ISA TR84 00 03-2012 Mechanical Integrity of Safety Instrumented Systems (SIS).pdf

1、 TECHNICAL REPORT ISA-TR84.00.03-2012 Mechanical Integrity of Safety Instrumented Systems (SIS) Approved 28 August 2012 ISA-TR84.00.03-2012 Mechanical Integrity of Safety Instrumented Systems (SIS) ISBN: 978-1-937560-57-7 Copyright 2012 by ISA. All rights reserved. Not for resale. Printed in the Uni

2、ted States of America. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means (electronic mechanical, photocopying, recording, or otherwise), without the prior written permission of the Publisher. ISA 67 Alexander Drive P.O. Box 12277

3、Research Triangle Park, North Carolina 27709 - 3 - ISA-TR84.00.03-2012 Preface This preface, as well as all footnotes and annexes, is included for information purposes and is not part of ISA-TR84.00.03-2012. This document has been prepared as part of the service of ISA towards a goal of uniformity i

4、n the field of instrumentation. To be of real value, this document should not be static but should be subject to periodic review. Toward this end, the Society welcomes all comments and criticisms and asks that they be addressed to the Secretary, Standards and Practices Board; ISA; 67 Alexander Drive

5、; P. O. Box 12277; Research Triangle Park, NC 27709; Telephone (919) 549 -8411; Fax (919) 549-8288; E-mail: standardsisa.org. The ISA Standards and Practices Department is aware of the growing need for attention to the metric system of units in general, and the International System of Units (SI) in

6、particular, in the preparation of instrumentation standards. The Department is further aware of the benefits to USA users of ISA standards of incorporating suitable references to the SI (and the metric system) in their business and professional dealings with other countries. Toward this end , this D

7、epartment will endeavor to introduce SI-acceptable metric units in all new and revised standards, recommended practices, and technical reports to the greatest extent possible. Standard for Use of the International System of Units (SI): The Modern Metric System, published by the American Society for

8、Testing b) understanding the impact of diagnostics and mechanical integrity (MI) activities on the SIL and reliability; c) identifying sources of common cause, common mode and systematic failures; and d) using quantitative methodologies to verify the SIL and spurious trip rate. The approaches outlin

9、ed in this document are performance-based; consequently, the reader is cautioned to understand that the examples provided do not represent prescriptive architectural configurations or MI requirements for any given SIL. Once an SIS is designed and installed, the ability to maintain the specified SIL

10、requires the implementation of a structured MI program as described in ISA-TR84.00.03. ISA-TR84.00.03Mechanical Integrity of Safety Instrumented Systems (SIS)Lifecycle phases 5 and 6 involve the installation and testing of the SIS, the validation that the SIS meets the safety requirements specificat

11、ion, and the assurance that functional safety is maintained during long term operation and maintenance. An important aspect of achieving and maintaining the SIS integrity and its specified SIL is the implementation of an MI program that provides quality assurance of the installed SIS performance. Th

12、is technical report is an informative document providing guidance on establishing an effective MI program that demonstrates through traceable and auditable documentation that the SIS and its equipment are maintained in the “as good as new” condition. The technical report addresses the identification

13、 of personnel roles and responsibilities when establishing an MI plan, important considerations in establishing an effective MI program, and detailed examples to illustrate user work processes used to support various activities of the MI program. Data and information collected as part of the MI prog

14、ram can be used to validate the SIL Verification calculations as discussed in ISA-TR84.00.02 and the selection and continued use of devices as discussed in ISA-TR84.00.04 Annex L. ISA-TR84.00.04Guidelines for the Implementation of ANSI/ISA-84.00.01Lifecycle phases 2, 4, 9 and 10 address the manageme

15、nt of functional safety, allocation of safety functions to protection layers, SIS design and engineering, and SIS verification. This technical report is divided into two parts. Part 1 provides an overview of the SIS lifecycle with references to annexes containing more detailed guidance on various su

16、bjects. Part 2 provides an end-user example of “how to“ implement ANSI/ISA-84.00.01. This report covers many aspects of the safety lifecycle including such topics as: “grandfathering“ existing SISs (Clause 3 and Annex A); operator initiated functions (Annex B), separation of the Basic Process Contro

17、l System (BPCS) and SIS (Annex F), field device and logic solver selection (Annex L), manual shutdown ISA-TR84.00.03-2012 - 10 - considerations (Annex P), and design/installation considerations (e.g., wiring, power, relationship to BPCS, common mode impacts, fault tolerance, etc. Annex N). ISA-TR84.

