Specification Considerations for Fuel Gas Safety Shutoff Valves

Please click below to download a PDF copy of the white paper. Note that AWC, Inc. shall not be responsible for statements or opinions contained in papers or printed in publications.

Specification Considerations for Fuel Gas Safety Shutoff Valves Download

As a crucial component of combustion safety, fuel safety shutoff valves must be specified correctly and have proven reliability. Industry Standards, Approvals and other considerations unique to these applications can be impactful on engineering specification and vendor/supplier selection. Misinformation relative to the specific requirements associated with the fuel safety shutoff applications can lead to regulatory pitfalls as well as compromised safety.

Note: A “Safety Shutoff Valve” is defined by Factory Mutual as “a normally closed or normally open valve and actuator assembly that automatically returns to normal position in response to a remote safety shutdown signal, loss of actuating medium, or under the influence of heat. Normally open safety shutoff valves are sometimes referred to as vent valves as defined in ASME CSD-1-2012, Controls and Safety Devices for Automatically Fired Boilers.”

Safety Shutoff Valves: Selection Implications and Importance of Approvals

The specification, testing and maintenance of fuel safety shutoff valves (typically abbreviated as SSV’s or SSoV’s) involve particular considerations which are recognized within North American industry standards, such as Factory Mutual (FM) Global Class 7400 (fire safe class 7440), or CSA International Standards Specification Z21.21/CSA 6.5 Automated Valves For Gas Appliances, and CGA3.9-M94 Automated Safety Shut Off Gas Valves. Additionally, National Fire Protection Association standards for combustion safety such as NFPA 85 for Boiler and Combustion Systems, NFPA 86 Standard for Ovens and Furnaces, and NFPA 87 Standard for Fluid Heaters, emphasize the use of listed or “approved” valves – manufacturers who have received formal approval by FM or CSA for specifically constructed assemblies that meet the standards stated above. FM Approved “Heat Activated Safety Shutoff Valves” and “Supervisory Cock Valves”, associated with FM Class 7422, also have application in some combustion systems, the details for which are outside the scope of this document.

Why Approvals and Standards Can Be Consequential

Not all combustion systems are regarded as an OSHA Process Safety Management (PSM) covered process. OSHA has issued interpretations of 29 CFR 1910.119(a)(1)(ii)(A) which is sometimes referred to as the “fuels exemption”. This essentially means that fuels used in combustion systems which are not part of a process containing another highly hazardous chemical are not subject to the OSHA Process Safety Management requirements.

However, many combustion systems, especially in the hydrocarbon processing industry, would involve a “covered” process. While the specific implications are appropriately left to the reader, The U.S. Occupational Safety and Health Administration released a Memorandum in June of 2015 to provide guidance “on the enforcement of the Process Safety Management (PSM) Standard’s recognized and generally accepted good engineering practices (RAGAGEP) requirements, including how to interpret “shall” and “should” language in published codes, standards, published technical reports, recommended practices (RP) or similar documents…” This was updated by OSHA in May of 2016 with the PSM standard also emphasizing that inspections and tests are to be performed on process equipment (equipment in a PSM covered process or associated with hazard prevention), subject to the standard’s mechanical integrity requirements and in accordance with manufacturer recommendations.

OSHA specifically refers to provisions noted in consensus documents as “shall” in regards to RAGAGEP which would be considered for violation by OSHA if a deviation occurs, and OSHA is emphasizing the importance of following industry codes, standards and recommended practice, such as the NFPA documents referenced above for combustion related hazards.

Note: NFPA 85 Section 5.1.3 states: “All safety shutoff valves, safety interlock devices, valve proving systems, and flame detection systems shall be listed or approved. A safety shutoff valve proof of closure switch shall be an original design component of the valve or actuator assembly and shall activate only after the valve is fully closed.”

In addition, a review of publicly available OSHA investigative records reveals several accidents related to combustion systems, which were not PSM covered processes. Should a hazardous incident occur, the follow up investigation and analysis can include an evaluation of whether recognized and applicable engineering practices, codes and/or standards were originally followed in design, testing and maintenance, with accordant liability implications.

What is Special about FM Approved Liquid and Gas Safety Shutoff Valves?

