and unit 3

costed at $5.1 billion, but the latest

from new nuclear plants.

www.hazardexonthenet.net

An extensive range of explosion protection equipment. From supply to full turn-key solutions

Flash 2 Explosion Suppression System The latest version of the industry leading StuvEx Flash suppression system has many advanced features.

Visit our new website

www.stuvexuk.com Earthing Control

There are two Earthing Monitors within the StuvEx range for Gas and Dust applications.

Gas Version

· Single and multipoint injection suppressors capable of

· · · .

handling 4 ducts from one suppression bottle New Master Control Unit can handle up to 16 Zones. A range of explosion detectors for various applications. New Gas Generator - no pressure vessels used. Atex Certified.

Explosion Isolation Isolating an explosion is vital. There are five different explosion isolation devices in the StuvEx range.

· NOREX valve. Designed for filter inlet ducts, though can be

used elsewhere. · Ventex Valve. For installation to a filter air intake. · Fast Shutting Gate Valve. The most efficient way to isolate an explosion. · Diverter Valve. Used to divert a potential ignition source to a safe area. · Fire Trap Valve. Protects ‘Down-Stream’ machinery in the event of a fire or vexplosion.

· Competitively priced. · Very easy to install. · Failsafe operation – visual confirmation of correct earthing through green/red lights. · Automatically recognises the object to be earthed. · Atex Certified.

Explosion Venting StuvEx supplies a range of explosion venting devices.

· StuvEx Explosion Vent. A 100% efficient vent for silos, bins, filters etc. · StuvEx DQS. A maintenance free, flameless vent for installation to an internally located vessel. · StuvEx Flameless Indoor Vent. Allows an explosion to safely occur inside a building.

StuvEx Safety Systems Ltd, Abbey Studio, Church Walk, Chertsey, Surrey, KT16 8RE - United Kingdom Tel: +44 (0)1932 571303 - Fax +44 (0)1932 570548

Email: info@stuvex.com - www.stuvexuk.com

News Extra

total of $6 billion against future oil deliveries, but the parlous state of export facilities means those deliveries will likely be seriously delayed. Reuters says the waiting time to load a tanker is now 30-40 days, compared to 2-3 days a few years ago. The Venezuelan opposition has decried what it calls the firesale of the country’s assets as collateral for these loans. Rosneft now holds a 49.9% stake in PDVSA-owned US refiner Citgo as collateral for a loan last year of $1.5 billion, and the Russian company is said to be taking stakes in Venezuelan oilfields.

Political unrest in Venezuela increases pressure on state oil company PDVSA

Meanwhile the US administration, which says it will impose increasingly severe measures to counter the country’s slide into authoritarianism, has imposed sanctions on a wide range of senior Venezuelan officials, including some linked with the oil industry.

he move by Venezuelan President Nicolas Maduro to bypass the country’s opposition-led Congress

oil executives, and contractors, concluded that PDVSA was “coming apart at the seams”.

One of the major question marks around US sanctions is whether President Donald Trump would impose a ban on Venezuelan

and appoint a new assembly to rewrite the constitution has increased instability across the country’s politics and institutions, with street protests

A senior management team named in January that draws heavily on political and military appointees has left PDVSA’s president, the US-educated engineer Eulogio Del Pino,

oil exported to the United States, its biggest market.

and official repression increasingly resembling a low level civil war. One key institution that is facing a very uncertain

largely powerless, according to high-level sources in PDVSA and the government, who spoke anonymously to Reuters.

options are on the table”, but some are concerned oil sanctions could worsen severe shortages of food and medicine in Venezuela

future is the state oil company, Petroleos de Venezuela SA (PDVSA).

The government’s pillaging of PDVSA’s cashflow has meant there is little money for

Administration officials have said that “all

and exacerbate the already widespread destitution amongst the population.

Used as a cash cow to provide the bulk of state revenues under Maduro and his predecessor Hugo Chavez, PDVSA is seen by

essential maintenance, which has resulted in refineries working at a fraction of capacity and safety seriously compromised at those units

Bloomberg says about a third of all oil produced in Venezuela is processed at American refineries on the Gulf Coast and that

the government as a vital cog in its continued survival and increased political meddling is creating increasing difficulties for the

still in operation.

shipments to the US were worth about $12 billion last year.

company.

in 2003 and replaced them with party loyalists, PDVSA has suffered a series of catastrophic incidents culminating in an explosion at the Amuay refinery in 2012 which killed 48 and injured 151.

Since Chávez fired 18,000 PDVSA employees

One result of this is that Venezuela, which has the world’s largest oil reserves, is likely to see

Venezuelan officials are said to be working on a Plan B to target oil exports towards other markets if the US does ban imports from the country. Nevertheless, industry observers quoted by Bloomberg said PDVSA would be forced to sell crude at deeper discounts in other parts of the world and limited export capacity could restrict any new deals with

production fall to a 25-year low in 2017.

Asian countries.

The news agency, which interviewed two

The Maduro government still has support from Russia and China, which have loaned some $55 billion to the country over the last three years, according to Forbes. Bloomberg says

Whatever the US does, there seems an increasing likelihood that PDVSA could default on its loans, making essential imports more expensive and squeezing cashflow even

dozen current and former employees, foreign

Russian oil giant Rosneft has lent PDVSA a

further.

According to a report by Reuters, political appointees have gained ascendancy over veteran oil executives, and employees are under mounting pressure to attend government rallies and vote for the ruling Socialists. The increasing focus on politics over performance is contributing to a rapid deterioration of the company’s operations and to a brain drain at the once world-class company.

www.hazardexonthenet.net

News Extra

Artists’ impression of Buriticá mine – Continental Gold

mine but a few have continued to operate. The company said it was looking to the authorities to enforce the rule of law to “prevent this kind of tragic event from ever happening again”. The contractors “perished from apparent asphyxiation”, the company said, adding that it was working with government agencies to provide full support to the families of the victims.

Explosion kills six in

illegal Colombia gold mine S

ix security contractors working for Canadian mining company

Continental Gold were killed in an explosion at an illegal gold mine in central Colombia on July 28. The blast took place in a mine in Antioquia province when the contractors surprised

a group of illegal miners in a shaft they were inspecting, Continental said. One of the seven contractors survived.

Continental CEO Ari Sussman said: “It is shameful that this incident has tarnished the remarkable progress made in establishing peace in the municipality over the past 18 months. These efforts have been fully embraced by the local community, which has publicly voiced their strong preference for the benefits of legal versus illegal activities. The health and safety of our employees and contractors is our highest priority at

In 2016, national and provincial authorities

Continental. The Company stands united with the community of Buriticá to bring modern mining that respects the rule of law,

closed down most of the illegal mines near Continental’s flagship Buriticá gold

the environment and all of the law-abiding stakeholders in the area.”

News Extra

Colorado ranch owner claims oil spill from pipeline sabotaged sale of property

he owner of Bishop Ranch, a big-game hunting operation near

According to the Grand Junction Sentinel, the leak from the pipeline was discovered in

that provided potable water.

June 2016. Encana subsidiary Hunter Ridge Energy Services LLC told the Colorado Oil and Gas Conservation Commission that oil and gas condensate from its pipeline travelled underground, surfaced in a spring and flowed more than a mile to a stock pond.

He claims that before the leak, Bishop Ranch was marketable as a pristine, worldclass big game hunting ranch in Northwest Colorado known for having a large migratory trophy mule deer and elk herd.

The suit says condensate and/or produced water contaminated the springs, surface water, ground water, vegetation, land, soil and sediment from the point of the release onto the Bishop Ranch by way

The suit says the ranch was in the final stages of negotiations to be sold for $5 million but the leak kept the sale from being completed and is asking for a jury trial, with actual and compensatory damages of $5 million.

of a massive release of hazardous waste over an extended period of time. It claims: â&#x20AC;&#x153;Bishop Ranch is now not marketable as the permanent environmental damage and

Oil and gas leaks from pipelines and infrastructure have become a big issue in Colorado since a fatal explosion killed

the town of Parachute in Western Colorado, has sued the Encana energy group over a pipeline leak last year that the suit says contaminated the property

permanent stigma arising from the incident would spook any potential buyer.â&#x20AC;? The owner bought the 320-acre ranch in

two and injured a third in a home explosion in the town of Firestone last May. In that incident, natural gas leaked from an abandoned line that remained attached to

and killed its planned $5 million sale. The suit claims that even if the spill is cleaned up, the stigma would affect

2002, converting it into a specialist game hunting operation over the next ten years. It includes a hunting lodge, a backcountry

a 24-year-old well operated by Anadarko, which also saw a maintenance worker killed and three others injured in a storage

any future sale.

airstrip and hangar, and a spring and well

tank fire a few days later.

Offering diversity. Ensuring protection. Perfecting performance. Electrical Explosion Protection Equipment

Wide range of terminal boxes, control units and stations, Ex d/Ex de control

and distribution panels as well as many more products and solutions Covering Ex d, Ex e, Ex p, and Ex i types of explosion protection and

combined Ex de solutions Highest degree of protection for all applications from the leading authority

on explosion protection www.explosionprotection.com

10 News Extra Illegal Delta refinery – Image: Shell

region. The refineries process stolen crude in makeshift pipes and metal tanks hidden in oil-soaked clearings deep in the southern swampland’s thick forests. Delta leaders presented the Nigerian Government with a list of 16 demands last November to drag the region out of poverty. The militants then halted attacks on oil infrastructure to give the talks a chance.

Nigeria to legalise mini refineries in Delta he Nigerian government has said

have long said they do not benefit from the

The government hopes that the modular refinery programme will result in illegal refineries dying out and also end militant

it will legalise mini refineries in the oil-rich Niger Delta and supply them with crude oil at a reasonable price by the end of the year. The move is aimed at ending

oil extracted from their region and have called for a greater share in the money and employment that flow from its extraction.

attacks on oil production facilities, which cut Nigeria’s output by 700,000 barrels a day for several months last year.

the popular insurrection in the Delta, the theft of oil from pipelines in the area and the closure of illegal refineries that process the stolen oil.

