March 21, 2019
Boilers have been used to generate power for over two hundred years. While their basic function has remained remarkably static, recent developments in electronic hardware and computer controls have enabled automated systems to take on many of the functions formerly performed by boiler operators as well as add new features such as data analytics and real-time monitoring. Utilizing a variety of sensors, many modern control systems track more information about the operating state of the boiler than any individual operator can.
Coupled with this increased monitoring ability is greater control over the boiler's operation by continuously manipulating valves, motor speeds, etc. This increased authority is recognized by the American Society of Mechanical Engineers' Controls and Safety Devices for Automatically Fired Boilers (ASME CSD-1) and the National Fire Protection Association's Boiler and Combustion Systems Hazards Code (NFPA 85). For example, NFPA 85 addresses logic systems used for boiler controls. While automatic controls are designed to optimize boiler safety by adhering to these requirements during operation, increased automation increases system complexity. This complexity opens the door for more potential failures.
When burning coal at a rate of over 20 tons per minute, failures can happen quickly.
Plant operators, owners, and managers can minimize the risk of boiler failure by conducting proactive hazard analyses to evaluate the safety and performance of the boiler system as a whole. In fact, NFPA 85 requires such analysis for certain aspects of the control system. On first pass, this may appear straightforward; however, with increased automation and complexity, this task can become nuanced and require special expertise. In particular, the logical interplay between various subsystems complicates the analysis.
In addition to ensuring the appropriate safety analyses are performed, it is important for plant managers to adopt a philosophy of boiler control that realizes the benefits of automation without over-restricting the ability of skilled operators to control the boiler. Decades ago, boiler operators had to go into the field to manually change the air-to-fuel ratio. Today, this adjustment and many others can be performed by simply clicking a mouse and typing a number. Additionally, the number of adjustments available to the operator has increased dramatically. While advances in automation can improve efficiency and ease of operation, they can also foster vulnerability if an operator does not fully understand how the numbers on the computer screen relate to the actual physics of what is happening inside the boiler. If a failure occurs in the control system, and the operator lacks the hands-on experience needed to respond quickly and effectively, a hazardous situation can be created.
When burning coal at a rate of over 20 tons per minute, failures can happen quickly. While automatic controls can swiftly respond to unsafe upsets and operational variances, they can only do so if the control system in its entirety is functioning correctly. If a control system has not been properly tested to measure certain quantities; if the logic inside the control system has not been properly designed and implemented; or if there are unforeseen issues with the sensors and actuators, the system may fail to properly sense and respond to the physical state of the boiler. Each of these scenarios can result in an inability to appropriately control the water flow and combustion ratio (e.g., too much gas and not enough air) or initiate shutdowns. Such loss of control can lead to catastrophic failure, one of the very scenarios the control system was designed to prevent.
Proactive hazard analyses can help plant managers establish trust in their control systems. For example, our team at Exponent recently partnered with a client whose overreliance on an automated control system contributed to a boiler explosion. Upon investigation, we discovered that the airflow switch, a safeguard intended to regulate the minimum amount of air sent to the boiler, had been bypassed for over a decade. When the plant's forced-air fan and damper system finally failed, the boiler did not shut down as required, and neither the control system nor the operator knew what was happening. In this instance, the operator trusted the control system even though it had not been verified in over a decade.
This example illustrates the importance of embracing a "trust but verify" approach to functional testing of a control system. Plant managers can trust that the engineering of a control system is correct, but they should also verify that the system operates as expected when installed in the field through review and testing.
After our team determined the root cause of the boiler explosion, the client asked us to proactively assess the control systems, operation, installation, and maintenance of the large fossil fuel boilers and other burner-based equipment at each of their plants. Our task was to compare the systems and operation to the guidelines and requirements of various standards, such as those produced by NFPA, ASME, the American Boiler Manufactures Association, the International Society of Automation, the Electrical Power Research Institute, various European Standards, and FM Global. This helped our client establish the necessary trust in their operation and control systems for their U.S. and international facilities.
How Exponent Can Help
Our team has developed a deep knowledge of boiler and burner failures through over a decade of performing upwards of 30 investigations and reviews per year. Our engineers have reviewed the control logic, wiring, maintenance, operation, and operation philosophy of hundreds of burners and the associated control systems. We have performed incident investigation and evaluated new designs, retrofits, and existing equipment, including everything from engineering analysis of current and future designs to boots-on-the-ground commissioning, startup and review of equipment, and factory and site acceptance testing. Exponent's multidisciplinary engineering team has a rich skillset and can help plant managers identify the root cause of boiler failures and conduct proactive hazard analyses to ensure full system operation.
Authors