FM Class Number 7400 details what is necessary to achieve approval, which sets performance requirements for liquid and gas safety shutoff valves used in commercial and industrial fuel supply lines to burners and ignitable liquid piping systems. A few of the more notable FM approval facts and requirements are detailed below:

The standard only applies to valves with automatic operation.
Factory Mutual must satisfactorily evaluate the product and manufacturer, including the specific assemblies offered for approval. The process is sufficiently rigorous and not without appreciable cost for the manufacturer. The number of automated valve assembly manufacturers which have qualified for FM approval is limited.
Revisions in approved assembly construction are not allowed without proposed changes being vetted by Factory Mutual. To retain FM approval, field repair must be completed by an FM approved entity.
FM evaluation includes an examination of manufacturer facilities and quality control execution with regular periodic audits required for continued approval status.
FM Approved SSV’s will have certification marks, applied by the manufacturer, as authorized by FM Approvals, along with other required tag information.
Valve position indication must be visible from at least five feet. The failure of an electrically operated valve indicator cannot imply an incorrect position. However, these requirements are waived for solenoid valves up to ¾” NPT in size/connection.
Overtravel of the actuator stem is required if an electrically operated valve indicator (limit switch) is used as an interlock in a combustion safety circuit.
Proof of closure switch must be factory (including FM approved assemblers) set and sealed to prevent field adjustment.
The valve assembly cannot have any hardware that is capable of being blocked open or closed.
Operating temperature range of the assembly must be at least 32F to 140F. This is verified in sample assembly leakage testing at min and max temperatures.
Valves designed such that upstream inlet pressure tends to open the valve or keep it open cannot be FM approved.
The model/type identification of the FM approved assembly must uniquely identify the product as FM approved and exclusive to this approval.
The following applies to sample or type tested valves:
1. Upon loss of holding medium (typically, electricity or air), the SSV must return to normal position within 5 seconds or less under all applicable process conditions for the rated working pressure. This includes multiple tests at various inlet pressures for sample assemblies.
2. Through-Leakage shall not exceed 400 cc/hr of air or nitrogen for gas valves and 11.8 ml/hr of water for liquid valves for 5 minutes and shall be measured with a sample valve subject to multiple pressures. This leakage threshold must be met for all approved valves produced and tested at the rated working pressure of the valve.
3. Approved valves must operate reliably with no significant changes in performance after 20,000 cycles at the rated working pressure.
4. All electrical components shall be capable of withstanding a high potential between input terminals and ground for one minute without arc, current leakage exceeding 5 milliamps or failure at a specified over voltage.
5. A specified fire test is required for sample assemblies of assembly for fire-rated approval. This involves leakage testing after 60 minute fire exposure.
All FM approved assemblies must have a documented seat leakage test, external leakage test and operation test, which includes confirmation of stroke speed. A special apparatus is used for this testing that measures dwell time between initiation of signal and movement and open/close stroke times. FM approved soft seat ball valve assemblies typically achieve “bubble tight” shutoff, which is superior than required in the FM 7400 approval standard. Metal seat/disc valves, have more allowable leakage in the 7400 standard but generally meet ANSI/FCI 70-2 Class VI.

Other Engineering Considerations That Can Impact Fuel Gas Safety Shutdown Valve Specification and Selection

OEM-packaged combustion equipment may be designed to the minimum NFPA requirements unless otherwise requested by the purchaser. On the other hand, many process plants have their own safety instrumented system (SIS) approach, based upon IEC 61508 and IEC 61511 technical standards, and applied to instrument protected functions in combustion applications. While the specific engineering implications are beyond the scope of this document, it is common that functional safety design practices can involve the use of SIL rated instrumentation, safety instrument redundancy, as well a plant-specific safety shutdown valve engineering specifications. This may involve manufacturer or third party certification for the SSV to a given Safety Integrity Level (SIL) or can include analysis of the probability of failure upon demand (PFD) of a given SSV assembly.

API Recommended Practice 556, Instrument, Control, and Protective Systems for Gas Fired Heaters is also used as guidance, especially in hydrocarbon processing plants. RP 556 is sometimes regarded as not being as prescriptive as NFPA, in general, but RP 556 includes more helpful details particular to protective systems common to combustion systems utilized in petroleum production and downstream processing. Although a requirement for the use of listed or approved safety shutoff valves is not included in RP 556, the specifics on SSV’s are notable.

