4 reasons why overspeed protection systems should not be overly complex

Overspeed protection systems have one of the most important functions regarding safety measures for rotating machinery. As such, these systems require advanced safety functions to detect overspeed and excessive acceleration situations, and act accordingly to prevent damage and downtime. However, advanced should not be mistaken for complex, as complexity does not necessarily mean that the system is “better”. The more functions an overspeed protection system has, the more complex it becomes, yet not necessarily more advanced. This article discusses 4 reasons why we believe overspeed protection systems should not be overly complex.

1. Core of overspeed protection

Leading machine standards such as the API 670 and the IEC 61508 have one main requirement for rotating machinery: to be equipped with a state-of-the-art overspeed protection system. The core of overspeed protection is to detect overspeed and excessive acceleration situations and initiate a trip relay when required. Any other functions are classified as add-ons and are not a requirement to adhere to machine safety guidelines.

2. Costs

Complex systems with more functions are more expensive. First of all because of the costs of secondary functions, such as monitoring functions, that do not directly contribute to the core function: overspeed protection. More functions require more hardware, which increases the costs of the system itself as well as the installation costs (i.e. wiring, instrumentation cabinets, etc.). Hardware requires periodic maintenance; the more hardware the more maintenance-intensive the system becomes.

These systems are often overkill for smaller and/or less critical rotating equipment that requires simple overspeed protection. This leaves operators with the choice to either implement a system that is hardly financially justifiable for its application, or to leave the machine unprotected.

3. Complexity and expertise

With complexity comes a more demanding requirement for extensive know-how regarding the operation and maintenance of the overspeed protection system. The systems are usually only checked during turnarounds, making their reliability of utmost importance.  As overspeed protection systems do not require daily attention, it is generally not a dedicated expertise but part of a larger job description. As such, it is important that these systems are as straightforward as possible, and not dependent of a diminishing expertise. The more complex the system, the bigger the chance of human errors. This is especially the case with overspeed protection systems, as nobody really gets the opportunity to gain experience due to the long maintenance intervals.

4. Verification and testing

The more complex a safety system, the more demanding its testing and verification requirements are. To test and verify a safety system the process is interrupted; a long proof test interval negates the need to interrupt the process regularly. A system that is focussed on solely the core of overspeed protection can reach test intervals of above 10 years, to a point where it does not have to be tested before reaching end-of-life. It is important to note that the more functions an overspeed protection system has, the smaller the test interval becomes, and the more the process is interrupted. It is therefore important to have a suitable system for your specific application, rather than implementing a system that is “overkill” for the application.

SpeedSys

Our philosophy is met by SpeedSys; a SIL-rated overspeed detection system for rotating machinery. It delivers the core layer of protection with a compact architecture. Its small technical footprint and low-impact installation enables advanced protection to a wide range of applications. SpeedSys is available in two versions. SpeedSys 200; for less demanding SIL 2 applications and SpeedSys 300 for demanding and critical SIL 3 applications.