Table of Contents Table of Contents
Previous Page  613 / 975 Next Page
Information
Show Menu
Previous Page 613 / 975 Next Page
Page Background

8

Disclaimer:

The content in this paper is loosely based on experiences, and have been embellished to bring out the salient points

against the objectives of this paper.

power source. The modification installed had been fully tested and operated as a stand-alone function

as it did not require the shutdown line as part of the function, and hence the fault introduced to the

shutdown system was not picked up.

The summary of this case study is that:

1.

No on-site changes to a design should be undertaken without a full review of the proposed

change.

2.

When decommissioned components are used a physical review of the as built/left state must be

ascertained before adding these components to a design.

This case shows that a well meant intention during the installation by using another decommissioned

module added a hazard into the safety system.

Case 3: Experience vs Competence

A small site did not have an Instrument Engineer. A change was being implemented on part of their

shutdown system with some new sensors and associated shutdown logic. This change had been

designed by a large engineering procurement contractor, who produced installation and site acceptance

testing documentation to be used.

The implementation of this change was through a local based company. The end user did not have an

instrument engineer but also had a project engineer. The end user project engineer was reliant on the

very experienced contractor supervisor, who overseen the installation and commissioning.

What could go wrong?

An independent functional safety assessment stage 3 post commissioning identified that the installation

and commissioned systems had gaps against the designed requirements. There were gaps in

management, documentation and on SIF capabilities. Typical findings were:

1.

The developed Site Acceptance Testing (SAT) and Commissioning procedures were not used by

the installation contractor.

2.

There was no evidence of full quality procedures used for installations and commissioning, and

thus no completion or commissioning dossier available.

3.

The test documentation available was sparse and did not provide evidence of testing of all

installed equipment. Such as; no installation quality assurance inspection certificates, some of

the continuity and earth test certificates for the instrument cable not dated, no continuity and

earth test certificates for the power cable, no installation inspection certificates, etc.

4.

There were no drawings (e.g. red lined or as-built available on site.

5.

There were calibration issues for the new radar level sensors, with different ranges and zero

datum points for same tank.

6.

The tank has a voted 1oo2 level sensors, but the level trip settings on each sensor was different.

1 608 609 610 611 612 613 614 615 616-617 618-619 620-621 622-623 974-975  FlippingBook