A partial excerpt from API RP 556 regarding Safety Shutoff Valves (SSV’s) is shown below with some key portions noted in bold:

SSV’s are used to isolate fuel sources (fuel gas, pilot gas or waste heat gas) to a heater after initiation of any of the protective functions, including manual shutdown.
SSV’s shall be fail-safe (spring return fail closed) and should remain closed until safe conditions are present (i.e. manual reset)
SSV’s should not have hand wheels
Solenoid operated valves shall not allow forcing or reset to the normal position when de-energized
SSV’s should provide tight shutoff, per ANSI/FCI 70-2 Class V or VI or bubble tight per API 598. The criteria for resolving unacceptable seat leakage rates (e.g. valve proving systems) and valve maintenance intervals should be determined by the owner/operator.
SSV’s should not be used in lieu of manual isolation valve(s) and/or blind for extended shutdown.
SSV’s shall either be fire safe per API 607 or API 6FA or be located in a fire safe area.
Unless otherwise noted in the Safety Requirements Specifications, safety shutoff valves shall have a maximum travel time as noted below:
- Up to 4 inch, 3 seconds
- 6 inch to 8 inch, <4 seconds
- 8 inch to 12 inch, < 5 seconds
Since safe state must be achieved within the available process safety time of 5 seconds to 10 seconds (per RP556 3.4.4.1.2), the Safety Requirement Specifications may prescribe time to safe state not to exceed 5 seconds. This may require larger actuator connections (≥ 1/2 in. NPT) and quick exhaust valves (≥ 1/2 in. orifice) to expedite valve closure time.
It is recommended that two valves in series be used to isolate fuel gas. This can take the form of double block safety valves (on/off) or a safety shutoff valve used in conjunction with a tight shutoff control valve.
A double block valve (on/off) arrangement, for one-out-of-two (1oo2) voting, allows for higher performance (SIL) ratings and requires less proof testing than a single block valve.
In many fired heater applications, the use of a bleed valve between two automated block valves has been discontinued due to environmental and safety implications of releasing fuel gas to the atmosphere. In the absence of a bleed valve, there may be increased concern for seat leakage of fuel gas into the heater. Since the automated block valves should maintain tight shutoff requirements, the purge cycle and sniffing a cold firebox with a portable combustibles analyzer prior to light off minimizes the process hazard. If the owner/operator elects to implement a valve proving system to verify seat integrity, it is recommended that the automated block valves be proven at the scheduled outage instead of waiting until the startup sequence. This facilitates valve testing and repair in a more practical and timely manner. The basis for seat leakage flow rates at the testing pressure, the corresponding pressure setpoints, and the delay timers that define pass/fail criteria should be documented during the project design phase.
Safety shutoff valves should be provided with proof of closure indication for shutdown verification and startup sequencing.
A proof of closure valve diagnostic alarm is recommended if a safety shutoff valve fails to close within the prescribed time requirements (e.g. 5 seconds to 10 seconds or twice the valve stroke time).
The shutoff valve actuators should be sized with a safety factor of 25 % to 40 % more power in addition to typical considerations of the minimum instrument air pressure, operating conditions, and breakaway force or torque required to move the valve.

Note: API 598 leakage specification differs from that required in FM 7400 in that the allowable leakage is greater for the FM approved valves but the test duration is much longer.

Comparison of FM Approved SSVs and Other Approaches

While the FM 7400 approval standard requires rigorous testing of sample assemblies at various working pressures, a detailed actuator sizing analysis is not mandated. Consider the automated on-off actuator sizing detail as required in AWC Engineering Specifications and Quality procedures, an example excerpt of which is shown here.

First, there are six required torque values shown for the valve and actuator at the process conditions. For the spring return to close automated valve, these are as follows:

BTO	Valve Start to Open Torque	AST	Air Start Torque
RTO	Valve Run to Open Torque	ART	Air Run Torque
ETO	Valve End to Open Torque	AET	Air Ending Torque
BTC	Valve Start to Close Torque	SST	Spring Start Torque
RTC	Valve Run to Close Torque	SRT	Spring Run Torque
ETC	Valve End of Close Torque	SET	Spring Ending Torque

Note that the actuator torque data that corresponds to each of the six required torque values is compared so as to determine whether the required safety factor (Available Actuator Torque/Required Torque) is achieved. Then the generated actuator torque is compared to the Maximum Allowable Shaft Torque (MAST) value to ensure this value is not exceeded. Some customer engineering specifications mandate such an analysis for all automated on-off valves, and especially those in emergency shutdown or safety shutoff applications.

