Subido por Luis Alberto Henríquez Tobar

Guidelines for managing inspection of Ex

Anuncio
Guidelines for managing inspection
of Ex electrical equipment ignition risk
in support of IEC 60079-17
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT
IGNITION RISK IN SUPPORT OF IEC 60079-17
First edition
October 2008
Published by
ENERGY INSTITUTE, LONDON
The Energy Institute is a professional membership body incorporated by Royal Charter 2003
Registered charity number 1097899
The Energy Institute (EI) is the leading chartered professional membership body supporting individuals and organisations across the
energy industry. With a combined membership of over 13 500 individuals and 300 companies in 100 countries, it provides an
independent focal point for the energy community and a powerful voice to engage business and industry, government, academia
and the public internationally.
As a Royal Charter organisation, the EI offers professional recognition and sustains personal career development through the
accreditation and delivery of training courses, conferences and publications and networking opportunities. It also runs a highly
valued technical work programme, comprising original independent research and investigations, and the provision of IP technical
publications to provide the international industry with information and guidance on key current and future issues.
The EI promotes the safe, environmentally responsible and efficient supply and use of energy in all its forms and applications. In
fulfilling this purpose the EI addresses the depth and breadth of energy and the energy system, from upstream and downstream
hydrocarbons and other primary fuels and renewables, to power generation, transmission and distribution to sustainable
development, demand side management and energy efficiency. Offering learning and networking opportunities to support career
development, the EI provides a home to all those working in energy, and a scientific and technical reservoir of knowledge for
industry.
This publication has been produced as a result of work carried out within the Technical Team of the Energy Institute (EI), funded by
the EI’s Technical Partners. The EI’s Technical Work Programme provides industry with cost-effective, value-adding knowledge on
key current and future issues affecting those operating in the energy sector, both in the UK and internationally.
For further information, please visit http://www.energyinst.org.uk
The EI gratefully acknowledges the financial contributions towards the scientific and technical programme
from the following companies
BG Group
BHP Billiton Limited
BP Exploration Operating Co Ltd
BP Oil UK Ltd
Centrica plc
Chevron
ConocoPhillips Ltd
ENI
E. ON UK
ExxonMobil International Ltd
Kuwait Petroleum International Ltd
Maersk Oil North Sea UK Limited
Murco Petroleum Ltd
Nexen
Saudi Aramco
Shell UK Oil Products Limited
Shell U.K. Exploration and Production Ltd
Statoil (U.K.) Limited
Talisman Energy (UK) Ltd
Total E&P UK plc
Total UK Limited
Copyright © 2008 by the Energy Institute, London:
The Energy Institute is a professional membership body incorporated by Royal Charter 2003.
Registered charity number 1097899, England
All rights reserved
No part of this book may be reproduced by any means, or transmitted or translated into
a machine language without the written permission of the publisher.
ISBN 978 0 85293 513 2
Published by the Energy Institute
The information contained in this publication is provided as guidance only and while every reasonable care has been taken to ensure
the accuracy of its contents, the Energy Institute cannot accept any responsibility for any action taken, or not taken, on the basis of
this information. The Energy Institute shall not be liable to any person for any loss or damage which may arise from the use of any
of the information contained in any of its publications.
Further copies can be obtained from
Portland Customer Services, Commerce Way, Whitehall Industrial Estate, Colchester CO2 8HP, UK. Tel: +44 (0) 1206 796 351
e: [email protected]
Electronic access to EI and IP publications is available via our website, www.energyinstpubs.org.uk.
Documents can be purchased online as downloadable pdfs or on an annual subscription for single users and companies.
For more information, contact the EI Publications Team.
e: [email protected]
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
CONTENTS
Page
Acknowledgements ................................................................................................................. vii
Foreword ................................................................................................................................. viii
Overview ....................................................................................................................................x
1
Introduction, scope and application ................................................................................. 1
1.1 Introduction................................................................................................................. 1
1.1.1 Objective ........................................................................................................ 3
1.1.2 Ex sampling strategy ....................................................................................... 3
1.2 Scope .......................................................................................................................... 4
1.3 Application .................................................................................................................. 5
1.3.1 Managing inspection of Ex electrical equipment ignition risk by applying
gap analysis .................................................................................................... 6
2
Legislation, regulations and standards ............................................................................ 7
2.1 Introduction................................................................................................................. 7
2.2 The Health and Safety at Work etc. Act and Management of Health and Safety at
Work Regulations ........................................................................................................ 7
2.3 ATEX 'Equipment Directive', ATEX 'Workplace Directive', The Equipment and
Protective Systems for use in Potentially Explosive Atmospheres Regulations and
The Dangerous Substances and Explosive Atmospheres Regulations ............................ 7
2.4 Provision and Use of Work Equipment Regulations ...................................................... 8
2.5 Offshore installations (Prevention of Fire and Explosion, and Emergency Response)
Regulations.................................................................................................................. 8
2.6 Offshore Installations (Safety Case) Regulations ........................................................... 8
2.7 The Electricity at Work Regulations .............................................................................. 8
2.8 The Construction (Design and Management) Regulations ............................................ 9
2.9 IEC 60079-17 .............................................................................................................. 9
2.9.1 Maintenance .................................................................................................. 9
2.9.2 Inspection....................................................................................................... 9
2.9.3 Skilled personnel (electrical technicians) ........................................................ 10
2.9.4 Technical person with executive function...................................................... 10
2.10 ISO 2859-1 ................................................................................................................ 10
3
Applying SMS principles to managing the inspection of Ex electrical equipment ..... 12
3.1 Introduction............................................................................................................... 12
3.2 Policy ..................................................................................................................... 12
3.2.1 Initial inspection............................................................................................ 12
3.2.2 Periodic inspections ...................................................................................... 13
3.2.3 Sample inspections ....................................................................................... 14
3.2.4 Ex risk-based inspection ................................................................................ 16
3.2.5 Summary of coupling the sampling strategy with an RBI strategy.................. 17
3.2.6 Audit and review of Ex inspection strategy.................................................... 20
3.3 Organisation.............................................................................................................. 20
3.3.1 Roles and responsibilities .............................................................................. 20
3.3.2 Competence................................................................................................. 21
iii
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Contents Cont…
3.4
3.5
3.6
4
Planning and implementation .................................................................................... 22
3.4.1 Phase 1 of implementation plan ................................................................... 22
3.4.2 Phase 2 of implementation plan ................................................................... 23
3.4.3 Phase 3 of implementation plan ................................................................... 24
Measuring performance............................................................................................. 25
3.5.1 Initial Ex inspection target levels.................................................................... 25
3.5.2 Faults............................................................................................................ 25
Audit and review of performance .............................................................................. 25
3.6.1 Reviewing performance ................................................................................ 25
3.6.2 Auditing ....................................................................................................... 31
Managing inspection of Ex electrical equipment throughout its life cycle phases .... 32
4.1 Introduction............................................................................................................... 32
4.2 Design and construction ............................................................................................ 32
4.2.1 Equipment selection and implications for inspection and maintenance ......... 32
4.3 Installation/commissioning/handover ......................................................................... 33
4.3.1 Handover of data.......................................................................................... 33
4.3.2 Equipment register ....................................................................................... 33
4.3.3 Initial inspection............................................................................................ 34
4.4 Operation .................................................................................................................. 35
4.4.1 Equipment location....................................................................................... 35
4.5 Maintenance and inspection ...................................................................................... 36
4.5.1 Functional maintenance................................................................................ 36
4.5.2 Inspection of systems.................................................................................... 36
4.5.3 Efficiency in inspections ................................................................................ 37
4.6 Modification and decommissioning ........................................................................... 37
Annex A: Managing inspection of Ex electrical equipment ignition risk gap analysis
checklist................................................................................................................... 38
A.1 Managing inspection of Ex electrical equipment ignition risk gap analysis checklist.... 38
Annex B: Developing sampling plans by applying the RBI sampling methodology......... 44
B.1 Introduction............................................................................................................... 44
B.2 Overview of developing a sampling plan by applying the RBI sampling strategy
to manage Ex electrical equipment ignition risks ........................................................ 44
B.3 Steps in developing a sampling plan by applying the sampling methodology ............. 45
B.3.1 Define lots .................................................................................................... 45
B.3.2 Define grade of inspection............................................................................ 50
B.3.3 Define sample size ........................................................................................ 51
B.3.4 Define rejection criterion............................................................................... 55
B.3.5 Define frequency of inspection ..................................................................... 55
B.3.6 Select a random sample from a lot ............................................................... 59
B.3.7 Inspect sample.............................................................................................. 60
B.3.8 Record inspection data ................................................................................. 60
B.3.9 Define scoring and rules for handling faulty equipment ................................ 61
B.3.10 Audit and review of sampling plans .............................................................. 69
Annex C: Technical basis of RBI sampling methodology ..................................................... 70
C.1 Introduction............................................................................................................... 70
C.2 Limitations of inspection by sampling ........................................................................ 70
C.2.1 Varying ASLs and applying Pa(10%) and Pr(5%) for an example lot.............. 70
iv
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Contents Cont…
C.3
C.4
C.5
C.6
C.7
C.8
C.9
Define key sampling parameters ................................................................................ 71
C.3.1 Calculation of P(X=d) using hypergeometric law ........................................... 71
C.3.2 Calculation of Pa(X=Re-1) using hypergeometric law .................................... 72
C.3.3 Calculation of P(X=d) and Pa(X=Re) using binomial law ................................ 72
Determination of Pa(10%) ......................................................................................... 73
C.4.1 Determination of Pa(10%) where n/N≥0,15.................................................. 73
C.4.2 Determination of Pa(10%) where n/N<0,15.................................................. 75
Determination of Pr(5%)............................................................................................ 75
C.5.1 Determination of Pr(5%) where n/N≥0,15 .................................................... 75
C.5.2 Determination of Pr(5%) where n/N<0,15 .................................................... 75
Example graphical determination of Pa(10%) and Pr(5%).......................................... 76
Sampling tables for various ASLs................................................................................ 77
Determination of ALARP ASLs for various lot sizes ..................................................... 86
Lot quality for various sample sixes and rejection numbers......................................... 94
Annex D: Inspection schedules for Ex 'd', 'e', 'n', 'i' and 'p' electrical equipment ............ 95
D.1 Introduction............................................................................................................... 95
Annex E: Glossaries................................................................................................................. 99
E.1 Introduction............................................................................................................... 99
E.2 Glossary of terms....................................................................................................... 99
E.3 Glossary of abbreviations ......................................................................................... 109
Annex F: References ............................................................................................................. 111
Tables:
Table 3.1: Ex electrical equipment risk graph – starting point for defining lots of Ex electrical
equipment based on ignition risk............................................................................... 18
Table 3.2: Example application of RBI with or without sampling to Ex ignition risk in an Ex
electrical equipment strategy by applying frequency of inspection multipliers ............ 19
Table 3.3: Example application of RBI to Ex ignition risk in an Ex electrical equipment
sampling strategy by varying ASL ............................................................................... 19
Table 3.4: Simple set of fault codes based upon the type of faults typically encountered ........... 30
Table A.1: Managing inspection of Ex electrical equipment ignition risk gap analysis checklist.... 38
Table B.1: Simplified approach to defining lots using a matrix for an offshore installation .......... 50
Table B.2: Sampling data for ASL = 1% ..................................................................................... 54
Table B.3: ALARP ASLs for various lot sizes................................................................................. 54
Table B.4: Ignition risk................................................................................................................ 57
Table B.5: Severity of the environment ....................................................................................... 58
Table B.6: Ignition risk................................................................................................................ 62
Table B.7: Results of inspection by sampling for equipment in a Zone 1 hazardous area ............ 63
Table B.8: Results of inspection by sampling for equipment in a Zone 2 hazardous area ............ 64
Table C.1: Example calculation of Pa(10%) where n/N≥0,15 ...................................................... 74
Table C.2: Example calculation of Pa(10%) where n/N<0,15 ...................................................... 74
Table C.3: Example calculation of Pa(10%) where n/N<0,15 ...................................................... 76
Table C.4: Sampling data for ASL = 0,25% ................................................................................ 78
Table C.5: Sampling data for ASL = 0,40% ................................................................................ 79
Table C.6: Sampling data for ASL = 0,65% ................................................................................ 80
Table C.7: Sampling data for ASL = 1% ..................................................................................... 81
Table C.8: Sampling data for ASL = 1,5% .................................................................................. 82
Table C.9: Sampling data for ASL = 2,5% .................................................................................. 83
v
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Contents Cont…
Table C.10: Sampling data for ASL = 4% ................................................................................... 84
Table C.11: Sampling data for ASL = 6,5% ................................................................................ 85
Table C.12: ALARP ASLs for various lot sizes .............................................................................. 86
Table C.13: Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 26-50 ................ 87
Table C.14: Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 51-90 ................ 88
Table C.15: Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 91-150 .............. 89
Table C.16: Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 151-280 ............ 90
Table C.17: Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 281-500 ............ 91
Table C.18: Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 501-1 200 ......... 92
Table C.19: Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 1 201-3 200 ...... 93
Table C.20: Lot quality for various sample sizes and rejection numbers ...................................... 94
Table D.1: Inspection schedule for Ex 'd', 'e' and 'n' equipment................................................. 96
Table D.2: Inspection schedule for Ex 'i' equipment.................................................................... 97
Table D.3: Inspection schedule for Ex 'p' equipment (pressurisation or continuous dilution) ....... 98
Figures:
Figure 1.1: Overview of various Ex electrical equipment inspection strategies ............................... 2
Figure 1.2: Continuous improvement model ................................................................................ 6
Figure B.1: Flowchart illustrating steps in developing a sampling plan by applying RBI sampling
strategy to manage Ex electrical equipment ignition risks.......................................... 46
Figure B.2: Example of process for defining lots of Ex electrical equipment ................................ 49
Figure B.3: Using change rules to determine category of inspection ........................................... 68
Figure C.1: Example determination of Pa(10%) and Pr(5%) from a graph of probability of
acceptance of the lot, Pa verses percentage of faulty equipment in the lot D/N ........ 76
Figure C.2: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 26-50 ......................... 87
Figure C.3: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 51-90 ......................... 88
Figure C.4: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 91-150 ....................... 89
Figure C.5: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 151-280 ..................... 90
Figure C.6: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 281-500 ..................... 91
Figure C.7: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 501-1 200 .................. 92
Figure C.8: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 1 201-3 200 ............... 93
Boxes:
Box 3.1: Example of using an Ex electrical equipment risk graph in an RBI inspection strategy.... 18
Box 3.2: Example of applying RBI principles to a sampling strategy ............................................ 19
vi
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
ACKNOWLEDGEMENTS
These Guidelines were commissioned by the Energy Institute’s Electrical Committee; most of
these Guidelines were drafted by the following committee members:
Robert Denham
Peter Freeman
Mark Scanlon
Health and Safety Executive
Shell U.K. Oil Products Limited
Energy Institute
The RBI sampling methodology (Annex B) and its technical basis (Annex C) are based on the
developmental work of Bureau Veritas, whose contributors were:
Bryan Eunson (Project Manager)
Céline Labrune (Author)
Hubert Ledoux (Technical Manager)
Franck Mariet (Author)
Jack Sneddon (Project Manager)
In developing these Guidelines and during its peer review, significant technical contributions
were made by:
Phil Carpenter
Mel Cockerill
Duncan Crichton
Robert Denham
Peter Freeman
Geoff Fulcher
Kevin Hailes
Terry Hedgeland
Darren Hughes
Ken Morton
Tom Ramsey
Paul Taylor
Norman Turner
Stephen Wilkinson
Chevron Limited
Total (Lindsey Oil Refinery)
BP
Health and Safety Executive
Shell U.K. Oil Products Limited
F.E.S. (Ex) Limited
BP
Consultant
Petroplus Refining and Marketing Limited
Health and Safety Executive
Esso Petroleum
British Pipeline Agency Limited
Health and Safety Executive
ConocoPhillips
In addition, significant technical contributions were made by members of the Oil and Gas UK
Electrical Network and the EEMUA Electrical Engineering Committee. The Institute wishes to
record its appreciation of the work carried out by them and those that contributed to the
development of these Guidelines.
Affiliations refer to the time of participation.
BSI is acknowledged for providing permission to reproduce extracts from IEC60079-17
(see Annex D).
Mark Scanlon (Energy Institute) co-ordinated the project and carried out technical
editing. Sonia Quintanilla (Energy Institute) and Andrew Sykes (Energy Institute) provided
secretariat support to the Electrical Committee during the project.
vii
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
FOREWORD
Inspection of Ex electrical equipment is critical to assuring the continuing integrity of the types of
protection that enable its use in potentially flammable atmospheres; yet such inspections are
sometimes not carried out adequately both with regard to frequency of inspection, grade of
inspection and completeness of the portfolio of Ex electrical equipment installed. This is due in
part to the onerous requirements of IEC 60079-17 with respect to close inspection in three years
of the several thousand pieces of Ex electrical equipment at a typical major hazards installation
handling flammable fluids in the petroleum industry (both onshore and offshore) or allied process
industries. In addition, inspection of Ex electrical equipment is often carried out at the same level
of inspection (frequency of inspection, grade of inspection, etc.) without adjustment for the
different ignition risks that might apply. Further, there is a lack of clarity in IEC 60079-17
regarding carrying out sample inspections, particularly with respect to detailed inspections.
EI Guidelines for managing inspection of Ex electrical equipment ignition risk in support
of IEC 60079-17 provides guidance on managing the ignition risks of Ex electrical equipment
located in hazardous areas arising from flammable fluids: this is mapped against a safety
management system (SMS) framework which should be applied throughout its life cycle.
These Guidelines promote adoption of risk-based inspection (RBI) principles to inspection
of Ex electrical equipment: this should result in high risk Ex electrical equipment being inspected
to a more rigorous level of inspection (e.g. frequency of inspection) than lower risk items. These
Guidelines set out an approach for establishing an RBI strategy which should be targeted,
balanced and effective. Guidance is provided on implementing the strategy and ensuring that it
is effective on a continuing basis. Therefore, these Guidelines constitute a benchmark of good
practice.
These Guidelines further develop the RBI concept by providing an RBI sampling
methodology that takes into account as low as reasonably practicable (ALARP) principles. The RBI
sampling methodology draws from and bridges ISO 2859-1 and IEC 60079-17: it provides an
audit trail to the established general sampling methodology of ISO 2859-1 and meets the Ex
electrical equipment inspection requirements of IEC 60079-17. In order to adapt the general
sampling methodology to the specific application of inspection of Ex electrical equipment,
additional management, sampling methodology and Ex electrical equipment requirements have
been added to the criteria considered in ISO 2859-1.
The RBI sampling methodology is intended for application to detailed inspections of Ex
electrical equipment as defined in IEC 60079-17; however, it can be similarly applied to close
inspections where a complete equipment register and records are available. The methodology
applies random sampling to lots. Applying the RBI sampling methodology to the inspection of Ex
electrical equipment should:
C
C
C
C
C
C
Assure the continuing safety integrity of its types of protection.
Enable compliance with pertinent legislation, regulations and standards.
Reduce the possibility of introducing maintenance induced human failure due to
intrusive inspection.
Identify deficiencies such as corrosion, vibration, inadequate design, etc.
Over time, help improve its performance.
Be cost beneficial compared to the additional requirements on managing the
process.
These Guidelines are based primarily on the GB legislative and regulatory framework and
international standards; yet its guidance is globally applicable provided it is read, interpreted and
applied in conjunction with relevant national and local statutory legislation and standards. Where
the requirements differ, the more rigorous should be adopted.
viii
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
The information contained in this publication is provided as guidance only and while
every reasonable care has been taken to ensure the accuracy of its contents, the Energy Institute
and the technical representatives listed in the Acknowledgements, cannot accept any
responsibility for any action taken, or not taken, on the basis of this information. The Energy
Institute shall not be liable to any person for any loss or damage which may arise from the use of
any of the information contained in any of its publications.
This publication may be reviewed from time to time. It would be of considerable
assistance for any future revision if users would send comments or suggestions for improvement
to:
The Technical Department
Energy Institute
61 New Cavendish Street
LONDON
W1G 7AR
e: [email protected]
ix
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
OVERVIEW
Section 1 provides an introduction to the management of Ex electrical equipment ignition risks,
defines the scope of these Guidelines, and describes how they should be applied.
Section 2 sets out the requirements of pertinent legislation, regulations and international
standards pertinent to the inspection of Ex electrical equipment.
Section 3 sets out the safety management system (SMS) principles pertinent to managing the
inspection of Ex electrical equipment. It is illustrated with pertinent examples.
Section 4 provides guidance on managing inspection of Ex electrical equipment throughout its
life cycle phases after design and construction.
Annex A provides a gap analysis checklist for managing inspection of Ex electrical equipment
ignition risk that aims to determine whether current practices and processes comply with
pertinent legislation, regulations and standards.
Annex B sets out the steps in developing a sampling plan by applying the RBI sampling
methodology. It defines key parameters and provides guidance on determining suitable values
and reviewing the values based on the findings from inspections. The RBI sampling methodology
is illustrated with examples and includes rules for applying a sampling plan.
Annex C provides the technical basis of the sampling methodology and includes the basis for
assigning an as low as reasonably practicable (ALARP) principle threshold to rejection criteria
using the RBI sampling methodology.
Annex D provides inspection schedules for various Ex electrical equipment types of protection.
Annex E provides glossaries of terms and abbreviations.
Annex F provides details of publications referenced.
x
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
1
INTRODUCTION, SCOPE AND APPLICATION
1.1
INTRODUCTION
These Guidelines were commissioned and partly developed by the EI Electrical
Committee, which comprises senior electrical engineers from companies operating in the
offshore and onshore petroleum industry, consultants and the Health and Safety
Executive (HSE). They set out what is generally regarded in the industry as good practice
and should assist those with responsibilities to meet the requirements of pertinent
legislation, regulations and standards. They are not mandatory and different standards
may be adopted in a particular situation where to do so would maintain an equivalent,
or better, level of safety.
Currently, many inspections of Ex electrical equipment are carried out at the
same level of inspection (frequency of inspection, grade of inspection, etc.) without
adjustment for the different ignition risks that might apply. Yet the inventory of Ex
electrical equipment is typically located in different hazardous areas (where the
probability of a flammable atmosphere being present differs) and the various Ex
electrical equipment type of protection concepts present different ignition risks. In
addition, the equipment may have different ages or be located where the environmental
conditions differ.
Detailed inspections are typically carried out as part of initial inspections, and
not always as part of routine inspections. Such intrusive inspections are very resource
intensive and might lead to maintenance-induced human failure (e.g. damage to gaskets
and seals, or leaving out bolts on reinstatement). However, in order to ensure that the
internal parts are fit for purpose and safe users should carry out Ex detailed (intrusive)
inspections.
In addition to meeting requirements of relevant legislation, regulations and
standards, there is a significant business driver to install and maintain Ex electrical
equipment such that it does not provide a potential source of ignition. The impact on
businesses of fires or explosions due to a failure to control sources of ignition in terms of
personnel injury or fatality, repairs, loss margin or revenue, reputational damage and
fines or other penalties, can be such as to pose a significant threat to the survival or
profitability of the business. As all petroleum installations contain large numbers of
sources of ignition such as instruments, lights, motors, junction boxes etc., any such
business should ensure that they are installed and maintained properly so as to limit the
risk of uncontrolled sources of ignition.
EI Guidelines for managing inspection of Ex electrical equipment ignition risk in
support of IEC 60079-17 provides guidance on managing the ignition risks of Ex
electrical equipment located in hazardous areas arising from flammable fluids: this is
mapped against a safety management system (SMS) framework which should be applied
throughout its life cycle.
These Guidelines promote adoption of risk-based inspection (RBI) principles to
inspection of Ex electrical equipment; this should result in high risk Ex electrical
equipment being inspected to a more rigorous level of inspection (e.g. frequency of
inspection) than lower risk items.
These Guidelines further develop the RBI concept by providing an RBI sampling
methodology that takes into account as low as reasonably practicable (ALARP) principles.
The RBI sampling methodology draws from and bridges ISO 2859-1 and IEC 60079-17.
Therefore, these Guidelines constitute a benchmark of good practice.
Application of RBI has the advantage of more efficient use and targeting of
inspection resources.
1
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Figure 1.1 provides an overview of the various Ex electrical equipment
inspection strategies that are applied to managing ignition risks arising from Ex electrical
equipment in potentially flammable atmospheres: in particular, it identifies whether they
are risk-based and are likely to meet ALARP principles.
Ex electrical equipment inspection
strategy to manage ignition risks
IEC 60079-17:
Periodic: visual
close 100%
< three years
Sampling:
visual, close,
detailed
Continuous
supervision
Progressive
sampling
Visual, close,
detailed to a
nominal %
Reliability
centred
maintenance
(IEC 60030-3-11)
and fault tree
analysis
RBI applied to ISO 2859-1 and
IEC 60079-17
Described in these Guidelines:
provides guidance on implementation
of RBI in an Ex sampling strategy
Apply RBI: Ex electrical equipment treated
differently according to ignition risk probabilities of flammable atmosphere
and source of ignition
No guidance on
implementing a
sampling strategy
All Ex electrical equipment treated
with same risk - not RBI
Complete
equipment
register, equipment
history and trend
analysis
N
Periodic: visual,
close 100%
Sampling: detailed
Unlikely to consider probability of
flammable atmospheres and sources
of ignition
Unlikely to demonstrate ALARP
Y
Periodic: visual,
100%
Sampling: close,
detailed
Likely to demonstrate ALARP
Figure 1.1: Overview of various Ex electrical equipment inspection strategies
2
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
1.1.1
Objective
The objective of these Guidelines is to provide guidance on establishing an Ex electrical
equipment inspection strategy which accounts for ALARP principles. This should help in
improving the continuing management of ignition risk by assuring the continuing
integrity of Ex electrical equipment type of protection as inspection should identify faults
such as corrosion, vibration, inadequate equipment selection, etc. It should also improve
the quality of inspections of Ex electrical equipment and, over time, improve the inservice performance of Ex electrical equipment. These Guidelines should help to clarify
the concepts and should facilitate compliance with the requirements of relevant
legislation, regulations and standards.
Users are likely to seek answers to the following questions regarding managing
the inspection of Ex electrical equipment:
C
C
C
What legislation, regulations and standards do I have to comply with and are
there other business benefits that might be accrued?
What do these requirements imply in practice and how can I tell if what I
already have is sufficient?
How can I meet the requirements effectively (both in terms of cost and
compliance) while at the same time leveraging the activity to provide added
value/reduce risk for my business?
These Guidelines provide guidance on answering those questions: they provide a
pragmatic approach to achieving this by promoting a risk-based Ex inspection strategy;
further they offer the option of adopting a robust sampling methodology that derives
from IEC 60079-17 and ISO 2859-1, is balanced and should meet ALARP requirements.
The sampling methodology provides an opportunity to utilise qualitative and/or
quantitative analytical techniques within a defined strategy. Use of robust statistical data
derived from ISO 2859-1, in conjunction with a complete equipment register and
competent personnel should optimise the potential of the methodology.
The success of an Ex electrical equipment inspection strategy is dependent on
the complete life cycle of Ex electrical equipment being appropriately managed and
inspected, having appropriate records, and being audited and reviewed (in accordance
with the SMS principles of HSE Successful health and safety management) so as to
ensure that all such Ex electrical equipment is fit for purpose and safe and can be
demonstrated as being so.
These Guidelines set out an approach for establishing an RBI strategy, which in
doing so provides a targeted, balanced and effective Ex inspection approach. This should
result in high risk Ex electrical equipment being inspected to a more rigorous level of
inspection than lower risk items. For detailed Ex inspections it prevents the need for the
routine opening of all Ex enclosures. Annex B provides a comprehensive sampling
strategy based on ISO 2859-1.
These Guidelines should encourage appropriate management of the complete
Ex requirements of initial, visual, close and detailed inspections, as set out in
IEC 60079-17, Figure A.1. In doing so, they should encourage a consistent approach in
the petroleum and allied industries and consistency in its regulation and verification
(where appropriate).
1.1.2
Ex sampling strategy
The Ex sampling strategy set out in these Guidelines is based on the following
international standards:
C
ISO 2859-1 (which is technically identical to BS 6001-1) provides a recognised
3
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
C
sampling standard for general inspection requirements for manufacturing. This
standard alone is not suitable for its direct application to inspection of Ex
electrical equipment.
IEC 60079-17 (which is technically identical to BS EN 60079-17) provides
guidance on the following types of Ex inspections: initial inspection
(commissioning); periodic inspection (visual and close); detailed inspection; and
continuous supervision. This standard refers to Ex sample inspections; however,
it does not provide specific guidance on what is expected of a sampling
strategy.
These Guidelines provide a method of applying the sampling schemes set out in
ISO 2859-1 (which then provides an audit trail to an established sampling method),
together with the Ex electrical equipment inspection requirements set out in
IEC 60079-17; therefore, these Guidelines bridge those standards. In order to achieve
this, the following management, sampling methodology and Ex electrical equipment
requirements have been added to the criteria considered in ISO 2859-1 so as to develop
an RBI Ex electrical equipment sampling methodology:
C
C
C
1.2
Management requirements:
− Having a high quality SMS with a systematic approach and high quality of
audit and review.
− Having a complete equipment register and records.
− Developing an RBI strategy.
Sampling methodology requirements:
− Defining lots and sample size.
− Defining grade of inspection.
− Defining frequency of inspection.
− Defining rejection criterion including an ALARP principle threshold (i.e. a
cliff-edge effect) in relation to the selection of acceptance safety levels
(ASLs).
− Defining rules for faulty equipment when the rejection criterion is exceeded.
Ex electrical equipment requirements:
− The probability of a flammable atmosphere being present, as indicated by
the hazardous area classification (i.e. Zones 0, 1 and 2 (and nonhazardous)).
− The probability of a source of ignition being present due to a fault.
− Ignition risk due to the simultaneous presence of a flammable atmosphere
and a potential source of ignition.
− The effect of severity of the environment.
− The effect of equipment age.
SCOPE
These Guidelines cover the inspection of Ex electrical equipment located in hazardous
areas (other than mines) where the risk arises from flammable atmospheres. They apply
to Ex electrical equipment supplied or put into service in accordance with the ATEX
'Equipment Directive' (see section 2.3) and electrical equipment that precedes that
Directive ('pre-ATEX' electrical equipment). It is not intended for application to Ex
electrical equipment used in hazardous areas arising from combustible dusts (including
coal dust) as they are excluded from the scope of IEC 60079-17. It is applicable to
petroleum production, storage and processing installations, both onshore and offshore
e.g. offshore production installations, petroleum refineries, bulk storage installations,
4
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
etc. Whilst it covers maintenance as part of the life cycle of Ex electrical equipment,
these Guidelines are not a maintenance guide.
These Guidelines have been developed for implementation on electrical,
instrumentation and communication equipment only; hereafter referred to as 'Ex
electrical equipment'. Risks due to process and human failure (except maintenance
induced human failure) are excluded from these Guidelines. They do not cover the
details of inspection and testing requirements of BS 7671 and BS 6626 of associated LV
and HV electrical systems respectively (e.g. earthing, cabling and overload protection
devices); however, they recognise the possibility of efficiencies in carrying out such
inspections as for any GB electrical installation, alongside Ex inspections.
The principles of these Guidelines could also be applied to other types of Ex
equipment e.g. the inspection of mechanical equipment in hazardous areas (other than
mines).
1.3
APPLICATION
These Guidelines are intended to be used by those who manage the inspection of Ex
electrical equipment and should include electrical engineers, especially those at the
technical person with executive function (TPEF) level working in the petroleum and allied
industries. They should also be of use to those needing to improve their understanding
of the concepts, those who want to keep in touch with the development of good
practice or those who have outsourced inspection of Ex electrical equipment but need to
remain an 'intelligent customer'.
These Guidelines should need little modification for use in organisations.
These Guidelines are based primarily on the GB legislative and regulatory
framework and international standards; yet its guidance is globally applicable provided it
is read, interpreted and applied in conjunction with relevant national and local statutory
legislation and standards. Where the requirements differ, the more rigorous should be
adopted.
The pertinent legislation, regulations and standards to be complied with, and
the SMS do not prescribe how compliance should be achieved: they are goal setting in
approach. A key element in such an approach is the concept of ALARP. Installation duty
holders (DHs) should be able to demonstrate that their practices and procedures lead to
any residual risk levels being ALARP. The guidance provided here is not prescriptive, and
should be considered as one possible methodology to achieve ALARP (or in meeting
similar national or local criteria) for managing the inspection of Ex electrical equipment.
These Guidelines should be applied to the inspection of both new and existing
Ex electrical equipment.