A statement from the presidency said: “The Federal Government has started the process of replacing illegal refineries in the region with modular ones.” Each of the Delta states

The presidency said it was also discussing with oil majors to move their regional headquarters to the Niger Delta, another demand from communities in the area. Oil

would receive two modular refineries to start up in the fourth quarter, the statement said.

companies operating in Nigeria, such as NNPC, Shell and ENI, tend to be managed from the country’s capital, Abuja, although

Last year a military crackdown on thousands of illegal refineries raised tensions in the

some already have regional headquarters in Port Harcourt and Warri.

The plan was announced after a meeting between Acting President Yemi Osinbajo and Delta community leaders, who welcomed the outcome of the meeting. Communities

Intrinsically Safe

When Safety is •

•

Audible & Visual Signalling Devices Approved for Group I (Mining) & Group II (Above Ground) Applications For Zones 0,1,2,20,21 & 22 with IIC (Gas) & IIIC (Dust) Environments T5 & T6 Temperature Rated Paramount Up to 105 dB(A) output with a two stage alarm option 9 High Output LEDs Flashing and Static Mode options Weatherproof to IP66

ATEX 8175

8175

www.moflash.com

+44 (0) 121 446 5322

UKsales@moflash.co.uk Exportsales@moflash.co.uk

News Extra 11

Chamber of Mines of South Africa says new government charter could destroy mining sector

outh Africa’s mining industry has shed 70,000 jobs over the past five years and in June, gold-mining

would force companies to ensure that at least 30% of their shares are in black hands, up from the current minimum

The Chamber of Mines has gone to court seeking to block the charter, arguing that the new rules would deter investment and

conglomerate AngloGold Ashanti announced plans to lay off 8,500 workers, a third of its South African workforce. The conglomerate’s South African mines made their first loss since 2012 in the first quarter of

of 26%.

put a further 100,000 mining jobs at risk. Already, there has been a sell-off of South African mining stocks and a drawn-out legal battle is looming, which means more uncertainty.

this year, as costs surged 44% and output fell sharply.

have received 5.8bn rand ($435m) of the total of 5.9bn rand paid as dividends, leaving almost nothing for anyone else, notes the Chamber of Mines of South

The South African mining sector is already compromised. In a 2016 survey of attractiveness to mining investors, the Fraser Institute, a free-market think-tank,

a fifth of the country’s GDP; the number now stands at 7.3%. High costs, low commodity prices, labour strife and falling productivity have all been cited

Africa. South Africa’s first-ever mining charter, introduced in 2004 and revised six years

ranked South Africa 74th of 104 mining jurisdictions, well behind neighbouring Botswana (19th), Namibia (53rd) and many other African countries. Meanwhile

as reasons for the sector’s decline. This situation is being exacerbated by

later, was the product of extensive talks with the industry, but opponents say the new rules have been imposed without

South Africa dipped into a recession last quarter, and official unemployment has reached a 14-year high at 27.7%.

a new government mining charter that

discussion.

At its peak in 1980, mining accounted for

They would also have to pay out at least 1% of their turnover each year to their black shareholders. Had this rule been in effect in 2016, black shareholders would

Ensure a Safe Pass With Your HART Data

The exida® certiﬁed, SIL 3 capable SSX and SST Functional Safety Isolators and Splitter ensure that valuable HART® data safely passes between your Safety Instrumented System (SIS) and basic process control or monitoring systems.

Demand Moore Reliability

Visit our website and learn more about SSX/SST HART Functional Safety Series Isolators and Splitter www.miinet.com/safetyseries

ntitled-1.indd 1

08-Feb-17 12:26:25 PM

A new era of Conformity and Safety has arrived Come and see the launch of the QUAZR hazardous area floodlight for zone 1, 2, 21, 22 and industrial applications. Find out how QUAZR can revolutionise the illumination of your Hazardous Area. Our team of experts will be present to answer your questions and provide product demonstrations, specification details, pricing information and product videos. Pre-Orders will be taken at the event.

QUAZR lAUnCh dETAilS:

The SPE Offshore Europe Exhibition, 5th - 8th September 2017, Aberdeen UK. On Stand 1G11 FoR moRE dETAilS ConTACT US AT:

T: +44 (0) 191 262 0510 E: info@barrier-ex.co.uk W: www.barrier-ex.co.uk

News Extra 13

Indian Army asks Defence Ministry to attribute responsibility for fatal ammunition depot blast

n a letter to the Indian Defence Production Secretary, Army headquarters has asked for a final adjudication on responsibility for

The OFB operates 41 ordnance factories across the country and functions under the department of defence production of the ministry of defence. The mines were manufactured by the Ordnance

of the sheds. There are ten fire substations at the depot with dozens of tenders available, and roads are made from cement rather than tar.

the extensive fire at India’s largest ammunition storage depot at Pulgaon in Maharashtra on May 31, 2016. The

Factory Chanda.

The Army said in the letter: “Fixing of accountability and traceability for the said accident is yet to be established by the OFB

incident resulted in the deaths of two army officers, four defence security corps personnel and 13 defence fire

distribution point for ammunition after manufacture, safety standards were high at the depot. United Nations guidelines are used to

and the director general of quality assurance (DGQA) even one year after the accident.”

safety staff.

govern the management of operations, such as the compatibility of storing different forms of ammunition by individual hazard quotient and

Official sources said there was criminal negligence on the part of certain officials as cited by the probe and sought immediate

report in the Indian Express, the Indian Army has conveyed its serious concerns to the Defence Ministry over the Ordnance Factory

the design and separation of storage sheds, and are rigidly adhered to.

action against them. The sources said the High Energy Materials Research Laboratory (HEMRL) in Pune in 2012 had clearly called the quality of

Board’s failure to punish officials responsible for the incident, which saw a number of huge explosions and an extensive fire that burned for over 24 hours.

There are 30 million tonnes of water on site at all times with individual ponds outside each storage shed, and all combustible materials, including grass, are removed from the vicinity

TNT in the anti-tank mines a safety hazard, but the OFB claimed these problems were a worldwide phenomenon.

According to a Press Trust of India (PTI)

Army sources insist that, as the main

In the letter, seen by PTI, the Army said a Court of Inquiry had attributed the cause of the accident to exudation of trinitrotoluene

Other sources said another factor that might have caused TNT to leak from the mine casings was the exceptionally hot weather in the area at the time.

(TNT) high explosive from some of the 19,325 anti-tank mines stored at the site. The Court of Inquiry, which was conducted by the Army, attributed the cause of the exudation to lapses both by the manufacturer, the Ordnance Factory Board (OFB), and quality

India recorded higher than normal temperatures and drought conditions in many states in 2016. In late May, the country recorded its highestever temperature, 51 degrees Celsius, in the western state of Rajasthan. The previous record,

assurance agencies.

also in Rajasthan, was 50.6 degrees in 1886.

www.hazardexonthenet.net

14 News Extra Brent Charlie platform - Image: Shell

the suspected release on May 19. At the time, Shell said production has been halted and that the source of the leak had been isolated. It has now emerged that production is still shut in at the ageing facility, 110 miles north-east of Shetland.

HSE served prohibition notice on Shell over Brent Charlie gas leak in May

Shell said it was continuing to work through the necessary actions required to enable the safe restart of the installation. The Brent field has been in production since the early 1970s and is one of the oldest and

hell was served with a Prohibition Notice by a regulator over concerns a gas leak on its Brent Charlie platform in May could have led to an explosion. The

for fire and explosion” on the Brent Charlie platform, and that Shell had failed to act under the Offshore Prevention of Fire regulations. The breach, it said, related to the possibility of an

most productive North Sea fields. Production from Brent Delta stopped in December 2011 and both Alpha and Bravo in November 2014. Production from Charlie is expected to stop

Health & Safety Executive (HSE) took the enforcement action on 27 May, according to information published on the HSE website on August 2

uncontrolled release of flammable or explosive hydrocarbons from safety critical pipework in the Column Four leg.

within the next few years.

Some 31 non-essential workers out of a total of 176 were taken off Brent Charlie following

removed in May and taken to Hartlepool where 97% of the materials are being recycled.

The HSE said the notice related to a “potential

ZONE 1/21

ZONE 2/22

As part of the field’s decommissioning programme, Brent Delta’s topsides were

ZONE 1/21

ZONE 2/22

Google, Google Play, Android and other marks are trademarks of Google Inc. The Android robot is reproduced or modified from work created and shared by Google and used accordingto terms described in the Creative Commons 3.0 Attribution License.

IS320.1

ISM_MA0012_170807

Powerful, rugged, key-operated phone. With AndroidTM 4.4, Wi-Fi, NFC, LED torch, amplified loudspeaker and SOS button.

IS730.2

Industrial smartphone which combines high performance technology (Android 6.0. LTE, wireless charging) with robustness and modern design.

IS-MP.1 IS-MP.2

Handheld readers for easy and efficient reading of RFID/NFC TAGs that are located closely together or positioned in areas that are difficult to access.

YOUR EXPERT IN COMMUNICATION AND MOBILE SOLUTIONS

WWW.ISAFE-MOBILE.COM

Standards 15

Awaiting Autumn both individual scheme rules and related Operational Documents. The MC also has financial oversight to the whole IECEx

we should have this next edition published at the turn of the year.

System. A quick return to the UK for a change of luggage, and it is off to Vladivostok for the IEC General Meeting. Although the General Meeting provides a focus for the

Later, in November, it is the meeting of Cenelec TC31 in Brussels. Because most of the technical work is done at IEC level, we have not had a European meeting for some time, relying on correspondence to formally pass the IEC texts for use as EN

occasion, most people, like myself, will only be attending meetings related to their own standards committees. In my

documents. The secretariat has prepared the additional European Annexes and Foreword for the documents.

ecause of the editorial deadlines for Hazardex, I am putting finger to keyboard at the start of August,

case, IEC TC31, responsible for all the international standards applicable to Ex Equipment. I will be attending five

With a change in the secretariat arrangements since the start of this

but already looking forward to a busy

different meetings over the five day period.

year, we are looking forward to being

Ron Sinclair MBE gives his perspective on the latest developments in the world of standards

series of meetings in the autumn. The first meeting of the busy season is scheduled for the last week of September, in Washington DC. The main annual meeting of the IECEx Certification System follows a regular pattern, with the first two days being meetings of the IECEx Test and Assessment Group (ExTAG), and the final two days being the formal management Committee Meeting (MC). Sandwiched in the middle, this year, is the Industry Day, where the great and the good of North America are invited to hear the latest topics from industry experts that

Apart from leading the UK delegation to the TC 31 plenary meeting, my most important task will be as a member of Working Group 22, where we will be considering comments received on the FDIS version of the next edition of IEC 60079-0

are already gathered because of the IECEx meetings.

comments to IEC as standards are developed. There do remain a few European only standards under the control of Cenelec TC31, mainly for the specialist subject of electrostatic paint spraying, but one standard up for review at the moment is EN 50381 from 2004, for Transportable Ventilated Rooms. In many respects, there is now an overlap between this and IEC 60079-13, which is being updated at IEC level and should be published soon, but there remain aspects in the EN standard that apply particularly to the “transportable” situation and are worth keeping and bringing up to date.