18、00.02 expands Annex G, which only provides a brief introduction to the topic of failure calculations. ISA-TR84.00.04 does not address the MI program, which is discussed in ISA-TR84.00.03. Figure 1 SIS safety lifecycle phases (modified ANSI/ISA-84.00.01-1 Figure 8) - 11 - ISA-TR84.00.03-2012 Table 1

19、SIS safety lifecycle overview (modified ANSI/ISA-84.00.01-1 Table 2) Safety lifecycle phase or activity Objectives ANSI/ISA-84.00.01 requirements clause ISA-84 Technical Report reference Figure 1 box number Title 1 Hazard and risk analysis To determine the hazards and hazardous events of the process

20、 and associated equipment, the sequence of events leading to the hazardous event, the process risks associated with the hazardous event the requirements for risk reduction and the safety functions required to achieve the necessary risk reduction. 8 None 2 Allocation of safety functions to protection

21、 layers Allocation of safety functions to protection layers and for each safety instrumented function, the associated safety integrity level. 9 ISA-TR84.00.04 Annexes B, F, and J 3 SIS safety requirements specification To specify the requirements for each SIS, in terms of the required safety instrum

22、ented functions and their associated safety integrity, in order to achieve the required functional safety. 10 No specific guidance on documenting the SRS. An example is shown in ISA-TR84.00.04 Part 2. All three technical reports (ISA-TR84.00.02, 03, and 04) provide fundamental considerations for SRS

23、 development 4 SIS design and engineering To design the SIS to meet the requirements for safety instrumented functions and safety integrity. 11 it focuses on how to plan and implement a comprehensive MI program rather than including specific test procedures as in the previous edition. This technical

24、 report does not provide complete details on how to safely or fully execute all MI activities in an operating facility. Individuals who are assigned responsibility for MI activities must determine what is necessary to maintain the safety integrity of a specific SIS. The MI program involves many acti

25、vities that occur throughout the SIS lifecycle, but it predominantly focuses on the timely detection and correction of incipient/degraded conditions and complete failures to ensure that the SIS operates as specified when required. Rigorous inspection and complete proof testing is required for all SI

26、S equipment whether existing or new. While the frequency of these activities may vary due to the required SIL, the purpose and goal of inspection and proof testing are not affected by the SIL. Inspection and proof testing is required to: meet regulatory requirements meet ANSI/ISA-84.00.01 requiremen

27、ts meet equipment manufacturer requirements (e.g., safety manual) demonstrate through witnessed test and preventive maintenance records that the equipment is being maintained in the “as good as new” condition detect and correct unrevealed failures verify that the MI program and test interval are suf

28、ficient to ensure functional and integrity requirements are met for the equipment life monitor equipment for degradation mechanisms (incipient and degraded) which may compromise future performance identify when equipment has reached wear-out and requires replacement provide data and information to f

29、acilitate the evaluation of MI program success and to support continuous improvement The technical report addresses: the identification of personnel roles and responsibilities when developing an MI plan, important considerations in establishing an effective MI program, and detailed guidance and exam

30、ples to support user-specific work processes as part of an overall MI program. ISA-TR84.00.03-2012 - 14 - 2 Audience The successful design and management of SIS is dependent on many departments within an operating facility. Likewise, an effective MI program is a fundamental element of the SIS lifecy

31、cle with many departments having responsibility. Consequently, the target audience of this technical report is very broad and includes all personnel who impact program success. These personnel perform certain roles and have responsibility for execution of many different tasks during various lifecycl

32、e phases. Typical roles and responsibilities include: Engineering Manager - Ensures that engineering work processes are in place to determine the required rigor of the MI program for all SIS, and subsequently to ensure that Operations and Maintenance departments are engaged in determining how this t