Application of these Guidelines is likely to increase the demands on
management but should result in greater confidence in the continuing integrity of Ex
equipment through more targeted application of inspection resources.
For the purpose of these Guidelines, the interpretations of terms in annex E.2
and abbreviations in annex E.3 apply, irrespective of the meaning they may have in other
connections. However, many replicate or are based on the interpretations in
IEC 60079-17, ISO 2859-1, EI Electrical safety code and EI Area classification code for
installations handling flammable fluids.
Users of these Guidelines should first read and understand IEC 60079-17 before
attempting to follow these Guidelines.
Users should note that whilst the EI Electrical Committee has confidence in the
technical integrity of these Guidelines, until published they have not been fully
implemented at an installation. When applied, this may require several inspection and
audit and review cycles so as to optimise the Ex electrical equipment inspection strategy
such that is works successfully; this is particularly so where the Ex electrical equipment
5
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
inspection strategy includes the sampling methodology. Users’ attention is drawn to the
request for feedback in the Foreword which should help to improve these Guidelines in
any future revision.
Managing inspection of Ex electrical equipment ignition risk by applying gap
analysis
In order to illustrate the practical implications of compliance with legislation, regulations
and standards, Annex A provides a managing inspection of Ex electrical equipment
ignition risk gap analysis checklist that enables users to compare their current practices
with those that should be in place if fully compliant. The questions in the checklist (see
Table A.1) derive from information given in these Guidelines and IEC 60079-17.
The gap analysis should help users seeking answers to the following questions
regarding managing inspection of Ex electrical equipment ignition risk:
C
C
C
Where is my organisation now?
Where is it trying to get to?
How can it get there by planning and making improvements?
The gap analysis is set around the following SMS principles, as defined in HSE Successful
health and safety management:
C
policy;
C
organisation;
C
planning and implementation;
C
measuring performance;
C
audit and review.
throughout the Ex electrical equipment life cycle phases of:
C
design and construction;
C
installation/commissioning/handover;
C
operation;
C
maintenance and inspection;
C
modification and decommissioning.
It should be noted from the gap analysis checklist (see Table A.1) that the continuous
improvement model set out in HSE Successful health and safety management implies
that a significant number of reviews should take place (see Figure 1.2).
ck
Review
Plan
Exe cute
Fe edba
1.3.1
Figure 1.2: Continuous improvement model
6
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
2
LEGISLATION, REGULATIONS AND STANDARDS
2.1
INTRODUCTION
This section sets out the Ex requirements of pertinent GB legislation, GB regulations
(some of which implement European Community directives) and international standards
as they apply to the inspection of Ex electrical equipment. It should be noted that some
aspects of the regulations apply differently to onshore and offshore installations.
The pertinent objective of the legislation, regulations and standards is to allow
installations to safely use electricity (which has the potential to readily provide a source
of ignition) in potentially flammable atmospheres, e.g. whether arising from vapours,
gases or liquids.
2.2
THE HEALTH AND SAFETY AT WORK ETC. ACT AND MANAGEMENT OF HEALTH
AND SAFETY AT WORK REGULATIONS
The Health and Safety at Work etc. Act (HASAWA) places general duties on employers
to ensure, so far as is reasonably practicable, the health and safety of their employees,
and others who may be affected by their undertaking (e.g. contractors). Host employers
must take a proper interest in the activities and methods adopted by their contractors; in
particular, how contractors might be affected by the routine work activities or processes
taking place on the installation. In addition, employers should be able to competently
select contractors, specify, and audit and review their work.
For Ex electrical equipment, general duties are placed on manufacturers to
ensure, so far as is reasonably practicable, that it is safe to use.
These general duties are supported by the requirement of the Management of
Health and Safety at Work Regulations for employers to undertake risk assessments for
the purpose of identifying the measures that need to be put in place to prevent
accidents and protect people against accidents.
2.3
ATEX 'EQUIPMENT DIRECTIVE', ATEX 'WORKPLACE DIRECTIVE', THE EQUIPMENT
AND PROTECTIVE SYSTEMS FOR USE IN POTENTIALLY EXPLOSIVE ATMOSPHERES
REGULATIONS AND THE DANGEROUS SUBSTANCES AND EXPLOSIVE
ATMOSPHERES REGULATIONS
The ATEX Directives introduce specific legal requirements aimed at specifying the
necessary properties of electrical and non-electrical equipment for use in potentially
flammable atmospheres, and protecting personnel from the potential hazards of
flammable atmospheres, respectively.
The ATEX 'Equipment Directive' (ATEX 100a, 94/9/EC) (Approximation of the
Laws of Member States concerning Equipment and Protective Systems Intended for Use
in Potentially Explosive Atmospheres) is implemented in GB by The Equipment and
Protective Systems for use in Potentially Explosive Atmospheres Regulations (EPSR). ATEX
equipment should be assessed against the essential health and safety requirements of
the Directive and if it conforms, it should be CE marked and a certificate of conformity
should be prepared. The marking also comprises other information as may be required
by the European Communities directives applying to a particular product.
The ATEX 'Workplace Directive' (ATEX 137, 99/92/EC) (Directive on Minimum
Requirements for Improving the Safety and Health Protection of Workers Potentially at
Risk from Explosive Atmospheres) is implemented in GB by the Dangerous Substances
7
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
and Explosive Atmospheres Regulations (DSEAR) which set out minimum requirements
for the protection of workers from fire and explosion risks arising from dangerous
substances, and potentially flammable atmospheres arising from work with them. They
require the classification of areas where flammable atmospheres may occur into zones.
As noted in section 1.2, this document applies to all Ex electrical equipment,
whether pre-or post-ATEX. Pre-ATEX Ex electrical equipment typically will not have an
ATEX technical file/certification, which is one way of demonstrating that it is fit for
purpose and safe at the time of installation. In the absence of any ATEX technical
file/certification, the Ex electrical equipment should comply with relevant standards at
the time of design and construction.
2.4
PROVISION AND USE OF WORK EQUIPMENT REGULATIONS
Council Directive (89/655/EEC) on the Minimum Health and Safety Requirements for the
Use of Work Equipment by Workers at Work (as amended by Council
Directive 95/63/EC), which is implemented in GB by the Provision and Use of Work
Equipment Regulations (PUWER) aims to ensure that work equipment does not result in
health and safety risks to workers. PUWER imposes absolute requirements on employers
to ensure that work equipment is in an efficient state, working order and in good repair;
inspection and maintenance are key aspects of achieving these requirements, together
with keeping the last inspection record. PUWER applies to all Ex electrical equipment (i.e.
both ATEX equipment and pre-ATEX equipment); in practice, it requires Ex electrical
equipment to be inspected and maintained such that it continues to meet its original
certification requirements.
2.5
OFFSHORE INSTALLATIONS (PREVENTION OF FIRE AND EXPLOSION, AND
EMERGENCY RESPONSE) REGULATIONS
For offshore installations electrical ignition risks are subject to Offshore Installations
(Prevention of Fire and Explosion, and Emergency Response) Regulations (PFEER). These
regulations place a general duty to protect persons from fire and explosion by having in
place suitable measures. This includes control of sources of ignition such as Ex electrical
equipment, which are considered safety critical elements (SCEs).
2.6
OFFSHORE INSTALLATIONS (SAFETY CASE) REGULATIONS
The Offshore Installations (Safety Case) Regulations (OSCR) require a DH to prepare, put
in place and maintain a verification scheme for SCEs and specified plant. This requires a
suitable written scheme for ensuring that SCEs and specified plant are suitable and
remain in good repair and condition. The scheme should include performance standards
stating availability and reliability criteria; for Ex electrical equipment, the reliability could
be the probability of a fault. These requirements are typically presented to the electrical
personnel in the form of planned maintenance routines (PMRs).
2.7
THE ELECTRICITY AT WORK REGULATIONS
The Electricity at Work Regulations (EAWR) cover the requirements of electrical systems,
work activities, protective equipment and the effects of adverse or hazardous
environments (i.e. the use of Ex equipment).
8
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Employers have duties under EAWR. In addition, employees have a duty to cooperate with employers to enable compliance with duties placed on their employers: this
should ensure the safety of the installation and those who work on or near it. EAWR
requires persons working on all electrical equipment to be competent so as to prevent
danger and injury.
Owners, operators and contractors are deemed to be employers and therefore
have duties in relation to electrical activities and equipment associated with installations.
Contractors include companies who provide intermittent or infrequent electrical services
as well as main contractor companies providing continuous or more regular services.
2.8
THE CONSTRUCTION (DESIGN AND MANAGEMENT) REGULATIONS
The Construction (Design and Management) Regulations (CDM) apply to construction
and demolition work onshore. This uses a life cycle approach that focuses on design and
planning. For notifiable projects above particular duration or hours to be worked
thresholds there are additional requirements including keeping a health and safety file.
Whilst there are no specific requirements of CDM as regards inspection of Ex electrical
equipment, project documentation (including the equipment register and results of
initial inspections) for notifiable projects should be part of the health and safety file.
Excluded from scope of CDM are work to or on vessels such as mobile offshore
installations, fabrication of elements (e.g. equipment skids) which will form parts of
offshore installations, and the construction of fixed offshore oil and gas installations at
the place where they will be used.
2.9
IEC 60079-17
The IEC 60079 series of international standards provide the basis for designing Ex
electrical equipment, but also contain in IEC 60079-17 information on its maintenance
and inspection.
2.9.1
Maintenance
Regardless of the Ex inspection strategy chosen (see section 3.2), Ex equipment should
be maintained in accordance with its functional requirements (which could be based on
the manufacturer’s guidance and factors governing its deterioration) and the ignition
risks associated with faults for the various types of protection.
Where functional maintenance is being carried out, the opportunity should be
taken to inspect its Ex integrity at the same time and all findings (including faults) should
be recorded. Doing so should maximise equipment availability. For example, with lamp
replacement the opportunity should be taken to inspect the Ex integrity of the luminaire
at the same time.
Where appropriate, and on an opportunistic basis, suitable preservation
techniques should be applied to mitigate against corrosion.
If a person has performed work on Ex electrical equipment, before the work is
completed they should inspect it so as to ensure that the integrity of the type of
protection hasn’t been compromised. The grade of inspection should be proportionate
to the work carried out.
2.9.2
Inspection
The intention of inspection is to ensure that the Ex electrical equipment continues to
comply with its original Ex certification requirements both externally and internally.
9
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
The results of all inspections (initial, visual, close and detailed), maintenance,
repair and faults found should be recorded, audited and reviewed to provide an
auditable trail for each Ex electrical equipment installed. During Ex inspections the
opportunity should be taken to apply some form of identification to each Ex electrical
equipment e.g. a coloured tag identifying the year of inspection provides a visual
indication to what equipment has been inspected and that equipment which has not
been inspected. All Ex electrical equipment should be recorded in an equipment register.
Definitions for the types of inspection (initial inspection, periodic inspection,
sample inspection and continuous supervision) and grades of inspection (visual, close
and detailed) based on IEC 60079-17 are provided in Annex D. The following provides
clarification on the requirements of IEC 60079-17:
C
C
C
2.9.3
The interval between periodic inspections shall not exceed three years without
seeking expert advice.
Periodic Ex inspections only check the external integrity requirements for Ex
electrical equipment (except for moveable equipment).
Inspection strategies should ensure that both the internal and external parts of
the Ex electrical equipment comply with its Ex certification throughout its life
cycle (e.g. the condition of the flame path of Ex 'd' enclosures should be
inspected to ensure that the flange faces are clean and undamaged, and
gaskets, if any, are satisfactory; whereas, for Ex ‘e’ enclosures the condition of
terminations should be checked for tightness and to ensure that there is no
undue ingress of water). Following the initial inspection, planned detailed
inspections are only considered as part of sample inspection and not usually part
of periodic inspection in IEC 60079-17; however, such an inspection strategy is
unlikely to meet the requirements for inspection of internal integrity. These
Guidelines provide in Annex B an RBI sampling methodology to manage Ex
electrical equipment ignition risks which should meet these requirements both
for internal and external Ex integrity so as to ensure that Ex electrical equipment
is fit for purpose and safe throughout its life cycle.
Skilled personnel (electrical technicians)
Skilled personnel are generally electrical technicians, responsible electrical persons (REPs)
and nominated electrical persons (NEPs), whether they are in-house or contracted
resource (see Annex E.2). They should be supported by senior management and the
technical person with executive function (see 2.9.4). They should be competent on:
C
C
C
2.9.4
The various types of Ex protection and installation practices.
The relevant rules and regulations.
The general principles of hazardous area classification.
Technical person with executive function
The technical person with executive function (TPEF) is a senior competent person who is
responsible for ensuring the integrity of Ex equipment. They should be supported by
senior management and other skilled persons as defined in 2.9.3.
2.10
ISO 2859-1
ISO 2859-1 provides an acceptance sampling system for inspection by attributes. It is
indexed in terms of the acceptance quality limit (AQL). Its purpose is to seek and
maintain a process average at least as good as the specified AQL, while at the same time
10
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
providing an upper limit for the risk to the client of accepting the occasional poor lot.
Whilst primarily developed for manufacturing applications, the scope of the
standard states that it is applicable to inspection of:
C
end items;
C
components and raw materials;
C
operations;
C
materials in process;
C
supplies in storage;
C
maintenance operations;
C
data or records, and
C
administrative procedures.
These schemes are intended primarily to be used for a continuing series of lots, that is, a
series long enough to allow change rules to be applied, which provide:
C
C
Protection to the client (by means of switching to increased inspection using
change rules or discontinuation of sample inspection) should a deterioration in
quality be detected.
An incentive (at the discretion of the responsible authority) to reduce inspection
costs (by means of switching to reduced inspection using change rules) should
consistently good quality be achieved.
Sampling plans in ISO 2859-1 may also be used for the inspection of lots in isolation
where the operating characteristic curves are used to find a plan that will yield the
desired protection.
Annex C of these Guidelines provides suitable adaptations of ISO 2859-1 to the
inspection of Ex electrical equipment.
11
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
3
APPLYING SMS PRINCIPLES TO MANAGING THE
INSPECTION OF EX ELECTRICAL EQUIPMENT
3.1
INTRODUCTION
Managing the inspection of Ex electrical equipment should involve application of the
SMS principles introduced in section 1.3.1. This section provides guidance on applying
these SMS principles using pertinent examples.
There will inevitably be variations between different organisation’s business
models that will dictate to a greater or lesser degree how they choose to manage and
operate their installations. The guidance set out in this section is not intended to
comprise prescriptive information on how Ex electrical equipment inspections must be
managed, but more a set of techniques that can be used to address some of the issues
set out in the gap analysis checklist (see Table A.1). Therefore, the guidance should be
adapted to fit into a particular organisation’s structure.
3.2
POLICY
An appropriate policy for managing inspection of Ex electrical equipment, i.e. an Ex
inspection strategy, should be defined, implemented, audited and reviewed and where
necessary, modified so as to ensure the satisfactory integrity of Ex equipment
throughout its life cycle phases. It should cover the general intentions, approaches and
objectives of the organisation in managing inspection of Ex electrical equipment,
together with the criteria and principles on which actions and responses are based. The
Ex inspection strategy should be effective and should be supported by an effective
management system to ensure the safe operation, maintenance, inspection and work on
Ex electrical equipment.
IEC 60079-17 is fundamental in determining an Ex inspection strategy for all
grades of inspection of Ex electrical equipment; however, these Guidelines further
develop the option introduced in that standard of carrying out sample inspections by
adopting the sampling methodology set out in Annex B.
Inspections should be completed to optimise resource and access requirements.
Where appropriate, functional maintenance should be aligned to Ex integrity
inspections; however, the functional maintenance frequency should not exceed the
frequency required to maintain the Ex integrity of the equipment.
The scope of Ex inspections should include inspecting the integrity of the whole
system and include any special requirements as per the Ex certification which are
normally identified on the Ex certificate of conformity number by the suffix 'X'.
All inspections or repair and maintenance should be recorded together with the
details of Ex faults found. The assignment of fault codes should assist in the process of
reliability and trend analysis. A robust system of audit and review (see 3.6) together with
actions taken resulting from these findings should be recorded. The results of this should
demonstrate whether the strategy is effective and whether personnel competence is
adequate.
3.2.1
Initial inspection
The initial inspection should be an exhaustive inspection, i.e. all equipment should be
inspected and it is not appropriate to consider sample inspections. The initial Ex
inspection should be a detailed inspection grade as set out in Annex D. Once this initial
Ex detailed inspection has been carried out (i.e. a baseline has been achieved for the
12
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
electrical installation) then periodic (visual or close) and sample inspections (visual, close
or detailed) should be applied for subsequent inspections.
Initial inspection might be considered as the first and most important of several
lines of defence to protect against potential ignition risks: it is key to continuing integrity
of Ex electrical equipment; however, it is not always carried out as well as it should be
due to pressure at the back end of projects (see 4.3.3).
DHs are responsible for ensuring that their Ex electrical equipment is fit for
purpose and safe. Where Ex electrical equipment has been installed and had an Ex initial
inspection by third parties, e.g. fabricators supplying assemblies or installation
contractors, DHs should audit and review: the competence of those personnel; the
quality of their work (by validating some of these inspections); associated Ex initial
inspection records; and the equipment register. If an unreasonable percentage of faults
are found in such a validation then further validation should be carried out. These
inspections should be representative of the overall installation and should be a
combination of visual, close and detailed grades of inspection.
The initial (together with periodic, sample, functional and breakdown) Ex
electrical equipment inspection records and associated equipment register (i.e. electrical
equipment data e.g. apparatus group, temperature class, manufacturer, certification
data, identification number (tag), etc) should be kept by the DH as part of the Ex
inspection strategy. It is a requirement of PUWER that DHs shall ensure that the results
of an inspection are recorded and kept until the next inspection (see section 2.4).
The initial Ex electrical equipment inspection should include a check of
installation against certification requirements. Particular care should be taken when the
certification specifies conditions on how the equipment can be utilised and installed.
3.2.2
Periodic inspections
As noted in section 2.9.2, IEC 60079-17 requires periodic inspections comprising visual
and close inspections, which should be carried at a frequency of inspection that should
not normally exceed three years without seeking expert advice; however, IEC 60079-17
provides flexibility over what grade of periodic inspection should normally be carried out
in a particular inspection and how much equipment should be inspected. This flexibility
has led in practice to a wide range of Ex electrical equipment inspection strategies being
adopted ranging from 100% visual inspections with close inspections only for faulty
equipment, through to some nominal percentage of visual and close inspections, e.g.
80%:20% respectively. Note that the scope of close inspections also covers the
pertinent inspection points for visual inspections (see Annex D).
IEC 60079-17 does not refer to detailed inspections as part of periodic
inspections except where the findings of visual or close inspections require investigation
of internal Ex integrity to fully ascertain the causes of faults, or for moveable electrical
equipment. This flexibility has led in practice to a wide range of Ex electrical equipment
inspection strategies being adopted for detailed inspections on a periodic basis ranging
from 100% detailed inspections to 0% detailed inspections. Sometimes, detailed
inspections have been carried out as sample inspections (see 3.2.3) as suggested by
IEC 60079-17.
Following SMS principles, users should be able to justify their Ex electrical
equipment inspection strategy and demonstrate that their strategy remains robust over
time. From the flowchart in IEC 60079-17 Annex A it can be seen that a longer
frequency of inspection than the maximum three years should not be chosen until it can
be demonstrated by good performance that the frequency of inspection can be reduced.
As part of the demonstration the option of using close or detailed inspection is given.
In developing an Ex electrical equipment inspection strategy, there should be a
robust consideration as to what grades of inspection should be carried out on a
continuing basis and at what frequency of inspection.
13
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Most DHs carry out 100% visual inspections as in general they do not require
the Ex electrical equipment to be isolated. Therefore, they are able to be completed in a
cost effective manner and provide a good indication to the external Ex integrity of the
electrical equipment. This grade of inspection should be considered as the second of
several lines of defence to protect against potential ignition risks.
Close inspection of Ex electrical equipment should be considered as the third of
several lines of defence to protect against potential ignition risks; it provides a more
comprehensive indication than visual inspections of external Ex integrity of the electrical
equipment. Where not readily accessible, this might require the use of access equipment
(e.g. scaffolding) or the use of electrical technicians who are also competent abseilers.
Both visual and close inspections check whether the external components of Ex
electrical equipment comply with its original Ex certification; for example, that enclosures
are not damaged or bolts are not missing.
The Ex inspection of each area of an installation should be recorded together
with the number of Ex electrical equipment items inspected, Ex faults found and actions
taken. Whilst carrying out visual inspections, findings on several inspected items might
lead to a need for further close and detailed inspections. The findings of all such
inspections should be recorded, and an appropriate percentage should be audited and
reviewed so as to robustly justify and demonstrate that the Ex strategy is capturing
external faults, and where applicable internal faults.
When carrying out visual or close inspections, the opportunity should be taken
to identify (tag) Ex electrical equipment and to ensure that it is recorded in the
equipment register. Consequently, all installations should have a complete equipment
register within the three year period required by IEC 60079-17. Where Ex periodic
inspections are not carried out within three years, IEC 60079-17 requires the provision of
expert advice in the form of a robust justification for non-compliance.
Movable electrical equipment (hand-held, portable and transportable) should be
subject to a close or detailed inspection as determined by the use and nature of the
equipment, at a frequency of typically every 12 months, and visually inspected before
each use to check for obvious damage.
Temporary or third party owned Ex electrical equipment should be supplied with
appropriate Ex records or Ex inspection test certificates; in addition, ATEX marking and
certificate of conformity documentation should be supplied in the case of temporary or
third party supplied assemblies. DHs should consider carrying out a complete Ex visual
inspection prior to its installation or use, together with a sample inspection of Ex close
and detailed inspections so as to ensure that the Ex equipment is fit for purpose and
safe. The duration installed or used should be used to determine whether third party or
temporary Ex electrical equipment should be included in the DH's normal inspection
strategy.
Where a visual or close inspection indicates a need to investigate further to fully
ascertain the causes of faults, a more rigorous grade of inspection should be applied
(e.g. changing from close to detailed inspection).
3.2.3
Sample inspections
For the reasons noted in 3.2.2, visual inspections can be completed in a cost-effective
manner and they provide a good indication of the external integrity of Ex electrical
equipment; consequently, they should not be included in a sampling strategy – sample
inspections should only be applied to close and detailed inspections. Ex detailed
inspections should be considered as the fourth of several lines of defence to protect
against potential ignition risks. Detailed inspections check whether the internal
components of Ex electrical equipment comply with its original Ex certification; for
example, that Ex 'd' flame paths are not obstructed or damaged and Ex 'e' terminations
are not loose. Furthermore, those installations not having appropriate Ex history/records
14
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
should only apply sample inspections to detailed inspections.
Practical experience shows that intervening in detailed inspections, i.e. removing
equipment covers, carries with the action the risk of introducing faults. If the probability
of faults being present before inspection is low then the act of inspection may introduce
more faults and reduce rather than improve performance. IEC 60079-17 recognises this
effect and carries a warning that care must be taken that reassembly restores original
design integrity.
Although the severity of the environment and service will have an effect on
performance the critical aspect is the original selection of Ex electrical equipment. If Ex
electrical equipment is installed that has a known good performance in the intended
application then the Ex electrical equipment inspection strategy can utilise this
knowledge in determining the level of inspection for detailed inspections. Note that this
assumes the initial inspection proves that the original installation is to a high standard. If
the Ex electrical equipment is new to the installation and has no proven performance
record, then the Ex electrical equipment inspection strategy should be more conservative
and should include detailed inspection.
Users should consider classifying their Ex electrical equipment according to their
experience and knowledge of performance (e.g. fluorescent fittings by manufacturer):
such assessments should be recorded together with the evidence supporting the
assessments.
Where appropriate Ex history/records exist together with Ex fault records and
trend analysis, the DH should be in a position to robustly justify their Ex inspection
strategy.
Close and detailed inspection of 100% of a population of equipment is the Ex
inspection strategy that gives the greatest confidence in the equipment continuing to
meet its Ex integrity; whereas an Ex inspection sampling strategy provides a better
balance between the cost of inspection and confidence in the Ex integrity of the
equipment. Such a strategy is more likely to meet ALARP principles.
In a sampling strategy, the quality of the entire population is not precisely
known but a statistically valid estimation of that quality can be made. This estimation
can then be analysed to update/modify the sampling strategy through audits and
reviews, and confidence in the Ex integrity of the population should increase. In effect,
sample inspections should allow the user to have sufficient confidence in the Ex integrity
of the entire population without having to inspect all the items.
Two types of sampling are available: progressive and random. Progressive
sampling considers a population of equipment and takes a random sample of that whole
population. Inspection is then carried out on that subset (e.g. 10 %), and the remaining
items that had not been sampled on the first inspection noted. This reduced sample of
uninspected items is then used as the population to be sampled on the second
inspection. The remaining population after this second sample is then used for the third
sample; this continues until the entire population has been inspected. Thereafter,
inspection re-commences on a sample of the whole population.
Random sampling considers the whole population at each inspection, and then
takes a purely random subset of that whole population. Random sampling can lead to
the same equipment being inspected on two or more consecutive inspections, even
though the sample size may be relatively small. This may seem to be a disadvantage of
random sampling; yet it is the key advantage that random sampling has over progressive
sampling in inspection of equipment. By having the possibility of revisiting previously
inspected items before the entire population has been inspected (i.e. potentially more
frequently than would be the case for progressive sampling), it is significantly superior in
highlighting maintenance-induced human failures due to poor re-assembly or human
failure by the inspector on the last inspection. This allows greater confidence in the
ability of the inspection strategy to cover not only randomly occurring faults and wear
out faults, but damage and other human intervention related failures.
15
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
For sample inspections, the level of inspection should be determined; usually, its
parameters should be varied based on inspection performance but could also be
influenced by other business reasons. The findings of Ex sample inspections should be
used in audits and reviews to support or modify the level of inspection.
An Ex sampling strategy for Ex close and detailed inspections should not be
carried out in isolation from other inspections.
3.2.4
Ex risk-based inspection
Current Ex inspection strategies tend to inspect a nominal percentage of the total Ex
electrical equipment inventory per annum, which for some installations might be 50 000
items; however, not all the equipment is exposed to the same potential risk of a
flammable atmosphere (i.e. Zone 0, 1, and 2 and non-hazardous) being present or the
same risk of ignition owing to the different Ex types of protection. Therefore, such an
approach does not best target inspection resources on high risk equipment.
An RBI approach to inspection of Ex electrical equipment should assess the
ignition risk by considering the probability of a flammable atmosphere being present, as
indicated by the hazardous area classification, and the probability of a source of ignition
being present due to Ex integrity failure. Equipment with similar characteristics is then
allocated to lots. Where it is not possible to define lots with similar characteristics, then
more rigorous conditions for the lot should be taken.
For the probability of a flammable atmosphere being present based on duration,
the following approach uses the hazardous area classification criteria for unrestricted
'open air' release conditions from EI Area classification code for installations handling
flammable fluids:
C
C
C
Zone 0 – continuous grade release, e.g. > 1 000 hours per annum.
Zone 1 – primary grade release, e.g. 10-1 000 hours per annum.
Zone 2 – secondary grade release, e.g. 1-10 hours per annum.
A similar approach can be applied to the probability of a source of ignition being present
by using electrical system rated currents:
C
C
C
low risk – intrinsically safe;
medium risk –instrumentation, and
high risk – HV/LV power circuits and emergency equipment.
Both of these inputs are simple qualitative approaches which should suffice; however
where necessary, users could apply more quantification to the determination of the
probability of a source of ignition being present, for example using EI Research report:
Ignition probability review, model development and look-up correlations.
The risk graph (Table 3.1) uses these qualitative approaches to provide a
reasonable starting point for defining lots of Ex electrical equipment in the absence of
appropriate Ex inspection records: it assigns different ignition risks to Ex electrical
equipment using a risk graph based on the probability of a flammable atmosphere being
present (indicated by hazardous area classification) and the probability of a source of
ignition being present (indicated by electrical system rated currents). Using this
reasonable starting point simplifies the more comprehensive approach for defining lots
of Ex electrical equipment described in annex B.3.1 that uses several criteria: it has the
advantage of resulting in three lots (low, medium and high risk) with the consequent
advantages of larger lot sizes and proportionately less inspection effort.
In an RBI Ex inspection strategy, high risk Ex electrical equipment should be
inspected to a more rigorous level of inspection (e.g. frequency of inspection, etc) than
low risk Ex electrical equipment. This should provide more balanced, effective and
16
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
targeted inspections. Other factors can be used to adjust the Ex risk-based inspection
strategy, e.g. equipment age, severity of the environment and findings of earlier
inspections from records. These additional factors might move Ex electrical equipment to
another level of risk: this concept is further developed in Box 3.2 using for example,
acceptance safety level (ASL), which is a level of inspection criterion for sample
inspections (see annex B.3.1).
Lots of Ex electrical equipment should be of an appropriate size so that the
number and results of inspections are easily auditable.
The fundamental requirement of a risk-based approach to managing Ex
electrical equipment inspection is the collection and analysis of equipment records in
support of an equipment register. Historical records should include the grade of
inspection, the frequency of inspection and the degree of confidence in the results of
inspections. Historical records should be reliable; however, an assessment of the quality
of the inspection and associated records should be made prior to using them in
determining the level of inspection (e.g. frequency of inspection, etc.). This will apply
more so to existing installations that are considering adopting RBI having previously
applied other Ex inspection strategies.
Key performance indicators (KPIs) (see 3.6.1.7) should be used for monitoring
the continuing effectiveness of all Ex inspection strategies and they become more
important when changing from one Ex inspection strategy to another, so that it is
possible to measure the success of the transition.
Use of RBI carries the advantage of more efficient use and targeting of
inspection resources.
From the outcomes of the inspections, audit and review should be carried out
with a view to validating the RBI approach, and optimising it, as required. See 3.2.6.
3.2.5
Summary of coupling the sampling strategy with an RBI strategy
Coupling an Ex inspection sampling strategy that gives an acceptable level of confidence
(see 3.2.3) with a risk-based approach (see 3.2.4) provides a targeted, balanced and
effective Ex inspection strategy. The methodology set out in Annex B is based on
ISO 2859-1, suitably adapted to the inspection of Ex electrical equipment and adopts
RBI. It contains an approach for setting level of inspection parameters based on the
quality of historical records (see annex B.3.5.3) and its subsequent variation based on
inspection performance (see annex B.3.10).
The sampling methodology adopts random sampling; this is used to monitor the
effects of the severity of the environment, vibration, inherent design weakness, etc. and
to identify random faults.
Note that the sampling methodology does not account for the consequences of
a fire/explosion, nor does it take any credit for any mitigation measures.
17
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Box 3.1 Example of using an Ex electrical equipment risk graph in an RBI inspection strategy
The risk graph (Table 3.1) provides a reasonable starting point for defining lots of Ex electrical equipment in
the absence of appropriate Ex inspection records. Its objective is in assigning risks to Ex electrical equipment
in various zones as part of an RBI approach, which could be used with or without sampling. The risk graph
does not take into account the severity of the environment and equipment age, which might move Ex
electrical equipment to another level of risk.
Table 3.1 Ex electrical equipment risk graph - starting point for defining lots of Ex electrical
equipment based on ignition risk
Probability of source of
ignition being present
Groupings of Ex
electrical equipment
based on electrical
system rated currents
Onshore nonhazardous
abnormal
operations
(Note 6)
Offshore nonhazardous
abnormal
operations
(Note 6)
Intrinsically safe
Low
Instrumentation
Low
Probability of flammable
atmosphere being present
Zone 2
Zone 1
Zone 0
Low
Low
Low
Low
(Note 4)
Low
Low
Medium
N/A
(Note 2)
HV/LV power circuits and
emergency equipment
Low
Medium
(Note 3)
Medium
High
N/A
(Note 2)
Notes:
1. The risk graph assumes correct selection of Ex type of protection in the first instance.
2. N/A – Such Ex electrical equipment is not appropriate for that zone. See Note 1.
3. Non-hazardous areas offshore typically contain SCEs that are energised during an emergency;
consequently, risks for LV/HV power circuits are greater in offshore environments compared to onshore
environments.
4. For Zone 0, use of intrinsically safe systems (Ex 'ia') means that there is an inherent low ignition risk as by
design they do not have the potential to produce an incendive spark that can ignite a flammable
atmosphere. Similarly, intrinsically safe circuits supplied from the Zener barrier (providing a connection to
the equipotential bonding system and for TN-S systems only, connected to a high integrity earth system and
routinely tested to be <1 ohm). or galvanic isolator might be considered to be low risk.