We will have a training session, looking at aspects that need a bit of discussion, before the session where we approve

That we have fewer meetings than usual this autumn reflects the fact that Vladivostok has not proved a popular

various ExTAG decision sheets. These are the collected wisdom of the certification body members, and provide an agreed way of working when the standards or other documents are not clear. It is not

venue. We will be meeting in a university and staying in accommodation about 30 kilometres outside the city - and it is difficult to get to.

intended to usurp the prerogative of the standards committees, but IECEx can act much faster and it is sometimes necessary to get rapid agreement.

At the MC it is the national member bodies that have the power, approving

more active, possibly forming European views on some of the international developments, prior to submitting

About the author SGS Baseefa Technical Manager Ron Sinclair MBE is chairman of BSI Committee EXL/31, responsible for the UK input to both European and International standards for Electrical Equipment for use in potentially explosive atmospheres. He is chairman of Cenelec TC31, represents electrical standardisation interests on the European Commission’s ATEX Standing Committee and chairs the IECEx Service Facility Certification Committee.

www.hazardexonthenet.net

16 Pharmaceutical & cybersecurity

Regulatory compliance and cybersecurity

in the pharmaceutical sector I

n 2010, the first digital weapon aimed at industrial automation equipment

According to the Global State of Information Security Survey 2016 [1], respondents

need for automation and robotics, remote access and factory-wide connectivity has

changed the realm of security forever. Rather than targeting IT infrastructure like most viruses at the time, Stuxnet

increased their information security budgets by 24 per cent within the past year, which reflects a greater willingness to invest in

meant pharmaceutical production and control systems have changed significantly in the last decade.

compromised programmable logic controllers (PLCs), collected information on industrial systems and damaged

keeping facilities secure. The pharmaceutical industry is no different.

The wide scale introduction of the Industrial Internet of Things (IIoT) is the next major step

the centrifuges of the Natanz uranium enrichment plant in Iran. Stuxnet was the alarm bell that made industry aware

As an attractive target for cyber attacks, pharmaceutical companies need to understand cybersecurity, assess weak

towards a fully connected smart factory. The benefits of the IIoT-enabled pharmaceutical production facility are clear for anyone to

of cybersecurity vulnerabilities. In this article, Martyn Williams of COPA-DATA looks at security issues with special reference to the pharmaceutical sector.

points and implement the appropriate security measures. This white paper describes some of the most effective industrial security tools pharmaceutical companies have at their disposal in the era of Industry 4.0.

see. Collecting and strategically interpreting production data using analytics and turning this information into insight can create a basis for enhancing productivity and reducing errors, in line with industry regulations and key business goals.

Today, more industries are seeing an increasing number of cybersecurity threats. To tackle these issues, companies have

Pharmaceutical production: limited to limitless

to change the way they operate and put cybersecurity at the very heart of the business. We are already seeing this shift in the rise of the Chief Information Security Officer and in an increasing awareness of best industry practice when it comes to

Control systems for pharmaceutical production used to be proprietary and limited to the individual research and production facility. This meant a typical industrial control system would not be directly connected to the internet and therefore couldnâ&#x20AC;&#x2122;t be easily

leverage the benefits of these new technologies while minimising the security risks?

cybersecurity.

accessed externally. However, an increasing

cyber attacks, reported that cyber attacks on

www.hazardexonthenet.net

So how can pharmaceutical companies

The risk Bitsight, an organisation that measures how vulnerable companies and industries are to

Pharmaceutical & cybersecurity 17

the healthcare and pharmaceutical industries have worsened at a faster rate than other industry sectors. With the average ‘clean up’ time for these sectors following a cyber attack at just over five days, there is certainly some cause for concern. Similarly, a report by OCISIA, in collaboration with the UK information intelligence experts, BAE Systems Detica [2], estimated the cost of cybercrime to the UK economy to be around £27 billion annually. The same report named the pharmaceutical and biotech sectors amongst the hardest hit industries. In the eyes of a cyber criminal, the pharmaceutical industry provides a treasure trove of valuable information. Organisations within the sector – from drug distribution companies to research and development units – can hold highly sensitive material, from personal patient data to confidential

better, but this type of connectivity also provides more opportunities for hackers to infiltrate the system. However, to better

complex laws, regulations and guidelines. Sometimes, these can become the basis for an effective industrial security strategy.

research on drug development and testing. This makes the pharmaceutical industry an attractive target for cyber attacks.

protect themselves from cyber attacks, pharmaceutical companies can use regulatory compliance as the first line of

Laws within the pharmaceutical industry are often deliberately vague. Published in

However, it is important to remember that there are security risks involved in any manufacturing facility, particularly

defence.

Protection through compliance

general terms to meet the current and future needs of the industry, pharmaceutical laws are vastly different to the guidelines that accompany them. Passing a new law is a

a smart one. An increased number of sensors collecting production data might help monitor and understand the process

When operating in one of the most heavily regulated industries in the world, pharmaceutical companies need to abide by

lengthy process; regulatory guidelines on the other hand, can be implemented and adopted relatively quickly.

Cyber attacks on the healthcare and pharmaceutical industries have worsened at a faster rate than other industry sectors

www.hazardexonthenet.net

The accredited* international scheme that validates core competency for safe working in potentially hazardous, flammable or explosive atmospheres

Competency in Explosive atmospheres

THE ORIGINAL AND THE BEST ●

Over 70,000 Operatives/Technicians & Engineers certificated

●

Worldwide coverage including Europe, Africa, Asia and Americas

●

Now delivered in English, Dutch, French, Norwegian, Azeri and Russian

●

Determines Core Competency by the combined validation of both practical skills and ability by assessment as well as underpinning knowledge by online examination

●

Based upon the International Standards IEC 60079 Parts 14 & 17; European ATEX Directives; U.S. NEC500 & 505 Codes and local in-country regulations.

●

CompEx Modules are available for electrical & mechanical craftspersons/operatives/technicians, professional application design engineers and responsible persons/duty holders.

Equipment Asset Registers, Site Inspection and Defect Management is an integral part of the Responsible Person's duties, CompEx Ex14 provides guidance to understand and manage these key responsibilities.

For more details go to www.compex.org.uk CompEx Certification Body - JTLimited, Part of the JTL Group Email: info@compex.org.uk

CompEx is a registered trademark of JTLimited, the CompEx Certification Body www.compex.org.uk * JTLimited, the CompEx Certification Body is accredited to ISO/IEC 17024:2012 General Requirements of Certification Bodies providing certification of persons

New worker on site? Always ask to see their CompEx® certificate Photographs courtesy of Dow Corning, BP, Statoil, Total and JTLimited.

Pharmaceutical & cybersecurity 19

Integrated user administration, for example, ensures unauthorised users cannot gain control of equipment

The Food and Drug Administration (FDA) 21 CFR Part 11 is one of the most established regulations within the industry. The regulation

vulnerable points in the system better. This way, engineering and manufacturing data is protected against unauthorised access,

Smart SCADA security

requires organisations to implement controls, electronic audit trails and systems validations. It establishes the standard expectations for

modification or deletion to ensure accuracy, consistency, and completeness. Ultimately, successful FDA 21 CFR Part 11 compliance

regulations, and provides built-in cyber security capabilities. This “Security by Design” approach means the software and

industrial security through reliable electronic documentation of the pharmaceutical manufacturing process.

will result in a more organised, efficient and secure production process.

its components are specifically designed to guarantee secure operations.

In basic terms, Electronic Records provide secure data. Authenticated electronic signatures ensure both operators and supervisors can identify themselves in a safe and secure way when making any changes in the production process. Combined with the implementation of smart

Built in software security features that protect companies against data loss and unauthorised access include a file signature functionality that recognises manipulated program files, strong encryption, secure authentication and automatic synchronisation of files in the network with ‘click-and-forget’ technology.

By reviewing historical documentation and records, organisations can detect where security breaches have occurred

machines and the resulting influx of big data, achieving regulatory compliance in the industry is not an easy task. To fulfil the requirements of these complex regulations and protect their facilities, smart pharmaceutical manufacturers are turning to validation-friendly applications

Integrated user administration, for example, ensures unauthorised users cannot gain control of equipment. It means most user operations can be locked, even access to Windows Desktop. This way, if a security

and in turn, identify and protect the more

and industrial software.

breach does occur, it can be easily contained

Since its introduction, there have been concerns that FDA 21 CFR Part 11 could discourage innovation and technological advances in the industry. However, compliance with this regulation is not just about ticking boxes. For the most part, the requirements of FDA 21 CFR Part 11 go hand in hand with the security necessities of modern manufacturing facilities.

Intelligent SCADA software ensures a HMI/ SCADA system is compliant with industry

www.hazardexonthenet.net

20 Pharmaceutical & cybersecurity and access to other applications can be prevented. Best practice also dictates that pharmaceutical manufacturers should encrypt valuable data. This could mean compressing production data and sending it through the network and to web clients in an encrypted form, as well as ensuring passwords are encrypted to protect project data and expertise.

Update and communicate Knowledge and understanding of cybersecurity risks should not end with engineering and IT staff. In fact, according to respondents of the Global State of Information Security Survey 2016, the most cited source of security compromise lies with employees.