In addition, local engineering specifications may list the use of a certain type of solenoid, switch, actuator, etc. that has not previously been submitted to FM Global for approval. Given the expense and time required to obtain approval from Factory Mutual for such variances, choosing to purchase an assembly already approved can be compelling.

It is important to note that failure of an upstream pressure regulator can cause abnormally high fuel pressures at the Safety Shutoff Valves. While it is not typical for such pressures to exceed the ANSI limitations of the valve body, there have been cases where SSV’s have failed to actuate due to the higher than expected line pressure. For this reason, pressure relief (usually a pressure relieving regulator) is included in a branch line just downstream of the fuel gas regulator on the main fuel train. This relief regulator usually has tight shutoff and would only relieve in the case of a fuel train regulator failure. However, this option is sometimes not permitted by customers, especially if refinery fuel gas is used, due to the prohibition on allowing fuel gas to vent to atmosphere. In such cases, ensuring adequate actuator torque, even at an abnormal fuel gas pressure, is a preferable design choice. In general, pneumatically actuated valves are less likely to have pressure drop related actuation limitations when compared to electric motor/spring actuated safety shutoff valves.

Given All Of The Above, Where Do We Start?

The engineer selecting or specifying fuel gas safety shutoff valves will typically want to first determine what requirements the Authority Having Jurisdiction (AHJ) mandates for combustion safety. The AHJ may be a regulatory agency or position, such as a local fire marshal or state boiler inspector, but could be a company’s loss prevention inspector, insurance carrier or even a corporate engineering function. When the authority is FM Global, the installations must be “FM Global Accepted” and the use of products with FM approval may be one component of such acceptance.

The AHJ will ultimately determine whether automatic safety shutoff valves must be FM or CSA approved or specified/selected based upon another standard.

To reduce the potential of common mode failure for low fuel gas header pressure to both pilots and burners, it is recommended to separately source the pilots upstream of the fuel gas controller and safety shutoff valves to the main burners.

In addition to automatic safety shutoff valves, NFPA 86 is now requiring the installation of a manual equipment isolation valve for the fuel header which should be located in a safe area away from a potential fire hazard and is subject to regular periodic exercising and testing requirements.

Steam boilers, even those installed within process plants, may be subject to state inspection while other fired equipment, even with greater hazard potential, may not. In most cases in the United States, a combustion safety system is, at a minimum, designed to National Fire Protection Association standards but there are notable exceptions in actual practice. Even NFPA allows for flexibility in some areas regarding retroactivity of newer revisions of the aforementioned codes.

Other Considerations of Note

The aforementioned standards and recommended practices will provide design instruction on the number and placement of SSV’s in pilot and main gas lines. This is especially important to note for with installations with multiple burners each with individual fuel gas supply piping.

Maintenance and Reliability

Regular (typically annual) through-leakage testing is typically required by the loss prevention entity or insurance carrier, or based upon plant safety standards. This is why fuel train piping is typically designed with leak test connections. Some FM Approved SSV’s, such as Maxon, are manufactured with leak test ports on the valve body itself. AWC can provide a leak testing procedure in accordance with manufacturer recommendations and standards such as ASME/ANSI 21.21. Such testing is usually accompanied by verification of the high and low gas pressure switches (or transmitters) and other routine procedures.

Pipe scale and corrosive condensates can lead to SSV failure. It is therefore not uncommon for some refineries to specify SSV’s with all stainless steel construction. In some cases, a routine cleaning of SSV’s can return the valves to within the allowable leakage threshold. Records should be maintained for these periodic tests.

In addition, automated leak testing using a start-up sequence and specifically placed pressure transmitters in the fuel train can be utilized to ensure testing occurs during every burner startup. Typical arrangements for automated testing can be provided by AWC.

Additional Contributions

Brett Cook – AWC, Inc.

Jeff Peshoff is the Flow Control Center of Competency Manager for AWC, Inc. in the Ruston, LA office. With over 25 years of experience, he has a BS in Mechanical Engineering and an MBA from Louisiana Tech University.