ISA TR18 2 7-2017 Alarm Management When Utilizing Packaged Systems.pdf

1、 NOTICE OF COPYRIGHT This is a copyright document and may not be copied or distributed in any form or manner without the permission of ISA. This copy of the document was made for the sole use of the person to whom ISA provided it and is subject to the restrictions stated in ISAs license to that pers

2、on. It may not be provided to any other person in print, electronic, or any other form. Violations of ISAs copyright will be prosecuted to the fullest extent of the law and may result in substantial civil and criminal penalties. TECHNICAL REPORT ISA-TR18.2.7-2017 Alarm Management When Utilizing Pack

3、aged Systems Approved 17 February 2017 ISA-TR18.2.7-2017, Alarm Management When Utilizing Packaged Systems ISBN: 978-1-945541-37-7 Copyright 2017 by the International Society of Automation. All rights reserved. Printed in the United States of America. No part of this publication may be reproduced, s

4、tored in a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), without the prior written permission of the publisher. ISA 67 Alexander Drive P.O. Box 12277 Research Triangle Park, North Carolina 27709 E-mail: standardsisa.org

5、3 ISA-TR18.2.7-2017 Preface This preface, as well as all footnotes and annexes, is included for information purposes only and is not part of ISA-TR18.2.7-2017. This technical report has been prepared as part of the service of ISA, the International Society of Automation, toward a goal of helping in

6、the understanding and use of the ANSI/ISA-18.02-2016 Management of Alarm Systems for the Process Industries. To be of real value, this document should not be static but should be subject to periodic review. Toward this end, the Society welcomes all comments and criticisms and asks that they be addre

7、ssed to the Secretary, Standards and Practices Board; ISA, 67 Alexander Drive; P.O. Box 12277; Research Triangle Park, NC 277099, USA; Telephone (919) 549-8411; Fax (919) 549-8288; E-mail: standardsisa.org. This ISA Standards and Practices Department is aware of the growing need for attention to the

8、 metric system of units in general, and the International System of Units (SI) in particular, in the preparation of instrumentation standards, recommended practices, and technical reports. The Department is further aware of the benefits of users of ISA standards of incorporating suitable references

9、to the SI (and the metric system) in their business and professional dealings with other countries. Toward this end, the Department will endeavor to introduce SI and acceptable metric units in all new and revised standards to the greatest extent possible. The Metric Practice Guide, which has been pu

10、blished by the Institute of Electrical and Electronics Engineers ( IEEE) as ANSI/IEEE Std. 268-1992, and future revisions, will be the reference guide for definitions, symbols, abbreviations, and conversion factors. It is the policy of ISA to encourage and welcome the participation of all concerned

11、individuals and interests in the development of ISA standards. Participation in the ISA standards-making process by an individual in no way constitutes endorsement by the employer of that individual, of ISA, or of any of the standards, recommended practices, and technical reports that ISA develops.

12、This technical report is structured to follow the ISA Style Guide. CAUTION ISA ADHERES TO THE POLICY OF THE AMERICAN NATIONAL STANDARDS INSTITUTE WITH REGARD TO PATENTS. IF ISA IS INFORMED OF AN EXISTING PATENT THAT IS REQUIRED FOR USE OF THE DOCUMENT, IT WILL REQUIRE THE OWNER OF THE PATENT TO EITH

13、ER GRANT A ROYALTY-FREE LICENSE FOR USE OF THE PATENT BY USERS COMPLYING WITH THE DOCUMENT OR A LICENSE ON REASONABLE TERMS AND CONDITIONS THAT ARE FREE FROM UNFAIR DISCRIMINATION. EVEN IF ISA IS UNAWARE OF ANY PATENT COVERING THIS DOCUMENT, THE USER IS CAUTIONED THAT IMPLEMENTATION OF THE DOCUMENT

14、MAY REQUIRE USE OF TECHNIQUES, PROCESSES, OR MATERIALS COVERED BY PATENT RIGHTS. ISA TAKES NO POSITION ON THE EXISTENCE OR VALIDITY OF ANY PATENT RIGHTS THAT MAY BE INVOLVED IN IMPLEMENTING THE DOCUMENT. ISA IS NOT RESPONSIBLE FOR IDENTIFYING ALL PATENTS THAT MAY REQUIRE A LICENSE BEFORE IMPLEMENTAT

15、ION OF THE DOCUMENT OR FOR INVESTIGATING THE VALIDITY OR SCOPE OF ANY PATENTS BROUGHT TO ITS ATTENTION. THE USER SHOULD CAREFULLY INVESTIGATE RELEVANT PATENTS BEFORE USING THE DOCUMENT FOR THE USERS INTENDED APPLICATION. HOWEVER, ISA ASKS THAT ANYONE REVIEWING THIS DOCUMENT WHO IS AWARE OF ANY PATEN

16、TS THAT MAY IMPACT IMPLEMENTATION OF THE DOCUMENT NOTIFY THE ISA STANDARDS AND PRACTICES DEPARTMENT OF THE PATENT AND ITS OWNER. ADDITIONALLY, THE USE OF THIS DOCUMENT MAY INVOLVE HAZARDOUS MATERIALS, OPERATIONS OR EQUIPMENT. THE DOCUMENT CANNOT ANTICIPATE ALL POSSIBLE APPLICATIONS OR ADDRESS ALL PO