Industrial technology is evolving at an incredible rate. While upcoming trends such as cloud computing, IIoT and big data are certainly beneficial for the manufacturing industry, they also generate entirely new challenges for those managing the industrial security and data protection of organisations. The days of Stuxnet may be behind us, but pharmaceutical manufacturers need to stay ahead of the industrial security game if they want to avoid security breaches and the negative consequences they entail. The best way of doing this is by working

Some HMI/SCADA software uses its own network protocol to communicate

Internal security compromises may not be intentional, but could prove just as damaging as an external attack. To begin, organisations should consider how much the average employee actually knows about keeping

between the individual software products. This way, data can be transferred to separate binary data packages and machine-readable information in plain text

industrial systems secure. This could be as simple as encouraging staff to use strong passwords, delete unwarranted e-mails and update computers regularly. These basic

with experienced, reliable partners that understand your industry and are leading the way in cybersecurity.

is never communicated in the complete communication concept. Further client authentication at the connection set up stage also prevents access to the network.

measures go beyond the IT and engineering departments and should include other departments; even senior management.

[1] www.pwc.com/gx/en/issues/cyber-security/ information-security-survey.html [2] www.gov.uk/government/uploads/system/

This ensures attackers need to overcome a number of barriers before they get to the

After a thorough assessment of the systemâ&#x20AC;&#x2122;s potential vulnerabilities, creating a procedure and then training members of staff on industrial

core of the production system. The overall strategy is topped off with open dialogue and documentation about security. A HMI/ SCADA software provider should work

security should be the next step. Larger organisations might find it helpful to appoint a Chief Information Security Officer to manage all industrial security issues and communicate

closely with customers to strengthen security guidelines and build on its industry experience.

the importance of cyber security, thus creating an engaged workforce and a company culture built on safety and security.

uploads/attachment_data/file/60942/THE-COSTOF-CYBER-CRIME-SUMMARY-FINAL.pdf

About the author

Martyn Williams is Managing Director of COPA-DATA UK. He is a qualified electronic engineer and has over ten yearsâ&#x20AC;&#x2122; experience in business management in the automation industry. Martyn possesses an excellent knowledge of ergonomic process solutions for automation, industrial control systems and instrumentation in sectors like pharmaceuticals, energy, food and beverages and automotive.

www.hazardexonthenet.net

Market research 21

(well-head) sector. Its raw material (namely oil) is cheaper than before the crash and this has enabled postponed upgrade projects to be

IHS Markit 2017 Hazardous Area Equipment market report now available

he Technology group at IHS Markit has published its flagship

report for the Hazardous Area Equipment Annual Intelligence Service. The report will provide essential information for suppliers and potential suppliers of products used in the design and construction of equipment for use in hazardous (explosive) areas.

NEW FOR 2017

This research offers an analysis of the world, by region for ten major product groups each of which are segmented in detail. The report has been produced in co-operation with the sector’s leading journal, Hazardex.

reinstated. • Chemical and pharmaceutical industries also benefit from lower oil prices. • Sales of LED lighting products are growing a little faster as some stability and confidence returns to the market. • The number of tablet computers suitable for hazardous areas being introduced to the market is increasing rapidly, driven by the general progress in networking and real-time communications. This is being helped along by the promotion of the industrial internet of things (IIoT) and Industry 4.0. • The market for non-electrical products designed for use in hazardous areas is forecast to grow considerably as the new ATEX standards are applied, although this is from very small numbers in 2016 and submissions for testing are sporadic. • Market prices are forecast to be

A Report on the World Market Features and highlights include: for Hazardous Area Equipment • A chapter dedicated to a technical summary of legislation and requirements of products for use hazardous environments. • Estimated market shares of the leading suppliers to the world, EMEA, American and Asia Pacific markets.

stable 2016 to 2021 with very little price erosion, mainly because of

HazardEx has worked with IHS Markit to provide this new edition of a report on equipment for use • Discussion and reasoning on important market drivers and trends. competition. This in hazardous environment. • A credible market forecast compiled in co-operation with IHS Markit’s is despite some cost increases.

20 17

For more information or to order the report, please see contact details in the box below.

FO R

with detailed analysis of selected products Some findings for 2017 and beyond: ‒ Data from 2016 to 2021 IHS Markit estimates that, in 2016, the world market for hazardous area ‒ Manywas market segmentations equipment worth $6.9billion; and forecastsincluding: it to increase at 2.8% CAGR $7.9 billion in 2021. Unit shipments are forecast to grow with bytoregion, country and industry a 3% CAGR over the same period. ‒ Estimated market shares of leading suppliers

material and labour

NE W

industry specialists.

•‒Publication of the report is followed by 3 quarterly market updates. World market revenues and shipments

The world outlook for the hazardous area equipment market has been increased slightly since the 2016 edition of this report. Some stability

price in 2014 and 2015, the 359 990 T +44 1933 408 has 077recovered somewhat. Nevertheless, T +44 in1732 first months of 2017 it has faltered more than once as OPEC members E John.Morse@ihsmarkit.com E Russell.goater@IMLgroup.co.uk jostle with production numbers and oil stocks show little sign of falling,

155950530

has returned to the market but any growth is forecast to be modest, 2016 to 2021. As has always been the case, the main market driver is the oil and MORSE gas industryAT which, the shock fall in RUSSELL the world oil GOATER AT HAZARDEX JOHN IHSfollowing MARKIT

A Report on the World Market for Hazardous Area Equipment

intechnology.ihs.com part because of US unconventional oil production. Thehazardonthenet.net growth of equipment sales to the up-stream and down-stream sectors of the oil industry are illustrated in the graph which shows that down-stream sales HazardEx has worked with IHS Markit to provide this new edition of a report on equipment for use are recovering faster. in hazardous environment.

but IHS Markit has specialist groups that monitor this market and changes that would affect equipment revenues will be reported in the quarterly market briefs which follow the publication of this report. There are brighter spots in the market, including: • The downstream sector of the oil industry has suffered less and its

‒ World market revenues and shipments with detailed analysis of selected products ‒ Data from 2016 to 2021 ‒ Many market segmentations including: by region, country and industry ‒ Estimated market shares of leading suppliers JOHN MORSE AT IHS MARKIT T +44 1933 408 077 E John.Morse@ihsmarkit.com

RUSSELL GOATER AT HAZARDEX T +44 1732 359 990 E Russell.goater@IMLgroup.co.uk

technology.ihs.com

hazardonthenet.net

155950530

The fortunes of the oil and gas industry affect the capital expenditure plans of oil companies, which in turn affect the market for hazardous area equipment. Accurately forecasting the market price of oil is impossible,

revenues continue to recover faster than those of the up-stream

www.hazardexonthenet.net

22 Safety culture

Pull your SOPS up F

user in mind. Users should be provided with exactly what they need to know in a format

Are you taking into account how people learn?

distribution and blending companies, all will have standard operating procedures (SOPs). Unfortunately, they are all too

that’s easy to use and navigate – anything else is just an obstruction. Procedures need to be easily accessible. Hard copies local to

Not many people learn and become proficient by reading something. If you issue procedures with a “read this and sign”

often flawed in format, content and style, says Russell Page of HFL Consulting.

the workplace are best but procedures are all-too-often electronic and buried deep in a site’s intranet, accessible only via some slow

instruction it will result in poor understanding and poor adherence. As Benjamin Franklin said, “Tell me and I forget, teach me and I

computer with no easy access to a printer.

remember, involve me and I learn”. We want our people to learn, so we need to involve them. We also want them to be proficient – to

rom huge blue chip petrochemical and pharmaceutical groups to smaller

Cut the waffle Procedures frequently contain page after page of information irrelevant to the user

Is the author an expert?

when actually trying to do the task in question. The work instructions – when one actually gets to them – are open to enormous variation in interpretation and execution, often with key information hidden in an impenetrable layout. Is it really any wonder procedures are not adhered to and processes vary greatly? Even more worryingly, these are

Procedures should be written by those with the most knowledge and experience – the people who actually do the job – and not by a well-meaning graduate or technical manager. If not, there is a tendency for a disconnect to exist between what is in the procedure and what occurs in practice. If the users are the authors (or at least involved in the process

have skill and not just knowledge, so we must provide training in procedures.

the procedures that contain safe methods of work designed to protect us!

of writing them) then there is the opportunity for the procedure to incorporate knowledge and experience that would otherwise only ever reside in operators’ heads, and even to challenge the current practices to identify improvements.

often involves disciplinary proceedings... and then we wonder why users are loath to tell management what actually goes on. Instead, monitoring adherence to procedures should, on the shop floor, be a frequent, even daily, occurrence – a little and often

Put the user at the heart of the message Why does this occur? The problem is, procedures aren’t always written with the

www.hazardexonthenet.net

Be a pro-active reviewer Once a procedure is issued, reviews tend to only come in response to a problem, rather than as a preventative action. Failure to adhere to procedures, when discovered,

approach. This is not to catch people out, but

Safety culture 23

to reinforce good behaviours, to provide an opportunity to coach personnel to improve their performance. It is also an opportunity to discover issues, variations in procedure execution, and even new ways of doing things, that all need to be either addressed or incorporated into a procedure. This activity, a highly important activity so very often absent in workplaces, should primarily be carried out by the first line supervision, in a structured controlled and defined manner.

The four key elements of an effective procedures document Procedures should contain four key types of information: What, How, Why and Pictures. Or to give them their proper titles: Major Step, Key Point, Key Point Reason and Visual Aids. The ‘What’ is present in all procedures, and typically takes the form of an instruction; “add solvent” or “heat to 175 degrees”. Factual errors aside, this part of an SOP is not usually a problem.

The ‘How’ part of an SOP document is where difficulties start to occur. If present

driver map of site, mark location he needs to drive to”, “evenly tamp down product across filter bed”. This is all handson, site-specific stuff, probably learnt

safety” do not count as a ‘Why’ as they do not directly educate the user. So, for instance, in line with the ‘How’ examples given above, wording should be detailed

it is typically buried within large amounts of text and mixed in with the ‘What’, it very rarely gets its own platform. And yet

through hard experience that can prevent expensive mistakes from occurring and re-occurring.

and along the lines of “to avoid water hammer which bursts joints”, “to ensure understanding of location, especially if a

it puts the accumulated knowledge of an organisation at the fingertips of the new user. This is frequently made up of top tips

Giving ‘Why’ room to fly

non-English speaker”, “to prevent rat runs of water through product which would stop product being washed properly”.

from experienced operators, often gained as a result of their own mistakes. Typical nuggets may include been-there-done-it

‘Why’, is hardly ever present. Yet this explains the reason behind the ‘How’ and creates a better understanding for the

Seeing the bigger picture

advice such as “crack open valve a tenth of a turn till pressure equalises over 15 seconds then fully open”, “give delivery

user, making them more likely to adhere to the procedure. It needs to be specific, not generic, so comments like “for health and

illustrate the points, save words and shorten procedures, to aid clear understanding and avoid ambiguity.