5. By design, intrinsically safe systems do not have the potential to produce an incendive spark; whereas,
both instrumentation and HV/LV power circuits have the potential to produce an incendive spark that can
ignite a flammable atmosphere. This is reflected in the risk graph; however, another factor to consider is the
consequence of the electrical fault energy since HV/LV power circuits are likely to have a fault energy level
that has the potential to cause severe electrical arcing which might damage the Ex enclosure and
compromise the continuing integrity of its type of protection. Consequently, the Ex terminals and enclosure
should be rated for these higher electrical systems rated currents for HV/LV power circuits.
6. In abnormal operations a flammable atmosphere may be present in areas designated non-hazardous in
normal operations; some electrical equipment may be required to be in service then such that it should be
Ex electrical equipment. Onshore installations typically have few equipment in such non-hazardous areas;
however, offshore accommodation platforms have emergency lighting that would be expected to operate
in abnormal operations.
Applying such a risk-based approach to the allocation of lots would place Ex electrical equipment into low,
medium and high ignition risk lots. This approach should result in the high risk Ex electrical equipment
being inspected to a more rigorous level of inspection than medium and low risk Ex electrical equipment
respectively.
For example, applying RBI to these lots in Table 3.1, the frequency of inspection is varied. High
ignition risk Ex electrical equipment is allocated a higher frequency of inspection than medium ignition risk
Ex electrical equipment, etc. by applying a smaller multiplier.
18
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Box 3.1 Continued…
Example of using an Ex electrical equipment risk graph in an RBI inspection strategy
Table 3.2 Example application of RBI with or without sampling to Ex ignition risk in an Ex
electrical equipment strategy by applying frequency of inspection multipliers
Ignition risk (Note 1)
Frequency of inspection multiplier
Low
x2
Medium
x1
High
x0,5
Notes
1. Ignition risk derived from Table 3.1.
2. In this example, the frequency of inspection is the only level of inspection criterion that is changed.
3. This approach applies whether or not sample inspection is part of the RBI inspection strategy.
Box 3.2 Example of applying RBI principles to a sampling strategy
For sampling strategies, other level of inspection criteria (as defined in Annex B) can be varied (e.g. ASL,
global failure rate or category of inspection) to give further possibilities for RBI.
For example, applying RBI to the lots from Table 3.1 in Table 3.3, ASL is the only level of inspection
parameter that is varied (although this in turn adjusts the rejection number (Re) but not the sample size in
this case): high ignition risk Ex electrical equipment is allocated an ASL lower than the ALARP ASL;
consequently, Re is more rigorous than for medium ignition risk Ex electrical equipment, although the
sample size remains the same.
Table 3.3: Example application of RBI to Ex ignition risk in an Ex electrical equipment sampling
strategy by varying ASL
Sample
Ignition risk
ASL
Re
Data reference
(Note 1)
size
Low
> ALARP ASL = 1,5%
80
4
Table C.8
Medium
ALARP ASL = 1%
80
3
Table C.7
High
< ALARP ASL = 0,65%
80
2
Table C.6
Notes
1. Ignition risk derived from Table 3.1.
2. Lot size = 1 000, global failure rate = level II, ALARP ASL = 1% (see Table B.3). Sample size and Re
derived from Tables C.6, C.7 and C.8.
3. In this example, only the ASL is changed (and consequently Re): other level of inspection criteria also
could be adjusted (e.g. frequency of inspection, global failure rate, category of inspection).
4. Adjustment of ASL only applies to sample inspections.
19
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
3.2.6
Audit and review of Ex inspection strategy
The primary objectives of audit and review of an Ex inspection strategy are to identify if
there are any weaknesses, where necessary to improve it, and to be able to demonstrate
that the Ex inspection strategy is appropriate, robust and justified.
The success of an Ex sampling inspection strategy is significantly dependent on
the quality of the Ex inspections and the quality of the associated records (together with
faults identified). To ensure high quality, there should be rigorous audits and reviews of
Ex inspections and associated records.
Should critical faults be identified to the TPEF, they should evaluate any
potential ignition risk, apply appropriate control measures, initiate remedial action
(within an appropriate timescale), or isolate the faulty Ex electrical equipment. The TPEF
should initiate further inspections to determine the extent of the failure mode and take
the necessary corrective action.
Trend analysis is able to be carried out more readily if Ex fault codes are
assigned; these facilitate computer search fields to be generated to highlight generic
equipment faults or areas of the installation which might have an adverse affect on the
integrity of the Ex electrical equipment, e.g. deluge systems.
Whichever inspection strategy is applied, analysis of the inspection data should
be performed regularly to ensure that inspection resource is focused on the appropriate
areas and equipment where faults are found.
An annual audit and review should be followed by a more rigorous three-yearly
audit and review; these should involve a cross-section of all personnel involved in the
management and carrying out of the inspections e.g. REP, ICP, TPEF and electrical
technicians. All audits and reviews together with actions taken should be recorded.
IEC 60079-17 suggests that Ex inspection personnel should be independent of
the demands of functional maintenance inspections. Where this is not practical,
installations that employ competent personnel might merge the task of maintenance
and inspection as long as the Ex integrity inspections are not compromised.
See 3.6 for guidance on audit and review of all aspects of managing inspection
of Ex electrical equipment.
3.3
ORGANISATION
Clear authority, responsibility and accountability should be allocated to, and understood
by, the various organisations, management and competent personnel involved with
managing the inspection of Ex electrical equipment throughout its life cycle. These
aspects should be unambiguously defined in organisational structures and management
systems for all organisations involved.
Senior managers should understand that managing the inspection of Ex
electrical equipment is an important safety matter, which requires appropriate numbers
and competencies of personnel, adequately supported by maintenance and inspection
procedures and records.
In managing the electrical function, competent persons should ensure that
ignition risks of Ex electrical equipment located in hazardous areas are given appropriate
attention.
3.3.1
Roles and responsibilities
Employers, employees and contractors have responsibilities under EAWR (see
section 2.7). Regardless of this; many of these fall on the DH; pertinent ones include:
20
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
C
C
Appointing NEPs to be responsible for managing aspects of the electrical
function, which are under their control. With regard to Ex electrical equipment
the petroleum industry generally nominates a TPEF (see section 2.9.4).
Ensuring that regular audits are performed so that all pertinent personnel are
fully aware of their responsibilities and accountabilities in relation to Ex electrical
equipment.
Typical examples of Ex inspection activities that should be carried out by DHs include:
C
C
C
3.3.2
Reviewing maintenance and inspection completion and backlog reports to
check that the correct information has been recorded and that deferred
maintenance will not result in unsatisfactory safety risks. An example is a
supervisor being made responsible for weekly reviews and the TPEF carrying out
regular audits to determine if the relevant procedures are being implemented.
All audits and review should be documented and recorded outlining:
− which sections have been audited and reviewed;
− what Ex findings/faults have been revealed;
− whether there are generic faults;
− recommended actions e.g. further inspections required on Ex electrical
equipment, and
− changes to the Ex inspection strategy.
Performing ongoing competence assessments of personnel involved in electrical
work e.g. checking the quality of Ex electrical equipment inspections and
associated Ex records.
Periodically reviewing approvals of change requests, subsequent modifications
and changes to operational constraints that might impact the integrity of Ex
electrical equipment.
Competence
A competence assurance system should be in place to secure the competence of all
personnel involved with Ex electrical equipment. As part of achieving competence, Ex
electrical technicians should be adequately trained and experienced. See 3.3.2.1. For
other roles (e.g. REP, TPEF, ICP) additional competence requirements apply (e.g. see
section 2.9.4).
Competence with Ex electrical equipment requires thorough knowledge of its
construction, type of protection, operation and failure mechanisms to determine
whether they are fit for purpose and safe.
3.3.2.1 Inspector competence
The inspection of electrical equipment installed within hazardous areas should be carried
out by competent personnel, typically Ex electrical technicians. This should be achieved
by the personnel meeting the requirements of a competency based scheme. In GB, a
recognised training, assessment and certification scheme for electrical technicians is the
CompEx National Training and Assessment Scheme. Competency should be refreshed
regularly and there should be satisfactory performance on training course and workplace
assessments to ensure that current good practice is applied.
The minimum training requirements of IEC 60079-17 for Ex electrical
technicians are described in section 2.9.3.
The competency level of personnel lies within the responsibility of the TPEF. This
responsibility should be endorsed by the DH or equivalent, and should be supported by
the relevant competency assurance processes.
21
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
To be qualified for the inspection of electrical equipment installed within hazardous
areas, a person should justify initial competences in electrical equipment and have
successfully been assessed on:
C
C
A training course with the minimum content required by the standard and
several years of practical experience of working with Ex equipment, or
A training course with the minimum content described above and a mentoring
period implemented and validated by experienced inspectors.
Evidence of the relevant experience and training should be available.
Audits are necessary to ensure that the inspectors do their tasks in accordance
with site procedures. All audits and reviews should be formally recorded together with
actions taken.
The knowledge of Ex electrical technicians should be regularly refreshed (for
example to comply with the requirements of CompEx) due to changes in regulations,
standards, new types of protection and development of good practice.
In addition to electrical technicians carrying out Ex inspections, other competent
personnel will also inspect Ex electrical equipment, e.g. TPEF, ICP, REPs and NEPs.
3.3.2.2 Competence of employers using contractor resources
As noted in section 2.2, employers should be 'intelligent customers' and so should be
able to competently select contractors, and specify, audit and review their work. Where
employers do not possess in-house Ex electrical equipment competence, they should
consider delegating this responsibility to a consultant so as to ensure that the
requirements for inspection of Ex electrical equipment are complied with; if this is the
case, these roles and responsibilities should be clearly defined and documented.
3.4
PLANNING AND IMPLEMENTATION
A pre-requisite to establish an Ex risk-based inspection strategy (see 3.2.4) is to have an
Ex electrical equipment register and records that cover all such equipment. Where this is
the case, the sampling methodology provided in Annex B might be applied to both Ex
detailed and close inspections. Figure 3.1 illustrates the key steps.
For those existing installations not having a complete equipment register and
appropriate records (i.e. those from the initial detailed inspection and subsequent
records), the three-phase implementation plan described in 3.4.1-3.4.3 should be
applied, which provides a process to move towards an Ex risk-based inspection strategy
(see Figure 3.1). The intent of this three-phase approach is to get DHs moving towards a
robust Ex electrical equipment inspection strategy in a step-wise manner. In doing so,
they would carry out some inspections and gather information that should feed into an
equipment register, as well as carrying out some auditing and reviewing. This has the
advantage of spreading out the considerable effort required to populate an equipment
register. Whilst this approach offers the option of including some sample inspections as
part of the Ex electrical equipment inspection strategy, this is only an option and in some
cases it may be inefficient to apply (e.g. with small lots):
3.4.1
Phase 1 of implementation plan
Carry out gap analysis to determine the current status of the Ex strategy (see
section 1.3.1), define forward Ex strategy (see 3.2) and determine a plan of action to
progress to the forward Ex strategy. This may typically include:
22
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
C
C
C
C
C
C
C
C
C
C
C
3.4.2
Periodic inspections: Carry out Ex visual and close inspections and create a
100% equipment register in a timescale of three years (the timescale normally
required by IEC 60079-17 for periodic inspections (see section 2.9.2)).
Sample inspections: Carry out a representative random sample of Ex detailed
inspections.
Assign equipment identification numbers (tags).
Record Ex details.
Assign fault codes.
Carry out trend analysis to help identify the Ex electrical equipment integrity
fault types that contribute to determining the probability of a source of ignition
being present.
Highlight high risk areas and high risk Ex electrical equipment.
Implement appropriate control measures.
Amend the Ex inspection strategy, as required.
Carry out regular (yearly, three-yearly and as required) audits and reviews on the
quality of the Ex inspections, associated records and the Ex inspection strategy,
so as to ensure that all Ex electrical equipment is fit for purpose and safe.
Where the findings of visual and close inspections raise concern regarding the
Ex integrity, carry out appropriate detailed inspections.
Phase 2 of implementation plan
Apply the outcomes from phase 1 of implementation plan, carry out gap analysis to
determine the current status of the Ex strategy (see section 1.3.1), define the forward Ex
strategy (see 3.2) and determine a plan of action to progress to the forward Ex strategy.
This may typically include:
C
C
Use the data from phase 1 of implementation plan for the following three years
to:
− Define KPIs.
− Robustly justify any modifications to the level of inspection for periodic
inspections.
− Robustly justify use of a risk-based approach in the Ex electrical equipment
sampling inspection strategy by identifying Ex ignition risk using Boxes 3.1
and 3.2.
Manage Ex visual, close and detailed inspections. Specifically, the following
tasks should also be carried out:
− Periodic visual (100%) and sample inspections (close and detailed) on a
continuing basis, and record results.
− Effective management of all Ex electrical equipment ignition risks.
− Identify generic faults.
− Record how the Ex inspection strategy has been continually improved or
adjusted to cover any common faults using evidence of trend analysis.
− Demonstrate the effectiveness of the Ex visual, close and detailed
inspections, and what benefits they have provided in the control of ignition
risks using appropriate evidence.
− Use the outcomes of the audit and review carried out in phase 1 of
implementation plan, which should identify the Ex electrical equipment
integrity fault types and trend analysis, to determine the probability of a
source of ignition being present. Combine this with the probability of a
flammable atmosphere being present, to determine the overall ignition risk:
this forms the basis of an RBI Ex inspection strategy.
− Monitor KPIs to determine whether performance is adequate.
23
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
−
3.4.3
Carry out annual and a more rigorous, three-yearly audit and review to
review Ex faults found, the faults found from Ex visual, close and detailed
inspections, changes in process conditions. The ICP, TPEF, and an electrical
technician should be involved in a team-based approach, as well as process
safety engineers.
Phase 3 of implementation plan
Apply the outcomes from phase 2 of implementation plan, carry out gap analysis to
determine the current status of the Ex strategy (see section 1.3.1), define the forward Ex
strategy (see 3.2) and determine a plan of action to progress to the forward Ex strategy.
This may typically include:
C
C
As phase 2, but:
− Identify Ex ignition risk using Annex B.
− Review and monitor KPIs.
− Promote continuous improvement throughout life cycle phases.
Manage Ex visual, close and detailed inspections together with audits and
reviews on an ongoing basis. This should provide a robust justification for the Ex
inspection strategy, demonstrate that it is appropriate, and achieve continual
improvement in the integrity of Ex electrical equipment so as to ensure that the
actual condition remains fit for purpose and safe.
RBI Ex inspection strategy
Non-RBI Ex inspection strategy
Ex electrical equipment inspection
strategy to manage ignition risks
Phase 2 (three years)
Gap analysis
Periodic - visual (100%)
Identify Ex ignition risk using
Boxes 3.1 and 3.2
RBI sampling - close and
detailed, and record results
Define and monitor KPIs
Audit and review by TPEF,
ICP, REP and NEP (including
Ex register and records)
Phase 1 (three years)
Y
Equipment
register and
records
N
Gap analysis
Periodic - visual and close
(100%) and establish Ex register
and records
Sampling - detailed, and record
results
Audit and review by TPEF, ICP,
REP and NEP
Phase 3 (ongoing)
As phase 2, but:
Identify Ex ignition risk using
Annex B
Review and monitor KPIs
Continuous improvement
throughout life cycle phases
Figure 3.1: Process for implementing Ex inspection strategies and the process for
moving from non-RBI to RBI
24
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
3.5
MEASURING PERFORMANCE
3.5.1
Initial Ex inspection target levels
Where risk-based Ex inspections use sampling, the inspection results provide an overview
of the condition of Ex equipment in a lot based upon a statistically representative sample
of the equipment. If review of the inspection results indicates that the number of faults
found is equal to or above the rejection criterion (e.g. due to poor severity of the
environment or equipment design faults) then action should be taken to improve the Ex
integrity of the equipment before it creates a potentially dangerous situation.
Conversely, if the number of faults found is below the rejection criterion, then it should
be determined whether the quality of the Ex inspection and associated records is
appropriate. Furthermore, future inspections for that lot should be adjusted to reflect
the results of inspections within the lot.
Such information can form the basis of some KPIs (see section 3.6.1.7).
3.5.2
Faults
Faults should be recorded using fault codes (see section 3.6.1.8). Faults should be
analysed by the TPEF to establish the root cause and decide what actions are required to
eliminate recurrence of faults, such as by modifying/replacing the equipment or
increasing maintenance intervention.
3.6
AUDIT AND REVIEW OF PERFORMANCE
3.6.1
Reviewing performance
Organisations should learn from all relevant experience and apply the lessons to move
forward and improve the inspection of Ex electrical equipment to assure its continuing
integrity. There should be a systematic review of performance based on data from
monitoring and from independent audits of the whole Ex SMS. There should be a strong
commitment to continuous improvement involving the development of the Ex strategy,
systems and techniques of risk control.
Ex electrical equipment integrity performance should be recorded in annual
reports.
The key to an effective Ex inspection strategy is good planning being applied to
control risks, and resources allocated according to risk priorities. Performance should be
measured by setting up suitable monitoring arrangements.
The actual 'as found' integrity of Ex equipment when inspected is the ultimate
test of the effectiveness of the Ex inspection strategy (and maintenance strategy). The
TPEF, who is responsible for the integrity of the Ex electrical equipment, should ensure
that these inspections and associated records are audited and reviewed, that Ex faults
are reviewed, and that appropriate trend analysis techniques are applied to identify
generic faults. As part of this process an annual and a three-yearly detailed review of the
Ex strategy together with the Ex faults identified should be carried out, together with the
control measures identified, to vary the level of inspection proportionately with the faults
found. Where appropriate, the ICP should be involved in this matter.
The TPEF and ICP should carry out independent Ex inspections to confirm the
performance, output measures and verification criteria are appropriate for each grade of
inspection, so as to ensure that the Ex inspection strategy is satisfactory and that the Ex
electrical equipment is fit for purpose and safe; these independent inspections should be
recorded.
25
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Modifications (using computerised maintenance management system (CMMS)
data) and repetitive faults (data from previous inspections) for equipment should be
taken into account. To enable consistency, where possible, generic fault codes should be
used.
Inspection data should be analysed to monitor the effectiveness of the Ex
inspection strategy. The information obtained should be shared with other installations
in order to promote shared learning and good practice.
Regular reviews of inspection data should be carried out to confirm the integrity
of the Ex electrical equipment over its life cycle. These data should be used to support or
modify the level of inspection.
All Ex inspections and associated records for initial, visual, close, detailed,
continuous supervision, breakdowns, independent audits by the TPEF and ICP, should be
audited and reviewed. The Ex inspection strategy should accordingly be revised so as to
ensure that all Ex electrical equipment is safe to use in potential hazardous areas.
3.6.1.1 Review meetings
As noted in section 1.3.1, the continuous improvement model set out in HSE Successful
health and safety management implies that a significant number of reviews should take
place. From a practical standpoint these can often either be combined with other similar
activities or several reviews can be combined into one review, provided that in each case
the correct people participate and the agenda of such meetings allows sufficient
time/focus on the Ex electrical equipment reviews intended to be covered.
A good technique is therefore to identify:
C
C
C
What reviews should take place and at what frequency.
Who should attend.
What information should be available.
From this it should be possible to map these requirements against existing meetings to
determine if they can be accommodated within them or if additional stand-alone
meetings are required. Decisions as to how reviews should be carried out should be
recorded formally: for example, either in the Ex electrical equipment inspection strategy
or elsewhere in the organisation’s quality assurance documentation if a suitable location
exists. In the latter case, there should be a cross-reference in the Ex electrical equipment
inspection strategy to where the information on review implementation is located.
One method of identifying and recording review processes is to adapt the
flowchart provided in Annex A of IEC 60079-17 to suit the particular organisation’s
structure: this can then show where reviews should take place and how the output of
the reviews should feed back into the process.
It should be recognised that reviewing and making improvements based upon
feedback is a key process; however, this is often the part of the process which is least
well executed. Formally assigning where such reviews should take place is one method
of encouraging discipline in execution of the reviews and driving improvements.
3.6.1.2 Output measures
Performance standards for SCEs for offshore installations provide measurable target
values for availability/reliability. For other equipment, these can be expressed as KPIs
(see 3.6.1.7). These provide a reasonable indication of Ex integrity performance,
provided the input data are representative of data over a period in excess of the
frequency of inspection.
The TPEF should review current performance against this criterion, together with
the KPIs (see 3.6.1.7), and use these to set goals for improvement. This may initiate
intervention measures such as a concerted effort to eliminate faults or, conversely, to
26
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
review the existing level of inspection where the occurrence of faults has proved to be
rare.
To be able to perform this analysis, when any work is completed on Ex electrical
equipment the grade of inspection and, where faults are revealed, fault codes should be
recorded.
3.6.1.3 Verification of initial Ex inspections
To ensure that the initial inspection of Ex electrical equipment is completed with a
suitable audit trail of documentation, a representative inspection should be carried out
where required for verification (e.g. for offshore installations subject to OSCR (see
section 2.6)), e.g. by taking typically 10% of the total Ex inventory. All inspection results
should be recorded and included in the commissioning documentation which should be
transferred to the DH’s Ex inspection record system, e.g. a CMMS.
3.6.1.4 Verification of continuing Ex inspections
Where required for verification (e.g. for offshore installations subject to OSCR (see
section 2.6)), the TPEF should ensure that an annual independent verification of the Ex
electrical equipment inspected and documentation completed is carried out to provide
assurance of the quality of work undertaken.
3.6.1.5 Annual review
The TPEF should carry out an annual review of all Ex inspection results. This should be
recorded as part of the DH’s demonstration that they are appropriately managing
potential ignition risks etc. The results of inspections should be reviewed with Ex
electrical inspection personnel to foster ownership and promote a team culture. The
desired outcome from this approach is to encourage the recording of all Ex inspections
and develop a greater shared understanding of faults found and how to eliminate them.
3.6.1.6 Three-yearly review
The TPEF should carry out a detailed review of the inspection results on a 3-yearly basis.
The review team should consist of those involved in inspection of Ex electrical equipment
and should typically include: electrical technicians; contract electrical technicians; the
TPEF; the REP; and the ICP. This three-yearly review should confirm that all Ex periodic
(i.e. visual and close) inspections and a representative random sample of Ex detailed
inspections have been completed in this time period or provide the expert advice for
non-compliance (see section 2.9.2).
This team should review the existing Ex inspection strategy and associated
inspection data and complete a gap analysis to determine future modifications to the
level of inspection and/or change to maintenance procedures to maintain/improve the
level of equipment integrity so as to meet the performance standard.
All Ex inspection results and audit and reviews should be recorded as part of the
DH’s demonstration that they are appropriately managing potential ignition risks.
3.6.1.7 Key performance indicators
Used correctly, KPIs should be a good method of providing an overview of the health of
a system and early warning of a decline in standards: they can be used to trigger action
before risk levels rise above what is acceptable. KPIs comprise leading and lagging
indicators: the former indicate what will happen in the future; whereas, the latter show
what happened in the past. Good practice is to have a balance of both types of KPIs.
It is possible to conceive many other KPIs that could be used; however, KPIs
should be used sparingly and there should be a clear identifiable reason for collecting
and reviewing the information. It is not uncommon for KPIs to be established to monitor
specific areas of under-performance and for such KPIs to be discontinued once there is
confidence that good performance exists and has become a normal part of the business
27
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
processes. A good test for the need for a KPI is to ask what action will be taken if the
value moves adversely from the target value, such as that defined in performance
standards.
Where it is determined that an inspection schedule or sample number will not
be met, a further risk assessment should be undertaken, or the electrical equipment
concerned should be electrically isolated.
If there is more than one group or contractor responsible for different parts of
the installation it is useful to have the results arranged per contractor so any difference
in performance of the various workgroups can be identified.
Typical examples of KPIs that may be used for performance of Ex equipment,
performance of Ex strategy and new installation audits are:
Performance of Ex equipment:
C
Failure rate for the period = number of faults found during the period/(period of
evaluation (days) x number of Ex electrical equipment inspected for the period).
(This KPI is typically used as part of a performance standard for reliability of SCEs
for offshore installations.)
C
Total number of action items resulting from an inspection, which can be
subdivided by severity into:
− Number of safety items: these are faults where corrective action should be
taken in the short term (e.g. <one week).
− Number of integrity items: these are faults where corrective action should
be taken in the medium term (e.g. <three months).
− Number of housekeeping items: these are faults that do not affect level of
risk but represent a non-compliance with standards (e.g. missing or
damaged labelling) where action should be taken in the long term (e.g.
<12 months, such as during the next planned maintenance).
(The safety, integrity and housekeeping items could be further subdivided by
fault code (see 3.6.1.8). Comparing the number of each type of action item
against the number of equipment inspected and trending the results should
enable monitoring of the performance of each type of action item as well as
overall performance.)
C
Number of action items resulting from an inspection for each lot, which can be
subdivided by severity into safety, integrity and housekeeping items (as above)
and could be further subdivided by fault code (see 3.6.1.8). (This should enable
trending of the performance of various lots.)
Performance of Ex strategy:
_ % Ex detailed inspections carried out
(e.g. in a particular year)
=
number of Ex detailed inspections carried out x 100
total number of Ex electrical equipment installed
_ % Ex close inspections carried out
(e.g. in a particular year)
=
number of Ex close inspections carried out x 100
total number of Ex electrical equipment installed
_ % Ex visual inspections carried out
(e.g. in a particular year)
=
number of Ex visual inspections carried out x 100
total number of Ex electrical equipment installed
_ % Ex electrical with no recorded Ex
inspection (e.g. in a particular year)
=
number of equipment with no recorded Ex inspection x 100
total number of Ex electrical equipment installed
=
number of overdue inspections x 100
total number of Ex electrical equipment installed
(This KPI may be part of a broader KPI for all types of SCE.)
_ Inspection backlog
28
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
New installation audits:
C
Total number of faults found during a new installation audit after initial
inspection has been completed, which can be subdivided by severity into:
− Number of safety items: faults where corrective action should be taken in
the short term (e.g. <one week).
− Number of integrity items: faults where corrective action should be taken in
the medium term (e.g. <three months).
− Number of housekeeping items: faults that do not affect level of risk but
represent a non-compliance with standards (e.g. missing or damaged
labelling) where action should be taken in the long term (e.g. <12 months
such as during the next planned maintenance).
3.6.1.8 Fault codes
While KPIs may be useful to gain an overview of performance they are not sufficient to
be able to analyse where faults have been found and what type of fault was identified.
Such information is necessary to be able to start identifying the causes of faults, and
hence to be able to take appropriate corrective actions.
If only free text is allowed when recording faults it becomes impractical to
undertake any form of analysis within a reasonable timescale since there is no means of
grouping or classifying the information; therefore fault codes should be used to group or
classify faults. Doing so gives an overview of the types of faults, which often is sufficient
to identify possible causes. It also should allow the faults to be grouped into smaller,
more manageable sets if an in-depth assessment becomes necessary.
Fault codes should be linked to the Ex electrical equipment on which the fault
was found: this should allow analysis based upon equipment type rather then type of
fault. Ideally, there should also be links to the equipment register such that analysis of
fault codes against other factors such as location and age can be carried out. Often this
is possible if using a CMMS since such links should already exist to the identification
number, tag or whatever system of identification is used.
There follow two examples of the use of fault codes: the former uses the
inspection schedules provided in Annex D; whereas the latter is a simpler approach used
in a company.
Example
Fault codes are set based upon the items in Table D.1, Table D.2 and Table D.3 for each
Ex electrical equipment type of protection concept. For example using Table D.1, code
dA7 would mean there has been an unauthorised modification to Ex 'd' electrical
equipment; whereas, code nA6 would mean an unsatisfactory enclosure, glass parts and
glass-to-metal sealing gaskets and/or compounds for Ex 'n' equipment.
Example
A simpler set of fault codes based upon the type of faults typically encountered are set
out in Table 3.4. This includes faults that are likely to be revealed by external inspection
(i.e. visual and/or close inspection) as well as faults that are only likely revealed by
internal inspection (i.e. detailed inspection).
29
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table 3.4: Simple set of fault codes based upon the type of faults typically encountered
Fault description
Severity
Internal inspections (detailed):
Z
Is Zener barrier earth bond <1 ohm
Q Inadequate segregation Is and power
T
Ex 'e' loose terminations
N Ex 'e' unconnected cores
W Ex 'e' terminations, insulation degradation (water
ingress)
F
Ex 'd' flame path damaged
F
Ex 'd' flame path impeded
P
Ex 'p' pressurisation control system fault
X Ex 'p' certification special requirements X
External inspections (visual and close):
B Covers/bolts
G Glands/stop ends
E
Earthing
U Uncertified equipment used
H Certificate inadequate
S
Fed-from labels
I
Ingress
D Damage
M Mounting
C Corrosion
R Redundant
L
Duty/tag numbers
Normal
priority
Fault
code
Safety
Safety
Safety
Integrity
Safety
1
1
1
2
1
Z1
Q1
T1
N2
W1
Safety
Integrity
Safety
Safety
1
2
1
1
F1
F2
P1
X1
Safety
Integrity
Integrity
Safety
Integrity
Safety
Housekeeping
Housekeeping
Housekeeping
Housekeeping
Housekeeping
Housekeeping
1
2
2
1
3
1
4
4
4
4
5
5
B1
G2
E2
U1
H3
S1
I4
D4
M4
C4
R5
L5
In Table 3.4, code B1 would mean a cover damaged or bolts missing with a safety
severity and normal priority of 1; whereas, code C4 would mean evidence of corrosion
(e.g. paint surface damaged) with a housekeeping severity and normal priority of 4.
Whatever codes are used, the severity of the fault should be indicated by the priority
assigned: this can then be used not only in any subsequent analysis but also to ensure
any corrective action is taken within an appropriate timeframe (see 3.6.1.7). In Table 3.4,
the severity is classified as:
C
C
C
Safety: priority 1 faults where corrective action should be taken in the short
term (e.g. < one week).
Integrity: priority 2-3 faults where corrective action should be taken in the
medium term (e.g. ≤ three months).
Housekeeping: priority 4-5 faults that do not affect level of risk but represent a
non-compliance with standards (e.g. missing or damaged labelling) where
action should be taken in the long term (e.g. ≤12 months such as during the
next planned maintenance).
The severity assigned here could also be coupled with the probability of a flammable
atmosphere being present, as indicated by the pertinent hazardous area classification
such that code B1 would be given greater priority where the fault occurred on Ex
electrical equipment located in Zone 1 compared to that located in Zone 2.
30
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
3.6.2
Auditing
Managing the quality of Ex electrical equipment inspections and records should ensure
that the Ex electrical equipment is fit for purpose and safe; data should be of high
quality, and supported by trend analysis and auditing.
The auditing process should establish the baseline of Ex electrical equipment
integrity, the intended status and provide a clear plan of action on how to make
necessary improvements.
Active monitoring of the Ex inspection findings gives an organisation feedback
on its performance before an incident occurs and is essential in ensuring that the Ex
inspection strategy is fit for purpose.
Organisations should maintain and improve their ability to manage risks by
learning from experience through the use of audits and performance reviews. The
structured process of collecting independent information (e.g. from electrical TAs and
ICPs) on the efficiency, effectiveness and reliability of the Ex inspection strategy and
associated inspections and records, and the drawing up of plans for corrective actions
should demonstrate management’s commitment to safety.
As part of this auditing process DHs should assure themselves that the safety
culture, attitudes, perceptions, competencies and patterns of behaviour of their
personnel (including third parties) is appropriate. Organisations with positive safety
culture throughout are characterised by open communications founded on trust, by
shared perceptions of the importance of safety and by confidence in the efficacy of
preventative measures.
3.6.2.1 Audit controls
There should be controls to ensure that audits are applied rigorously and consistently.
An unreliable system may lead to a loss in confidence in its relevance and validity. Typical
controls include:
C
C
C
Ensuring that audits are seen as a positive management tool.
Securing the competence of auditors.
Securing the effective implementation of their results and recommendations.
To maximise the benefits, audits should be conducted by competent people
independent of the area or activities being audited.
Feeding information on success and failure back into the system is an essential
element in motivating personnel to maintain and improve performance. Successful
organisations emphasise positive reinforcement and concentrate on encouraging
progress on those KPIs that demonstrate improvement in risk control.
Furthermore, subsequent inspections should be adjusted to reflect the results of
previous inspections: where the sampling methodology is applied, this should be
achieved by modifying the level of inspection.
Inspection data should be analysed to monitor the effectiveness of the Ex
inspection strategy. The findings also should be shared with other installations in order
to promote shared learning and good practice.