17、SSIBLE SAFETY ISSUES ASSOCIATED WITH USE IN ISA-TR18.2.7-2017 4 HAZARDOUS CONDITIONS. THE USER OF THIS DOCUMENT MUST EXERCISE SOUND PROFESSIONAL JUDGMENT CONCERNING ITS USE AND APPLICABILITY UNDER THE USERS PARTICULAR CIRCUMSTANCES. THE USER MUST ALSO CONSIDER THE APPLICABILITY OF ANY GOVERNMENTAL R

18、EGULATORY LIMITATIONS AND ESTABLISHED SAFETY AND HEALTH PRACTICES BEFORE IMPLEMENTING THIS DOCUMENT. THE USER OF THIS DOCUMENT SHOULD BE AWARE THAT THIS DOCUMENT MAY BE IMPACTED BY ELECTRONIC SECURITY ISSUES. THE COMMITTEE HAS NOT YET ADDRESSED THE POTENTIAL ISSUES IN THIS VERSION. ISA (www.isa.org)

19、 is a nonprofit professional association that sets the standard for those who apply engineering and technology to improve the management, safety, and cybersecurity of modern automation and control systems used across industry and critical infrastructure. Founded in 1945, ISA develops widely used glo

20、bal standards; certifies industry professionals; provides education and training; publishes books and technical articles; hosts conferences and exhibits; and provides networking and career development programs for its 40,000 members and 400,000 customers around the world. ISA owns A, a leading onlin

21、e publisher of automation-related content, and is the founding sponsor of The Automation Federation (www.automationfederation.org), an association of non-profit organizations serving as “The Voice of Automation.“ Through a wholly owned subsidiary, ISA bridges the gap between standards and their impl

22、ementation with the ISA Security Compliance Institute (www.isasecure.org) and the ISA Wireless Compliance Institute (www.isa100wci.org). The following people served as members of ISA Committee ISA18 WG7 and contributed to this technical report: NAME AFFILIATION J. Alford (Co-Chair) Consultant G. Nas

23、by (Co-Chair) City of Guelph Water Services J. Bogdan J. Bogdan Consulting LLC M. Carter Hargrove Controls + Automation L. Dubois Manage4U W. Hawkins HLQ Ltd. B. Hollifield PAS S. Kandasamy Chevron Energy Technology Company M. Jones Honeywell D. Logerot ProSys L. Myers Consultant A. Perez Verde-Ramo

24、 Sparq Systems D. Reed Rockwell Automation N. Sands DuPont D. Visnich Burns and McDonnell R. Weibel TIPS The following people served as voting members of ISA18 and contributed to this technical report: NAME COMPANY D. Dunn, ISA18 Co-Chair Phillips 66 N. Sands, ISA18 Co-Chair DuPont B. Fitzpatrick, I

25、SA18 Managing Director Wood Group Mustang J. Alford Consultant S. Apple Schneider Electric 5 ISA-TR18.2.7-2017 J. Bogdan J Bogdan Consulting LLC K. Brown Enbridge Inc. M. Brown Matrikon Inc. A. Bryant Oxy Inc. M. Carter Hargrove Controls + Automation L. Dubois Manage4U B. Hollifield PAS S. Kandasamy

26、 Chevron Energy Technology Company D. Logerot ProSys Inc. C. Lunty Suncor M. Marvan Shell Canada D. Metzger DPM Consulting L. Myers Consultant G. Nasby City of Guelph Water Services G. Plowman Rockwell Automation D. Rothenberg D Roth Inc. T. Stauffer Exida Co. D. Strobhar Beville Engineering B. Vail

27、 URS PS / AECOM D. Visnich Burns the system designer should select the best PS interface option to use for the particular application. 1.3 Packaged system design Within the context of this report, PSs are only considered as sources of possible alarms or of process data for the BPCS to create the ala

28、rm. This report does not contain guidance on how to design PSs or how PSs should operate. 1.4 Safety instrumented systems Safety Instrumented Systems (SIS) are considered to be a special case of PSs. While governance of SIS is described by ISA-84, some SISs have the same common attributes as a PS an

29、d, in such cases, the guidance in this technical report may apply. SIS design is out of the scope of this document. 2. Normative references NOTE In some cases, reference to ISA standards may have historically used “S” instead of “ISA,” e.g., S88. ISA-18.2: ANSI/ISA-18.2-2016, Management of Alarm Sys

30、tems for the Process Industries, also known as ISA-18.2 ISA-84:ISA-84.00.01-2004 (Parts 1-3), Safety Instrumented Systems for the Process Industry Sector ISA-88: ANSI/ISA-88.00.01-2010, Batch Control Part 1: Models and Terminology ISA-101: ANSI/ISA-101.01-2015, Human Machine Interfaces for Process A

31、utomation Systems ISA-TR18.2.7-2017 14 3. Definition of terms and acronyms Definitions which are copied from ISA-18.2 are shown in Section 3.1. Those that come from other sources (i.e., other ISA standards or TRs) or newly created with this technical report are shown in Section 3.2. Definitions from