Making the most of ‘How’

The third and most important category,

Pictures are then used where appropriate to

www.hazardexonthenet.net

24 Safety culture

Other areas such as material hazard warnings, PPE requirements, pre-amble,

Will it work for me?

title, should be kept to an absolute minimum. All too often they are added in to protect management and not to inform the user. They can make the document bulky, which

formats are beginning to appear across the process industries. Sometimes the format is misunderstood, or the previous procedure and its format are shoehorned into the new

can be counter-productive, potentially causing the issues the author was trying to address in the first place, such as the user

format without much alteration or change in approach. Where this happens the benefits of the new procedure format are not realised.

not referring to the procedure.

Frequently the reaction to the format is that it will increase the length of procedures, and will make them harder to write.

Procedures in this or similar styles and

About the author

However, in practice when the format is understood and used correctly, the experience is that procedures become shorter, easier to write, quicker to navigate, and contain more information of relevance to the user, leading to fewer mistakes and deviations.

So what does good look like?

Nowâ&#x20AC;&#x2122;s a good time to check your SOPs

A simple example of the format these procedures may take is given on the previous

If you want your company to have well written procedures which reflect the actual practices that occur onsite, ask whether the

page. This type of SOP is adapted from the automotive industry, specifically the Lean toolkit (or Toyota Production System). It is successful in engaging the workforce by capturing their best known practice. As a result, it is pivotal in driving improvements in

format and style are user friendly. Are they written by the people who actually do the tasks? And does the whole system have a complete and utter focus on the user throughout? If they do, then you are well on the way to procedures that will underpin

quality, productivity and ultimately, safety.

quality, productivity, and safety.

www.hazardexonthenet.net

Russell Page is Principal Consultant at HFL Consulting, and previously worked at Bentley Motors Ltd and Corus. He is a Chartered Engineer with experience across the Process, Pharmaceutical, Food, Chemical, Automotive, Metals, General Engineering, Packaging and Healthcare industries.

New A90 universal process panel meters Putting the latest hazardous area news, legislation & products at your fingertips with multicolour displays > Multicoloured display visible in all lighting conditions > Colour can be linked to alarm status (optional) > 5 digit and 31 segment bargraph > dc and mains powered models > Process current, voltage and RTD inputs > IP66 (front) 1/8 DIN or Rugged SS enclosure > Optional dual alarms, isolated 4/20mA output 24V dc transmitter supply

Advisor_124x86.indd 1

www.beka.co.uk

Hitchin, Herts. SG5 2DA,UK sales@beka.co.uk Tel +44 (0)1462 438301

8/4/2017 1:30:52 PM

Download the new HazardEx App today for free!

26 Gas safety

Gas Mapping – is it worth it? O

n premises where flammable or toxic gases are stored or used, suitable and sufficient gas detection is

author has been involved with Fire Safety since 1987 and with each passing year, technological advances have provided better

and detection coverage. This has many advantages over simple paper exercises. Increasingly the Health & Safety Executive

required. One of the key components of such a system is having the correct gas detectors in the correct locations. The goal of this article, by Randall Williams of Proeon Systems, is to outline the importance of a gas detection survey to demonstrate that the responsible persons within companies have done all

detection and safety systems. Specifically, gas detection systems are more sophisticated and the gas detectors have better response times and fault reporting. However no matter how good the gas detectors and system are, if the detectors are not in the correct position then the system falls short.

(HSE) is requiring sites to demonstrate the risk is covered and assessed by reviewing the Gas Detection Survey Report or Audit.

that is reasonably practicable to protect any operatives from risk. Gas Detection Systems are required to protect people and assets wherever hazardous situations exist due to the

Gas detection mapping or surveying is when a qualified and competent person designs the location of the gas detectors to reflect the risk of a potential toxic or flammable gas leak. The process can be supported by the use of 3D modelling

responding to; ‘concern that previous fines for serious and fatal corporate health and safety offences were too low in relation to the harm caused.’ Included in the guidelines rated as ‘High’ culpability it states; ‘failing to put in place

presence of flammable or toxic gas. The

software that illustrates the risk (grading),

measures that are recognised standards

www.hazardexonthenet.net

The legislation is clear. On the 1st February 2016, the HSE in the UK released new guidelines regarding sentencing for Health & Safety breaches

Gas safety 27

in the industry.’ For UK Control of Major Accident Hazards (COMAH) sites, the

provide guidance for each assessment or design.

you using?’ and ‘How are you using it?’ Every good risk assessment should identify

regulations are clear and audited by the HSE. However, a number of sites will have large quantities of flammable products, but fall below the legal requirements to be registered as a COMAH site. The duty is clearly placed on the ‘Responsible Person’ to protect people from the risks

who or what is at risk and why they are at risk. The Risk Assessment is the starting point for the Gas Detection Mapping. Additionally the site should provide some form of detection targets. The Oil and Gas Industry has years of practice to develop detection targets to standardise the design of

related to dangerous substances and potentially explosive atmospheres.

its installations. Many non-COMAH sites do not have their own standards, so prior to the survey a formal statement of requirements should be agreed. The statement should detail how the Gas Detection system is to perform, giving tangible targets based on risk

The issue is that normally the ‘Responsible Person’ (the person who is in control of the building, premises and its use) will not have

Without going into detail, each step of the

the training, skills or experience to design or review the Gas Detection Locations to the standards required by HSE. It is

process is essential and requires differing levels of documentation. Sub-contractors and suppliers can support during the

not unusual to find a number of dangers observed on ‘non COMAH’ sites, and the author has himself personally seen the following: • Gas Detectors disconnected because

process, however the ultimate responsibility lies with the Responsible Person at site or within the operating company. Specifically when designing a new system it must be clear who takes design liability for the gas

of faults • Gas Detection panels altered to mask faults

detector locations. When gas detection suppliers are involved, it should be clear who is responsible for the gas detector locations.

unrealistic to expect most Responsible Persons or Companies to have the skill set and resources to objectively report

• No Current DSEAR (Dangerous Substances and Explosive Atmospheres Regulations) Reports

This documentation demonstrates that the system is being designed and managed.

the gas detection is suitable and sufficient as required by the HSE. The correct independent Third Party advice will provide

• No existing or out of date Hazardous Area Mapping • Fire Risk Assessments that mention ‘Flammable Substances on site’ but do not detail DSEAR recommendations • Gas Detection Panels installed in the area of risk • Inadequate staff awareness of flammable atmospheres verifiable, and without appropriate training. Gas / Fire Detection Systems do not prevent releases of toxic or flammable gases, fires or explosions. They are one part of a series of ‘Layers of Protection’ in place to manage or mitigate the risk. As with any safety system there is a process to ensure that the Gas Detection System is always ready to detect accumulations of flammable or toxic gases.

Part of a Process Hazardous Area Safety System Cycle Most safety professionals are familiar with ‘cycles’ to facilitate continuous improvement. Proeon Systems have developed a system for Gas and Flame detection systems that

When does a company need a Gas Detection Survey? • New Systems: When a risk assessment determines a requirement for a Gas Detection System, the Gas Detection Survey will provide the confidence that the

assessment and quantification of hazards.

The Value of an Independent (Third Party) Gas Detection Survey / Audit A mentor hijacked Socrates when he said to me, ‘We don’t know what we don’t know, but a smart man knows who to ask.’ It is

the required documentation to demonstrate the Responsible Person or Company has done everything reasonably and practicably possible as required. A Third Party is also valuable to clearly

field detectors are located in the correct positions to provide the required coverage. • System Upgrades: When systems are upgraded or significantly changed regulators recommend a review of the design to ensure the system is adequate. • Changes in Process or Building: When any change occurs within a process or building, risk assessments should be

identify the areas of risk. A ‘fresh pair of eyes’ will require the risk to be defined which will provide clarity when reporting to a regulatory body. This is also an opportunity to define existing and planned mitigation. For example, a site with a risk of toxic gas might only be accessible by a long set of stairs, the mitigation can be: • Seals on doors to prevent the spread of

updated. • Periodic Reviews: Systems should be subject to periodic reviews. COMAH sites require five year reviews due to their hazardous nature. The Gas Detection

toxic gas. • Pressurised stairwell to prevent gas entering when the door is open.

System is often a safety related system and should be reviewed on a regular and documented basis. For the Risk Assessment in simplistic terms within the context of flammable or toxic gases, the questions raised are, ‘What are

The Third Party can look at the risk from a global perspective to provide insight to the specific situation. Additionally the Third Party can reflect deficiencies and failings in process and procedures. Recently; while undertaking a Toxic Gas Detection Survey, Proeon increased

www.hazardexonthenet.net

28 Gas safety the number of gas detectors in a remote area application. The Plant Manager did not see the need for gas detection in this area, until he understood the distance of travel for operatives to evacuate to a place of relative safety, they required an earlier warning. Many Oil & Gas companies have or had their own team of in-house experts. In all likelihood most sites do not have a person trained or experienced enough to assume this responsibility. The Independent Third Party provides the Responsible Person confidence that the gas detection system is designed correctly

Hallmarks of a good survey So what do you look for when choosing someone to carry out a Gas Detection Report? Here are a few indicators to look for in a good report:

Figure 1: Example of Toxic Gas Grading based on access

Figure 2: Example of Graphical Representation of the Gas Detector Locations

Figure 4; Example of Gas Detector Location Diagram

Figure 3; Example of Graphical Representation of Gas Detector Coverage

www.hazardexonthenet.net

• The right person – You may have to make some assumptions regarding the competency of the groups or individuals to prepare the reports, however a fire safety professional will understand the multiple layers of systems and mitigation, whereas

a site specific engineer or process engineer may not appreciate how one process can affect the wider fire safety issues. • The right tools – There are a number of 3D Gas / Flame Modelling software packages available and they each have their own

Gas safety 29

as expensive and ‘over the top,’ by blasé managers. Nevertheless, the moral and likely legal obligations require provision of a suitable warning system to the presence of unignited or dangerous substances. Having an Independent Gas Modelling Survey and Report is a key element to demonstrate compliance. Without the report there is no adequate documentation for the courts in the event of a prosecution, or a reasonable excuse for those affected by an incident involving flammable / toxic gas. Figure 5: Example of Gas Detection Coverage Percentages Against Targets

References: 1. Health & Safety at Work Act 1974 (HSWA). 2. The Control of Major Accident Hazards (COMAH) Regulations 2015 (L111, Third Edition). 3. The Dangerous Substances and Explosive Atmosphere Regulations 2002 (DSEAR). http://www.hse.gov.uk/fireandexplosion/dsearregulations.htm

About the author

Figure 6: Example of Summary of Recommendations strengths and weakness. Normally the software is not the issue, it is the person using it that makes the difference (see point above). • Understandable - A competent engineering company will provide a structured report with key elements to demonstrate the report is correct and verifiable, demonstrating competency. • Identifies risk and grades – Risks need to be identified and the appropriate grading identified for these risks. Flammable gas detection will usually have a ‘Hazardous Area Report’ identifying where gas can be present. Toxic Gas usually is not so straightforward and relies upon the site risk assessments. Once the risk is identified each should be graded for risk. • Provides recommended solutions – An audit will plot the coverage based on existing detection, with recommendations to modify the design if required. New systems should place detectors in practical locations that can be mounted and serviced.

