InstMC FS2016 (Rev 3.0)

Page

8

of

10

Nicol Instrument Engineering Limited

Each sub-clause noted above contains specific and relevant requirements for the AP, with some of the

requirements new and some are clarification or modified of previous standards requirements.

Clause 13: Factory acceptance test (FAT)

[no longer informative]

This edition brings new requirements of testing the devices of the SIS to ensure that the requirements

defined in the SRS are met. The requirement for a FAT shall be specified during the safety planning,

and these tests shall show that all the logic performs correctly.

Clause 14: SIS installation and commissioning

There is minor clarification in this edition that the purpose of commissioning activities is to ensure

that each of the SIS devices is individually ready to operate as specified in the design phase, and that

all communications between remote SIS systems are operational.

Clause 15: SIS safety validation

There is clarification and new requirements for validation. Such as validation planning of the SIS shall

be carried out throughout the SIS safety life-cycle, cover all relevant process operating modes and

other modes identified in previous phases of the SIS safety life-cycle, the procedures for how

validation activities are performed without putting the plant and process at risk for the hazardous

events the SIS is to protect against, and any equipment and facilities that needs to be installed or made

available for testing (e.g. isolation valves and leak detection equipment).

There is an error in Edition 2.0 Sub-clause 15.2.2 where in bullet point are used, and these should be

letter (e.g. a), b), c), etc.).

Validation planning for application program now requires all documents are validated for accuracy,

consistency and traceability of the SIF from the inception during the H&RA through the final installed

SIF.

Any validation now includes abnormal condition such as data overload when checking the

communicates and networks, the sensors, logic solver, and final elements

Clause 16: SIS operation and maintenance

There are wording changes and additions that brings out the requirement to operated and maintained

the SIS in a way that sustains the required safety integrity”, demonstrating conformity, inspection,

providing information on measures to take when the SIS is disabled or degraded due to bypass (repair

or testing), and the responsible people for operating and maintaining to check the design assumptions

are valid (e.g. occupancy, etc.).

Also includes additional requirements for the operation and

maintenance procedures to;

ensure the quality and consistency of proof testing, adequate validation is being performed after

replacement of any devices, provide methods and procedures used to test any diagnostics, collect

data related to the demand rate, collect SIS reliability parameters, have compensating measures

(which are regularly reviewed) to ensure continued safety while the SIS is disabled or degraded due

to bypass (repair or testing), and ensure when compensation measures applied they have associated

operation limits (duration, process parameters, etc.).

The revised standard only permits continued process operation with a SIS device in bypass after a

hazards analysis has determined that the compensating measures are in place, provides adequate risk

reduction, and with appropriate operating procedures. A bypass log is required to record any

bypasses, including the authorization.