Automated safety shut down systems are an integral part of the overall safety of many pilot plant and laboratory units. They represent the instrumentation and wiring intended to respond to a given condition or event. Many of the issues, problems and solutions with such systems are directly transferable between laboratory, pilot plant and manufacturing plant scale except for the number of interlocks, trips or units involved. It is important to design, test, and maintain these systems properly so that they function when needed to prevent or respond to an incident.

16.1 Selection and Design Based on Hazard Identification and Risk Analysis

The design of the automated safety shut‐down is based on hazards and controls identified in the hazard analysis. The hazard analysis identifies the scenarios that do not meet the risk tolerance criteria of the organization. To close the gap and meet the criteria, safeguards are added. Automated safety shut‐down systems typically act after the initiating event, and before the release of material.

The hazard analyses for LAPPs need to consider the implications of the automated safety shut‐down system used. These questions are a good starting point:

• What are its potential failure modes?
• How reliable are its components?

Answering these questions requires understanding how the automated safety shut‐down system functions and an adequate understanding of all the potential failure modes of the system. Higher risk hazards ...