• Demonstrates adequate coverage (percentages) – Referring to the detection targets or standard of design, how does the proposed system meet the detection targets? Recommendations and action plan – In the same way a fire Risk Assessment has an Action Plan, the report should summarise the observations / recommendations with clear actions that should be completed or mitigated. Samples of report recommendations follow:

Conclusion To quote Health & Safety Consultant Max Geyer, “The point is that being able to demonstrate ‘due diligence’ is not about having a thing (a policy or a system or a heap of procedures and checklists) it is about doing a thing”. It is everyone’s interest to be safe AND productive. The two are not mutually exclusive, however, safety is often seen

Randall Williams has been working in the fire safety industry since 1988 as a Fire Alarm Engineer and Fire Risk Assessor. He is a Third Party Certified Fire Risk Assessor by the Institute of Fire Engineers and is a member of the Industrial Fire Risk Special Interest Group for the IFE. Randall leads the Fire & Gas Team at Proeon Systems in Norwich, UK. He is a Graduate of the Institute of Fire Engineers (GIFireE) in 2013 and graduated with BSc Fire Protection Management & Technology from California State University, Los Angeles, California in 1986.

@P E R F T E C

Antweep 2017

In the regions hazardexonthenet.net Protecting Plant, Process & Personnel

We are pleased to announce the next Hazardex in the Regions event will take place in Antwerp, Belgium on November 29th 2017 and will be co-located with PEFTEC, the event for petroleum refining & environmental monitoring technologies.

The underlying philosophy of Hazardex in the Regions is to bring the latest safety-related intelligence to process plant and hazardous area specialists at a venue near their workplace, reducing travel time and expense. The conference will be supported by an exhibition of products and services relevant to those working in hazardous environments, and offers free access to PEFTEC conferences, seminars & the wider exhibition.

Following on from the success of the decade long series, this is another opportunity for all those interested in process plant safety in Belgium and the surrounding countries to participate in one of our hazardous operationsfocused one-day conference & exhibitions.

These events will be useful for engineers, safety managers, directors with corporate liability and other members of the hazardous area community from all the process and high hazard industries, including oil & gas, petrochemicals, fine chemicals, pharmaceuticals, mining, manufacturing and the food & beverage sector, amongst others.

If you are interested in presenting a paper, exhibiting or attending the event, please contact:

russell.goater@imlgroup.co.uk or phone + 44(0) 1732 359990 www.hazardexonthenet.net

CONFERENCE EXHIBITION & SEMINARS 29th - 30th NOVEMBER 2017 - ANTWERP, BELGIUM

29th & 30th NOVEMBER

2017

ANTWERP

BELGIUM

Antwerp was chosen as PEFTEC’s location as it is situated in the World’s second largest cluster of Petrochemical Industry activities and the largest outside of the USA. Antwerp is an ideal location for visitors as it is placed in the heart of Europe with easy access by car and by rail with excellent Air links for visitors from the Middle East, Africa, Asia and the Americas.

Peftec 2017 is a focused international Conference and Exhibition for Companies specialising in monitoring and analytical technologies for the Petroleum, Refining and Environmental Industries. Peftec offers international visitors and experts an extensive conference and seminar programme on case studies, CONFERENCE EXHIBITION & SEMINARS regulation, standards and analytical techniques with a focussed exhibition of product and service providers.

29 - 30to th NOVEMBER 2017 - ANTWERP, BELGIUM Thethneed produce accurate analytical and monitoring data is essential to industry.

For more information email: info@peftec.com Hazardex will be staging a one day high hazard process safety conference within PEFTEC, contact events@imlgroup.co.uk for attendance and exhibiting options.

www.PEFTEC.com

Topics and products featured at Peftec 2017 will include: • Laboratory Testing and Measurement • Petrochemical Analysis • Emissions Monitoring in Air, Water and Soil • Portable and Field Sampling • Process Monitoring • Reference Materials • Oil Analysis • Calibration • Regulation and Standards

Organiser: International Labmate Ltd, Publisher of Petro Industry News, International Environmental Technology, Asian Environmental Technology, International Labmate and Lab Asia.

Process cybersecurity 31

Defence in depth: protecting safety

instrumented systems from cyber attacks

to enable the exchange of process and

Serious consequences

is helping process plants become more efficient and increase productivity, but it also brings extra security risks.

equipment data. The ability to collect and remotely analyse ever more sensor data is undoubtedly beneficial, informing intelligent

Several high-profile cyberattacks with farreaching consequences have taken place in recent years, including:

Rob Sharrock, Andy Crosland and Ben Worthy from Emerson Automation Solutions look at the issues facing

operating decisions to improve efficiency, reliability and productivity. However, the concept of complete connectivity brings an

• In 2014, hackers took control of production software at a German steel mill and caused significant damage to a blast furnace

operators, and explain what measures can be taken to help keep control and safety systems secure.

element of risk, with modern IACS potentially becoming targets for cyberattack via viruses and malware.

he concept of complete connectivity

which could not be properly shut down. A virus had been in the system for six months before finding its target. • In 2015, a cyberattack on three energy distribution companies in Ukraine led to 30 substations being disconnected, leaving

Cybersecurity – a growing threat

Cyberattack statistics

The process industry automation market has evolved from the purpose-built systems of the previous century to an increasing use of more widely available COTS (commercial off-the-shelf) technologies within Industrial Automation and Control Systems (IACS). Today’s IACS have much in common with more general IT networks, using PCs running

industrial infrastructure is growing. UK government figures for 2016 [1] reveal that 65 percent of all large firms detected a cybersecurity breach or attack during the year. The average cost of a breach to a large business was £36,500, with the costliest breach identified in the survey being a staggering £3 million. Yet while 69 percent

Cybersecurity from a process safety viewpoint is less about data security and more to do with defining measures that can be taken to protect IACS and safety instrumented systems (SIS) against unauthorised access or

Windows operating systems and Ethernet networks and switches using IP addressing, etc. As adoption of Industrial Internet of Things (IIoT) technology advances, users of IACS seek ever-more accessible and open systems, providing connectivity with

of businesses regard cybersecurity as a high priority, only 51 percent of companies have taken recommended actions to identify risk, only 29 percent have formal written cybersecurity policies, and only 10 percent have a formal incident management plan.

attack, to prevent similar incidents. Malicious hackers accessing these systems clearly have the potential to disrupt transport, energy or water supplies, or cause catastrophic damage. Effective protection is therefore of paramount importance.

The frequency of attacks against critical

225,000 customers without power for several hours.

corporate intranet and ultimately the internet

www.hazardexonthenet.net

32 Process cybersecurity

Areas of vulnerability The range of systems for control and safety functions which can be vulnerable to cyberattack includes: • Distributed control systems (Basic Process Control Systems) (DCS/BPCS) • Programmable logic controllers (PLC) • Supervisory control and data acquisition systems (SCADA) • Safety instrumented systems (SIS) • Plant information systems such as data historians, programming interfaces and data servers

The HSE guidance focuses on three main

of a range of events for which appropriate

• Network infrastructure to provide connectivity to all the above • Connected systems outside the IACS.

principles for implementing risk reduction: • Protect, detect and respond – worms, Trojans and viruses can be in the system

measures can be taken to achieve ALARP safety. With cybersecurity threats constantly evolving, risk assessment is a challenging

Process risk assessment techniques such as HAZOP are well known. However, the same techniques are not sufficient to address IACS/SIS security, as they do not consider

for a long time before finding their target. It is important to detect possible attacks and respond in an appropriate and timely manner, to minimise their impact. • Defence in depth – no single security

area, as it is difficult to use historical data to indicate the likelihood of future security breaches.

malicious, or multiple simultaneous events. Therefore, new techniques are required.

Standards and guidance The IEC61511 standard is widely recognised as good practice when engineering SIS.

measure provides absolute protection. Multi-layer protection is required to avoid single point failures. • Management and organisational procedures are required – technology alone is not enough to provide robust

carry out cybersecurity risk assessments on a regular, ongoing basis, to help operators with this challenge. Typical threats to consider include worms and viruses, transportable media such as USB sticks and temporary connections such as vendor laptops;

The 2016 edition of IEC61511 introduces a mandatory security risk assessment to identify any SIS vulnerabilities to cyberattack

Asset owners and operators may use IT and

software errors, for example in the system firmware; unauthorised local or remote access; unauthorised actions by employees

and references the ISA/IEC62443 series of standards and technical reports for guidance on implementing electronically secure IACS.

business cybersecurity solutions (firewalls and antivirus software, for example) to improve the security of their IACS, but these solutions

or vendors; unauthorised data transfer; unintended employee actions; denial of service; system sabotage; and theft. An

However, as this series is still evolving, with some parts not complete, achieving compliance is difficult for asset owners, systems integrators, security practitioners and control and safety system suppliers.

need to be applied as part of a holistic approach incorporating people, process and technology.

asset’s vulnerability to each of these threats should be assessed and the results stored securely, with limited access.

