Automation 101: Design For Operation
 
        By Paul Brake, P.Eng., Dynamic Machine Design
We hear many paradigms in the design world — design for manufacture, design for assembly, etc. What we don’t often hear is design for operation. What does design for operation involve? We must consider all the operational requirements of our system and address them from an operator/maintenance staff point of view.
This must be done from a process as well as a physical perspective. When designing our processes, we pick and place our sensors and controls based on a theoretical assumption of their applications and use. We gather the information from where we need to and apply control in places that will have the most effect. This we must indeed do.
But once the process design is complete, we also need to take a step back and critically examine the operational characteristics and results of our choices. Ask yourself, will the process information or control that you have just specified be of direct use to your operator? Will they be able to glean useful information in a timely manner that will help them to determine the state of the process and make proper and effective action decisions? Could the information gathered and displayed mislead your operators? For example, you may have a pH meter reading the influent pH because based on that reading and flow you have written a control loop on caustic addition. That reading will not be indicative of the pH of the tank it is flowing into because your caustic addition will be altering the tank pH. If the meter is not well placed, it could lead the operator into assuming the reading is for the whole tank. Then he/she may take control measures based on a false assumption about the reading.
Similarly, a thermocouple could be reading the temperature at a certain point in the tank, but the average temperature could be significantly different. This often happens by accident. Sensor placement is critical, but unfortunately it is often overlooked. I have seen many sensors on tanks positioned for ease of manufacture or assembly with no thought to the internal process of the container it is measuring. I have also seen gauges that could not be read without a ladder, valves that could not be reached, and hatches that could not be opened or accessed without first removing equipment.
Instruments have to be picked and placed not only to allow a programmable logic controller (PLC) program to acquire data on the process, but also for the operators to be able to determine the state of the process. Ensure that when you perform your critical operational review of your piping and instrumentation diagram (P&ID) that you add localized displays. Plants are big. If the operators have to head back to the human-machine interface (HMI) every time they need local information, they will spend half of their day walking around, and often will simply not bother and make decisions based on hunches. If your PLC needs accurate, timely data, so does the operator.
From a controls point of view, the same is true. If your PLC requires a specific level of control and feedback, so does your operator. Now there is a danger in allowing the operators to make arbitrary decisions apart from the central control. The controller could then be making decisions and instituting operations based on incorrect data or assumptions. Every industrial automated process already suffers abundantly from excess open loop control, you really don’t want to exacerbate the issue. If the PLC opened a valve and the operator then manually closed it, then the PLC would be operating based on an incorrect assumption about the state of the valve. Numerous issues would result including equipment damage, environmental noncompliance, or personnel injuries.
One of the reasons we have operators is their ability to see, think, and do. They can examine and assess a process and gather and process an enormous amount of data in a short time. They also have this curious art of fuzzy logic. A highly skilled operator will be able to walk into a plant, assess its condition based on accurate readings from instrumentation, and make informed decisions that will improve the process results. This is required when a process moves outside of its design parameters. The PLC program is designed for normal operation. Unique events require the human factor. If, however, the data acquisition does not provide real time local feedback to the operator, or if there is no option for human input, then the operator’s contribution will be compromised.
I mentioned weird or inaccessible placement of instruments and controls earlier. There is another side to this issue. We absolutely need to specify the proper type of sensor or control in the proper place. Float level switches, for example, work great. We can get a nice, economical level switch that screws into a tank bulkhead and it will serve us nicely. That is until you need to replace it. Then you find yourself needing to shut down your process for several hours and drain a 500,000-gallon tank in order to replace a $41 item. Oh, and where do you temporarily drain 500,000 gallons?
Similarly, when designing our process piping we must include isolation valves for all gauges, instruments, and pumps. If it can break, if it could ever need replacement or calibration, if it even will need removal or replacement, we absolutely must include an isolation valve. In certain cases we can use a bypass as well.
Redundancy is a topic in itself, but we must consider it here as well. When you include a redundant component in your process, whether it is a pump, tank, or sensor, design the system to enable removal of all redundant components without necessitating shutting down the process. That is, after all, the whole reason for redundant components.
That isolation is not just shutting a valve to keep the water from spewing onto the floor. That isolation must also be electrical and pneumatic. It won’t help your millwright to be able to close off the isolation valves on the process if he can’t de-energize the pump without shutting down the whole area. Design your system as to allow complete process, physical, logical, pneumatic, and electrical isolation and lock-out.
I have seen a two-pass, 730-gpm reverse osmosis (RO) water purification system that operated three high-pressure pumps on the first pass, with one in redundancy, where you could not isolate a single pump out of the system. You had to shut the whole plant down to replace or work on a redundant pump. We include redundancies to prevent shutdown, not to cause them. And you had to remove the whole piping spool to pull a pump as well, but that is a purely mechanical issue.
Design for operation. It requires a critical analysis of your completed process design. It cannot occur before your full process and instrumentation design has been locked down, because any changes you make to the process could be detrimental to your operational perspective. Design isolation into your system: physical, logical, and power isolation. Include local, representative, timely displays of all process variables. Allow a sane amount of operator input, and ensure that your control system is informed of operator-initiated changes through sufficient closed-loop control. And, finally, ensure that your sensors and controls allow for simple and immediate removal and replacement. Design for manufacturing, design for assembly, but please, design for operation too.