31
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
4
MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT
THROUGHOUT ITS LIFE CYCLE PHASES
4.1
INTRODUCTION
Managing the inspection of Ex electrical equipment should extend across its life cycle
phases introduced in section 1.3.1. This section provides guidance on managing
inspection of Ex electrical equipment throughout its life cycle phases mainly after design
and construction; however, it should be noted that decisions made during design and
construction can affect the subsequent life cycle phases: e.g. where possible, inherent
safety principles should be applied such that electrical equipment ideally should not be
located in hazardous areas and instrumentation equipment should be intrinsically safe.
Attention is drawn to those aspects of design and construction that can have a
significant contribution.
4.2
DESIGN AND CONSTRUCTION
DHs should ensure that Ex electrical equipment is correctly used in accordance with the
manufacturer’s requirements and that the electrical installation is designed, constructed,
installed, commissioned, operated, maintained and inspected so that it is fit for purpose
and safe. Note that these Guidelines focus on Ex electrical equipment life cycle phases
after design and construction; however, guidance is provided in 4.3.1 on data needs in
handover from design and construction teams.
Ex initial inspection records must be completed and appropriately recorded, and
as noted in 3.2.1, audited and reviewed if carried out by other personnel. All such
inspections together with findings/faults revealed, and actions taken should be recorded.
Particular care should be taken when the certification specifies conditions on how
the equipment can be utilised and installed.
On existing installations particular care is required with installation and
commissioning of Ex electrical equipment given the potential for flammable
atmospheres.
DHs should ensure that appropriate information, certificates, inspection records,
identification (tagging) of the Ex electrical equipment are provided and that the Ex
register is complete.
4.2.1
Equipment selection and implications for inspection and maintenance
There are significant advantages for a variety of reasons to standardise on common
materials used in a location. One of these reasons is that previous site experience and
knowledge of equipment performance can allow the optimum inspection and
maintenance strategies to be adopted; however, often there are commercial pressures to
select the lowest bidder, which can lead to significant equipment diversity. Practical
experience shows that notionally equivalent components may perform very differently to
each other when exposed to installation service conditions. This could lead to an
unmanageable situation where different strategies have to be adopted for the same Ex
electrical equipment.
New Ex electrical equipment (which satisfies the installation’s requirements)
should undergo a trial on the installation before being accepted onto the vendor list.
Ideally the trial location should be in one of the most severe environments existing on
installation so that weaknesses are exposed. Any such trial should be for a minimum of
six months. At the end of the trial period there should be a review of performance
32
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
achieved in practice and confirmation that the Ex electrical equipment is suitable for use
with the existing installation Ex electrical equipment inspection and maintenance
strategies.
4.3
INSTALLATION/COMMISSIONING/HANDOVER
4.3.1
Handover of data
The collection and handover of data between the design and construction groups and
those responsible for subsequent commissioning or maintenance is often an area of
weakness: this in part may be due to such activities not being seen as core to the design
process and can require additional effort to that needed to complete the design.
Design information should be collected in project specific documents such as
design books and is generally well covered by project processes. The data needed by
commissioning or maintenance teams is often a subset of the full design data and hence
requires extraction from different sections of the project documentation. It is possible to
address this issue by requiring in the project processes for a separate set of
documentation containing the subset of information needed by commissioning or
maintenance teams to be assembled by the project team as the design progresses: this
may result in some increase in design costs but should ensure the data needed are
readily available and avoids loading the back end of any project with an intensive data
collection exercise. Practical experience is that such intensive data collection exercises
nearly always fail to deliver a complete set of data.
Alternatives now exist with the use of computer based design software: these
tools can usually be configured to allow import of data and to produce reports with
content as required. This means that the data collected during normal project design
activities, e.g. from data sheets completed by suppliers, can be readily imported and
should be comprehensive and complete. The required subset of this high accuracy data
can then be extracted with very little extra effort and again should be comprehensive
and complete. This is of course subject to the original data from the supplier being
correct. As the imported data will be used in the design process there is an incentive on
the design team to check and verify such data before accepting into their design.
Integration of data collection into the routine project processes and easy
extraction of relevant information at any stage of the design process should result in a
large improvement in the quality and accuracy of information given to commissioning or
maintenance teams.
4.3.2
Equipment register
It is a fundamental assumption that a comprehensive and accurate equipment register is
available: the lack of such an equipment register will make demonstration of compliance
with legislation, regulations and standards very difficult if not impossible and will
similarly dramatically affect the ability to properly inspect, maintain and operate parts of
the installation.
Whilst any new equipment register or modification to an equipment register is
essentially part of the design group function, the verification of a new equipment
register or modifications to an existing equipment register should form part of the
installation and commissioning group’s scope.
As noted in 4.3.1, the accuracy of any equipment register is very dependent on
the quality of data provided by the design and construction group. The installation and
commissioning team have an important role in verifying that the data provided are
correct by comparing these data with the installed Ex electrical equipment nameplates.
Practical experience shows that, especially with late changes in design, some errors can
33
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
often occur.
As part of the commissioning process, checklists with the data provided by the
design group should be compared against nameplates and any discrepancies should be
noted and fed back to the design team for updating of the data and drawings. In
practice, this means a deliverable should be set for the design group for checklists with
the current design data pre-entered.
If the design group provide no data, then the installation and commissioning
team will have to record nameplate data as the basis for an outline of a comprehensive
equipment register. This represents an inefficient duplication of data already collected by
the design group and often is expensive and very time consuming. If no such equipment
register is made available and reliance is placed on an equipment register provided later
by the design group, then any errors would not be identified or corrected before that
part of the installation is put into service.
A hold point should be placed in the project plan such that commissioning
cannot proceed without the data from the design group being available. Experience has
shown it is necessary to agree this at the start of any project and to routinely remind
those in control of the project of this hold point to ensure others meet their
commitments.
There will always be considerable pressure for any impediment to project
progress to be relaxed, especially if there is no physical manifestation or obvious reason
for the delay: this often results in the pressure being applied to the installation and
commissioning team rather then the design team who are the group at fault.
Identification of the problem of late or inadequate delivery of data well before it
becomes critical should avoid this situation.
4.3.3
Initial inspection
As noted in section 2.9.2, IEC 60079-17 requires that initial inspection shall be to a
detailed grade of inspection. The checks of design-supplied data against nameplate data
described in 4.3.2 should form part of the initial inspection; however, reference should
be made to the checklists provided in Annex D for the remainder of the specific checks
to be completed.
The timing of the initial inspection is important: it should usually follow
completion of commissioning or other checks that may require the installation to be
disturbed by removal of covers, disconnection of wiring, etc. To minimise such
disturbance, ideally the detailed inspection should be completed before covers are
replaced for the last time so that covers should not be removed solely to allow the
inspection to take place.
The electrical technician carrying out the inspection should be competent to do
so (see 3.3.2.1).
To increase confidence that the initial inspection has been carried out by a
competent electrical technician, the checklist of data should also include entries for
elements covered by the initial inspection and that the sheets are signed by the electrical
technician.
Practical experience is that errors made in original construction are often the
largest cause of corrective actions in subsequent inspections. A very high level of
importance should be placed on the quality and comprehensive nature of initial
inspections and that sufficient time should be allowed within project plans for the work
to be carried out. As with transfer of project data, experience has shown that those in
control of projects should be regularly reminded that delays caused in earlier parts of the
project should not be compensated by reducing the time allowed for inspections.
As part of the quality control procedures, these initial inspections should be
audited. It is good practice, if possible, for the planning of the works to permit such an
audit to take place once a representative proportion of the work has been finished and
34
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
well before the works are completed. This has several benefits:
C
C
C
4.4
It ensures the required standard is made clear to the installation contractor, their
staff and those responsible for carrying out initial inspections.
The contractor workforce has not been reduced so labour to correct faults
should still be available.
It helps to reduce further faults being introduced and hence reduces the risk of
future remedial works being necessary.
OPERATION
The operational phase of the life cycle should take account of issues such as:
C
C
C
C
4.4.1
The duty cycle, i.e. whether Ex electrical equipment is continuously operated or
used in batch operations (as indicated by the number of start-ups per day).
Equipment age compared to design life (e.g. lamp ageing).
Severity of the environment (e.g. wet/dry, ambient temperature; temperature
cycling, etc.).
Vigilance of installation personnel of the continuing external integrity (i.e. in
'walk rounds').
Equipment location
Experience shows that, especially for large or complex installations, finding equipment
can be a major undertaking especially if the electrical technicians are not intimately
familiar with the installation. Two practical approaches have been found to help resolve
this problem:
C
C
Using drawings already produced as part of the design package that show the
equipment location: this has the advantage of not requiring additional effort;
however, such drawings are produced for construction and their extent, layout
and clarity are not ideal for inspection purposes. Often separate drawings are
needed for electrical equipment and instrumentation.
Using much simplified dedicated drawings or sketches that show only the major
plant and the location of the Ex electrical equipment to be inspected: this has
the advantage that they can be arranged to match the inspection requirements
and have cross-references to entries in the equipment register. This allows a
subset of the equipment register to be used together with the associated
drawing thereby clarifying to the electrical technician the Ex electrical
equipment that requires inspection and its location.
Use of these approaches should lead to efficiencies in use of electrical technicians and
also confidence that Ex electrical equipment in the scope of a particular inspection has
been inspected. However, the downside of this approach is that such sketches or
drawings may have to be prepared by the installation and commissioning team if they
do not form part of the design group deliverables: this is often the case since such
drawings are not required for design or construction.
Use of colour coded tags on equipment also provides a visual indicator of
location: this also may be used to include colour coding for year last inspected.
35
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
4.5
MAINTENANCE AND INSPECTION
Ex electrical equipment requires an effective management system for inspection and
maintenance to ensure that it is fit for purpose and safe. Typically on large installations,
a CMMS is used.
Appropriate standards and PMRs should be set for inspection and maintenance
of Ex electrical equipment (e.g. using principles of IEC 60079-17). For GB offshore
installations performance and verification schemes are required by PFEER (see
section 2.5) and OSCR (see section 2.6).
Maintenance and inspection management systems should ensure that:
C
C
C
C
C
4.5.1
All Ex electrical equipment is identified and recorded along with important
details (e.g. Ex certificates, special instructions, maintenance requirements) and
records of inspection and maintenance.
Maintenance and inspection instructions are clear and relevant to the
competencies of persons who will perform the work.
All maintenance and inspection history (including breakdowns) is clearly
recorded including equipment condition, faults and remedial/replacement work
performed.
Competent personnel (e.g. NEPs) should regularly audit and review inspection,
test and maintenance reports to determine the adequacy of inspection and
maintenance routines. See 3.6.2.
Frequency of inspection, test, care and replacement are appropriate. These can
be based initially on manufacturers’ recommendations and/or applicable
standards but should be amended to reflect experience. For offshore
installations these should reflect what is stated in the Ex SCE’s performance
standard/written scheme of verification.
Functional maintenance
Functional maintenance should be carried out in accordance with the equipment
maintenance strategy. Its scheduling should be aligned with other trades to maximise Ex
equipment availability.
Any visit to a piece of Ex electrical equipment for inspection, maintenance or
repair should also include an inspection of its continuing Ex integrity by an Ex electrical
technician (see 3.3.2.1).
4.5.2
Inspection of systems
Ex electrical equipment inspections should include inspecting the integrity of the whole
system and include any special requirements as set out in the Ex certification, which are
usually identified on the Ex certificate of conformity number by the suffix 'X'. It should
not be assumed that the inspection schedules (as defined in IEC 60079-17, Tables 1-3 –
replicated in Annex D) typically applied to Ex electrical equipment will necessarily be
sufficient.
In determining the inspection criteria for electrical systems that are installed
inside storage tanks and vessels etc, consideration should be given to what form and
frequency of inspection and test will be required so as to ensure the overall safety
requirement; e.g. electric heaters inside open/closed drains or vessels, or switches (i.e.
reed switches) inside storage tanks/vessels and supplied from a non-intrinsically safe
Ex 'ia' source of supply are likely to rely on the outer shell (body) of the electrical
equipment to ensure that the electrical circuit is outside the hazardous area. Ex electrical
equipment inspections should include an inspection of the physical condition (e.g. for
the presence of corrosion) of such equipment together with checking the protection
36
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
sensors for over-temperature and low liquid level as required. The same requirements
also apply to rotating equipment e.g. condition of bearings.
4.5.3
Efficiency in inspections
For Ex detailed inspections, the electrical equipment should be isolated: in order to make
effective use of resources it would be prudent to carry out at the same time inspections
in accordance with BS 7671 and BS 6626 respectively for LV and HV electrical systems as
described in EI Electrical safety code.
4.6
MODIFICATION AND DECOMMISSIONING
There should be in place effective and safe management of change controls in relation
to changes to Ex electrical equipment. The procedures should ensure that changes are
carefully evaluated, designed, risk assessed and managed by competent electrical
personnel who fully understand:
C
C
C
Reasons for change.
Effects of change on existing Ex electrical equipment.
Principles and methods of managing change safely.
37
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
ANNEX A
MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT
IGNITION RISK GAP ANALYSIS CHECKLIST
A.1
MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK GAP
ANALYSIS CHECKLIST
The managing inspection of Ex electrical equipment ignition risk gap analysis checklist
(Table A.1) aims to determine whether current practices and processes comply with
pertinent legislation, regulations and standards (see Section 2). When applying the
checklist, users should discriminate between whether procedures are in place and are
robustly followed: the latter is because having procedures in place is not sufficient as a
means of demonstrating compliance; they should be practical and robustly followed by
staff (or contractors) to achieve the desired result.
Each item should be scored on a simple 'traffic-light' basis, without adjustment
for multiple questions per row:
C
C
C
red = no;
yellow = work in progress;
green = yes.
Table A.1: Managing inspection of Ex electrical equipment ignition risk gap analysis
checklist
Life cycle
phase
Policy
Design and
construction
Activity description
Is there an Ex electrical equipment inspection
strategy covering all life cycle phases?
Is there an SMS in place?
Is there an independent inspection policy to
determine the actual status of the Ex
electrical equipment so as to ensure that the
Ex inspection strategy is appropriate?
Are there current area classification
drawings?
If so, is the relevant code specified?
Are details of all Ex electrical equipment from
the equipment register (e.g. certification,
identification tags, location, etc) made
available to the maintenance and inspection
organisations?
If yes, is an audit or review held to ensure
data are comprehensive and correct?
Is there evidence such audits have taken place
and any follow-up actions have been
completed?
38
Are
procedures
in place?
Are
procedures
robustly
followed?
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table A.1: Managing inspection of Ex electrical equipment ignition risk gap analysis
checklist (cont…)
Are
Are
procedures
Life cycle
procedures
Activity description
Phase
robustly
in place?
followed?
Design and
Is the Ex electrical equipment selection based
Construction
upon actual installation performance under
cont…
field conditions?
If no, is there a means for determining
inspection and maintenance requirements
(e.g. by following existing site maintenance
and inspection practices for all the new Ex
electrical equipment installed)?
Is equipment which differs in its
installation, operation or inspection from the
norm for the installation, identified to the
maintenance/inspection organisations?
Is there evidence that feedback from initial
inspection and subsequent
maintenance/re-inspection is reviewed and
the learnings applied to new designs?
Is all Ex electrical equipment installed such
that it is readily accessible for inspection or
maintenance?
If no, how are the exceptions identified to
maintenance/inspection organisations?
Installation and
Is there a comprehensive equipment register
commissioning
which contains Ex electrical equipment details
such as Ex or ATEX certificate numbers?
Are copies of the Ex or ATEX certificates
relating to installed Ex electrical equipment
readily available to maintenance/inspection
organisations?
If yes, does this apply to manufacturers’
obsolete and current ranges of products?
Is the location and identification tagging of Ex
electrical equipment such that any electrical
technician can find them in the field?
Is there evidence that the persons carrying
out the installation and inspection have
sufficient competence?
Is there a quality assurance competence
audit of their work and inspections?
Are there records of the initial inspection as
required by IEC 60079-17?
If yes, is there evidence that results of such
inspections and any faults have been
reviewed and fed back to design and
construction groups?
39
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table A.1: Managing inspection of Ex electrical equipment ignition risk gap analysis
checklist (cont…)
Are
Are
Life cycle
procedures
procedures
Activity description
Phase
robustly
in place?
followed?
Installation and
Is there evidence of independent audits of
commissioning
initial inspections carried out by the duty
cont…
holder to ensure that the installation is fit for
purpose and safe?
If yes, is there evidence that feedback of
results of such audits and corrective actions
have been taken where deficiencies are
found?
Operation
Is there evidence that operational practices
(e.g. Ex electrical equipment duty cycles (e.g.
continuously operated vs. batch operation,
number of pump starts/day, etc.),
environmental factors (e.g. wet, corrosion,
etc); ambient temperature; temperature
cycling, etc) comply with the requirements of
the Ex or ATEX certification (such
requirements are placed on the certification
label by ‘X’)?
If yes, is there evidence of audits of
operational practices and feedback of the
results of such audits such that corrective
action is taken where deficiencies are found?
Maintenance and Is there an Ex electrical equipment inspection
inspection
strategy describing what Ex electrical
equipment inspections should take place with
a robust justification for the scope and level
of inspection chosen?
Is there a method for classifying inspection
results to allow reviews to take place and for
setting priorities for any remedial works
needed?
Does the justification for the scope and level
of inspection take account of:
C
Feedback of actual performance
from inspection reports both from
initial/periodic inspections and
routine maintenance activities?
C
Differences in severity of the
environment found at different
locations on the installation and the
effects on the Ex electrical
equipment?
C
The Ex electrical equipment type of
protection and/or any requirements
of the Ex or ATEX certification?
continued…
40
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table A.1: Managing inspection of Ex electrical equipment ignition risk gap analysis
checklist (cont…)
Are
Are
Life cycle
procedures
procedures
Activity description
Phase
robustly
in place?
followed?
Maintenance and
continued…
inspection cont… C
The probability of a flammable
atmosphere being present, as
indicated by the hazardous area
classification?
Is there evidence that inspections are
completed as per Ex electrical equipment
inspection strategy and is there evidence that
results of such inspections are fed back for
corrective actions and reviews?
If yes, is there evidence that such
corrective actions are completed?
Is there evidence that difficult to access
equipment (e.g. lamp fittings) is inspected
and that such inspections comply with the Ex
electrical equipment inspection strategy?
Is there evidence of audits of inspections?
If yes, is there evidence that feedback of
results of such audits and corrective action
taken in the event that non-compliances are
found?
Is there evidence that the electrical
technicians carrying out inspections have
sufficient competence?
Is there a quality assurance audit of their
competence in their work, inspection and
reports?
Is there evidence that inspections are
completed before their due date (i.e. is there
an inspection backlog, and does it exceed the
KPI target)?
Is there evidence that any corrective
actions arising from inspections are
completed by their due date taking account
of the priority set for each action?
Is there evidence that failure to meet an
action due date results in reviews of reasons
why (e.g. a risk assessment that justifies
continuing operation) and corrective actions
taken to prevent re-occurrence?
41
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table A.1: Managing inspection of Ex electrical equipment ignition risk gap analysis
checklist (cont…)
Are
Are
procedures
Life cycle
procedures
Activity description
Phase
robustly
in place?
followed?
Maintenance and For periodic inspections:
inspection cont… C
Are 100% visual or close inspections
carried out at least every three years?
C
Is there a robust justification where
the above visual and close
inspections are not carried out at
least every three years (e.g. where
close inspection is part of sample
inspections)?
C
Is there evidence of the findings of
these visual and close inspections?
Are detailed inspections carried out?
If not, is there evidence to demonstrate
that the internal components of the Ex
enclosures are fit for purpose and safe (e.g.
Ex 'd' flame paths are correct, Ex 'e'
terminations are not loose, etc.)?
Is there a current and complete equipment
register in place?
If scope includes sample inspections does Ex
electrical equipment inspection strategy
provide a robust justification for the sampling
plan, i.e.:
C
Lots (and implicitly their sizes).
C
Grade of inspection.
C
Sample size (and implicitly ASL and
global failure rate).
C
Rejection number (Re) (and implicitly
category of inspection).
C
Frequency of inspection.
C
Risk basis using RBI parameters (i.e.
high risk items inspected to a more
rigorous level of inspection).
C
Selection of a random sample (i.e. it
is not left to the electrical technician
to select the sample).
C
Scoring and rules for determining
requisite actions for faulty
equipment.
C
Audit and review of the results from
the inspection.
C
If yes, is there evidence that reviews
of inspection results have taken place
and any requisite actions are
implemented?
42
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table A.1: Managing inspection of Ex electrical equipment ignition risk gap analysis
checklist (cont…)
Are
Are
procedures
Life cycle
procedures
Activity description
Phase
robustly
in place?
followed?
Maintenance and Is information on the faults found during
inspection cont… routine maintenance fed back into the
inspection process so it forms part of the
reviews looking at reported defects?
Is there an audit and review process carried
out by the TPEF/ICP/REP/NEP for the
inspection scope/level of inspection that takes
account of feedback from
initial/periodic/sample inspections and
maintenance reports, which verifies or
otherwise that they remain valid?
If yes, is there evidence that such audits
and reviews take place, are documented and
any actions arising are implemented?
Modification and Are there processes in place to ensure any
decommissioning changes that may affect Ex electrical
equipment (e.g. changes to hazardous area
classification, replacement, modification to,
or removal of Ex electrical equipment) are
subject to adequate management of change
controls?
If yes, are there audits of these controls
and evidence of feedback/corrective action
taken if deficiencies are found?
Is there evidence that the persons approving
changes that may affect Ex electrical
equipment have sufficient competence?
Is there evidence that modifications or
changes to Ex electrical equipment are
subject to initial inspection, as for new
installations?
Is there evidence that the details of changes
or modifications are reflected (where
appropriate) in the equipment register?
All
Are there KPIs and associated target levels set
for the inspection process?
Is there evidence that these KPIs are
reviewed and where necessary more detailed
investigation takes place when they move
adversely away from their target levels?
43
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
ANNEX B
DEVELOPING SAMPLING PLANS BY APPLYING THE RBI
SAMPLING METHODOLOGY
B.1
INTRODUCTION
This annex sets out the steps in developing a sampling plan by applying the RBI sampling
methodology: after commencing with an overview, it proceeds to define key parameters
and provides guidance on determining suitable values with an initial sample inspection in
mind. For subsequent sample inspections, values of some parameters should be
reviewed and revised on the basis of findings from inspections. To help users, the
sampling methodology is illustrated with examples and includes rules for applying a
sampling plan.
The technical basis of the sampling methodology is provided in Annex C.
B.2
OVERVIEW OF DEVELOPING A SAMPLING PLAN BY APPLYING THE RBI SAMPLING
STRATEGY TO MANAGE EX ELECTRICAL EQUIPMENT IGNITION RISKS
An overview of the initial steps in developing a sampling plan by applying the RBI
sampling strategy to manage Ex electrical equipment ignition risks is set out in the 'preinspection' part of the flowchart provided in Figure B.1. The initial steps are used to
define the RBI parameters which are input data to the process.
All Ex electrical equipment in the equipment register (e.g. a CMMS) should be
divided into different lots as defined by various factors. See B.3.1.
Once lots have been defined, sampling plans are defined for each lot. The grade
of inspection (i.e. close or detailed) should be defined. See B.3.2.
The sample size of each lot should be determined. See B.3.3. Applying the
principles of ISO 2859-1, the sample size is determined by four criteria:
C
lot size;
C
global failure rate;
C
category of inspection (normal, reduced or increased inspection), and
C
ASL.
In order to adjust the sampling plan to take into account the performance of a lot in
previous inspections, change rules for modifying the sample size should be defined
(see B.3.9.3); this is achieved by varying the category of inspection. This step does not
apply to the first time sample inspections are carried out.
The rejection criterion is defined for each sample size (see B.3.4).
The frequency of inspection should be defined by considering four criteria
(see B.3.5):
C
equipment criticality;
C
lot size and ASL;
C
confidence in historical records, and
C
other constraints.
Like adjustment of the category of inspection, the frequency of inspection can also be
adjusted by applying change rules based on performance of a lot in previous inspections
(see B.3.9.3). Note that its adjustment is quite separate from the determination of the
sample size. The frequency of the inspection is set to find faulty equipment before they
reach an accumulated number that is unacceptable; whereas the sample size is set to
give confidence that the sample taken is representative (and that faulty equipment in the
44
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
lot can be detected with statistical confidence).
For each lot, once lot size, grade of inspection, sample size, rejection criterion
and frequency of inspection have been defined (and implicitly global failure rate,
category of inspection and ASL), the sampling plan is ready for implementation in an
inspection. This completes the ‘pre-inspection’ part of the flowchart provided in
Figure B.1.
When implementing a sampling plan by inspecting a sample of a lot, the initial
steps involve choosing a random sample (see B.3.6), inspecting the sample (see B.3.7)
and recording inspection data (see B.3.8). Note that progressive sampling is not applied
in the sampling methodology. These steps are set out in the ‘post-inspection’ part of the
flowchart provided in Figure B.1.
Following an inspection, some faulty equipment may be identified: there may be
one or more faults on equipment, each having different equipment criticalities. An
approach is provided in B.3.9 for scoring such faulty equipment based on ignition (i.e.
fire/explosion) risk, as this is the key risk to manage. In this process, weighting factors
are applied to faulty equipment based on ignition risk so as to determine a weighted
faulty equipment score for the sample, which is compared against the pertinent Re.
Depending on the findings inspection of a second sample or the whole lot may be
necessary.
This process includes determination of the causes of faults and consideration of
the possibility of common mode faults.
Rules are provided for the repair of faulty equipment and its prioritisation
in B.3.9.2.2-B.3.9.2.3. Similarly, rules for carrying out remedial actions and their
prioritisation are provided in B.3.9.2.4-B.3.9.2.5. This includes the possibility of raising
the level of inspection for faulty equipment (e.g. close to detailed) to further investigate
causes of faults.
The final steps in the sampling plan are its audit and review. See B.3.10. This
should enable adjustment in future inspections of the RBI parameters: frequency of
inspection; ASL; category of inspection; and global failure rate, which in turn affects the
sample size and rejection criterion. This allows observed variations in performance to be
compensated for by adjusting the sampling plan.
B.3
STEPS IN DEVELOPING A SAMPLING PLAN BY APPLYING THE SAMPLING
METHODOLOGY
B.3.1
Define lots
Lots of equipment should be defined by applying the following factors to the contents
of an equipment register of Ex electrical equipment used in hazardous areas:
C
hazardous area classification;
C
type of protection;
C
environmental conditions, and
C
age.
Therefore, equipment in a lot should be similar for one or more of the following:
C
be used in the same hazardous area classification;
C
have the same type of protection;
C
be used in the same environmental conditions, including the same installation
area, and
C
have the same/similar age.
Each factor is further considered in turn in B.3.1.1-B.3.1.4. Thereafter, guidance is provided
on exclusion of equipment from lots and assigning equipment to specific lots, and examples
are provided.
45
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
RBI sampling strategy to manage Ex
electrical equipment ignition risks
RBI parameters (see B.3.1-B.3.5)
Hazardous area classification
Type of protection
Environmental conditions
Age
Several lots.
Lot size: N
equipment
Define lots
(see B.3.1)
Initial and periodic inspection
findings (e.g. visual, close),
continuous supervision
For each lot, define
grade of inspection:
close detailed
(see B.3.2)
Grade of inspection:
close, detailed
Lot size: N equipment
Global failure rate:
Level I, II or III
Define sample size
(see B.3.3)
Category of inspection:
normal, reduced or
increased
Define rejection
criterion (see B.3.4)
Acceptance safety level
(ASL)
Post-inspection
Rejection number
(Re)
Frequency of
inspection, F
Define frequency of
inspection (see B.3.5)
Equipment criticality
Confidence in historial records
Other constraints
Sampling
plan
Sample size: n
equipment
Pre-inspection
Choose random sample (see B.3.6)
Inspect sample (see B.3.7)
Record inspection data (see B.3.8)
Audit and review
(see B.3.10)
Review frequency of
inspection (see Figure B.3)
Define scoring and rules for handling
faulty equipment (see B.3.9)
=0
< Re
Weighted faulty
equipment score
Determine causes of faults
(see B.3.9.2.1)
Review ASL
Review category of
inspection (see Figure B.3)
> Re
Determine causes of faults
(see B.3.9.2.1)
Common fault mode
Y
Review global failure rate
Common fault mode
Y
Deselect faulty
and similar
equipment
N
Include faulty
equipment
Inspect another sample
< 2Re
Weighted faulty
st
equipment score (1 and
2nd inspections)
> 2Re
Inspect complete lot or TPEF
provides robust justification for
alternative action
N
Inspect other similar
equipment
Define prioritisation of repair of
faulty equipment (see B.3.9.2.2)
Repair faulty equipment
(see B.3.9.2.3)
Define prioritisation of remedial
actions (see B.3.9.2.4)
Remedial actions.
Consider increasing level of
inspection for faulty equipment (e.g.
close to detailed) (see B.3.9.2.5)
Figure B.1: Flowchart illustrating steps in developing a sampling plan by applying RBI
sampling strategy to manage Ex electrical equipment ignition risks
46
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
B.3.1.1 Hazardous area classification
Equipment should be divided according to the following four hazardous area
classification zones for the purpose of defining lots:
C
Zone 0;
C
Zone 1;
C
Zone 2, and
C
non-hazardous.
Note: In the case of offshore installations, which are compact, it might be prudent to
consider external non-hazardous areas as Zone 2 areas for the purpose of defining lots
and inspecting Ex electrical equipment.
B.3.1.2 Type of protection
Equipment should be divided according to the following five types of protection for the
purpose of defining lots:
C
type 1: flameproof (Ex ‘d’);
C
type 2: increased safety (Ex ‘e’) and type 3 non incendive (Ex ‘n’);
C
type 3: intrinsic safety (Ex ‘ia’, Ex ‘ib’);
C
type 4: pressurised apparatus (Ex ‘p’), and
C
type 5: other type of protection (oil filled (Ex ‘o’), powder filled (Ex ‘q’),
encapsulated (Ex ‘m’)).
Note: As a first approach, type of protection Ex ‘n’ is grouped in type 2. If such
equipment is prevalent, it could be divided into its specific types of protection (‘nA’,
‘nC’, ‘nR’, ‘nL’ and ‘nZ'); however, this has the potential disadvantage of generating very
small lots for which applying the sampling methodology adds little value.
B.3.1.3 Environmental conditions
Equipment in the same installation area should be divided according to the following
five environmental conditions for the purpose of defining lots:
C
water, corrosion (salt, humidity, SO2, etc.), chemicals;
C
dust/sand;
C
ultraviolet (UV) radiation;
C
ambient temperature or temperature cycling, and
C
mechanical damage, vibration.
Such environmental conditions have the potential to accelerate equipment ageing.
B.3.1.4 Equipment age
Equipment should be divided according to the following three age classes for the
purpose of defining lots:
C
≤5 years old;
C
>5 years old but ≤20 years old, and
C
>20 years old.
Equipment age may affect its protection; where possible, such criteria should be
referenced to design life.
For simplicity and to avoid defining small lots, a pragmatic approach would be
to select a single conservative age for all equipment on a particular installation, equal to
the age of the installation.
B.3.1.5 Define lots according to these criteria
Ex electrical equipment should be allocated to lots using the criteria of B.3.1.1-B.3.1.4;
to facilitate this, a matrix should be defined. The number of equipment in each lot will
47
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
vary. See B.3.1.6 regarding exclusion of equipment from lots and assigning equipment
to specific lots.
Note that as more of the factors in B.3.1 are applied when determining lots the
equipment will tend to be more homogeneous (e.g. same hazardous area classification,
same type of protection, etc); however, this has the disadvantage of resulting in small
lots (see B.3.3.4.6) except where the equipment is prevalent (e.g. junction boxes,
luminaries, etc.). Users should carefully consider how to best define lots based on their
portfolio of equipment, its location in installation areas, typical shutdown areas, etc.
Some 80% of Ex electrical equipment in a typical installation may be located in
Zone 2 hazardous areas: with such numbers, it should be beneficial to apply the
sampling methodology. However, the number of Ex electrical equipment located in
Zone 0 and Zone 1 hazardous areas of a typical installation may preclude application of
the sampling methodology since lot sizes may be small, and more so once the additional
criteria of B.3.1.2-B.3.1.4 are used to further subdivide the equipment into lots.
See B.3.3.4.6 for further guidance on applying the sampling methodology to small lots.
Following this process fully is likely to result in many small lots which is disadvantageous
as it would require proportionately more inspection effort.
The simplified approach to defining lots in the absence of appropriate Ex
inspection records described in section 3.2.4 and Box 3.1 can be used as a reasonable
starting point; this is based upon ignition risk which is itself determined by the
probability of a flammable atmosphere being present (based on duration) and the
probability of a source of ignition being present (based on electrical system rated
currents).