Cybersecurity risk assessment

Against this evolving regulatory backdrop, government agencies and industry associations in major European countries

Process safety risk assessments determine the likelihood and potential consequences

Following an initial risk assessment phase, various cybersecurity solutions should be considered, and periodic follow-up audits performed (see diagram below).

[2] are working to provide guidance to help process operators improve cybersecurity. For example, the UK’s Health and Safety Executive (HSE) has issued an Operational Guidance document [3] representing its interpretation of current standards on industrial cybersecurity. Following this guidance could help operators show that cybersecurity risks have been managed to be as low as reasonably practicable (ALARP), if challenged to demonstrate compliance with relevant health and safety legislation.

www.hazardexonthenet.net

levels of protection.

IACS suppliers employ specialists who can

Process cybersecurity 33 Layers of Protection Integrated control and safety systems (ICSS) have been successfully deployed for many years in thousands of process industry applications. There are many benefits to integrating the safety and control systems, which could account for the ever-growing market preference for ICSS, but with integration comes the potential concern raised by some that a cyberattack on the IACS might somehow infiltrate the SIS, leading to process incidents. That is why industrial automation suppliers go to great lengths to ensure that integration does not compromise security of the SIS, and

The first layer of protection is to make it as difficult as possible to gain unauthorised access to the control system. Plants should

Keeping the SIS secure

separation is maintained between SIS and BPCS (DCS) layers in compliance with the IEC61511 standard.

have a user privilege management system giving access to only the parts of the system and network users need to perform their

of proxy servers is a recognised method to limit and control flow of data between separate networks, whilst allowing approved

To protect a SIS from a cyberattack, some argue for complete separation. Others suggest separate SIS systems loosely interfaced to the DCS via an open protocol

job. Remote sites should be as secure as the main production site. Other security measures include the use of managed switches which limit access to parts of the communications network, workstation

communication. This technique can prevent a compromise at the BPCS network level from directly spreading to the SIS Logic Solvers on the separate safety network.

connection. However, it is important to note that the HSE guidance does not stipulate any particular architecture and there is no reason

hardening that reduces system attack surface by disabling unused Windows services and external media (USBs, etc.), patch

why the SIS cannot be secure within the ICSS, if properly designed security features are part of the system design.

management to ensure timely application of software fixes, endpoint protection, firewalls, demilitarised zones and secure architecture

Integrated security â&#x20AC;&#x201C; Defence in depth

Network isolation is an important way to keep the SIS secure within the ICSS. Use

design following best practice. Safety systems practitioners are familiar with the concept that multiple layers of protection

Should a hacker still gain access to the outer

are used to reduce the risk of process accident hazards. So it comes as no surprise that we also look for multiple protection layers

control system, a well-designed ICSS will contain multiple additional levels of protection for the SIS within, to prevent malicious

to provide SIS security.

actions creating unsafe conditions.

Simplified explanation of a proxy serverâ&#x20AC;&#x2122;s role

www.hazardexonthenet.net

Call for papers now open

The 2018 Hazardex International Conference and Exhibition will be taking place once again at the Holiday Inn Hotel in Runcorn, Cheshire, UK, on February 28 and March 1. The two-day Conference & Exhibition, which also includes workshops, a networking dinner and awards ceremony, aims to strengthen and expand the community that looks to the Hazardex website and journal for industry intelligence and information. New for 2018 will be the Industry 4.0 village & workshop, which will focus on the safety and security aspects of this key global issue. The other main areas of interest at next yearâ&#x20AC;&#x2122;s conference will be systems, procedures, competence, human factors, legislation, non-electrical, risk and asset management, but anyone with an original take on any aspect of hazardous area operations or process safety is encouraged to get in touch. The conference committee has also issued a special request for end user/ operator experiences, particularly relating to regulation, cultural change, ageing plant and decommissioning. Sponsorship or exhibitor queries should be addressed to the Event Director Russell Goater at russell.goater@imlgroup.co.uk or phone +44 (0) 1732 359990. Please contact Hazardex Editor Alan Franck â&#x20AC;&#x201C; alan.franck@imlgroup.co.uk â&#x20AC;&#x201C; to submit presentations for consideration or for any queries about the conference.

www.hazardexonthenet.net

Call for papers nearing deadline

Process cybersecurity 35

A proprietary protocol between the BPCS and the SIS, with validity checks within the

Additional measures at logon such as smart cards for 2-factor authentication can further

consequences of a security breach. Incident handling capability must be implemented

logic solver on any data change requests, further reduces the risk of any unauthorised change to the SIS. Whether the SIS is fully integrated, or a third-party SIS interfaced via open protocols, maintenance bypasses are typically set from the BPCS. A solid bypass management functionality within the logic

enhance electronic signature security.

covering preparation, detection, analysis, containment, removal and recovery. Finally, cybersecurity audits should be conducted at planned intervals. Threats are continually evolving and both preventative techniques and how the company responds to an attack must do the same.

solver is key. This includes preventing multiple bypasses, allowing for automatic removal of active bypasses after a specified time, and requiring additional authorisation of bypasses via physical key or electronic signature. Tight integration between BPCS and SIS enables

can take IACS workstations, servers and network equipment system events and logs and put them into a meaningful dashboard for prompt response. A SIEM can also monitor network traffic data through Network Security Monitor appliances using a one-way only

prompt notification when bypasses or forces are present in the SIS.

communication flow as an added security monitoring feature.

Requiring physical presence at the logic solver location before configuration changes can be downloaded is another effective way

As your last resort for either a complete system restoration or files recovery, a comprehensive solution for backing up

to reduce cybersecurity risks. Most industrial process plants have effective access control

systems needs to be in place. A backup and recovery solution should include backup data

systems, so even if IACS security has somehow been compromised from outside the plant, the hackers don’t have physical

storage in different geographical locations in the event of a disaster that would affect local servers in the processing facility. Backup

access to secure areas and cannot change the SIS configuration.

data should be checked periodically to make sure it is valid and readily available when it is needed.

Security monitoring can also be an important mechanism to detect threats, while also helping with forensics and preventing similar future attacks. A centralised Security Information and Event Management (SIEM)

The IEC61511 standard has strong requirements for control of modifications to the SIS. Configuration audit trail management systems can also help with the detection

Implementing technology alone is not enough. It is important for companies to have management-backed cybersecurity

and prevention of unauthorised change, particularly if electronic signatures from multiple users are required to authorise changes before they can be implemented.

policies and procedures in place, and for all safety system users to be properly trained. All employees should be fully aware of the risks to system integrity and of the potential

[1] – Cyber Security Breaches Survey 2016 (HM Government, Ipsos MORI Social Research Institute and University of Portsmouth). [2] - http://cybersecurity.bsa.org/countries.html [3] – Cyber Security for Industrial Automation and Control Systems (Health and Safety Executive).

About the authors Rob Sharrock has over 30 years’ experience in Automation engineering, the last 15 years being engaged in the field of safety engineering. Rob has an in-depth knowledge of Safety Directives and Standards covering both the Machinery/Manufacturing and Process Sectors as well as practical experience in the deployment of Safety Systems in a variety of industries. Rob joined Emerson four years ago as Business Development Manager for Safety Instrumented Systems across the UK and Ireland. Andy Crosland has worked for almost 30 years in process automation and safety systems, qualifying some years back as a TÜV FSEng. Andy has worked for Emerson for almost 10 years, focused entirely on Emerson’s SIS offering. As European Business Development Manager for SIS, Andy meets with a variety of customers to discuss their safety needs, and promote recognised good practice in safety engineering. Ben Worthy is Information Networks Consultant (Cyber Security) at Emerson Automation Solutions. He has around twenty years of experience in the design and implementation of Industrial Control and Safety Systems. More recently he has specialised in the IT side of ICSS Operations primarily around Cyber Security but also in domains including Virtualisation, Wireless Networks and Remote Access. Ben has been with Emerson Automation Solutions since 2007, and recently qualified as a Global Industrial Cyber Security Professional (www.giac.org).

www.hazardexonthenet.net

36 Event preview

Tank Storage Conference and Exhibition Date: 28 September 2017 Location: Coventry, UK The Tank Storage Conference and Exhibition is the UK’s leading event for the bulk liquid storage sector. The event has a proven track record of successfully bringing together people who care about safe and effective bulk liquid storage operations.

This year’s event will be held at the Premier Lounge of the Ricoh Arena, Coventry. The venue, which is located less than a mile from junction 3 of the M6, is just a 70 minute journey by train from London and is

which are of key interest to those who operate in this sector.

close to Birmingham International Airport. Organiser: Tank Storage Association The conference programme features presentations from Government, Regulators and industry experts on topics

www.tankstorage.org.uk/conferenceexhibition

WCCE10 – Joint Event Process Safety Symposium (JE-PSS) Dates: 02 to 03 October 2017 Location: Barcelona, Spain CCPS, EPSC, ISC, MKOPSC, and WPLP organise the joint Process Safety Symposium as part of WCCE10. This will be a 2-day single track joint event. The scope of this joint process safety symposium is to have a dialogue on this call for action, and raise awareness and understanding on the importance of process safety amongst all stakeholders.

The focus will be to foster discussion among scientists, professors, engineers, industrial professionals by sharing process safety lessons learned, process safety leadership and management best practices, and highlight the critical need to improve process safety education and competence.

• Education on Process Safety • Process Safety Competency • Process Safety Management

The Process Safety Symposium will cover the following main topics: • Process Safety Case Studies and

Organiser: American Institute of Chemical Engineers (AIChE)

Lessons Learned • Process Safety Leadership

http://wcce10.org

CCPS Middle East Conference on Process Safety Date: 09 to 11 October 2017 Location: Bahrain Over the past several years Process Safety has taken on increased importance. Today companies large and small, in the traditional process industries and in emerging areas, all put a premium on improving their Process Safety performance. In fact, Process Safety is now

the business value of process safety and have committed to process safety as a strategic priority and core value in all of their operations. Focusing on operational excellence through effectively managing risk and reliability, this event aims to define, through collective industry experience, the engineering practices and leadership traits that drive industry to a zero harm culture.

on Process Safety featured 746 unique participants from 19 countries and 133 companies and 27 sponsors and

a Board-level issue in many companies.