33、esting can be accommodated in a practical and effective manner. Design Engineer - Ensures maintenance provisions for safe and cost effective inspections and testing are met as the SIS proceeds through the design phase. Project Manufacturing/Operations Representative - Ensures all roles communicate a

34、nd fulfill their responsibilities on projects, including development of validation, commissioning, proof test procedures and documentation handoffs. Process Automation/Control System Engineer - Ensures all aspects of on-line testing, demand tracking, bypassing are adequately addressed in design phas

35、e to deliver necessary functionally across operations lifecycle including appropriate use of process historians to track demands on the SIS. Process Engineer - Provides operation and technical information to ensure testing and associated procedures are completed satisfactorily and no new hazards are

36、 introduced during this process. PSM Manager - Ensures that recommendations related to the SIS are tracked to completion and that an effective Management of Change (MOC) process is in place, which involves review and approval of proposed changes to SIS by competent personnel. Maintenance Manager - E

37、nsures that an effective management system is in place to execute reliability and maintenance activities required to ensure SIS integrity including a training program for maintenance personnel to maintain qualifications. Operations Manager - Ensures that Operating personnel are committed to providin

38、g the opportunity for identified MI activities to take place in a planned manner including a training program for Operations personnel to maintain qualifications. This role has the ultimate responsibility to ensure the lifecycle management rigor and SIS integrity within the operating facility. Manag

39、ement Team - Consists of the Project Manager, Maintenance Manager and Operations Manager and ensures that competent and trained personnel receive the appropriate level of support are available to carry out the identified activities and tha t SIS installations are maintained inspected, tested and ope

40、rated in accordance with ANSI/ISA -84.00.01. SIS Specialist/Engineer - Works with both Engineering and Maintenance personnel to develop and maintain the SIS equipment list and to define the MI requirements necessary to ensure SIS integrity throughout the lifecycle of the facility. To ensure that SIS

41、 are appropriately installed, inspected, tested and validated to demonstrate correct functionality and performance prior to handover to Operations. Reliability Specialist - Advises the SIS Specialist/Engineer on appropriate testing and reliability techniques. To apply the management system and ensur

42、e that testing activities are performed effectively with appropriate supporting documentation including procedures and results records. To address any non-compliance/failures in a timely and effective manner that addresses the root cause of the failure to minimize repeat failures. To facilitate data

43、 capture and analysis in support of on-going demonstration of SIS MI and continuous improvement. - 15 - ISA-TR84.00.03-2012 Maintenance (and Construction) Supervision - Understands the importance of SIS MI and provides the necessary resources to ensure that all identified MI activities are completed

44、 in a planned manner. Maintenance (and Construction) Technician - Understands purpose and function of the SIS, the importance of inspection, preventive maintenance and testing plans, and how to complete the required documentation to support data collection. Testing Personnel - Appreciate the concept

45、s of SIS MI and the rigor required in the identification and reporting of SIS failures. Training Coordinators - Ensures training of all roles impacting or impacted by SIS across the plant operating lifecycle occurs in a timely manner. It is expected that those persons identified as the audience poss

46、ess an understanding of the requirements of ANSI/ISA-84.00.01 appropriate to their level of responsibility and technical expectation. ISA-TR84.00.03-2012 - 16 - 3 Definitions Definitions which are new and not previously documented in ANSI/ISA-84.00.01 are indicated with (*). 3.1 allowable time to re

47、pair* length of time that has been determined by hazard and risk analysis to be acceptable for continued process operation with degraded or disabled equipment. Time is often constrained by Operations ability to maintain the necessary compensating measure. 3.1.1 application program program specific t

48、o the user application. In general, it contains logic sequences, permissives, limits and expressions that control the input, output, calculations, and decisions necessary to meet the SIS functional requirements. 3.1.2 Application Program Factory Acceptance Test (APFAT)* formal testing of the configu

49、ration. The advantage of this type of test is that it can be independent of all or most of the physical hardware, thereby supporting the concept of an HWFAT. See FAT. 3.1.3 as good as new* equipment is maintained in a manner that sustains its useful life. “As good as new” often refers to the initial condition after proof test and subsequent repair/overhaul (as needed ) so that the probability of failure at time 0 is zero and the failure rate expected during the useful life is unchanged. NOTE When