B.3.1.6 Exclusion of equipment from lots and assigning equipment to specific lots
Some circumstances may preclude equipment from being allocated to lots and including
it in a sampling plan. For example, where:
C
C
Specific grades and frequencies of inspection are required by overriding
legislation, standards, etc. (e.g. for fire and gas detection equipment).
The equipment design life is relatively short compared to the frequency of
inspection such that it is unlikely to be inspected whilst in service.
Other circumstances may necessitate equipment being allocated to specific lots and
including it in a sampling plan. This may apply to:
C
C
C
Moveable electrical equipment (hand-held, portable and transportable), which
may be used in various hazardous areas and is particularly prone to damage or
misuse.
Equipment with a particular safety integrity level (SIL) requirements.
SCEs, which will be energised during emergencies (e.g. fire and gas detection
equipment, emergency lighting, public address (PA), general alarm (GA), etc.)
(see B.3.5.1).
Having such specific lots may facilitate allocation of a particular level of inspection
proportionate to the additional equipment criticality. In addition, it ensures that some
higher risk equipment is inspected, rather than it possibly not being randomly selected if
part of a lot of mixed equipment.
B.3.1.7 Examples of lots
There are various possibilities as to how to define lots that meet the criteria of B.3.1. For
example a lot could comprise mixed equipment (e.g. motors, junction boxes, luminaries,
etc.) from a specific plant; defining such a lot has the advantage that in a shutdown, a
sample of a mixture of equipment in that area is inspected. This also has the advantage
48
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
of not introducing small lots for which applying the sampling methodology adds little
value. Other factors that may determine the subdivision of equipment into lots include
the installation size, shutdown areas, etc. Note that some equipment may need to be
excluded from lots or assigned to specific lots; see B.3.1.6.
Example
Lots are defined for a 15 year old offshore installation by allocating Ex electrical
equipment to a matrix using the following steps:
C
C
The installation is divided into three hazardous areas (Zone 0, Zone 1, Zone 2)
and non-hazardous.
Equipment in each sub area is divided into three types according to equipment
electrical system rated currents.
This process is illustrated in Figure B.2 with equipment allocations summarised in a
matrix (see Table B.1).
Three hazardous areas defined
and non-hazardous:
- Zone 0
- Zone 1
- Zone 2
- offshore non-hazardous
Hazardous area classification
for installation:
- Zone 0
- Zone 1
- Zone 2
- offshore non-hazardous
Zone 0
Zone 1
Zone 2
Electrical system rated currents:
- intrinsically safe
- instrumentation
- HV/LV power circuits and
emergency equipment
non-hazardous
Seven homogeneous lots defined
(low, medium and high risk) see Table B.1
Figure B.2: Example of process for defining lots of Ex electrical equipment
Note: In this example, Ex electrical equipment age and severity of the environment are the same.
49
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table B.1: Simplified approach to defining lots using a matrix for an offshore
installation
Probability of
source of ignition
being present
Groupings of Ex
electrical equipment
based on electrical
system rated currents
Onshore nonhazardous
abnormal
operations
(Note 6)
Offshore nonhazardous
abnormal
operations
(Note 6)
Intrinsically safe
Low
Instrumentation
Low
HV/LV power circuits
and emergency
equipment
Medium
Probability of flammable
atmosphere being present
Zone 2
Low
(Note 3)
Low
(Note 3)
Medium
(Note 3)
Zone 1
Zone 0
Low
Low
Medium
N/A
(Note 4)
High
N/A
(Note 4)
Notes:
1 Table B.1 is an example based on Table 3.1; clearly, the ‘onshore non-hazardous’ column is not
relevant.
2 Greyed-out cells indicate where there is no such Ex electrical equipment at this installation.
3 Most of the inventory of Ex electrical equipment is located in Zone 2; in the absence of historical
records, this approach provides a reasonable starting point in determining lots. However, where
records exist, the next step should be to apply the full criteria for defining lots set out in B.3.1.1-B.3.1.4
for Ex electrical equipment located in Zone 2.
4 N/A – Such Ex electrical equipment is not appropriate for that zone.
5 For this offshore installation with several thousand Ex electrical equipment, seven lots would be
defined: four low risk; two medium risk; and one high risk. Whereas, for a smaller installation with
much less Ex electrical equipment, the four low risk lots may be grouped into one low risk lot, and
similarly, the two medium risk lots may be grouped to one medium risk lot.
6 In abnormal operations a flammable atmosphere may be present in areas designated non-hazardous in
normal operations; some electrical equipment may be required to be in service then such that it should
be Ex electrical equipment. Offshore accommodation platforms have emergency lighting that would be
expected to operate in abnormal operations.
B.3.2
Define grade of inspection
The grade of inspection should be defined:
C
C
close inspection, and
detailed inspection.
The findings of initial and periodic inspection findings (e.g. visual inspection, close
inspection) should be considered when developing a sampling plan. These findings may
enable application of the sampling methodology to either or both detailed inspection
and close inspection.
Developing sampling plans for detailed inspection and/or close inspection
should constitute only part of an overall Ex inspection strategy (see section 3.2). Such a
strategy also should include visual inspection (for which sampling should not be applied),
and detailed inspection and/or close inspection of equipment for which sampling is not
applied (e.g. due to small lots, etc.).
50
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
B.3.3
Define sample size
Once lots have been defined, the rest of the sampling methodology is applied to each
lot such that a series of sampling plans are defined.
The next step in the sampling methodology is to define the sample size for each
lot, which is the number of random equipment that should be selected from each
complete lot for inspection.
Four main criteria are required to define the sample size of a lot:
C
lot size (see B.3.3.1);
C
global failure rate (see B.3.3.2);
C
category of inspection (see B.3.3.3), and
C
ASL (see B.3.3.4).
B.3.3.1 Define lot size
The lot size is the number of equipment in a lot. It is determined using the equipment
register (e.g. a CMMS). The lot size should be adapted according to the confidence in
the exhaustiveness of the database.
Lot size should be defined in the following ranges of number of equipment:
C
<26;
C
26-50;
C
51-90;
C
91-150;
C
151-280;
C
281-500;
C
501-1 200, and
C
1 201-3 200.
These ranges are used in the sampling tables (see B.3.3.4).
B.3.3.2 Define global failure rate
The global failure rate of a lot is its observed failure rate. In this context failures mean
those compromising integrity of the type of protection. The global failure rate could be
in the form of a mean time between failures (MTBF) or some other statistical value for
the performance of the population over time (such as a Weibull plot (see Weibull (1951),
BS IEC 61649)). The ability to determine this failure rate is highly dependent on the
quality of the historical records (see B.3.5.3).
Once the actual observed failure rate has been defined, it should be compared
with the commonly assumed failure rate, and the sample size and rejection criterion
should be modified accordingly. For the purposes of simplicity, the following three
global failure rates are defined:
C
level I: less than or equal to half the commonly assumed failure rate;
C
level II: between half and the commonly assumed failure rate, and
C
level III: greater than the commonly assumed failure rate.
The commonly assumed failure rate of a lot is the mean failure rate of a similar lot in a
similar location. Considering further the three global failure rates:
C
C
Level I applies if the observed failure rate of the current lot is less than or equal
to half the mean failure rate of similar lots in similar locations; in such cases the
sample size can be reduced and tested against the pertinent rejection criterion,
as determined from the pertinent sampling table (see B.3.3.4).
Level II applies if the observed failure rate of the current lot is between half and
the mean failure rate of similar lots in similar locations; in such cases the sample
51
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
C
size should be the default value and tested against the pertinent rejection
criterion, as determined from the pertinent sampling table (see B.3.3.4).
Level III applies if the observed failure rate of the current lot is greater than the
mean failure rate of similar lots in similar locations; in such cases the sample size
should be increased and tested against the pertinent rejection criterion, as
determined from the pertinent sampling table (see B.3.3.4).
In the absence of any specific information, a default value of level II should be assumed.
However, a more rigorous global failure rate is one of several level of inspection criteria
that could be applied to high risk Ex electrical equipment in a risk-based approach (see
Table 3.2).
Normally, the global failure rate is fixed for a sampling plan; however, it should
be adjusted in subsequent inspections (where appropriate) if additional fault data
become available for similar lots in other locations that indicate different failure rates.
B.3.3.3 Define category of inspection
There are three categories of inspection:
C
reduced;
C
normal, and
C
increased.
These categories of inspection should not be confused with the grades of inspection
defined in IEC 60079-17 (i.e. visual, close and detailed); they refer to the degree of
effort required to carry out an inspection. In general, a reduced inspection requires a
smaller population to be sampled, or to a more rigorous rejection criterion than does
normal inspection, than does increased inspection.
The initial sample inspection for a sampling plan should be to a normal category
of inspection. If the reduced category of inspection is chosen initially, there should be a
robust demonstration of the technical basis for its selection (e.g. historical records
(see B.3.5.3) indicate a high MTBF for that lot). However, a more rigorous category of
inspection together with a lower ASL and a high global failure rate might be applied to
high ignition risk Ex electrical equipment when applying an RBI strategy.
If it is not the first sample inspection, the category of sample inspection should
be defined by the results of the previous inspections and application of change rules;
these govern the movement between categories of inspection for sample inspections.
See B.3.9.3.
B.3.3.4 Define ASL
The ASL is defined as the number of faulty equipment that is declared as being
unacceptable (i.e. ≥Re) on average, expressed as a percentage (i.e. for which the
weighted faulty equipment score for the sample is ≥Re).
The ASL should be chosen from standard values: 0,25%; 0,4%; 0,65%; 1%,
1,5%; 2,5%; 4% and 6,5%.
Sampling tables for other standard values are not included (e.g. 0,01%,
0,015%, 0,025%, 0,04%, 0,065%, 0,1%, 0,15% and 10%); however, they could be
calculated using the methodology set out in annex C.3-annex C.6. Notwithstanding this,
note that:
C
C
C
ASLs of <0,25% only apply to lot sizes ≥501; for lot sizes <501, the whole lot
would be inspected (i.e. there would be no benefit of applying the sampling
methodology).
ASLs of <0,25% introduce a disproportion between inspection cost and quality.
ASL ≥ 10% is considered intolerable.
52
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
An example sampling table is provided for ASL = 1% in Table B.2; its use is described
in B.3.3.4.1. Note that by providing it here it should not be inferred that it is the
preferable ASL for all sampling plans. The ASL should be selected for each sampling plan
based on the pertinent lot size by applying ALARP principles (see B.3.3.4.3), by analysis
of historical records (see B.3.3.4.4) or where there are overriding considerations (e.g.
high ignition risk Ex electrical equipment (see B.3.3.4.5).
Sampling tables for other ASLs are provided in annex C.7.
Sampling tables refer to the parameters Pa(10%) and Pr(5%). With sample
inspections there is a possibility that the safety level of the sample is acceptable, whereas
the safety level of the lot is not acceptable (i.e. greater than the ASL). This is quantified
by the maximum percentage of faulty equipment in a lot, so that the safety level of a lot
is acceptable within a probability of 10%. This value is called Pa(10%) and is a means of
indicating the confidence in the sampling plan being applied to the lot.
Further, with sample inspections there is a possibility that the safety level of the
sample is unacceptable whereas the safety level of the lot is acceptable (i.e. lower than
the ASL). This is quantified by the minimum percentage of faulty equipment in a lot, so
that the safety level of a lot is unacceptable within a probability of 5%. This value is
called Pr(5%) and is a means of indicating the cost induced by applying the sampling
plan to the lot.
B.3.3.4.1 Example sampling data
For example, sampling data for ASL = 1% are provided in Table B.2. Each ASL table
provides for particular lot sizes and global failure rates, the pertinent Pa(10%) and
Pr(5%) for normal inspection. In addition, they provide for each category of inspection
(normal, reduced and increased) the pertinent sample size and Re (see B.3.4).
B.3.3.4.2 Changing the ASL and impact on statistical confidence in the inspection results
A smaller ASL means a more conservative (i.e. smaller) number of faulty equipment per
sample is tolerable, leading to greater confidence in the condition of the remaining
population of the lot. Conversely, the higher the ASL, the lower the quality and
inspection cost.
For further consideration of this issue and the impact on Pa(10%) and Pr(5%)
see annex C.2.
B.3.3.4.3 Selecting an ASL for a particular lot size by applying ALARP principles
In the absence of historical records (see B.3.3.4.4), ALARP principles should be applied to
a particular lot size when selecting an ASL; the following approach ensures that there is
a reasonable balance between the cost of inspection and the quality of the lot.
To facilitate determination of ALARP ASLs, the discrimination ratio
Pa(10%)/Pr(5%) has been plotted versus ASL for each lot size (see annex C.8) and 'cliff
edge' effects have been identified. Based on that analysis, Table B.3 provides ASLs for
various lot sizes that apply ALARP principles. For any lot size, changing to a lower ASL
than the ALARP ASL disproportionately increases inspection cost for little improvement
in quality; conversely, changing to a higher ASL than the ALARP ASL reduces inspection
quality albeit at possibly reduced inspection cost (generally, this is not due to a change in
sample size but the greater value of Re which means that additional inspections are less
likely (see Figure B.1)). Therefore, ASLs should not be numerically smaller than ALARP
ASLs, unless there are overriding reasons (e.g. historical data indicates otherwise
(see B.3.3.4.4), or for high ignition risk Ex electrical equipment when as part of an RBI
strategy (see B.3.3.4.5).
Where equipment has been allocated to specific lots such as SCEs (see B.3.1.6),
there should be additional consideration of what constitutes an appropriate ASL given
the need to assure its integrity whilst energised during emergencies.
53
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table B.2: Sampling data for ASL = 1%
Lot
size
Global
failure
rate
level
≤25
26-50
51-90
91-150
151280
281500
5011,200
1,2013,200
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
Normal
inspection
Sample
Re
size
13
13
13
13
13
13
13
13
13
13
13
50
13
50
50
13
50
80
50
80
125
50
125
200
1
1
1
1
1
1
1
1
1
1
1
2
1
2
2
1
2
3
2
3
4
2
4
6
Reduced
inspection
Sample
Re
size
5
5
5
5
5
5
5
5
5
5
5
32
5
32
32
5
32
32
32
32
50
32
50
80
1
1
1
1
1
1
1
1
1
1
1
2
1
2
2
1
2
2
2
2
3
2
3
4
Increased
inspection
Sample
Re
size
20
20
20
20
20
20
20
20
20
20
20
80
20
80
80
20
80
80
80
80
125
80
125
200
1
1
1
1
1
1
1
1
1
1
1
2
1
2
2
1
2
2
2
2
3
2
3
4
Pa(10%)
Pr(5%)
for
for
normal
normal
inspection inspection
(%)
(%)
12*
<4*
12*
<4*
12*
<4*
15*
<2*
15*
<2*
15*
<2*
16,2
0,4
16,2
0,4
16,2
0,4
16,2
0,4
16,2
0,4
6,6*
1,33*
16,2
0,4
7,56
0,72
7,56
0,72
16,2
0,4
7,56
0,72
6,52
1,03
7,56
0,72
6,52
1,03
5,27
1,1
7,56
0,72
5,27
1,1
4,59
1,32
Notes:
1 Table replicated as Table C.7.
2 * = The probability is calculated using hypergeometric law instead of binomial law (see annex C.3).
3 The rejection criterion is defined by Re.
4 Shaded rows indicate lot sizes for which this ASL is the ALARP ASL (see Table B.3).
Table B.3: ALARP ASLs for various lot sizes
Lot size
≤50
51-90
91-150
151-280
281-500
501-1 200
1 201-3 200
ALARP ASL (%)
Not determinable – assume 4
4
4
2,5
1,5
1
0,65
Notes: 1 Table replicated as Table C.12.
B.3.3.4.4 Selecting an ASL based on historical records
Historical records can be used to determine ASLs; this has the advantage of being based
54
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
on actual inspection data that may show a lower ASL than that determined using the
ALARP ASL approach of Table B.3. In this approach, the historical failure rate is used to
select the closest ASL from standard values given in B.3.3.4.
Examples
Consider electrical equipment in a Zone 1 hazardous area and emergency electrical
equipment e.g. PA/GA, emergency lighting, etc. for which the DH has historical records
indicating a failure rate of 1% for a lot of 200 equipment. Applying the approach
of B.3.3.4.3, an ASL of 2,5% would be chosen; however, based on historical records, an
ASL of 1% would be chosen. Using an ASL of 1% would incur a greater sample size
against a reduced rejection criterion but achieve better quality; however, this would be
consistent with an RBI approach, i.e. a greater number of high risk equipment in Zone 1
being inspected and to a more rigorous rejection criterion than historical records indicate
is reasonable.
Consider electrical equipment in a Zone 2 hazardous area for which the duty
holder has historical records indicating a failure rate of 5% for a lot of 200 equipment.
Applying the approach of B.3.3.4.3, an ASL of 2,5% would be chosen; however, based
on historical records, an ASL of 4% would be chosen, as there is no sampling table
for 5%. Using an ASL of 4% would incur a reduced sample size against a less rigorous
rejection criterion and achieve reduced quality; however, this would be consistent with
an RBI approach, i.e. a lower number of low risk equipment in Zone 2 being inspected
and to less rigorous rejection criterion than historical records indicate is reasonable.
B.3.3.4.5 Selecting an ASL for high, medium and low risk Ex electrical equipment
A more rigorous ASL is one of several level of inspection criteria that could be applied to
high risk Ex electrical equipment in a risk-based approach (see Box 3.1).
B.3.3.4.6 Application of sampling methodology to small lots
For small lots, the very small values of the rejection criteria in the sampling tables of
annex C.7 (especially for ASLs below the pertinent ALARP ASL) make it likely that a lot
will be rejected when there is just one faulty equipment (see B.3.9.1.1); this may drive
users towards inspection of another sample, inspection of the complete lot, and
difficulty in moving towards reduced inspection by applying change rules (see B.3.9.3
and Figure B.1). Therefore for small lots, the sampling methodology may add little value
and it may be best to carry out 100% close and detailed inspections on such lots.
B.3.3.5 Define sample size
Once the lot size, global failure rate and category of inspection have been defined, the
sample size is determined using sampling tables for a particular ASL, which is itself
defined as described in B.3.4.
Note that the sample size and ASL are inversely proportional; reducing the ASL
increases the sample size for a given global failure rate and category of inspection.
B.3.4
Define rejection criterion
The rejection criterion is defined by Re: if the number of faulty equipment found in the
sample is less than Re, the safety level of the lot should be considered acceptable.
Re is determined from the pertinent sampling table for a particular sample size
(see B.3.3).
B.3.5
Define frequency of inspection
The frequency of inspection is how often inspection of a lot is carried out. It should be
varied depending on the following factors, the first three of which provide an option for
55
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
enhancing RBI:
C
equipment criticality (see B.3.5.1);
C
lot size and ASL (see B.3.5.2);
C
confidence in historical records (see B.3.5.3), and
C
other constraints (see B.3.5.4).
In practice, the frequency of inspection should be within the limits defined in
IEC 60079-17 (see section 2.9.2), where either the equipment records are unknown or
poor quality, or where no records exist (such as in a new installation). In the absence of
any specific information, an annual frequency of inspection should constitute a
reasonable starting point providing inspections are not restricted by infrequent
shutdown intervals (see B.3.5.4).
B.3.5.1 Equipment criticality
Equipment criticality is a key factor in determining the level of inspection for a lot. When
applied correctly, it should result in high risk equipment located in high risk areas being
inspected at a higher level of inspection than other equipment located in other areas.
For example, in an RBI strategy, lots in Zones 1 (i.e. high risk areas) should be inspected
more frequently than those in less critical areas (i.e. Zone 2 and non hazardous areas).
This will result in a more targeted, effective and balanced approach, which
should meet the requirements of risk-based Ex inspection.
Equipment criticality is influenced by ignition risk, severity of the environment and
equipment age, as described in B.3.5.1.1-B.3.5.1.3.
B.3.5.1.1 Ignition risk
The ignition risk due to the simultaneous presence of a potential source of ignition
(caused by a fault in Ex electrical equipment) and a flammable atmosphere (i.e. ignition
risk) is a key factor in determining Ex electrical equipment criticality and the necessary
level of inspection. The methodology presented in this section provides an estimation of
ignition risk when using Ex electrical equipment that may be subject to some
degradation of its type of protection. The methodology enables discrimination between
equipment whose protection is no longer assured when operating in a Zone 0 hazardous
area compared to a lower risk situation when similar faulty equipment is operating in a
Zone 2 hazardous area.
The ignition risk is the product of the probability of a source of ignition being
present and the probability of a flammable atmosphere being present. There follows
guidance on this determination.
Probability of source of ignition being present
The probability of equipment used in a zone becoming faulty which leads to it
constituting a source of ignition in that zone is defined as:
C
low ignition risk;
C
medium ignition risk, and
C
high ignition risk.
Probability of flammable atmosphere being present
The probability of a flammable atmosphere being present is defined by reference to the
pertinent hazardous area classification; the methodology of EI Area classification code
for installations handling flammable fluids refers to the following zones:
C
C
Zone 2 (low risk): That part of a hazardous area in which a flammable
atmosphere is not likely to occur in normal operation and, if it occurs, will exist
only for a short period.
Zone 1 (medium risk): That part of a hazardous area in which a flammable
56
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
atmosphere is likely to occur in normal operation.
Zone 0 (high risk): That part of a hazardous area in which a flammable
atmosphere is continuously present or present for long periods.
C
Strictly, Ex electrical equipment is not required in non-hazardous areas as there is no
probability of a hazardous area being present in routine operations; however, in the case
of offshore installations which are compact, it might be prudent to consider external
non-hazardous areas as Zone 2 areas as they may contain Ex electrical equipment that is
energised in a major hazards emergency.
Ignition risk
The ignition risk is the product of the probability of a source of ignition being present
and the probability of a flammable atmosphere being present and forms the basis for an
RBI strategy. This is defined by three levels and determined by Table B.4:
Table B.4: Ignition risk
Probability of
source of ignition
Low
Medium
High
Probability of flammable atmosphere
Zone 2
Zone 1
Zone 0
(Low)
(Medium)
(High)
Low
Low
Low (Note 3)
Low
Medium
Low (Note 3)
Medium
High
Low (Note 3)
Key
Low risk
Medium risk
High risk
Notes:
1. Table replicated as Table B.6.
2. The table assumes correct selection of Ex type of protection in the first instance.
3. For Zone 0, use of intrinsically safe systems (Ex 'ia') means that there is an inherent low ignition
risk.
Table B.4 should be used as a starting point in determining the frequency of inspection
in an RBI sampling strategy on the basis:
high risk > medium risk > low risk
The guidance that follows in B.3.5.1.2-B.3.5.1.3 should be used to adjust the frequency
of inspection, e.g. Ex electrical equipment exposed to a severe environment category
might be moved from low ignition risk to medium ignition risk.
Note that the sampling methodology does not take into account the
consequences of fires/explosions to evaluate the ignition risk; it is assessed only by their
probability.
A more practical approach to Table B.4 using common equipment types is set
out in Table 3.1.
B.3.5.1.2 Severity of the environment
The severity of the environment in which Ex electrical equipment is used should be
determined using Table B.5. Where water is an environmental factor, it could be in the
form of ‘green’ water, as encountered on floating production, storage and offloading
57
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
units (FPSOs), or deluge system water. Mechanical damage could refer to drill floor areas
of offshore installations.
For the purpose of varying the frequency of inspection, the severity of the
environment should be classified as:
C
C
C
Severe – if at least one environmental factor is considered severe.
Moderate – if no environmental factor is considered severe, but at least one is
considered moderate.
Benign – in all other cases.
Table B.5: Severity of the environment
Environmental factor
Water, corrosion (salt,
humidity, SO2, etc.),
chemicals
Dust/sand
UV radiation
Ambient temperature (°C)
Temperature cycling
Mechanical damage,
Vibration
Key
N/A = not applicable
Severe
Outside, deluge areas,
green water (e.g. FPSOs)
Dust layer visible in
≤1 day
Outside with high
sunlight
>40 or <-20
Outside or inside
enclosure having high
temperature variation
High (e.g. offshore
installation drill floor)
Environmental category
Moderate
Inside
Dust layer visible in
>1 day but <1 week
Outside with moderate
sunlight
N/A
Outside or inside
enclosure having
moderate temperature
variation
Moderate
Benign
Inside, in a controlled
environment
Dust layer visible in
>1 week
Inside
-20<T<40
Outside or inside
enclosure having low
temperature variation
Low (e.g. inside an
enclosure)
B.3.5.1.3 Equipment age
For the purpose of varying the frequency of inspection, equipment should be divided
according to the following three age classes:
C
≤5 years old;
C
>5 years old but ≤20 years old, and
C
>20 years old.
Equipment age may affect its protection; where possible, such criteria should be
referenced to design life.
For simplicity and to avoid defining small lots, a pragmatic approach would be
to select a single conservative age for all equipment on a particular installation, equal to
the age of the installation.
These criteria are similar to those used in defining lots (see B.3.1.4).
B.3.5.2 Lot size and ASL
A consequence of requiring broadly consistent statistical confidence in inspection results
for a particular ASL is that samples randomly selected from large lots typically comprise
only some 15% of a lot; whereas, for small lots, random samples may typically comprise
some 25% of a lot. Some risk analysts may consider that 15% is too small an amount to
sample, given that inspections may be carried out annually, or maybe less frequently
(e.g. petroleum refineries having four-yearly shutdowns); if so, the frequency of
inspection could be reduced and/or other level of inspection criteria could be adjusted,
58
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
e.g. the ASL could be reduced. Reducing the ASL increases Pa(10%), which indicates the
confidence in the sampling plan being applied to the lot (see B.3.3.4).
B.3.5.3 Confidence in historical records
The frequency of inspection may be varied using knowledge of the fault modes and
frequencies of faults of equipment; in practice, the frequency of inspection should be set
based on known performance.
This confidence in historical records database should be classified as:
C
C
C
High – there is a database where all equipment and its history is recorded and
there is a confidence level of at least 70% in its accuracy.
Moderate – there is either a database where all equipment and its history is
recorded and there is a confidence level of at least 40% in its accuracy, or a
person highly competent with such equipment has validated/challenged the
historical data.
Low – in all other cases.
Once several inspections have been carried out, confidence in historical records should
improve as the exhaustiveness of the database improves; further, confidence in its
accuracy should increase and more history should be recorded. When this is so, the level
of inspection should be reviewed.
B.3.5.4 Factors governing frequency of inspections
In the absence of any specific information, an annual frequency of inspection should
constitute a reasonable starting point providing inspections are not restricted by
infrequent shutdown intervals. Applying the change rules (see B.3.9.3) to such a
sampling plan would take five acceptable inspections to go from normal to reduced
inspection (i.e. five years), two unacceptable inspections to go from normal to increased
inspection (i.e. two years) and five acceptable inspections to revert from increased to
normal inspection (i.e. five years).
For process plants, an annual frequency of inspection for Ex detailed inspections
(which requires the equipment to be isolated) might not be possible owing to infrequent
shutdown intervals (e.g. four-yearly). In such cases, selection of a sampling plan requires
further consideration. An alternative approach would be to consider that the annual
sampling plan is applied four times at each shutdown (the number of times being equal
to the number of years between inspections); each sample would be considered as a
separate inspection and tested against the unadjusted rejection criterion. This approach
has the advantage of more quickly invoking the change rules.
In the same way that circumstances may necessitate equipment being allocated
to specific lots (see B.3.1.6), moveable equipment (hand-held, portable and
transportable) or SCEs should be given particular frequencies of inspection. For
moveable equipment, the frequency of inspection should consider factors such as the
pattern of use and working environment.
B.3.6
Select a random sample from a lot
Samples should be randomly chosen from the complete lot; this means that the same
equipment could be inspected in successive inspections. By selecting a genuinely
representative random sample, monitoring of maintenance-induced faults can be carried
out.
Randomly means that samples should not be selected intentionally by any
criterion (e.g. installation area, manufacturer, period since last inspection, ease of access,
etc.).
Samples should be randomly chosen by a random number generator or similar
59
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
means applied to the complete lot.
At the discretion of the TPEF it might be acceptable to substitute a small
number of the representative sample for similar equipment installed in a similar location;
e.g. inspection of high level equipment where personnel access would require additional
scaffolding could be substituted in the sample by local identical equipment that is more
accessible to personnel.
Note that progressive sampling is not applied in this sampling methodology.
B.3.7
Inspect sample
Before starting an inspection of a random sample of electrical equipment, the following
should be available:
C
C
C
C
B.3.8
Hazardous area classification (i.e., Zone 0, 1, 2 or non-hazardous), gas group
(IIA, IIB or IIC) and temperature class ('T' class) (T6 to T1). This information is
necessary to validate the adequacy of the equipment marking, in relation to the
location where the equipment is installed or used. For moveable, portable and
transportable equipment, this should cover all foreseeable locations.
Documents necessary to maintain the equipment in accordance with its type of
protection, for example: technical information; manufacturer’s instructions; and,
information about spares. These documents allow identification of risks arising
from:
− Inconsistencies between conditions of use of equipment and manufacturer's
requirements.
− Deterioration of integrity following use, wear or misuse.
Certificate number. For example, special conditions for safe use apply to any
type of Ex electrical equipment where the certificate number has a suffix
marking 'X' or other suffix. The certification documents should be checked
against the conditions of use.
System certificate of conformity or system conformity statement, or loop
calculation for intrinsic safety (type of protection Ex 'i'). The combination of
certified intrinsic safety equipment with associated intrinsic safety equipment
should be detailed in a document showing that their combination complies with
the requirements of IEC 60079-25. If this document exists, the calculation
should be checked and this information should be recorded for future
inspections. If the document does not exist, the calculation should be carried
out.
Record inspection data
To enable demonstration of the continuing management of ignition risk and to facilitate
verification, all inspection data should be recorded. If only faulty equipment is recorded,
the equipment database will not be best exploitable for future inspections.
Consequently, for each equipment inspected, the following information should be
recorded:
C
C
C
Date, type of inspection, sampling data: date, frequency of inspection, grade of
inspection, lot size, category of inspection, global failure rate, sample size, ASL,
Re, etc. These data enable the traceability of the inspection.
Equipment references: identification number (tag), description, model, type,
serial number, manufacturer, location, etc. These data make it possible to
identify and locate the equipment.
Hazardous area classification (i.e., Zone 0, 1, 2 or non-hazardous), gas group
60
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
C
C
C
C
C
C
C
B.3.9
(IIA, IIB or IIC) and temperature class ('T' class) (T6 to T1). This information is
necessary to validate the adequacy of the equipment marking, in relation to the
location where the equipment is installed or used. For moveable, portable and
transportable equipment, this should cover all foreseeable locations.
Date of commissioning (before or after 1 July 2003). Equipment installed on or
after 1 July 2003 should carry the 'new' marking, as required by ATEX 100a,
which also refers to its ATEX category. Equipment already existing on
30 June 2006 is presumed to meet the requirements of ATEX Directive until that
date. After that, it would continue to benefit from this presumption of
conformity, provided that it has been validated explicitly before 1 July 2006 by
the explosion protection document required by ATEX 137. Note that under
DSEAR, marking requirements do not apply to mobile installations offshore (e.g.
FPSO, jack-up, semi-submersibles, etc.).
Feedback about equipment faults and modifications. Repetitive faults and
modifications (data from CMMS) for equipment should be taken into account.
To enable consistency, where possible, generic fault codes should be used.
Whether equipment maintenance is in accordance with manufacturer's
recommendations. If this condition is not validated, some premature
malfunctions could occur with the equipment that affects its type of protection.
Complete ATEX marking such as:
− II 2 G
− EEx d IIC T4
− The marking is necessary to validate the adequacy of the ATEX marking, in
relation to the location(s) where the equipment is installed or used.
Certificate number (e.g. LCIE 04 ATEX 6434 X). For example, special conditions
for safe use apply to any type of Ex electrical equipment where the certificate
number has a suffix marking 'X' or other suffix. The certification documents
should be checked against the conditions of use.
Faults with equipment. Inspection schedules according to the type of protection
presented as Tables 1, 2 and 3 of IEC 60079-17 are replicated in Annex D. All
faults should be recorded. If the equipment has several faults, all should be
recorded, even those that are repaired during the inspection (e.g. tightening
cable entry devices).
Remedial actions, e.g. type of action, date action carried out, etc. (see
annex B.3.9.2).