The 2017 CCPS Middle East Conference

exhibitors.

Organised by AIChE’s Center for Chemical Process Safety, CCPS-MEPSC is the

on Process Safety will take place at the Bahrain International Exhibition & Convention Centre on October 9-11, 2017.

Organiser: American Institute of Chemical Engineers (AIChE)

Middle East conference for stakeholders in the process industries who recognise

The 2015 CCPS Middle East Conference

www.mepsc.org

www.hazardexonthenet.net

Product Datafiles 37 Compact, robust I/O and terminal blocks cut maintenance costs in hazardous areas Stand 3B141 at SPE Offshore Europe 2017 sees WAGO presenting its latest automation products for harsh conditions, hazardous areas and explosive environments. New products for offshore and marine applications, such as I/O modules with Ex certification to ATEX and IECEx, and Intrinsically Safe (IS) modules, will be launched. WAGO’s XTR range of robust controllers and I/O modules include internal protections against shock, vibration, interference and impulse voltage. This enables them to be installed in indoor or outdoor control cabinets near to heavy-duty equipment such as marine diesel engines, cranes and drills. Equipment, energy and maintenance costs are therefore reduced by eliminating the need for expensive and space-consuming external cooling systems or protection circuits. The range protects against physical and electronic interference certified to international marine, offshore and industrial safety standards (e.g., UL, ANSI/ISA, DNV GL, ABS, LR):

• Operating temperature of -40 °C to +70 °C • Vibration protection up to 5 G acceleration (EN 60068-26) • Shock protection up to 25 G (IEC 600682-27) • Isolation up to 5,000 V impulse voltage (EN 60870-2-1) • Immunity to interference (EN 606870-2-1) Each module packs up to 16 channels into a 12 mm wide housing, allowing more I/O to be deployed in smaller spaces Visit WAGO on Stand 3B141

or contact at 01788 568008

Expanded beam fibre optic cable assembly for connections in the toughest environments

ATEX Certified Humidity/ Moisture & Temperature Sensors

HARTING has developed an expanded beam fibre optic connector for providing high-bandwidth transmission in the harsh environments found in tunnel drilling and mining applications, where industrial Ethernet over fibre optic cable is becoming the transmission medium of choice. As digitisation makes increasing inroads into these sectors, the demands placed on the communication and control cabling become particularly stringent. HARTING’s solution for high data rates under these extreme conditions is the Expanded Beam Cable Assembly. Its high bandwidth allows the high-definition video signals used in the vision systems that control the boring machines and associated equipment to be safely and securely transmitted. Contact us on Telephone : 01604 827500 enquiries@harting.com www.harting.co.uk

ROTRONIC Intrinsically Safe sensors and measurement transmitters with analogue outputs are suitable for use wherever there is a risk of explosion due to dust or gas in the environment. They were developed for the pharmaceutical, biotechnology, grain & sugar, petrochemical, and oil & gas industries. HygroFlex5-EX transmitters and probes from ROTRONIC conform to the latest international ATEX standards. The transmitter is Intrinsically Safe (secondary side) , there are two channel outputs, the housing is heavy duty. Interchangeable probes are available for all applications, including those at pressure and low dew point.

Leading the Customer Service Experience in the Certification Industry

Asecos Q range – proven fire resistance of 90 minutes

Providing exceptional customer service is a key aspect of the work we do at CSA Group. Over the last 18 months CSA Group has made significant improvements to the way we provide our service to our customers. Our customers have scored us 90% in overall customer satisfaction, with 4 out of 5 clients saying they would recommend CSA Group to a colleague. Interested in learning how we do it? Please contact us to arrange a no obligation project planning meeting.

Labtex’s Asecos Type 90 storage cabinets provide extremely safe, regulationcompliant storage of hazardous materials in laboratories and other work spaces. Each cabinet variant is furnace tested in accordance with EN 14470-1 and proven to give fire resistance of 90 minutes. Extremely robust in construction for maximum torsional rigidity and with tamper proof lock and indicators built in, every ASECOS cabinet has GS approval and CE conformity. In addition the Q range is offered in range of scratch-resistant paint colours and with extensive interior equipment options Warranty cover is available up to 10 years.

Technical datasheet available Tel: 01293 571000 Email: instruments@rotronic.co.uk Web: www.rotronic.co.uk

T: +44 (0) 1244 670 900 E: ukinfo@csagroup.org W: www.csagroupuk.org

Tel:+44 (0)1484 600200 Please contact Greg Smith at greg@labtex.co.uk

How to ground your road tanker correctly

Connecting you to Global Markets

Loading and unloading road tankers with large quantities of commonly used chemicals and powders generates static electricity which, if left to accumulate could discharge electrostatic sparks, potentially causing fires and explosions. Newson Gale’s Earth-Rite® RTR is the most reliable and precise method of grounding road tankers today. To find out more information about the Road Tanker Recognition contact Newson Gale.

CSA Group is a global organization dedicated to safety, social good and sustainability. We provide testing, inspection and certification services for products in industrial and hazardous locations. We realise our customers need access to global markets and they need it quickly. As such, we’ve evolved our processes to respond even better to the pressures our customers face, while offering the marks needed to access markets around the world. Our large team of certification engineers are focused on completing projects within agreed-to timelines and we consistently start and finish projects with some of the best lead-times within the industry.

www.newson-gale.co.uk

T: +44 (0) 1244 670900 E: ukinfo@csagroup.org

W: www.csagroup.org

www.hazardexonthenet.net

38 Buyers Guide

For a complete range of hazardous area solutions Intrinsic Safety Isolators • Zener Barriers • Zone 1&2 Remote I/O • Fieldbus Exe Enclosures • Exd Control Panels • Ex Lighting • Purge Solutions • Zone 1 & 2 HMI’s PC’s

www.pepperl-fuchs.co.uk Batteries

Tel.: 0161 6336431

Consultancy

sales@gb.pepperl-fuchs.com

Electrical Distributor

Explosion Proof Cranes

Powerful New ATEX-Approved Batteries

Your Source Onshore For Everything Electrical Offshore R&M is the UK’s largest independent electrical group serving the Oil and Gas industries.

023 80341 444

www.rm-electrical.com

Advanced batteries and protection whatever the environment

Explosion protection

Call 0161 727 3860 for further details

Control Panels Cable Glands

Hazardous Area Specialist

Total Explosion Protection ■ ■ ■ ■ ■ ■

J.B. Systems Ltd EExd & EExe enclosures Custom built panels, terminal boxes & control stations

Conventional venting Flameless venting Explosion isolation Explosion suppression Testing services Expert advice

Tel: 01296 489967 Fax: 01296 393515 Email: sales@jbsystems.co.uk Website: www.jbsystems.co.uk

T: +44 (0) 1622 677081 E: info@fike.co.uk www.fike.co.uk

Explosion Proof Cranes

Control Panels

Heaters In Control

EXd & EXe Control Systems Design Using the Latest AutoCAD software, based on your specification

Manufacture Drawings approved, we then build the system in-house

Test

Your total solutions provider

t-s-e.co.uk

Specialist in design and custom build of a wide range of high-quality, hazardous area enclosures, terminal boxes & control stations

Trant System Electrical Southampton SO40 9AH 023 8042 8700 HAZARDOUS AREA PRODUCTS info@t-s-e.co.uk

APPROVED OEM INSTALLER FOR CORTEM EXD ENCLOSURES

www.hazardexonthenet.net

We flash test as standard, we also offer injection testing & more

Delivery All around the world, Packaging to suit your Circumstances

Install & Commission Our engineers are fully qualified and we have carried out successful works in over 50 countries On & Offshore

Tel: +44 (0) 1384 48 48 05 Email: sales@banelec.co.uk Web: www.banelec.co.uk

BARTEC MCC

CONTROL PANELS

PLC

SCADA

Approved Partner

Training

7-inch industrial fanless panel computers for oil & gas

10% OFF all CompEX Courses • Foundation • EX01 to EX04 • EX01 to EX04 Refresher

• Dust EX05 to EX06 • Mechanical EX11

Quote Code: HAZ10

+44 (0) 1642 770310

www.tte.co.uk/accredited

The MPC-2070 7-inch panel computers with Intel Atom processor E3800 series deliver a reliable and durable platform for use in industrial environments. With two software selectable RS-232/422/485 serial ports and two gigabit Ethernet LAN ports, the computers support a wide variety of serial interfaces as well as high-speed IT communications, all with native network redundancy. They offer -40 to 70°C temperature range, and come with a fanless, streamlined enclosure designed for highly efficient heat dissipation, making this one of the most reliable industrial platforms available for harsh, hot, outdoor environments like oil and gas fields, or drilling platforms. They also feature a 1000-nit LCD panel offering a sunlightreadable, projected-capacitive, glove-friendly, multi-touch screen. https://www.moxa.com/product/MPC-2070.htm

To advertise in the Product Datafiles or Buyers Guide contact Kathryn Startin on +44 (0)1732 359990 or kathryn.startin@imlgroup.co.uk

Call for papers nearing deadline

Sponsorship & exhibition stands now on sale Contact the HazardEx sales team on +44 (0)1732 359990 or events@imlgroup.co.uk

Square shaped beam LED floodlights collection

PURE LIGHT

Thanks to the “square shaped beam” optics, the explosion-protected floodlight SLED series of Cortem Group ensures a uniform illumination over large spaces, both indoors and outdoors. Characterized by high light output with a white light and a colour rendering index greater than 70, they are able to replace the sodium vapour or metal halide floodlights, ensuring the quality of the light, energy saving and visual comfort.

II 2GD Ex de IIB+H2 method of protection for environments with the presence of hydrogen High luminous efficiency Energy saving Optimization of plant engineering and maintenance costs Cool White LED, color temperature 6.500 K Long Term Performance SLED-600 30.800 lm

cortemgroup.com

SLED-400 20.750 lm

SLED-250 13.050 lm

Zone of installation 1, 2, 21, 22 | ATEX/IECEx/TR CU certificates Class temperature T5 (100°C) T6 (85°C) | Degree of protection IP66 Power supply 100-277 Vac ±10% and 120-277 Vac ±10%