32、 other sources are shown with the source in square brackets. Synonymous terms, which are not used in this technical report, but which might be used by readers, are listed in parentheses. Likewise, acronyms and abbreviations which are copied from ISA-18.2 are shown in Section 3.3. Acronyms and abbrev

33、iations from other sources are shown in Section 3.4 with references in square brackets. New acronyms and abbreviations are shown in Section 3.4. NOTE 1 Some alarm terms that are frequently used in industry are not defined or used in ISA-18.2 or this document because they have multiple meanings and i

34、nterpretations by different BPCS vendors. Examples include alarm enable, alarm disable, and alarm inhibit. 3.1 Definitions from ISA-18.2 3.1.1. active an alarm in a state in which the alarm condition is true NOTE 1 Functions such as deadband, on or off delays and latching can allow the alarm to be a

35、ctive when the alarm condition is false or the alarm is not to be active when the alarm condition is true. NOTE 2: This is the definition from the 2016 version of ISA-18.2. In the 2009 version of ISA-18.2, the term “activate” used to mean “process of enabling an alarm function within the alarm syste

36、m”. In this report, the 2016 definition is used. 3.1.2 advanced alarming collection of techniques that can help manage annunciations during specific situations. EXAMPLE: state-based alarming 3.1.3 alarm audible and/or visible means of indicating to the operator an equipment malfunction, process devi

37、ation, or abnormal condition requiring a response 3.1.4 alarm attribute Setting for an alarm within the process control system EXAMPLE: alarm priority 3.1.5 alarm class group of alarms with common alarm management requirements (e.g., testing, training, monitoring, and audit requirements). EXAMPLE: s

38、afety related alarm class 3.1.6 alarm flood condition during which the alarm rate is greater than the operator can effectively manage (e.g., more than 10 alarms per 10 minutes) 3.1.7. alarm historian long term repository for alarm records 3.1.8 alarm log short term repository for alarm records 15 IS

39、A-TR18.2.7-2017 3.1.9 alarm management (alarm system management) collection of processes and practices for determining, documenting, designing, operating, monitoring, and maintaining alarm systems 3.1.10 alarm message text string displayed with the alarm indication that provides additional informati

40、on to the o perator (e.g., operator action) 3.1.11 alarm philosophy document that establishes the basic definitions, principles, and processes to design, implement, and maintain an alarm system 3.1.12 alarm priority relative importance assigned to an alarm within the alarm system to indicate the urg

41、ency of response (e.g., seriousness of consequences and allowable response time) 3.1.13 alarm setpoint (alarm limit, alarm trip point) threshold value of a process variable or discrete state that is used to determine if the alarm is active 3.1.14 alarm system requirements specification document whic

42、h describes the functionality of the alarm system 3.1.15 alarm type alarm attribute which gives a distinction of the alarm condition EXAMPLE: low process variable alarm, high process variable alarm or discrepancy alarm 3.1.16 alert audible and/or visible means of indicating to the operator an equipm

43、ent or process condition that requires awareness, and which does not meet the criteria for an alarm 3.1.17 chattering alarm alarm that repeatedly transitions between active state and not active state in a short period of time 3.1.18 classification process of separating alarms into classes based on c

44、ommon requirements (e.g., testing, training, monitoring, and auditing requirements) 3.1.19 dynamic alarming automatic modification of alarms based on process state or conditions 3.1.20 highly managed alarm alarm belonging to a class with additional requirements (e.g., regulatory requirements) above

45、general alarms 3.1.21 implementation transition stage between design and operation during which the alarm is put into service. NOTE1 to entry Implementation includes activities such as commissioning and training. ISA-TR18.2.7-2017 16 3.1.22 master alarm database authorized list of rationalized alarm

46、s and associated attributes NOTE1 The list can be in many forms and not only in the form of a database. 3.1.23 nuisance alarm alarm that annunciates excessively, unnecessarily, or does not return to normal after the correct response is taken EXAMPLE: chattering, fleeting, or stale alarm 3.1.24 opera

47、tor (controller) person who monitors and makes changes to the process 3.1.25 out-of-service state of an alarm during which the alarm indication is suppressed, typically manually, for reasons such as maintenance 3.1.26 prioritization process of assigning a level of operational importance to an alarm

48、3.1.27 rationalization process to review potential alarms using the principles of the alarm philosophy, to select alarms for design, and to document the rationale for each alarm 3.1.28 remote alarm alarm from a remotely operated facility or directed to a remote interface 3.1.29 re-alarming alarm (re

49、-triggering alarm) alarm that is automatically re-annunciated to the operator under certain conditions 3.1.30 safety instrumented system (SIS) instrumented system used to implement one or more safety instrumented functions. A SIS is composed of any combination of sensor(s), logic solver(s) and final element(s) 3.1.31 shelve temporarily suppress an alarm, initiated by the operator, with engineering controls (e.g., time -limited) that unsuppress the alarm 3.1.32 silence operator action that terminates the audible alarm indication 3.1.33 state-