Define scoring and rules for handling faulty equipment
B.3.9.1 Define scoring for handling faulty equipment
Following an inspection, some faulty equipment may be identified; there may be one or
more faults per equipment, each having different ignition risk, depending on the nature
of each fault and the hazardous area in which the equipment is used. This section sets
out an approach for scoring such faulty equipment based on ignition risk, as this is the
key risk to manage; note, however that this analytical approach does not include other
equipment criticality factors, such as the severity of the environment, equipment age,
etc.
The approach for categorising faulty equipment based on ignition risk uses the
methodology for analysis of ignition risk, as described in B.3.5.1.1.
The probability of ignition of a flammable atmosphere leading to a
fire/explosion (e.g. ignition risk) is the product of the probability of a source of ignition
being present and the probability of a flammable atmosphere being present. This is
defined by three levels and determined by Table B.6.
61
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table B.6: Ignition risk
Probability of
source of ignition
Low
Medium
High
Probability of flammable atmosphere
Zone 2
Zone 1
Zone 0
(Low)
(Medium)
(High)
Low
Low
Low (Note 3)
Low
Medium
Low (Note 3)
Medium
High
Low (Note 3)
Key
Low risk
Medium risk
High risk
Notes:
1. Table replicated as Table B.4.
2. The table assumes correct selection of Ex type of protection in the first instance.
3. For Zone 0, use of intrinsically safe systems (Ex ‘ia’) means that there is an inherent low
ignition risk.
When applying Table B.6, if equipment has several faults, all should have been recorded
but only the most severe should be taken into account in determining the ignition risk.
There follow some examples of the results of inspections by sampling;
equipment faults are identified for both a sample of a lot in Zone 1 (see Table B.7), and
similarly for Zone 2 (see Table B.8). In fact, the same equipment and faults are used in
the examples albeit that some of the faults result in higher ignition risks in Zone 1 than
Zone 2.
Note that these lots comprise a mixture of equipment but are used in the same
hazardous area, gas group IIB and temperature classification T4.
B.3.9.1.1 Applying risk-based ignition risk weighting factors to faulty equipment
There follows an approach for applying risk-based ignition risk weighting factors to
faulty equipment: its intent is to emphasise the differences in ignition risk from Table B.6
for faulty equipment and calculate a weighted faulty equipment score. The scoring
system uses the following factors:
C
C
C
High ignition risk – weighting factor of 1.
Medium ignition risk – weighting factor of 0,5.
Low ignition risk – weighting factor of 0,25.
Each number of faulty equipment is multiplied by the pertinent weighting factor and the
weighted faulty equipment score for the sample is compared to the pertinent Re. This
approach is intended as a starting point for a scoring system that aligns with the Re
values in the ASL tables: as inspections are completed, users should audit and review this
scoring system and accordingly recalibrate and adjust the weighting factors using actual
inspection data, where appropriate.
Hereafter in Annex B, the concept of weighted faulty equipment score is used
when determining whether a lot is acceptable, rather than using just the number of
faulty equipment.
Example for Zone 1
In a mixed lot of size 1 000 equipment used in a common equipment location,
ASL = 0,65 (which is lower than the ALARP ASL as the equipment is used in Zone 1),
global failure rate = level II, normal inspection, sample size = 80 and Re = 2 (see
62
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.6). Four equipment were found to be faulty: Table B.7 provides a summary of
these faults and their ignition risk.
Applying the above risk-based ignition risk weighting factors to the faulty
equipment in Table B.7, a weighted faulty equipment score of 3,5 results, which is
above Re; therefore, the lot is rejected. The flowchart in Figure B.1 should be applied to
determine the subsequent action.
Table B.7: Results of inspection by sampling for equipment in a Zone 1 hazardous area
Hazardous
area
Equipment
Motor
EEx d IIB T4
Zone 1, IIB,
T4
(High risk)
Pressure
switch
EEx d IIA T4
Motor
EEx d IIC T6
Junction box
EEx d IIB T4
Luminaire
EEx n IIB T5
Probability
of ignition
Faults
Lack of two bolts on the
'd' enclosure; the type
of protection is no
longer guaranteed
Loose electrical
connection which has
been arcing
The gas group is
inadequate compared to
the IIB requirements
Risk of damage to cable,
which exceeds minimum
bending radius
None
Type of protection for
Zone 2, unsuitable for
Zone 1
Ignition risk
Summary
Low
Medium
High
Ignition risk
Number of
faulty
equipment
High
1
High
High
1
Medium
Medium
1
Low
Low
0 (N/A)
High
High
1
Weighting
factor
Number of
faulty
equipment
0,25
0,5
1
0
1
3
High
High
Weighted
faulty
equipment
score
0
0,5
3
3,5
Total
Notes:
1 The analysis counts the number of faulty equipment, not the number of faults; hence only one high
ignition risk fault is counted for the motor (EEx d IIB T4).
2 If equipment has several faults, all faults should be recorded but only the most severe should be taken
into account in determining the ignition risk.
Example for Zone 2
In a mixed lot of size 1 000 equipment, used in a common equipment location, ASL = 1
(which is the ALARP ASL as the equipment is used in Zone 2), global failure
rate = level II, normal inspection, sample size = 80 and Re = 3 (see Table C.7). Three
equipment were found to be faulty: Table B.8 provides a summary of these faults and
their ignition risk.
Applying the above risk-based ignition risk weighting factors to the faulty
equipment in Table B.8, a weighted faulty equipment score of 1.25 results, which is
below Re; therefore, the lot is acceptable. The flowchart in Figure B.1 should be applied
to determine the subsequent action.
63
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table B.8 Results of inspection by sampling for equipment in a Zone 2 hazardous area
Hazardous
area
Equipment
Motor
EEx d IIB T4
Zone 2, IIB,
T4
(Medium
risk)
Pressure
switch
EEx d IIA T4
Motor
EEx d IIC T6
Junction box
EEx d IIB T4
Luminaire
EEx n IIB T5
Lack of two bolts on the
'd' enclosure; the type of
protection is no longer
guaranteed
Loose electrical
connection which has
been arcing
The gas group is
inadequate compared to
IIB requirements
Risk of damage to cable,
which exceeds minimum
bending radius
None
None
Ignition risk
Summary
Ignition risk
Number of
faulty
equipment
Medium
1
High
Medium
1
Medium
Low
1
Low
Low
0 (N/A)
Low
Low
0 (N/A)
Weighting
factor
Number of
faulty
equipment
0,25
0,5
1
1
2
0
Probability
of ignition
Faults
Low
Medium
High
High
High
Weighted
faulty
equipment
score
0,25
1
0
1,25
Total
Notes:
1 The analysis counts the number of faulty equipment, not the number of faults; hence only one medium
ignition risk fault is counted for the motor (EEx 'd' IIB T4).
2 If equipment has several faults, all faults should have been recorded but only the most severe is taken
into account in determining the ignition risk.
3 In this example, if the risk-based ignition risk weighting factors were not applied, the lot would have
failed the inspection as there are three faulty equipment and Re = 3; however, the three faulty
equipment are low and medium risk such that applying the weighting factors makes the lot acceptable
as weighted faulty equipment score (1,25) < Re (3).
B.3.9.2 Define rules for handling faulty equipment
Remedial actions for handling faulty equipment could range from a review of causes of
faults through to their repair, depending on the weighted faulty equipment score
compared to the pertinent rejection criterion, and whether a lot is acceptable or
unacceptable.
The rules of B.3.9.2.1-B.3.9.2.6 should be applied to each lot. The process is
summarised in the flowchart of Figure B.1.
Because only a random sample of a lot is inspected in a sampling plan,
confidence in the integrity of the lot relies on a thorough audit and review of the causes
of any faults, whose aims should meet the requirements of section 3.2.6 and should be
to:
C
C
Identify and take remedial actions (e.g. organisational measures, inspection of
the whole lot, modification, etc.) to correct the identified faults.
Prevent faults becoming an ignition risk.
64
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
The steps of this thorough audit and review should be:
C
C
Determine the causes of faults in faulty equipment.
Determine common causes of faults that could induce faults in equipment that
has not been inspected (e.g. defective gasket material in deluge areas or
unexpected degradation from chemical exposure, etc.).
This thorough audit and review should be carried out by competent personnel who are
competent in the various types of protection, their installation practices, the site, the
maintenance strategy and the environmental conditions. Causes of the faults could
include:
C
C
C
C
C
C
Degradation due to severity of the environment (e.g. due to corrosion,
chemicals, accumulation of dust or sand, ambient temperature and temperature
cycling, UV radiation, vibration, ingress of water, mechanical effects, etc.).
Inherent design weaknesses (e.g. inadequate design/protection for the
location(s) where the equipment is installed or used).
Incorrect technical specifications.
Inadequate maintenance strategy (e.g. frequency, check points, personnel
competence, manufacturer’s instructions are not met, etc.).
Lack of complete documentation.
Random faults.
B.3.9.2.1 Handling of faulty equipment in a lot
Depending on the sampling plan’s rejection criterion, the weighted faulty equipment
score may render the lot acceptable (<Re) or unacceptable (≥Re). Faulty equipment in
each case are treated differently, as described in the following sections and illustrated in
the flowchart of Figure B.1.
Handling of faulty equipment in an unacceptable lot (≥Re)
As illustrated in Figure B.1, where a lot is found to be unacceptable due to the weighted
faulty equipment score ≥Re, the causes of faults should be determined. There should be
a thorough audit and review of the faulty equipment to determine if there is a common
fault mode e.g. a problem with a particular type of equipment/manufacturer, damage
due to maintenance activities (e.g. scaffolding impact along a corridor), etc. The cause
analysis should be recorded.
If there is a common fault mode, the faulty equipment and other similar
equipment should be deselected and another sample should be taken for inspection. If
there is no common fault mode, the faulty equipment should remain in the lot and
another sample should be taken for inspection.
The weighted faulty equipment score found in the second inspection should be
added to that for the first inspection and tested against twice Re. If the sum of the
weighted faulty equipment score is:
C
C
<2Re – the lot is acceptable. Actions should be taken as described in the
following section for handling faulty equipment in an acceptable lot.
≥2Re – the lot is unacceptable. The complete lot should be inspected during the
current inspection or the TPEF should provide a robust justification for
alternative action. For large lot sizes (e.g. 501 - 1 200 and 1 201 - 3 200),
inspecting the whole lot may be onerous and difficult to do in a shutdown; if in
such cases, the whole lot is not inspected, there should be a robust justification
of this decision by the TPEF. For example, such a decision may be pertinent
where the faults relate to a specific area of plant, a particular equipment
65
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
manufacturer, etc.; if so, all such equipment should be inspected and remedial
action taken.
Faulty equipment found during the first, second and complete inspections should be
repaired using the prioritisation described in B.3.9.2.2. Similarly, other remedial actions
should be carried out using the prioritisation described in B.3.9.2.4.
An unacceptable lot may invoke change rules and the possibility of moving from
normal to increased inspection, or reduced to normal inspection for the next inspection
of that lot (see B.3.9.3).
Handling of faulty equipment in an acceptable lot (<Re)
As illustrated in Figure B.1, where a lot is found to be acceptable and there is some
faulty equipment in the sample but the weighted faulty equipment score <Re, the
causes of faults should be determined. There should be a thorough audit and review of
the faulty equipment to determine if there is a common fault mode e.g. a problem with
a particular type of equipment/manufacturer, damage due to maintenance activities (e.g.
scaffolding impact along a corridor), etc. The cause analysis should be recorded.
If the cause of faults found during the inspection demonstrates that they could
similarly affect other equipment (i.e. it is a common mode fault), similar equipment in
that lot should be inspected for the same fault during the current inspection.
Faulty equipment should be repaired using the prioritisation described in
B.3.9.2.2. Similarly, other remedial actions should be carried out using the prioritisation
described in B.3.9.2.4.
B.3.9.2.2 Define prioritisation of repair of faults in faulty equipment
The equipment criticality of faulty equipment and number of faults should be used to
prioritise their repair. The following risk-based prioritisation should be applied using the
ignition risks determined from Table B.6 as a starting point for equipment criticality:
high ignition risk >> medium ignition risk > low ignition risk
for which the following risk-based schedule should be applied:
C
C
C
high ignition risk: ≤ one week;
medium ignition risk: ≤ three months;
low ignition risk: ≤12 months (e.g. during planned maintenance).
Note that this schedule should not necessarily be applied to the prioritisation of remedial
actions other than repair (see B.3.9.2.4).
Additional prioritisation should be given to the repair of faulty equipment that
has several faults (e.g. assemblies).
B.3.9.2.3 Repair of faults in faulty equipment
Faults should be repaired so as to reinstate the Ex type of protection according to the
schedule given in B.3.9.2.2. Such repairs should not introduce other faults that
compromise Ex integrity. The repairs carried out should be recorded in the equipment
register.
B.3.9.2.4 Define prioritisation of remedial action other than repair for faults in faulty equipment
The equipment criticality of faulty equipment and number of faults should be used to
prioritise their repair. The following risk-based prioritisation should be applied using the
ignition risks determined from Table B.6 as a starting point for equipment criticality:
high ignition risk >> medium ignition risk > low ignition risk
66
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
A schedule is only provided for repair of faults (see B.3.9.2.2).
Additional prioritisation of remedial action should be given to remedial actions
for faulty equipment that has several faults (e.g. assemblies).
B.3.9.2.5 Remedial actions other than repair for faults in faulty equipment
As noted in section 3.2.2, where a visual or close inspection indicates a need to
investigate further to fully ascertain the causes of faults, a more rigorous grade of
inspection should be applied (e.g. changing from close to detailed inspection to better
understand the status of internal Ex integrity). This applies whether the lot is acceptable
or unacceptable. Such remedial work should be prioritised as described in B.3.9.2.4.
The remedial actions and modifications should be determined from the findings
of the thorough audit and review (see B.3.9.2) and may include:
C
C
C
C
C
C
C
C
C
Updating the maintenance strategy (frequency, check points, equipment
vibrations).
Better assuring personnel competence.
Replacing unsuitably protected Ex electrical equipment by suitably protected Ex
electrical equipment.
Replacing incorrect cable entry devices.
Tightening bolts of Ex 'd' enclosures.
Improving equipment maintenance.
Investigating equipment vibrations.
Tightening Ex 'e' terminations.
Cleaning Ex 'd' flame paths.
The remedial actions and modifications should be recorded in the equipment register.
B.3.9.2.6 Weighted faulty equipment score = 0
If there is no faulty equipment in an acceptable lot, no specific action is required (see
Figure B.1). However, in such cases the TPEF should consider a quality assurance check
on the quality of the Ex inspections and associated records.
B.3.9.3 Review category of inspection by applying change rules
As illustrated in Figure B.3, the category of inspection and the frequency of inspection
for the next inspection should be defined based on the results of the previous
inspections using change rules. These change rules are based on ISO 2859-1.
Normal to increased
When normal inspection is being carried out, increased inspection should be
implemented when two consecutive normal inspections have been to unacceptable
safety levels.
Increased to normal
When increased inspection is being carried out, normal inspection should be reinstated
when five consecutive increased inspections have been to acceptable safety levels.
Normal to reduced
When normal inspection is being carried out, reduced inspection should be implemented
when both:
C
C
Five consecutive normal inspections have been to acceptable safety levels.
Reduced inspection is considered desirable by the DH.
67
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Reduced to normal
When reduced inspection is being carried out, normal inspection should be reinstated if
any of the following conditions apply:
C
C
C
A reduced inspection has been to an unacceptable safety level.
A reduced inspection has been to an acceptable safety level but there is some
faulty equipment at each inspection.
Changes of condition occur (e.g. modification of the process, different
environmental conditions, etc).
Start
- Two consecutive safety
levels unacceptable
- Five consecutive safety
levels acceptable
- DH endorses change
Reduced
inspection
F
Inscreased
inspection
F
Normal
inspection
F
- Safety levels unacceptable
- Nonconforming equipment
at each inspection
- Changes of condition occur
- Five consecutive safety
levels acceptable
Figure B.3: Using change rules to determine category of inspection
Key
F = frequency of inspection (yr.) (see B.3.5.). Note that it is not necessarily in integers.
B.3.9.3.1 Review frequency of inspection by applying change rules
The frequency of inspection for the next inspection should be reviewed and should be
defined based on the results of the previous inspections. This process uses change rules;
see Figure B.3. Clearly, the frequency of inspection decreases for reduced inspection,
and vice versa. Note that the frequency of inspection is not necessarily in integers.
The frequency of inspection should be determined as described in section B.3.5.
As noted in Table 3.2, where normal inspections are based on an annual frequency, then
a reasonable starting point for the frequency of inspection for increased inspection
should be half that for normal inspection; conversely, the frequency of inspection for
reduced inspection should be double that for normal inspection.
Where the frequency of inspection is subject to constraints such as shutdowns
(see B.3.5.4), there should be a robust consideration of whether and how it should be
modified.
68
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
B.3.10 Audit and review of sampling plans
To meet the requirements of section 3.6, the results of applying each sampling plan
should be formally reviewed and accordingly revised on an annual basis or following
application of sampling plans (see section 3.6.1.5); this should be supplemented by a
more rigorous audit and review every three years (see section 3.6.1.6). The following
parameters should be reviewed and modified in the light of operational experience, and
the basis of any changes should be formally recorded:
C
ASL (see B.3.3.4);
C
category of inspection by applying change rules (see B.3.9.3);
C
frequency of inspection by applying change rules (see B.3.9.3.1), and
C
global failure rate (see B.3.3.2).
Normally, the global failure rate is fixed for a sampling plan; however, it should be
adjusted in subsequent inspections (where appropriate) if additional fault data become
available for similar lots in other locations that indicate different failure rates.
69
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
ANNEX C
TECHNICAL BASIS OF RBI SAMPLING METHODOLOGY
C.1
INTRODUCTION
The objective of this annex is to provide information that should help users to
understand the basis of the sampling methodology provided in Annex B. In addition, it
should help advanced users to build their own sampling tables.
Note that the sampling tables presented in C.7 are based on ISO 2859-1, but
adapted by developing suitable sample sizes, categories of inspection and Pa(10%) and
Pr(5%). Also, for simplicity, the concept of applying risk-based ignition risk weighting
factors to the number of faulty equipment in a sample to give a weighted faulty
equipment score (see annex B.3.9.1.1) is not applied in Annex C.
C.2
LIMITATIONS OF INSPECTION BY SAMPLING
The goal of inspection by sampling is to reduce the number of inspected equipment
belonging to a lot by using the inspection findings of the lot as an indicator of the
quality of the rest of the lot. This should result in a targeted, risk-based balanced and
effective Ex inspection strategy that meets the objectives of section 3.2.4. As the
complete lot is not inspected, there is a risk in declaring that a lot is acceptable when
only part of it has been inspected; it is possible that there is an unacceptable number of
faulty equipment in a lot which were not represented in the random sample.
For example, consider the following lot:
C
lot size (N) = 1 000, which contains 100 faulty equipment;
C
sample size (n) = 50, and
C
Re = 10 (i.e. a sample of the lot is acceptable with <10 faulty equipment).
It is possible that there is no faulty equipment in the random sample; however, the lot
would be accepted. Consequently, there is a need for an indicator of the quality of
sample inspections to reduce this possibility to a good probability; this indicator is called
Pa (10%).
Similarly, considering the same lot, there could be 15 faulty equipment for the
random sample, which is unrepresentative of the lot. In this case, the lot should be
rejected and the flowchart in Figure B.1 should be applied to determine the subsequent
action. Consequently, there is also a need of an indicator of the cost of sample
inspections to reduce this possibility to a low probability: this is called Pr (5%).
C.2.1
Varying ASLs and applying Pa(10%) and Pr(5%) for an example lot
Annex B.3.3.4.2 introduced the possibility of changing the ASL and its impact on
statistical confidence in the inspection results in sample inspections: this is further
developed here for an example lot at two ASLs by also referring to the parameters
Pa(10%) and Pr(5%). In sample inspections it is possible that the performance of the
sample is better or worse than the lot even though the sample is randomly selected: the
likelihood that the lot will be accepted or rejected is indicated using the Pa(10%) and
Pa(5%) values from the pertinent ASL table.
Example
A lot comprises 1 000 equipment, ASL = 1% (i.e. the ALARP ASL (see annex B.3.3.4.3)),
global failure rate = level II, sample size = 80 and Re = 3 (see Table C.7). Proportionately,
70
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
if a sample was not taken but the whole lot was inspected, Re would be 38
(=3*1,000/80) such that the lot should be accepted with up to 37 faulty equipment. The
target is to have ≤10 faulty equipment (i.e., 1% of 1 000) for the lot.
From Table C.7:
C
C
Pa(10%) = 6,52%, therefore, the safety level of the lot is considered acceptable
with a probability of 10% (i.e. one in ten inspections), even though there is up
to 65 faulty equipment for the 1 000 equipment lot (i.e. <6,52%).
Pr(5%) = 1,03%; therefore, the safety level of the lot is considered
unacceptable with a probability of 5% (i.e. one in 20 inspections) even though
there is a minimum of 11 faulty equipment for the 1 000 equipment lot (i.e.
>1,03%).
Example
A lot comprises 1 000 equipment, ASL = 4% ((which is less rigorous than the ALARP ASL
(see annex B.3.3.4.3)), global failure rate = level II, sample size = 80 and Re = 8 (see
Table C.10). Proportionately, if a sample was not taken but the whole lot was inspected,
Re would be 100 (= 8*1 000/80) such that the lot should be accepted with up to 99
faulty equipment. The target is to have ≤40 faulty equipment (i.e., 4% of 1 000) for the
lot.
From Table C.10:
C
C
Pa(10%) = 14,3%, therefore, the safety level of the lot is considered acceptable
with a probability of 10% (i.e. one in 10 inspections), even though there is up
to 142 faulty equipment for the 1 000 equipment lot (i.e. <14,3%).
Pr(5%) = 5,08%; therefore, the safety level of the lot is considered
unacceptable with a probability of 5% (i.e. one in 20 inspections) even though
there is a minimum of 51 faulty equipment for the 1 000 equipment lot (i.e.
>5,08%),
Therefore, a smaller ASL means a more conservative (i.e. smaller) number of faulty
equipment per sample is tolerable, leading to greater confidence in the condition of the
remaining population of the lot, as indicated by the narrower range of Pa(10%) and
Pr(5%). Conversely, the higher the ASL, the lower the quality and inspection cost.
C.3
DEFINE KEY SAMPLING PARAMETERS
The purpose of this section is to set out the basis for defining Pa and Pr, and to set out
the technical basis of the sampling tables. In addition, this approach should help users to
build their own sampling tables, e.g. for ASLs not provided here.
C.3.1
Calculation of P(X=d) using hypergeometric law
The number of combinations of d faulty equipment in the population of D faulty
equipment of the lot is:
C Dd
If there are d faulty equipment in the sample of n equipment, there are (n-d) conforming
equipment in the sample.
If there are D faulty equipment in the lot of N equipment, there are (N-D)
conforming equipment in the lot.
The number of combinations of (n-d) conforming equipment in the sample of
(N-D) conforming equipment in the lot is:
71
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
C Nn −−dD
Therefore, the number of combination of samples with d faulty equipment and (n-d)
conforming equipment in a lot of N equipment including D faulty equipment is:
C Dd × C Nn −−dD
The number of combination of different samples of n equipment in the lot of N
equipment is:
C Nn
As a consequence, the probability P(X=d) of having a sample with d faulty equipment
and (n-d) conforming equipment in a lot of N equipment including D faulty equipment
is:
P( X = d ) =
C Dd × C Nn −−dD
C Nn
This is termed hypergeometric law.
C.3.2
Calculation of Pa(X=Re-1) using hypergeometric law
The probability Pa(X=Re-1) to accept a lot with D faulty equipment when the sample has
<Re faulty equipment is:
Pa ( X = Re− 1) = P ( X = 0) + P( X = 1) + K + P( X = Re− 1)
Pa ( X = Re− 1) =
Re −1
∑ P( X = k )
k =0
Pa( X = Re− 1) =
C Dk × C Nn −−kD
∑
C Nn
k =0
Re −1
where k is an integer (k = 0, 1, ….Re-2, Re-1).
This is the hypergeometric law for Pa.
C.3.3
Calculation of P(X=d) and Pa(X=Re) using binomial law
The hypergeometric law is very difficult to apply when the lot size becomes high due to
the calculation of N! (i.e. factorial N). Another method of calculation can be applied if n
is very small compared to N (i.e. for small sample sizes compared to the lot size), typified
by n/N<0,15. In such cases, the following approach is valid.
The number of combinations of d faulty equipment in a sample of n equipment
is:
C nd
The probability that equipment in a lot of N equipment including D faulty equipment is
faulty equipment is:
p=
72
D
N
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Since n/N is small, the probability that d equipment in a lot of N equipment (including D
faulty equipment) are all faulty equipment is:
⎛D⎞
pd = ⎜ ⎟
⎝N⎠
d
Further, the probability that (n-d) equipment in a lot of N equipment (including D faulty
equipment) are all conforming equipment is:
(1 − p ) d = (1 −
D n−d
)
N
As n<N is small (n/N<0.15), the probability P(X=d) of having a sample with d faulty
equipment and (n-d) conforming equipment in a lot of N equipment including D faulty
equipment is:
P( X = d ) = C nd × (
D d
D
) × (1 − ) n − d
N
N
This is termed binomial law.
Consequently, Pa according to binomial law is given by:
Pa( X = Re− 1) =
Re −1
∑C
k
n
k =0
×(
D k
D
) × (1 − ) n −k
N
N
where k is an integer (k = 0, 1, ….Re-2, Re-1).
This is the binomial law and applies where n/N<0,15.
C.4
DETERMINATION OF Pa(10%)
Pa(10%) is the ratio D/N in percent of faulty equipment (D) that could be in a lot of N
equipment, so that the lot is accepted with a probability of 10% if there is <Re faulty
equipment in the sample of n equipment. This value depends on Re, the sample size (n)
and the lot size (N). But if binomial law can be applied (i.e. n/N<0.15), Pa(10%) only
depends on Re and on the sample size; it does not depend on the lot size.
C.4.1
Determination of Pa(10%) where n/N≥0,15
The binomial law cannot be applied where n/N≥0,15: in this case, a calculation should
be done for each lot size. The only approach is to calculate Pa(X=Re) with D varying from
0 to N and to find the most suitable value of D so that Pa(X=Re) = 10%.
Example
Lot size (N) = 280; sample size (n) = 80; Re = 2 (n/N=80/280=0,29, i.e. ≥0,15). The
results of the calculation are given in Table C.1. As indicated by the light grey
highlighting, Pa(10%) = 4,3%.
73
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.1: Example calculation of Pa(10%) where n/N≥0,15
Number of faulty
equipment, D
Ratio D/N
Pa(X=Re-1)
(%)
(%)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
0,004
0,007
0,011
0,014
0,018
0,021
0,025
0,029
0,032
0,036
0,039
0,043
0,046
0,050
0,4
0,7
1,1
1,4
1,8
2,1
2,5
2,9
3,2
3,6
3,9
4,3
4,6
5,0
1,000
0,919
0,803
0,677
0,557
0,450
0,358
0,281
0,218
0,168
0,128
0,097
0,073
0,055
100,0
91,9
80,3
67,7
55,7
45,0
35,8
28,1
21,8
16,8
12,8
9,7
7,3
5,5
15
0,054
5,4
0,041
4,1
Table C.2: Example calculation of Pa(10%) where n/N<0,15
D/N
Pa(X=Re-1)
Number
(%)
Ratio
(%)
0,0025
0,0050
0,0075
0,0100
0,0125
0,25
0,50
0,75
1,00
1,25
0,996
0,975
0,932
0,869
0,794
99,6
97,5
93,2
86,9
79,4
0,0150
0,0175
0,0200
0,0225
0,0250
0,0275
0,0300
1,50
1,75
2,00
2,25
2,50
2,75
3,00
0,711
0,626
0,543
0,464
0,393
0,329
0,273
71,1
62,6
54,3
46,4
39,3
32,9
27,3
0,0325
0,0350
0,0375
0,0400
0,0425
0,0450
3,25
3,50
3,75
4,00
4,25
4,50
0,224
0,183
0,148
0,120
0,096
0,076
22,4
18,3
14,8
12,0
9,6
7,6
0,0475
4,75
0,060
6,0
74
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
C.4.2
Determination of Pa(10%) where n/N<0,15
The binomial law can be applied where n/N<0,15: in this case, the calculation does not
account for each lot size. The only approach is to calculate Pa(X=Re-1) with D/N varying
from 0 to 1 and to find the most suitable value of D/N so that Pa(X=Re-1) = 10%.
Example:
Sample size (n) = 125 and Re = 3.
The results of the calculation are given in Table C.2. As indicated by the light grey
highlighting, Pa(10%) = 4,25%.
C.5
DETERMINATION OF Pr(5%)
Pr(5%) is the ratio D/N in percent of faulty equipment that could be in a lot of N
equipment so that the lot is rejected with a probability of 5% if there is ≤Re faulty
equipment in the sample of n equipment.
This value depends on Re, the sample size (n) and the lot size (N). But, if
binomial law can be applied (i.e., n/N<0,15), Pa(10%) only depends on the Re and on
the sample size; it does not depend on the lot size. This means that the lot is accepted
with a probability Pa(X=Re) equal to 95%:
Pr(5%) = D/N so that Pa(X=Re-1) = 95%
Consequently, determining Pr(5%) is equivalent to determining the ratio D/N where
Pa(X=Re-1) equals 95%.
C.5.1
Determination of Pr(5%) where n/N≥0,15
The binomial law cannot be applied where n/N≥0,15: in this case, a calculation should
be done for each lot size. The only approach is to calculate Pa(X=Re-1) with D varying
from 0 to N and to find the most suitable value of D so that Pa(X=Re-1) = 95%.
Example
In the example given in C.4.1, as indicated by the dark grey highlighting in Table C.1,
Pr(5%) is between 0,4 and 0,7%, but it not possible to extract a more precise value
from the table.
C.5.2
Determination of Pr(5%) where n/N<0,15
The binomial law can be applied where n/N<0,15: in this case, the calculation does not
account for each lot size. The only approach is to calculate Pa(X=Re-1) with D/N varying
from 0 to 1 and to find the most suitable value of D/N so that Pa(X=Re-1) = 95%.
Example
In the example given in C.4.2, as indicated by the dark grey highlighting in Table C.2,
Pr(5%) (i.e. Pa(X=Re-1) = 95%) is between 0,50 and 0,75%. However, a more precise
value can be determined using closer D/N values. The results of the calculation are given
in Table C.3. As indicated by the dark grey highlighting, Pr(5%) = 0,66%.
75
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.3: Example calculation of Pa(10%) where n/N<0,15
D/N
C.6
Pa(X=Re-1)
Number
(%)
Ratio
(%)
0,0063
0,0064
0,0065
0,0066
0,0067
0,0068
0,63
0,64
0,65
0,66
0,67
0,68
0,955
0,953
0,951
0,949
0,948
0,946
95,5
95,3
95,1
94,9
94,8
94,6
0,0069
0,69
0,944
94,4
EXAMPLE GRAPHICAL DETERMINATION OF Pa(10%) AND Pr(5%)
Consider the determination of Pa(10%) and Pr(5%) from a graph of probability of
acceptance of a lot versus percentage of faulty equipment in a lot (D/N), for an example
lot where:
C
lot size (N) = 3 200;
C
sample size (n) = 200;
C
ASL = 2,5%, and
C
Re = 11 (global failure rate = level III and normal inspection).
The complete curve of the probability of acceptance of the lot versus percentage of
faulty equipment in that lot is given in Figure C.1.
100
Probability of acceptance of the lot, Pa (%)
90
80
70
60
50
40
30
20
10
Pa(10% )
Pr(5%)
0
0
2
4
6
8
10
Faulty equipm ent in the lot, D/N (%)
Figure C.1: Example determination of Pa(10%) and Pr(5%) from a graph of probability
of acceptance of the lot, Pa versus percentage of faulty equipment in the lot, D/N
76
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
As n/N<0,15, binomial law can be applied to plot the relationship between Pa(10%) and
D/N. With this example, the general formula can be written as:
10
k
Pa( X = 10) = ∑ C 200
×(
k =0
D k
D
) × (1 − ) 200− k
N
N
Pa(10%) should be read off Figure C.1 as 7,60%; this means that the
probability to accept a lot of 3 200 equipment containing 243 (i.e., 7,60% of 3 200)
faulty equipment is 10% with this sampling plan. In other words, in one in 10 times,
there is ≤10 faulty equipment in a sample of 200 equipment (proportionately, this would
be ≤160 faulty equipment in the lot of 3 200 equipment) although there are 243 faulty
equipment in the lot. With an ASL of 2,5%, the target is to have ≤80 (i.e., 2,5% of
3,200) faulty equipment in the lot.
