InstMC FS2016 (Rev 3.0)
Page
8
of
10
Nicol Instrument Engineering Limited
Each sub-clause noted above contains specific and relevant requirements for the AP, with some of the
requirements new and some are clarification or modified of previous standards requirements.
Clause 13: Factory acceptance test (FAT)
[no longer informative]
This edition brings new requirements of testing the devices of the SIS to ensure that the requirements
defined in the SRS are met. The requirement for a FAT shall be specified during the safety planning,
and these tests shall show that all the logic performs correctly.
Clause 14: SIS installation and commissioning
There is minor clarification in this edition that the purpose of commissioning activities is to ensure
that each of the SIS devices is individually ready to operate as specified in the design phase, and that
all communications between remote SIS systems are operational.
Clause 15: SIS safety validation
There is clarification and new requirements for validation. Such as validation planning of the SIS shall
be carried out throughout the SIS safety life-cycle, cover all relevant process operating modes and
other modes identified in previous phases of the SIS safety life-cycle, the procedures for how
validation activities are performed without putting the plant and process at risk for the hazardous
events the SIS is to protect against, and any equipment and facilities that needs to be installed or made
available for testing (e.g. isolation valves and leak detection equipment).
There is an error in Edition 2.0 Sub-clause 15.2.2 where in bullet point are used, and these should be
letter (e.g. a), b), c), etc.).
Validation planning for application program now requires all documents are validated for accuracy,
consistency and traceability of the SIF from the inception during the H&RA through the final installed
SIF.
Any validation now includes abnormal condition such as data overload when checking the
communicates and networks, the sensors, logic solver, and final elements
Clause 16: SIS operation and maintenance
There are wording changes and additions that brings out the requirement to operated and maintained
the SIS in a way that sustains the required safety integrity”, demonstrating conformity, inspection,
providing information on measures to take when the SIS is disabled or degraded due to bypass (repair
or testing), and the responsible people for operating and maintaining to check the design assumptions
are valid (e.g. occupancy, etc.).
Also includes additional requirements for the operation and
maintenance procedures to;
ensure the quality and consistency of proof testing, adequate validation is being performed after
replacement of any devices, provide methods and procedures used to test any diagnostics, collect
data related to the demand rate, collect SIS reliability parameters, have compensating measures
(which are regularly reviewed) to ensure continued safety while the SIS is disabled or degraded due
to bypass (repair or testing), and ensure when compensation measures applied they have associated
operation limits (duration, process parameters, etc.).
The revised standard only permits continued process operation with a SIS device in bypass after a
hazards analysis has determined that the compensating measures are in place, provides adequate risk
reduction, and with appropriate operating procedures. A bypass log is required to record any
bypasses, including the authorization.