Conversely, Pr(5%) should be considered so as not to have too high an
inspection cost. Therefore, in this example, a lot with only 100 faulty equipment (3,11%
of 3 200) would be rejected one in 20 times even though it should be accepted.
The values determined in this example, i.e. Pr(5%) = 3,11% and
Pa(10%) = 7,60%, are included in the bottom row of the sampling table for
ASL = 2,5% (see Table C.9).
C.7
SAMPLING TABLES FOR VARIOUS ASLs
Data in the sampling tables provided in Table C.4 - Table C.11 are based on ISO 2859-1
and derived using the formulae presented in the previous sections. Each table is for a
particular ASL and provides suitable sample sizes, categories of inspection and Pa(10%)
and Pr(5%) for normal inspection.
77
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.4: Sampling data for ASL = 0,25%
Lot
size
≤25
26-50
51-90
91-150
151280
281500
5011 200
1 2013 200
Global
failure
rate
level
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
Normal
inspection
Sample
Re
size
25
25
25
50
50
50
50
50
50
50
50
50
50
50
50
50
50
50
50
50
200
50
200
200
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
2
1
2
2
Reduced
inspection
Sample
Re
size
20
20
20
20
20
20
20
20
20
20
20
20
20
20
20
20
20
20
20
20
125
20
125
125
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
2
1
2
2
Increased
Pa(10%)
Pr(5%)
inspection
for
for
normal
normal
Sample
Re
inspection inspection
size
(%)
(%)
25
1
N/A
N/A
25
1
N/A
N/A
25
1
N/A
N/A
50
1
N/A
N/A
50
1
N/A
N/A
50
1
N/A
N/A
80
1
2,2-3,3*
<1,1*
80
1
2,2-3,3*
<1,1*
80
1
2,2-3,3*
<1,1*
80
1
3,3-4*
<0,7*
80
1
3,3-4*
<0,7*
80
1
3,3-4*
<0,7*
80
1
4*
<0,4*
80
1
4*
<0,4*
80
1
4*
<0,4*
80
1
4,5
0,1
80
1
4,5
0,1
80
1
4,5
0,1
80
1
4,5
0,1
80
1
4,5
0,1
315
2
1,93
0,18
80
1
4,5
0,1
315
2
1,93
0,18
315
2
1,93
0,18
Notes:
1 N/A = Not applicable.
2 * = The probability is calculated using hypergeometric law instead of binomial law (see C.3).
3 The rejection criterion is defined by Re.
4 There are no lot sizes for which this ASL is the ALARP ASL (see Table B.3).
78
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.5: Sampling data for ASL = 0,40%
Lot
size
≤25
26-50
51-90
91-150
151280
281500
5011 200
1 2013 200
Global
failure
rate
level
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
Normal
inspection
Sample
Re
size
25
25
25
32
32
32
32
32
32
32
32
32
32
32
32
32
32
125
32
125
125
32
125
200
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
2
1
2
2
1
2
3
Reduced
inspection
Sample
Re
size
13
13
13
13
13
13
13
13
13
13
13
13
13
13
13
13
13
80
13
80
80
13
80
80
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
2
1
2
2
1
2
2
Increased
Pa(10%)
Pr(5%)
inspection
for
for
normal
normal
Sample
Re
inspection inspection
size
(%)
(%)
25
1
N/A
N/A
25
1
N/A
N/A
25
1
N/A
N/A
50
1
4-6*
<2*
50
1
4-6*
<2*
50
1
4-6*
<2*
50
1
5,5-6,6*
<0,67*
50
1
5,5-6,6*
<0,67*
50
1
5,5-6,6*
<0,67*
50
1
6,6*
<0,67*
50
1
6,6*
<0,67*
50
1
6,6*
<0,67*
50
1
6,94
0,16
50
1
6,94
0,16
50
1
6,94
0,16
50
1
6,94
0,16
50
1
6,94
0,16
200
2
2,7*
<0,4*
50
1
6,94
0,16
200
2
3,08
0,29
200
2
3,08
0,29
50
1
6,94
0,6
200
2
3,08
0,29
200
2
2,64
0,41
Notes:
1 N/A = Not applicable.
2 * = The probability is calculated using hypergeometric law instead of binomial law (see C.3).
3 The rejection criterion is defined by Re.
4 There are no lot sizes for which this ASL is the ALARP ASL (see Table B.3).
79
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.6: Sampling data for ASL = 0,65%
Lot
size
≤25
26-50
51-90
91-150
151280
281500
5011 200
1 2013 200
Global
failure
rate
level
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
Normal
inspection
Sample
Re
size
20
20
20
20
20
20
20
20
20
20
20
20
20
20
80
20
80
80
20
80
125
80
125
200
1
1
1
1
1
1
1
1
1
1
1
1
1
1
2
1
2
2
1
2
3
2
3
4
Reduced
inspection
Sample
Re
size
8
8
8
8
8
8
8
8
8
8
8
8
8
8
50
8
50
50
8
50
50
50
50
80
1
1
1
1
1
1
1
1
1
1
1
1
1
1
2
1
2
2
1
2
2
2
2
3
Increased
Pa(10%)
Pr(5%)
inspection
for
for
normal
normal
Sample
Re
inspection inspection
size
(%)
(%)
25
1
4-8*
<4*
25
1
4-8*
<4*
25
1
4-8*
<4*
32
1
6,7-10*
<2*
32
1
6,7-10*
<2*
32
1
6,7-10*
<2*
32
1
8,8-10*
<1,1*
32
1
8,8-10*
<1,1*
32
1
8,8-10*
<1,1*
32
1
10,9
0,26
32
1
10,9
0,26
32
1
10,9
0,26
32
1
10,9
0,26
32
1
10,9
0,26
125
2
4,3*
<0,3*
32
1
10,9
0,26
125
2
4,78
0,45
125
2
4,78
0,45
32
1
10,9
0,26
125
2
4,78
0,45
125
2
4,20
0,65
125
2
4,78
0,45
125
2
4,20
0,65
200
3
3,31
0,69
Notes:
1 * = The probability is calculated using hypergeometric law instead of binomial law (see C.3).
2 The rejection criterion is defined by Re.
3 Shaded rows indicate lot sizes for which this ASL is the ALARP ASL (see Table B.3).
80
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.7: Sampling data for ASL = 1%
Lot
size
≤25
26-50
51-90
91-150
151280
281500
5011,200
1,2013,200
Global
failure
rate
level
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
Normal
inspection
Sample
Re
size
13
13
13
13
13
13
13
13
13
13
13
50
13
50
50
13
50
80
50
80
125
50
125
200
1
1
1
1
1
1
1
1
1
1
1
2
1
2
2
1
2
3
2
3
4
2
4
6
Reduced
inspection
Sample
Re
size
5
5
5
5
5
5
5
5
5
5
5
32
5
32
32
5
32
32
32
32
50
32
50
80
1
1
1
1
1
1
1
1
1
1
1
2
1
2
2
1
2
2
2
2
3
2
3
4
Increased
inspection
Sample
Re
size
20
20
20
20
20
20
20
20
20
20
20
80
20
80
80
20
80
80
80
80
125
80
125
200
1
1
1
1
1
1
1
1
1
1
1
2
1
2
2
1
2
2
2
2
3
2
3
4
Pa(10%)
Pr(5%)
for
for
normal
normal
inspection inspection
(%)
(%)
12*
<4*
12*
<4*
12*
<4*
15*
<2*
15*
<2*
15*
<2*
16,2
0,4
16,2
0,4
16,2
0,4
16,2
0,4
16,2
0,4
6,6*
1,33*
16,2
0,4
7,56
0,72
7,56
0,72
16,2
0,4
7,56
0,72
6,52
1,03
7,56
0,72
6,52
1,03
5,27
1,1
7,56
0,72
5,27
1,1
4,59
1,32
Notes:
1 Table replicated as Table B.2.
2 * = The probability is calculated using hypergeometric law instead of binomial law (see C.3).
3 The rejection criterion is defined by Re.
4 Shaded rows indicate lot sizes for which this ASL is the ALARP ASL (see Table B.3).
81
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.8: Sampling data for ASL = 1,5%
Lot
size
≤25
26-50
51-90
91-150
151280
281500
5011 200
1 2013 200
Global
failure
rate
level
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
Normal
inspection
Sample
Re
size
8
8
8
8
8
8
8
8
32
8
32
32
8
32
50
32
50
80
32
80
125
50
125
200
1
1
1
1
1
1
1
1
2
1
2
2
1
2
3
2
3
4
2
4
6
3
6
8
Reduced
inspection
Sample
Re
size
3
3
3
3
3
3
3
3
20
3
20
20
3
20
20
20
20
32
20
32
50
20
50
80
1
1
1
1
1
1
1
1
2
1
2
2
1
2
2
2
2
3
2
3
4
2
4
6
Increased
Pa(10%)
Pr(5%)
inspection
for
for
normal
normal
Sample
Re
inspection inspection
size
(%)
(%)
13
1
20-24*
<4*
13
1
20-24*
<4*
13
1
20-24*
<4*
13
1
22-24*
<2*
13
1
22-24*
<2*
13
1
22-24*
<2*
13
1
28,8
0,64
13
1
28,8
0,64
50
2
10*
1-2*
13
1
28,8
0,64
50
2
10,7*
1,3*
50
2
10,7*
1,3*
13
1
28,8
0,64
50
2
11,6
1,12
50
2
10,3
1,66
50
2
11,6
1,12
50
2
10,3
1,66
80
3
8,16
1,73
50
2
11,6
1,12
80
3
8,16
1,73
125
4
7,29
2,11
50
2
10,3
1,66
125
4
7,29
2,11
200
6
5,82
2,01
Notes:
1 * = The probability is calculated using hypergeometric law instead of binomial law (see C.3).
2 The rejection criterion is defined by Re.
3 Shaded rows indicate lot sizes for which this ASL is the ALARP ASL (see Table B.3).
82
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.9: Sampling data for ASL = 2,5%
Lot
size
≤25
26-50
51-90
91-150
151280
281500
5011 200
1 2013 200
Global
failure
rate
level
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
Normal
inspection
Sample
Re
size
5
5
5
5
5
20
5
20
20
5
20
32
20
32
50
20
50
80
32
80
125
50
125
200
1
1
1
1
1
2
1
2
2
1
2
3
2
3
4
2
4
6
3
6
8
4
8
11
Reduced
inspection
Sample
Re
size
2
2
2
2
2
13
2
13
13
2
13
13
13
13
20
13
20
32
13
32
50
20
50
80
1
1
1
1
1
2
1
2
2
1
2
2
2
2
3
2
3
4
2
4
6
3
6
7
Increased
Pa(10%)
Pr(5%)
inspection
for
for
normal
normal
Sample
Re
inspection inspection
size
(%)
(%)
8
1
34*
<4*
8
1
34*
<4*
8
1
34*
<4*
8
1
36,9
1,02
8
1
36,9
1,02
32
2
18,1
1,81
8
1
36,9
1,02
32
2
18,1
1,81
32
2
18,1
1,81
8
1
36,9
1,02
32
2
18,1
1,81
32
2
15,8
2,60
32
2
18,1
1,81
32
2
15,8
2,60
50
3
12,9
2,78
32
2
18,1
1,81
50
3
12,9
2,78
80
4
11,3
3,32
32
2
15,8
2,60
80
4
11,3
3,32
125
6
9,24
3,22
50
3
12,9
2,78
125
6
9,24
3,22
200
9
7,60
3,11
Notes:
1 * = The probability is calculated using hypergeometric law instead of binomial law (see C.3).
2 The rejection criterion is defined by Re.
3 Shaded rows indicate lot sizes for which this ASL is the ALARP ASL (see Table B.3).
83
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.10: Sampling data for ASL = 4%
Lot
size
≤25
26-50
51-90
91-150
151280
281500
5011 200
1 2013 200
Global
failure
rate
level
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
Normal
inspection
Sample
Re
size
3
3
13
3
13
13
3
13
20
13
20
32
13
32
50
20
50
80
32
80
125
50
125
200
1
1
2
1
2
2
1
2
3
2
3
4
2
4
6
3
6
8
4
8
11
6
11
15
Reduced
inspection
Sample
Re
size
2
2
8
2
8
8
2
8
8
8
8
13
8
13
20
8
20
32
13
32
50
20
50
80
1
1
2
1
2
2
1
2
2
2
2
3
2
3
4
2
4
6
3
6
7
4
6
9
Increased
inspection
Sample
Re
size
5
5
20
5
20
20
5
20
20
20
20
32
20
32
50
20
50
80
32
80
125
50
125
200
1
1
2
1
2
2
1
2
2
2
2
3
2
3
4
2
4
6
3
6
9
4
9
13
Pa(10%)
Pr(5%)
for
for
normal
normal
inspection inspection
(%)
(%)
52*
<4*
52*
<4*
24*
4-8*
53,6
1,7
24
2-4*
24
2-4*
53,6
1,7
26,8
2,81
24,5
4,22
26,8
2,81
24,5
4,22
19,7
4,39
26,8
2,81
19,7
4,39
17,6
5,36
24,5
4,22
17,6
5,36
14,3
5,08
19,7
4,39
14,3
5,08
12,1
5,02
17,6
5,36
12,1
5,02
9,91
4,68
Notes:
1 * = The probability is calculated using hypergeometric law instead of binomial law (see C.3).
2 The rejection criterion is defined by Re.
3 Shaded rows indicate lot sizes for which this ASL is the ALARP ASL (see Table B.3).
84
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.11: Sampling data for ASL = 6,5%
Lot size
≤25
26-50
51-90
91-150
151280
281500
5011 200
1 2013 200
Global
failure
rate
level
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
I
II
III
Normal
inspection
Sample
Re
size
2
8
8
8
8
13
8
13
20
8
20
32
13
32
50
20
50
80
32
80
125
50
125
200
1
2
2
2
2
3
2
3
4
2
4
6
3
6
8
4
8
11
6
11
15
8
15
22
Reduced
inspection
Sample
Re
size
2
5
5
5
5
5
5
5
8
5
8
13
5
13
20
8
20
32
13
32
50
20
50
80
1
2
2
2
2
2
2
2
2
2
3
4
2
4
6
3
6
7
4
7
9
6
9
11
Increased
inspection
Sample
Re
size
3
13
13
13
13
13
13
13
20
13
20
32
13
32
50
20
50
80
32
80
125
50
125
200
1
2
2
2
2
2
2
2
3
2
3
4
2
4
6
3
6
9
4
9
13
6
13
19
Pa(10%)
Pr(5%)
for
for
normal
normal
inspection inspection
(%)
(%)
64-68*
<4*
40,6
4,64
40,6
4,64
40,6
4,64
40,6
4,64
36,0
6,60
40,6
4,64
36,0
6,60
30,4
7,14
40,6
4,64
30,4
7,14
27,1
8,50
36,0
6,60
27,1
8,50
22,4
8,22
30,4
7,14
22,4
8,22
18,6
7,91
27,1
8,50
18,6
7,91
15,7
7,54
22,4
8,22
15,7
7,54
13,8
7,57
Notes:
1 * = The probability is calculated using hypergeometric law instead of binomial law (see C.3).
2 The rejection criterion is defined by Re.
3 There are no lot sizes for which this ASL is the ALARP ASL (see Table B.3).
85
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
C.8
DETERMINATION OF ALARP ASLs FOR VARIOUS LOT SIZES
In selecting an ASL, ALARP principles should be applied such that there is a reasonable
balance between the cost of inspection and the quality of the lot.
Table C.12 provides ASLs for various lot sizes that apply ALARP principles. For
any lot size, changing to a lower ASL than the ALARP ASL disproportionately increases
inspection cost for little improvement in quality; conversely, changing to a higher ASL
than the ALARP ASL reduces inspection quality albeit at reduced inspection cost.
Therefore, ASLs should not be numerically smaller than ALARP ASLs, unless there are
overriding reasons (see annex B.3.3.4.3).
Table C.12: ALARP ASLs for various lot sizes
Lot size
ALARP ASL (%)
Not determinable – assume 4
4
4
2,5
1,5
1
0,65
≤50
51-90
91-150
151-280
281-500
501-1 200
1 201-3 200
Notes:
Table replicated as Table B.3.
Table C.12 was derived by identifying cliff edges from graphs of the discrimination ratio
(Pa(10%)/Pr(5%)) versus ASL for each lot size across the global failure rates (see
Figure C.2-Figure C.8), using data from the corresponding sampling tables (see
Table C.4-Table C.11). Note that for small lots, the ALARP ASL is not determinable and
should be taken as 4.
In Figure C.2-Figure C.8, the shape of the curves for each lot size can be
interpreted as:
C
C
C
As ASL decreases, Pa(10%) decreases; the quality of the lot improves because
the number of faulty equipment that could result in a lot being accepted within
a probability of 10% decreases.
As ASL decreases, Pr(5%) decreases; the cost increases because with a given
number of faulty equipment in a lot (and even if this number is below the ASL),
the probability of rejecting a lot is higher.
Overall, the cost increases faster than the quality when ASL is decreasing hence
the discrimination ratio increases rapidly at lower ASLs.
86
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.13: Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 26-50
Global failure rate
ASL (%)
0,25
0,4
0,65
1
1,5
2,5
4
6,5
Pa
Level I
Pr
Pa/Pr
36,9
53,6
40,6
1,02
1,70
4,64
36,2
31,5
8,75
Pa
Level II
Pr
Pa/Pr
Pa
Level III
Pr
Pa/Pr
36,9
1,02
18,1
1,81
40,6
4,64
36,0
6,60
40
Pa/Pr
30
20
10
0
0
2
Key
Global failure rate level
4
6
8
ASL
I
Figure C.2: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 26-50
87
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.14 Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 51-90
Global failure rate
ASL (%)
0,25
0,4
0,65
1
1,5
2,5
4
6,5
Pa
16,2
28,8
36,9
53,6
40,6
Level I
Pr
Pa/Pr
0,40
0,64
1,02
1,70
4,64
40
Pa/Pr
Level II
Pr
Pa/Pr
16,2
28,8
18,1
26,8
36,0
0,40
0,64
1,81
2,81
6,60
40,5
45,0
10,0
9,54
5,45
Pa
Level III
Pr
Pa/Pr
16,2
0,40
40,5
18,1
24,5
30,4
1,81
4,22
7,14
10,0
5,81
4,26
ALARP ASL
50
40,5
45,0
36,2
31,5
8,75
Pa
30
20
10
0
0
2
4
6
8
ASL
Key
Global failure rate level
I
II
III
Figure C.3: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 51-90
88
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.15 Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 91-150
Global failure rate
ASL (%)
0,25
0,4
0,65
1
1,5
2,5
4
6,5
Pa
10,9
16,2
28,8
36,9
26,8
40,6
Level I
Pr
Pa/Pr
0,26
0,40
0,64
1,02
2,81
4,64
41,9
40,5
45,0
36,2
9,54
8,75
Pa
Level II
Pr
Pa/Pr
Pa
Level III
Pr
Pa/Pr
10,9
16,2
0,26
0,40
41,9
40,5
10,9
0,26
41,9
18,1
24,5
30,4
1,81
4,22
7,14
10,0
5,81
4,26
15,8
19,7
27,1
2,60
4,39
8,50
6,08
4,49
3,19
ALARP ASL
50
Pa/Pr
40
30
20
10
0
0
2
4
6
8
ASL
Key
Global failure rate level
I
II
III
Figure C.4: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 91-150
89
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.16: Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 151-280
Global failure rate
ASL (%)
0,25
0,4
0,65
1
1,5
2,5
4
6,5
Pa
6,94
10,9
16,2
28,8
18,1
26,8
36,0
Level I
Pr
Pa/Pr
0,16
0,26
0,40
0,64
1,81
2,81
6,60
43,4
41,9
40,5
45,0
10,0
9,54
5,45
Level II
Pr
Pa/Pr
Pa
6,94
10,9
7,56
11,6
15,8
19,7
27,1
0,16
0,26
0,72
1,12
2,60
4,39
8,50
43,4
41,9
10,5
10,4
6,08
4,49
3,19
Pa
Level III
Pr
Pa/Pr
6,94
0,16
43,4
7,56
10,3
12,9
17,6
22,4
0,72
1,66
2,78
5,36
8,22
10,5
6,20
4,64
3,28
2,73
ALARP ASL
50
Pa/Pr
40
30
20
10
0
0
2
4
6
8
ASL
Key
Global failure rate level
I
II
III
Figure C.5: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 151-280
90
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.17: Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 281-500
Global failure rate
ASL (%)
0,25
0,4
0,65
1
1,5
2,5
4
6,5
40
Pa/Pr
Level I
Pr
0,10
0,16
0,26
0,40
1,12
1,81
4,22
7,14
Pa/Pr
45,0
43,4
41,9
40,5
10,4
10,0
5,81
4,26
Pa
4,50
6,94
4,78
7,56
10,3
12,9
17,6
22,4
Level II
Pr
0,10
0,16
0,45
0,72
1,66
2,78
5,36
8,22
Pa/Pr
45,0
43,4
10,6
10,5
6,20
4,64
3,28
2,73
Pa
4,5
4,78
6,52
8,16
11,3
14,3
18,6
Level III
Pr
Pa/Pr
0,10
45,0
0,45
1,03
1,73
3,32
5,08
7,91
10,6
6,33
4,72
3,40
2,81
2,35
ALARP ASL
50
Pa
4,50
6,94
10,9
16,2
11,6
18,1
24,5
30,4
30
20
10
0
0
2
4
6
8
ASL
Key
Global failure rate level
I
II
III
Figure C.6: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 281-500
91
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.18: Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 501-1 200
Global failure rate
ASL (%)
0,25
0,4
0,65
1
1,5
2,5
4
6,5
Pa
4,50
6,94
10,9
7,56
11,6
15,8
19,7
27,1
Level I
Pr
0,10
0,16
0,26
0,72
1,12
2,60
4,39
8,50
Pa/Pr
45,0
43,4
41,9
10,5
10,4
6,08
4,49
3,19
Pa
4,50
3,08
4,78
6,52
8,16
11,3
14,3
18,6
Level II
Pr
0,10
0,29
0,45
1,03
1,73
3,32
5,08
7,91
Pa/Pr
45,0
10,6
10,6
6,33
4,72
3,40
2,81
2,35
Pa
1,93
3,08
4,20
5,27
7,29
9,24
12,1
15,7
Level III
Pr
0,18
0,29
0,65
1,10
2,11
3,22
5,02
7,54
Pa/Pr
10,7
10,6
6,46
4,79
3,45
2,87
2,41
2,08
ALARP ASL
50
Pa/Pr
40
30
20
10
0
0
2
4
6
8
ASL
Key
Global failure rate level
I
II
III
Figure C.7: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 501-1 200
92
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table C.19: Discrimination ratio (Pa(10%)/Pr(5%)) for various ASLs for lot size 1 2013,200
Global failure rate
ASL (%)
0,25
0,4
0,65
1
1,5
2,5
4
6,5
Pa
4,50
6,94
4,78
7,56
10,3
12,9
22,4
22,4
Level I
Pr
0,10
0,60
0,45
0,72
1,66
2,78
8,22
8,22
Pa/Pr
45,0
11,6
10,6
10,5
6,20
4,64
2,73
2,73
Pa
1,93
3,08
4,20
5,27
7,29
9,24
12,1
15,7
Level II
Pr
0,18
0,29
0,65
1,10
2,11
3,22
5,02
7,54
Pa/Pr
10,7
10,6
6,46
4,79
3,45
2,87
2,41
2,08
Pa
1,93
2,64
3,31
4,59
5,82
7,60
9,91
13,8
Level III
Pr
0,18
0,41
0,69
1,32
2,01
3,11
4,68
7,57
Pa/Pr
10,7
6,44
4,80
3,48
2,90
2,44
2,12
1,82
ALARP ASL
50
Pa/Pr
40
30
20
10
0
0
2
4
6
8
ASL
Key
Global failure rate level
I
II
III
Figure C.8: Discrimination ratio (Pa(10%)/Pr(5%)) versus ASL for lot size 1 201-3 200
93
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
C.9
LOT QUALITY FOR VARIOUS SAMPLE SIZES AND REJECTION NUMBERS
The effect on the quality of a lot of using various sample sizes and Re is illustrated in
Table C.20. The quality of a lot depends on the balance between Re and the sample
size. If the lot is accepted when the number of faulty equipment is high (i.e. Re is high),
the quality of the lot will be very poor even if the sample size is high.
The data of Table C.20 were derived using C.3-C.5, rather than just the values
in the sampling tables (see Table C.4 - Table C.11).
Table C.20 Lot quality for various sample sizes and rejection numbers
Lot size
Sample
size
33
100
13
20
66
200
32
50
333
1 000
80
Re
1
2
3
4
5
1
3
1
4
7
4
2
11
34
3
8
Pa(10%)
(%)
6,0
10,0
14,0
18,0
21,0
16,2
24,5
3,0
9,0
14,5
19,7
7,6
4,3
12,0
6,5
14,3
Pr(5%)
(%)
1,0
1,0-2,0
3,0-4,0
5,0-6,0
7,0-8,0
0,4
4,2
0,5
3,0
6,0
4,4
0,7
2,0
8,0
1,0
5,1
Example
Consider sampling of the following lot:
C
C
C
lot size = 100;
sample size = 33, and
Re = 5.
In this case, Pa(10%) = 21,0% (see light grey highlighted cells in Table C.20).
In fact, better quality can be obtained by using a lower sample size if Re is
lower, as illustrated in the following example for the same lot size.
Example
Consider sampling of the following lot:
C
C
C
lot size = 100;
sample size = 13;
Re = 1.
In this case, Pa(10%) = 16,2%, which indicates better quality (see dark grey highlighted
cells in Table C.20). However, these sampling data also reduce Pr(5%); therefore, the
probability of rejecting the lot decreases.
94
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
ANNEX D
INSPECTION SCHEDULES FOR Ex 'd', 'e', 'n', 'i' AND 'p'
ELECTRICAL EQUIPMENT
D.1
INTRODUCTION
This annex provides the inspection schedules for Ex 'd', 'e', 'n', 'i' and 'p' electrical equipment;
these are replicated without technical amendment from IEC 60079-171.
1
Permission to reproduce extracts from BS EN 60079 -17 : 2003 is granted by BSI. British Standards can be
obtained in pdf or hard copy formats from the BSI online shop: www.bsigroup.com/Shop or by contacting
BSI Customer Services for hard copies only: Tel: +44(0)20 8996 9001; email: [email protected]
95
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table D.1: Inspection schedule for Ex 'd', 'e' and 'n' equipment
Ex 'd'
Check that:
A
1
2
3
4
5
6
7
8
APPARATUS
Apparatus is appropriate to area classification
Apparatus group is correct
Apparatus temperature class is correct
Apparatus circuit identification is correct
Apparatus circuit identification is available
Enclosure, glass parts and glass-to-metal sealing gaskets and/or compounds are satisfactory
There are no unauthorised modifications
There are no visible unauthorised modifications
Bolts, cable entry devices (direct and indirect) and blanking elements are of the correct type
and are complete and tight
9
– physical check
– visual check
10
Flange faces are clean and undamaged and gaskets, if any, are satisfactory
11
Flange gap dimensions are within maximal values permitted
12
Lamp rating, type and position are correct
13
Electrical connections are tight
14
Condition of enclosure gaskets is satisfactory
15
Enclosed-break and hermetically sealed devices are undamaged
16
Restricted breathing enclosure is satisfactory
17
Motor fans have sufficient clearance to enclosure and/or covers
18
Breathing and draining devices are satisfactory
B
INSTALLATION
1
Type of cable is appropriate
2
There is no obvious damage to cables
3
Sealing of trunking, ducts, pipes and/or conduits is satisfactory
4
Stopping boxes and cable boxes are correctly filled
5
Integrity of conduit system and interface with mixed system is maintained
Earthing connections, including any supplementary earthing bonding connections are
satisfactory (for example connections are tight and conductors are of sufficient cross-section)
6
– physical check
– visual check
7
Fault loop impedance (TN systems) or earthing resistance (IT systems) is satisfactory
8
Insulation resistance is satisfactory
9
Automatic electrical protective devices operate within permitted limits
10
Automatic electrical protective devices are set correctly (auto-reset not possible)
11
Special conditions of use (if applicable) are complied with
12
Cables not in use are correctly terminated
13
Obstructions adjacent to flameproof flanged joints are in accordance with IEC 60079-14
14
Variable voltage/frequency installation in accordance with documentation
C
ENVIRONMENT
Apparatus is adequately protected against corrosion, weather, vibration and other adverse
1
factors
2
No undue accumulation of dust and dirt
3
Electrical insulation is clean and dry
Key: D = detailed C = close V = visual
Ex 'e'
Grade of inspection
V D C V D C
D
C
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
V
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
Notes:
1. General: The checks used for apparatus using both types of inspection Ex ‘e’ and Ex ‘d’ will be a
combination of both columns.
2. Items B7 and B8: Account should be taken of the potential for a flammable atmosphere in the vicinity
of the apparatus when using electrical test equipment.
96
Ex 'n'
x
x
x
x
x
x
x
x
x
x
x
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table D.2: Inspection schedule for Ex 'i' equipment
Ex 'i'
Grade of
inspection
D
C
V
Check that:
A
1
2
3
4
5
6
7
APPARATUS
Circuit and/or apparatus documentation is appropriate to area classification
Apparatus installed is that specified in the documentation – fixed apparatus only
Circuit and/or apparatus category and group correct
Apparatus temperature class is correct
Installation is clearly labelled
There are no unauthorised modifications
There are no visible unauthorised modifications
Safety barrier units, relays and other energy limiting devices are of the approved type, installed in accordance with
8
the certification requirements and securely earthed where required
9 Electrical connections are tight
10 Printed circuit boards are clean and undamaged
B INSTALLATION
1 Cables are installed in accordance with the documentation
2 Cable screens are earthed in accordance with the documentation
3 There is no obvious damage to cables
4 Sealing of trunking, ducts, pipes and/or conduits is satisfactory
5 Point-to-point connections are all correct
6 Earth continuity is satisfactory (for example connections are tight and conductors are of sufficient cross-section)
7 Earth connections maintain the integrity of the type of protection
8 The intrinsically safe circuit is isolated from earth or earthed at one point only (refer to documentation)
Separation is maintained between intrinsically safe and non-intrinsically safe circuits in common distribution boxes
9
or relay cubicles
10 As applicable, short-circuit protection of the power supply is in accordance with the documentation
11 Special conditions of use (if applicable) are complied with
12 Cables not in use are correctly terminated
C ENVIRONMENT
1 Apparatus is adequately protected against corrosion, weather, vibration and other adverse factors
2 No undue external accumulation of dust and dirt
Key: D = detailed C = close V = visual
97
x
x
x
x
x
x
X
X
X
X
X
x
X
x
X
x
X
X
x
x
X
x
x
x
x
X
x
x
x
X
X
x
x
x
x
x
x
x
x
x
x
x
x
x
x
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
Table D.3: Inspection schedule for Ex 'p' equipment (pressurisation or continuous
dilution)
Ex 'p'
Grade of
inspection
D
C
V
Check that:
A
1
2
3
4
5
6
7
8
9
B
1
2
APPARATUS
Apparatus is appropriate to area classification
Apparatus group is correct
Apparatus temperature class is correct
Apparatus circuit identification is correct
Apparatus circuit identification is available
Enclosure, glass parts and glass-to-metal sealing gaskets and/or compounds are satisfactory
There are no unauthorised modifications
There are no visible unauthorised modifications
Lamp rating, type and position are correct
INSTALLATION
Type of cable is appropriate
There is no obvious damage to cables
Earthing connections, including any supplementary earthing bonding connections are satisfactory, for example
connections are tight and conductors are of sufficient cross-section
3
– physical check
– visual check
4 Fault loop impedance (TN systems) or earthing resistance (IT systems) is satisfactory
5 Automatic electrical protective devices operate within permitted limits
6 Automatic electrical protective devices are set correctly
7 Protective gas inlet temperature is below maximum specified
8 Ducts, pipes and enclosures are in good condition
9 Protective gas is substantially free from contaminants
10 Protective gas pressure and/or flow is adequate
11 Pressure and/or flow indicators, alarms and interlocks function correctly
12 Pre-energizing purge period is adequate
13 Conditions of spark and particle barriers of ducts for exhausting the gas in hazardous area are satisfactory
14 Special conditions of use (if applicable) are complied with
C ENVIRONMENT
1 Apparatus is adequately protected against corrosion, weather, vibration and other adverse factors
2 No undue accumulation of dust and dirt
Key: D = detailed C = close V = visual
98
x
x
x
x
x
x
x
X
X
X
x
X
X
x
x
X
x
X
x
x
x
x
x
X
x
x
x
x
x
x
x
x
x
x
x
x
X
X
X
x
x
x
x
x
X
X
x
x
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
ANNEX E
GLOSSARIES
E.1
INTRODUCTION
For the purpose of these Guidelines, the interpretations of terms in E.2 and abbreviations in E.3
apply, irrespective of the meaning they may have in other connections. However, many are based
on the interpretations in IEC 60079-17, ISO 2859-1, EI Electrical safety code and EI Area
classification code for installations handling flammable fluids.
E.2
GLOSSARY OF TERMS
as low as reasonably practicable (ALARP): a level of risk which is tolerable compared to cost,
effort and time needed to further reduce it. See as low as reasonably practicable acceptance
safety level (ALARP ASL).
as low as reasonably practicable acceptance safety level (ALARP ASL): an acceptance
safety level (ASL) that is as low as reasonably practicable (ALARP) for a particular lot size.
Changing to a lower ASL than the ALARP ASL disproportionately increases inspection cost for
little improvement in quality. See as low as reasonably practicable (ALARP) and acceptance safety
level (ASL).
acceptance quality limit (AQL): see acceptance safety level (ASL).
acceptance safety level (ASL): (synonymous with acceptance quality limit (AQL)) the number of
faulty equipment that is declared as being acceptable on average, expressed as a percentage (i.e.
the number of faulty equipment found in the sample is less than or equal to the rejection
number (Re)). See faulty equipment and rejection number (Re).
area classification: See hazardous area classification.
assembly [of equipment]: separate products chosen and assembled from a modular range of
parts according to the manufacturer’s instructions to form a working equipment. The
manufacturer is required to have had the modular range of parts conformity assessed prior to
placing it on the EU market. Excluded from this are separate, individually conformity assessed,
products assembled at the user’s premises provided that the manufacturer’s instructions for the
products are complied with and a 'new' product is not created by that assembly. The result of
such construction work is an 'installation' and is outwith the scope of EPSR.
ATEX category: a grouping of equipment according to the intended zone of use (and
environment – mining and non-mining), as defined in ATEX 100a. See category, Zone 0, Zone 1
and Zone 2.
ATEX electrical equipment: electrical equipment that is subject to the requirements of the
ATEX 'Equipment Directive'. See pre-ATEX electrical equipment.
audit: process carried out by own staff or third parties, which complement review activities by
looking to see if the policy, organisation and systems in the safety management system (SMS) are
achieving the right results. They give information about the reliability and effectiveness of those
systems. See review and safety management system (SMS).
99
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
binomial law: a discrete probability distribution that describes the number of successes in a
sequence of draws from a large lot without replacement. The probability of success for a single
trial is fixed for all trials and each trial is independent. See hypergeometric law.
breakdown: not performing the required function. See fault.
category of inspection: normal, increased and reduced inspection. See normal inspection,
increased inspection and reduced inspection.
certificate of conformance: see certificate of conformity.
certificate of conformity (synonymous with certificate of conformance): document certified by
a competent authority that the supplied goods of service meet the required specifications.
change rules: rules that govern the movement between categories of inspection and variation in
the frequency of inspection based on the performance of a lot in previous inspections. See
category of inspection, frequency of inspection and lot.
close inspection: grade of inspection which encompasses those aspects covered by a visual
inspection and, in addition, identifies those faults, such as loose bolts, which will be apparent
only by the use of access equipment, for example step ladders (where necessary) and tools. Such
inspections do not usually require the enclosure to be opened or the equipment to be deenergised. See visual inspection and grade of inspection.
common mode faults: faults attributed to the same causation in more than one equipment. For
example impact damage from scaffold poles along a corridor or water damage from activation of
water deluge equipment. See fault.
commonly assumed failure rate: the mean failure rate of a similar lot in a similar location. See
global failure rate.
competent person: a person having suitable qualifications, experience and authority to
adequately carry out a designated task. For an electrical technician working on Ex electrical
equipment in potentially flammable atmospheres, the CompEx scheme provides a means of
competency assurance. Other higher levels of electrical competency apply. See CompEx, electrical
technician, nominated electrical person (NEP), responsible electrical person (REP), skilled
personnel and technical person with executive function (TPEF).
CompEx: GB national scheme for training, assessment and certification of persons working in
potentially flammable atmospheres. See competent person.
computerised maintenance management system (CMMS): a maintenance and inspection
management system that is computer-based. See equipment register and management system.
continuous grade release: a release that is continuous or nearly so (e.g. > 1 000 hours per
annum). See primary grade release and secondary grade release.
continuous supervision: type of inspection using visual or close grades of inspection requiring
frequent attendance, inspection, service, care and maintenance of equipment by competent
personnel who have experience in the specific installation and its environment in order to
maintain the equipment’s type of protection in satisfactory condition. See close inspection,
competent person, explosion protected equipment, grade of inspection, inspection,
maintenance, type of protection and visual inspection.
100
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
defect: see fault.
detailed inspection: grade of inspection which encompasses those aspects covered by a close
inspection and, in addition, identifies those faults, such as loose terminations, which will only be
apparent by opening the enclosure, and/or using, where necessary, tools and test equipment.
Such inspections are intrusive inspections and require the enclosure to be opened and the
equipment to be de-energised. See close inspection, grade of inspection and intrusive inspection.
discrimination ratio: ratio of Pa(10%)/Pr(5%) which indicates the balance between quality and
cost of an inspection. See Pa(10%) and Pr(5%).
duty holder (DH): employers responsible for managing Ex electrical equipment, as well as other
aspects of the electrical function. In this context, employers may also include owners, installation
operators and contractors.
electrical technical authority (TA): a company-role which may include the requirements of the
technical person with executive function (TPEF). See technical person with executive function
(TPEF).
electrical technician: a competent person that typically carries out Ex electrical equipment
inspection. See competent person, CompEx and inspection.
equipment criticality: a means of judging the ignition risk of faulty Ex electrical equipment that
constitutes a potential source of ignition in a flammable atmosphere. See risk-based inspection
(RBI), safety critical elements (SCEs) and source of ignition.
equipment register: database containing information on Ex electrical equipment, including
identification number (tag), manufacturer, date installed, Ex (or ATEX) certificate number, etc.
This may be in the form of a listing, database or computerised maintenance management system
(CMMS). See computerised maintenance management system (CMMS).
Ex electrical equipment: Ex equipment where electrical sources of ignition are explosion
protected by various type of protection concepts. Its scope includes electrical, instrumentation
and communication equipment, whether fixed or moveable. See explosion protected equipment
and type of protection.
Ex equipment: equipment that is explosion protected by having special precautions for the
construction, installation and use. The scope of these Guidelines only includes Ex electrical
equipment. See Ex electrical equipment and explosion protected equipment.
Ex inspection strategy: a policy for managing the continuing integrity of Ex electrical
equipment. See Ex electrical equipment.
Ex type of protection: see type of protection.
exhaustive inspection: inspection of 100% of a lot. See inspection and lot.
explosion protected equipment: equipment having a type of protection that prevents it from
constituting a source of ignition when used in a flammable atmosphere. In this context,
'explosion protected' refers to both fire and explosions. Such equipment is termed Ex equipment.
See Ex equipment, source of ignition and type of protection.
explosive atmosphere: see flammable atmosphere.
101
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
failure: see fault, global failure rate, human failure and mean time between failures (MTBF).
fault: (synonymous with defect, failure and nonconformity) non-fulfilment of a requirement in
an Ex integrity inspection, e.g. specification or usage requirement from incorrect labelling
through to degradation of protective features that assure its type of protection. See breakdown,
faulty equipment and type of protection.
fault code: means of classifying faults according to their type and severity such that it is possible
to carry out trend analysis. See fault.
faulty equipment: equipment with one or more faults which compromise the Ex integrity. Note
that the faults may present differing risks. See fault.
flammable atmosphere: (synonymous with explosive atmosphere) a mixture of flammable
gases or vapours with air in such a proportion that, without any further admixture, it will burn
when ignited. Note, in some cases there may also be an explosion.
frequency of inspection: time interval between inspections. See inspection.
gas group: a sub-division applied to electrical equipment based on ease of ignition of particular
gases.
global failure rate: the observed failure rate of the lot, e.g. in the form of mean time between
failures (MTBF) or some other statistical value for the performance of the population over time
(such as a Weibull plot). In this context failures mean those faults compromising the integrity of
the type of protection. This global failure rate of a lot is compared to the commonly assumed
failure rate to adjust the sample size and rejection criterion. See rejection criterion, commonly
assumed failure rate, mean time between failures (MTBF), fault, sample size, type of protection
and Weibull plot.
grade of inspection: visual, close or detailed inspection. See visual inspection, close inspection
and detailed inspection.
green water: sea water from deluge systems or unbroken waves landing on offshore
installations, especially floating production, storage and offloading units (FPSOs).
hazardous area: a three-dimensional space in which a flammable atmosphere is or may be
expected to be present in such frequencies as to require use of Ex equipment, including Ex
electrical equipment. All other areas are referred to as non-hazardous in this context. Three
hazardous areas zone are recognised: Zone 0, Zone 1 and Zone 2. See Ex equipment, Ex electrical
equipment, hazardous area classification, non-hazardous area, Zone 0, Zone 1 and Zone 2.
hazardous area classification: the notional division of a facility into hazardous areas and nonhazardous areas, and the subdivision of hazardous areas into zones. See hazardous area, nonhazardous area, Zone 0, Zone 1 and Zone 2.
human failure: failure arising from human intervention but underpinned by weaknesses in an
SMS ('human error') or when a person acted without complying with a known rule, procedure or
good practice ('violations'). For example, maintenance-induced failure is a type of human failure.
See maintenance-induced failure and safety management system (SMS).
hypergeometric law: a discrete probability distribution that describes the number of successes
in a sequence of draws from a small lot without replacement. It accounts for non-replacement of
102
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
the drawn item in the lot. See binomial law.
ignition risk: the probability of ignition of a flammable atmosphere leading to a fire/explosion,
which is the product of the probability of a source of ignition being present and the probability
of a flammable atmosphere being present. See equipment criticality, flammable atmosphere and
source of ignition.
ignition source: see source of ignition.
increased inspection: (synonymous with tightened inspection) category of inspection used in a
sampling plan with a slightly greater sample size and/or with slightly more rigorous rejection
criterion than for the corresponding sampling plan for normal inspection. The frequency of
inspection also should be greater. See rejection criterion, category of inspection, frequency of
inspection, normal inspection, sample size and sampling plan.
independent competent person (ICP): person required to carry out various functions under
the verification scheme for offshore installations to ensure that the process of managing risks
associated with the major accident hazards is working effectively.
initial inspection: type of inspection using detailed grade of inspection applied to equipment
during commissioning, before being brought into service. Such inspections are intended to
determine whether the selected type of protection and the equipment installation are
appropriate. See detailed inspection, grade of inspection, inspection, routine inspection and type
of inspection.
initial sample inspection: the first occasion on which a sample inspection is carried out to
implement a sampling plan. In this context, 'initial' does not refer to initial inspection at
commissioning. See initial inspection, sample inspection, sampling plan and subsequent sample
inspection.
inspection: action comprising careful scrutiny of equipment carried out either without
dismantling or partial dismantling, supplemented by means such as measurement, in order to
arrive at a reliable conclusion as to its condition, and the presence of any faults compared to its
specification and functional requirements. For Ex electrical equipment, the key issue is its type of
protection. See Ex electrical equipment, intrusive inspection, fault and type of protection.
inspection frequency: see frequency of inspection.
intelligent customer: ability of a duty holder (DH) to competently select contractors and
consultants, and specify, audit and review their work, e.g. when outsourcing inspection of Ex
electrical equipment, such that they have a clear understanding and knowledge of the product or
service being supplied. See duty holder (DH) and management of change.
intrusive inspection: inspections that require opening of enclosures (e.g. detailed inspection).
See detailed inspection.
isolate: make safe by disconnection of all electrical (and other) services.
key performance indicator (KPI): metric used to help an organisation define and measure
progress towards organisational goals. See performance standard.
level of inspection: criteria that provide proportionately varying rigour to inspections compared
to ignition risk. Where a sampling strategy is not in place, the frequency of inspection is the only
103
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
such criterion; whereas the following additional criteria are applicable when a sampling strategy
is in place: ASL, global failure rate and category of inspection. See ASL, category of inspection,
frequency of inspection, global failure rate, ignition risk and sampling strategy.
lot: a specifically defined and identifiable amount of equipment in which equipment has the
same or similar characteristics, for example one or more of the following:
C
be used in the same hazardous area classification;
C
have the same type of protection;
C
be used in the same environmental conditions, including the same installation
area;
C
have the same/similar age, and
C
have the same equipment manufacturer or similar equipment from different
manufacturers.
See hazardous area classification, lot, lot size and type of protection.
lot size: number of equipment in a lot. See lot.
maintenance: combination of any actions carried out to retain equipment in, or restore it by
repairing faults to, condition in which it is able to meet the requirements of the relevant
specification and perform its functional requirements. For Ex electrical equipment, the key issue is
retention of its type of protection. See Ex electrical equipment, fault and type of protection.
maintenance induced failure: during maintenance or intrusive inspection, human failure
resulting in damage to gaskets or seals, omitting to reinstate bolts, etc. See human failure,
maintenance and intrusive inspection.
management of change: a structured process applied when amending people, teams, work
and organisations from a current state to a desired future state by mapping out requirements.
Typically, its scope includes organisational change, outsourcing, downsizing and delayering. See
intelligent customer.
management system: organisational arrangements (i.e. processes and procedures) used to
ensure that an organisation fulfils all tasks required to achieve its business objectives. See
computerised maintenance management system (CMMS) and safety management system (SMS).
mean time between failures (MTBF): an indication of reliability expressed as the mean
(average) time between failures of a system.
method of protection: see type of protection.
moveable equipment: portable, transportable and hand-held Ex electrical equipment. See Ex
electrical equipment and temporary equipment.
nonconformity: see fault.
nominated electrical person (NEP): competent person appointed for carrying out some
aspects of the electrical function, which are under their control (e.g. HV or LV or
instrumentation). They should be given clear indication of the extent of their responsibilities and
appropriate authority and resources to discharge them. Typically, they report to the responsible
electrical person (REP) and TPEF. See competent person, Ex electrical equipment and responsible
electrical person (REP), technical person with executive function (TPEF).
non-hazardous area: a three-dimensional space in which flammable atmospheres are not
104
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
expected to be present in routine operations so that special precautions for the construction and
use of electrical equipment (or for the control of non-electrical equipment) are not required.
Note: Such an area may be part of a greater restricted area. See hazardous area and unclassified
area.
normal inspection: category of inspection used in a sampling plan with a sample size and
rejection criterion that should result in a lot being accepted with a high probability when the
performance is better than the acceptance safety level (ASL). See acceptance safety level (ASL),
rejection criterion, category of inspection, and sampling plan.
offshore: refers to oil and gas production in the UK continental shelf regardless of the type of
installation.
Pa(10%): the maximum percentage of faulty equipment in a lot so that the safety level of the lot
is declared acceptable within a probability of 10%. This is a statistical measure indicating the
confidence in a sampling plan being applied to a lot. See lot, faulty equipment, Pr(5%), safety
level and sampling plan.
performance standard: a qualitative or quantitative statement of the performance required of
a system or equipment in order for it to satisfactorily fulfil its purpose. See key performance
indicator (KPI), safety critical element (SCE) and verification scheme.
periodic inspection: type of inspection carried out routinely using visual or close grades of
inspection; these inspections may lead to the need for a further detailed grade of inspection. See
close inspection, detailed inspection, grade of inspection, type of inspection and visual
inspection.
planned maintenance (/inspection) routine (PMR): a work order listing the maintenance
and/or inspection activities to be completed. A record will be completed of this work together
with updated maintenance and/or inspection history.
pre-ATEX electrical equipment: electrical equipment that precedes the requirements of the
ATEX 'Equipment Directive'. See ATEX electrical equipment.
Pr(5%): the minimum percentage of faulty equipment in a lot so that the safety level of the lot is
declared unacceptable within a probability of 5%. This is a statistical measure indicating the cost
induced by applying a sampling plan to a lot. See lot, faulty equipment, Pa(10%), safety level and
sampling plan.
primary grade release: a release that is likely to occur in normal operation (e.g. 10-1 000 hours
per annum). See continuous grade release and secondary grade release.
progressive sampling: in a sampling plan, taking samples from the complete lot by selecting
them intentionally using some criteria (e.g. nominal percentage of the lot, installation area,
manufacturer, period since last inspection, ease of access, etc.). This means that the same
equipment is unlikely to be inspected in successive inspections. For example the nominal
percentage of the lot approach involves taking a random sample of the complete lot in the first
inspection; in the second inspection, taking a random sample of the equipment not inspected in
the first inspection. The remaining population after this second sample is then used for selecting
the third sample, etc. This continues until the entire population has been inspected; after that, a
sample is selected from the complete lot. See lot, progressive sampling, random sampling,
sampling, and sampling plan.
105
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
protection concept: see type of protection.
random fault: a non-systemic fault, e.g. a loose connection due to human failure. See human
failure.
random sampling: in a sampling plan, using a random number generator or similar means to
take samples from the complete lot at each inspection without selecting them intentionally by
any criterion (e.g. installation area, manufacturer, period since last inspection, ease of access,
etc.). This means that the same equipment could be inspected in successive inspections. This
approach is used to monitor the effects of environmental conditions, vibration, inherent design
weakness etc. and to identify random faults. See lot, progressive sampling, sampling, and
sampling plan.
reduced inspection: category of inspection used in a sampling plan with a smaller sample size
and/or slightly more rigorous rejection criterion than that for the corresponding sampling plan for
normal inspection. The frequency of inspection also should be smaller. See rejection criterion,
category of inspection, frequency of inspection, normal inspection, sample size and sampling
plan.
rejection criterion: the rejection number (Re), for a particular lot size/global failure
rate/acceptance safety level (ASL). See acceptance safety level (ASL), global failure rate and
rejection number (Re).
rejection number (Re): the safety level of a lot should be considered unacceptable if the
number of faulty equipment (or weighted faulty equipment score, if applied) found for a sample
is greater than or equal to this value. See rejection criterion, acceptance safety level (ASL), faulty
equipment, safety level, sample and weighted faulty equipment score.
remedial actions: actions applied to faulty equipment, which could range from a review of
causes of faults through to their repair. See faulty equipment, fault and review.
responsible electrical person (REP): in the offshore industry, a competent installation-based
person who typically reports indirectly to the TPEF. Their skills and abilities provide support and
guidance to others and to provide a lead or proactive role for other important activities e.g. the
signing of permits-to-work. REPs should be aware and have appropriate involvement in the risks
of all electrical work on the installation. See competent person and technical person with
executive function (TPEF).
review: process for evaluating measured performance, e.g. for evaluating inspection findings
with a view to adjusting the sampling plan for future inspections, i.e. by adjusting ASL; category
of inspection, frequency of inspection; and global failure rate. See ASL, audit, category of
inspection, frequency of inspection and sampling plan.
risk-based inspection (RBI): a targeted, effective and balanced approach to inspection. When
applied correctly, it should result in high risk equipment located in high risk areas being inspected
more frequently than other equipment located in other areas. See equipment criticality.
risk-based inspection (RBI) parameters: input parameters in the development of a sampling
plan, including hazardous area classification, type of protection, severity of the environment,
equipment age, initial and periodic inspection findings, lot size, global failure rate, category of
inspection, ASL. See ASL, category of inspection, hazardous area classification, global failure rate,
lot size and type of protection.
106
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
routine inspection: inspection carried out after the initial inspection, which may be periodic
inspection, sample inspection or continuous supervision. See continuous supervision, periodic
inspection and sample inspection.
safety critical element (SCE): any part of the installation, plant, equipment or systems which if
not operating as intended will either cause or contribute to a major accident, or the purpose of
which is to prevent or limit the effect of a major accident. For offshore installations, this should
include specified equipment referenced in PFEER Regulation 19. See equipment criticality and
performance standard.
safety level: the performance of a lot during inspection, as determined by the number of faulty
equipment compared to the rejection criterion. See rejection criterion, acceptance safety level
(ASL), inspection, lot, and faulty equipment.
safety management system (SMS): organisational arrangements which should enable duty
holders (DHs) to comply with relevant health and safety legislation by:
C
Formulating and developing policy; this includes identifying key objectives and
reviewing of progress.
C
Planning, measuring, reviewing and auditing safety activities to meet legal
requirements and minimise risks.
C
Ensuring effective implementation of plans and reporting on performance.
See audit, computerised maintenance management system (CMMS), management system and
review.
sample: one or more equipment taken from a lot for inspection and intended to provide
information on the safety level of the lot. See inspection, lot and safety level.
sample size: number of equipment in the sample. See sample.
sample inspection: type of inspection using visual, close or detailed grades of inspection
involving inspection of a sample of a lot by taking a random sample. See close inspection,
detailed inspection, grade of inspection, initial sample inspection, inspection, lot, random sample,
sample, subsequent sample inspection, type of inspection and visual inspection.
sampling methodology: a statistically robust risk-based approach to inspection that is used to
develop sampling plans. See sample inspection and sampling plan.
sampling plan: protocol implemented through sample inspections for inspecting lots of Ex
electrical equipment by applying random sampling, rather than progressive sampling. Based on
the sampling methodology, it considers a broad range of issues, from defining a rejection
criterion and the frequency of inspection through to the review of inspection findings. See
rejection criterion, Ex electrical equipment, frequency of inspection, lot, review and sampling
methodology.
secondary grade release: a release that is unlikely to occur in normal operation and, in any
event, will be of short duration (e.g. 1-10 hours per annum). See continuous release grade and
primary release grade.
skilled personnel: these are generally electrical technicians that have been trained on:
C
The various types of protection and installation practices.
C
The relevant rules and regulations.
C
The general principles of area classification.
See electrical technician and competent person.
107
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
source of ignition: (synonymous with ignition source) accessible source of heat or energy,
electrical (or non-electrical) equipment, with the potential to ignite a flammable atmosphere. See
flammable atmosphere.
subsequent sample inspection: the second, third, etc. occasions on which a sampling
inspection is carried out to implement a sampling plan. See initial sample inspection, sample
inspection and sampling plan.
technical authority (TA): see electrical technical authority (TA).
technical person with executive function (TPEF): person for an installation providing
technical management of the competent persons, having adequate knowledge in the field of
explosion protection, having familiarity with the local environment, having familiarity with the
installation and who has overall responsibility and control of the inspection systems for Ex
electrical equipment. See competent person, electrical technical authority (TA), Ex electrical
equipment, explosion protected equipment, nominated electrical person (NEP) and responsible
electrical person (REP).
temperature classification ('T' class): a sub-division applied to electrical equipment based on
its maximum surface temperature.
temperature cycling: a variation in external and internal enclosure temperature due to changes
in night and day temperatures and heat dissipation from current carrying components
respectively.
temporary equipment: Ex electrical equipment that is supplied for temporary installation or
use. Typically, such equipment is owned by a third party and may be installed or used by a third
party or the duty holder (DH). Examples include lighting, generators and moveable equipment.
See moveable equipment.
tightened inspection: see increased inspection.
type of inspection: initial inspection, periodic inspection, sample inspection and continuous
supervision. See initial inspection, periodic inspection, sample inspection and continuous
supervision.
type of protection: (synonymous with method of protection and protection concept) measures
applied in the construction of equipment to make it explosion-protected. The following
groupings are applied for the purposes of defining lots:
C
type 1: flameproof ('d');
C
type 2: increased safety ('e') and type 3: non incendive ('n');
C
type 3: intrinsic safety ('ia', 'ib');
C
type 4: pressurised apparatus ('p'), and
C
type 5: other type of protection (oil filled ('o'), powder filled ('q'), encapsulated
('m')).
See explosion protected equipment and lot.
unclassified area: see non-hazardous area.
verification scheme: written schemes for offshore installations implemented to confirm, or
otherwise, that SCEs are suitable and remain in good repair and condition. See performance
standard.
108
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
visual inspection: grade of inspection which identifies, without the use of access equipment or
tools, those faults, such as missing bolts, which will be apparent to the eye. Where appropriate,
human vision should be supplemented the by use of binoculars and remote heat detecting
equipment. See inspection and grade of inspection.
weighted faulty equipment score: number of faulty equipment in an inspection weighted
according to ignition risk. See faulty equipment, ignition risk and inspection.
Weibull plot: a graphical technique for determining if a data set comes from a population that
would logically fit a 2-parameter Weibull distribution (the location is assumed to be zero). The
graph has special scales that are designed so that if the data do follow a Weibull distribution, the
points will be linear (or nearly linear).
The least squares fit of this line yields estimates for the shape and scale parameters of
the Weibull distribution which may be used in determining the global failure rates. See global
failure rate.
Zone 0: that part of a hazardous area in which a flammable atmosphere is continuously present
or present for long periods. See flammable atmosphere and hazardous area.
Zone 1: that part of a hazardous area in which a flammable atmosphere is likely to occur in
normal operation. See flammable atmosphere and hazardous area.
Zone 2: that part of a hazardous area in which a flammable atmosphere is not likely to occur in
normal operation and, if it occurs, will exist only for a short period. See flammable atmosphere
and hazardous area.
E.3
GLOSSARY OF ABBREVIATIONS
ALARP
ALARP ASL
AQL
ASL
ATEX
ATEX 100a
ATEX 137
CDM
[Regulations]
CMMS
CompEx
d
D
DCR
DH
DSEAR
EAWR
EPSR
Ex
F
as low as reasonably practicable
as low as reasonably practicable acceptance safety level
acceptance quality level
acceptance safety level
atmosphere explosiv (explosive atmospheres [directives])
Approximation of the Laws of Member States concerning Equipment and Protective
Systems Intended for Use in Potentially Explosive Atmospheres 94/9/EC
Directive on the Minimum Requirements for Improving the Health and Safety of
Workers Potentially at Risk from Explosive Atmospheres 99/92/EC
The Construction (Design and Management) [Regulations]
computerised maintenance management system
GB national scheme for training, assessment and certification of persons working in
potentially explosive atmospheres
number of faulty equipment in a sample
total number of faulty equipment in a lot
Offshore Installations and Wells (Design and Construction, etc) Regulations
duty holder
The Dangerous Substances and Explosive Atmospheres Regulations
The Electricity at Work Regulations
The Equipment and Protective Systems for use in Potentially Explosive Atmospheres
Regulations
explosion protected
frequency of inspection
109
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
FPSO
GA
GB
HASAWA
HV
ICP
IS
KPI
LV
MTBF
n
N
NEP
OSCR
PA
Pa(10%)
Pa(10%)/Pr(5%)
Pr(5%)
PFEER
PMRs
PUWER
RBI
Re
REP
SCE
SIL
SMS
‘T’ class
TA
TPEF
UK
UV
floating production, storage and offloading unit
general alarm
Great Britain
Health and Safety at Work etc Act
high voltage
independent competent person
intrinsically safe
key performance indicator
low voltage
mean time between failures
sample size
lot size
nominated electrical person
Offshore Installations (Safety Case) Regulations
public address
the maximum percentage of faulty equipment in a lot so that the safety level of the lot
is declared acceptable within a probability of 10%
discrimination ratio
the minimum percentage of faulty equipment in a lot so that the safety level of the lot
is declared unacceptable within a probability of 5%.
Offshore Installations (Prevention of Fire and Explosion, and Emergency Response)
Regulations
planned maintenance (/inspection) routine
Provision and Use of Work Equipment Regulations
risk based inspection
rejection number
responsible electrical person
safety critical element
safety integrity level
safety management system
temperature classification
technical authority
technical person with executive function
United Kingdom
ultraviolet
110
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
ANNEX F
REFERENCES
This annex provides information regarding publications that are referred to herein. All were
current at the time of writing. Users should consult the pertinent organisations for details of the
latest versions of publications. To assist, Internet addresses are provided.
British Standards Institution (BSI)
http://www.bsi-global.com
C
BS 6001-1 Sampling procedures for inspection by attributes: Sampling schemes indexed
by acceptance quality limit (AQL) for lot-by-lot inspection.
C
BS 6626 Code of practice for maintenance of electrical switchgear and controlgear for
voltages above l kV and up to and including 36 kV.
C
BS 7671 Requirements for electrical installations. IEE Wiring Regulations. Seventeenth
edition.
C
BS EN 60079-17 Electrical apparatus for explosive gas atmospheres: Inspection and
maintenance of electrical installations in hazardous areas (other than mines).
Energy Institute (EI)
http://www.energyinst.org
Model codes of safe practice in the petroleum industry:
C
Part 1: Electrical safety code.
C
Part 15: Area classification code for installations handling flammable fluids.
Other publications:
C
Research report: Ignition probability review, model development and look-up
correlations.
European Communities (EC)
http://europa.eu.int/index-en.htm
Directives:
C
Approximation of the Laws of Member States concerning Equipment and Protective
Systems Intended for Use in Potentially Explosive Atmospheres 94/9/EC (OJ L 100,
19.4.1994).
C
Council Directive on the Minimum Health and Safety Requirements for the Use of Work
Equipment by Workers at Work 89/655/EEC (OJ L 393, 30.12.1989).
C
Council Directive 95/63/EC of 5 December 1995 amending Directive 89/655/EEC
concerning the Minimum Safety and Health Requirements for the Use of Work
Equipment by Workers at Work (OJ L 335, 30.12.1995).
C
Directive on the Minimum Requirements for Improving the Health and Safety of Workers
Potentially at Risk from Explosive Atmospheres 99/92/EC (OJ L 23, 28.1.2001).
Health and Safety Executive (HSE) (published by HSE Books)
http://www.hsebooks.com
Guidance:
C
HS(G)65: Successful health and safety management.
International Electrotechnical Commission (IEC)
http://www.iec.ch
C
IEC 60079-14 Electrical apparatus for explosive gas atmospheres: Electrical installations
in hazardous areas (other than mines).
C
IEC 60079-17 Electrical apparatus for explosive gas atmospheres: Inspection and
111
GUIDELINES FOR MANAGING INSPECTION OF EX ELECTRICAL EQUIPMENT IGNITION RISK IN SUPPORT OF IEC 60079-17
C
C
C
maintenance of electrical installations in hazardous areas (other than mines).
IEC 60079-25 Electrical apparatus for explosive gas atmospheres: Intrinsically safe
systems.
IEC 60030-3-11 Dependability management – Part 3-11: Application guide – Reliability
centred maintenance.
IEC 61649 Procedures for goodness-of-fit tests, confidence intervals and lower
confidence limits for Weibull distributed data.
International Organization for Standardization (ISO)
http://www.iso.ch
C
ISO 2859-1 Sampling procedures for inspection by attributes: Sampling schemes indexed
by acceptance quality limit (AQL) for lot-by-lot inspection.
Office of Public Sector Information (OPSI)
http://www.opsi.gov.uk
C
Health and Safety at Work etc Act 1974.
C
Management of Health and Safety at Work Regulations 1999 (SI 1999/3242).
C
Offshore Installations and Wells (Design and Construction, etc) Regulations 1996
(SI 1996/913).
C
Offshore Installations (Prevention of Fire and Explosion, and Emergency Response)
Regulations 1995 (SI 1995/743).
C
Provision and Use of Work Equipment Regulations 1998 (SI 1998/2306).
C
The Dangerous Substances and Explosive Atmospheres Regulations 2002 (SI 2002/2776).
C
The Electricity at Work Regulations 1989 (SI 1989/635).
C
The Equipment and Protective Systems for use in Potentially Explosive Atmospheres
(Amendment) Regulations 2001 (SI 2001/3766).
C
The Equipment and Protective Systems for use in Potentially Explosive Atmospheres
Regulations 1996 (SI 1992/192).
C
The Offshore Installations (Safety Case) Regulations 2005 (SI 2005/3117).
C
The Construction (Design and Management) Regulations 2007 (SI 2007/320).
Research papers
C
Weibull, W. (1951) A statistical distribution function of wide applicability, J. Appl. Mech.Trans. ASME 18(3), 293-297.
112
Energy Institute
This publication has been produced as a result of
61 New Cavendish Street
work carried out within the Technical Team of the
London W1G 7AR, UK
Energy Institute (EI), funded by the EI’s Technical
Partners. The EI’s Technical Work Programme
t: +44 (0) 20 7467 7157
provides industry with cost effective, value adding
f: +44 (0) 20 7255 1472
knowledge on key current and future issues
e: [email protected]
affecting those operating in the energy sector,
www.energyinst.org.uk
both in the UK and beyond.
ISBN 978 0 85293 513 2
Registered Charity Number 1097899
Descargar