Premier Consulting Services
Search: Search
 

F. Conceptual Design

The SIS design and engineering phase of the Safety Lifecycle requires a solid "Conceptual design" which develops and verifies that all the items defined in the SRS – Safety Requirements Specification are fulfilled.

  • Field instrumentation redundancy requirements and voting scheme.
  • Field instrumentation process connection requirements, considering possible tap plugging, freezing, etc.
  • Logic solver technology per the SRS.
  • Cabinet integration requirements, material/temperature/humidity limits.
  • BPCS technology and communication requirements.
  • Field and communication wiring / routing requirements.
  • Power source requirements, such as redundancy and/or UPS.
  • Environmental requirements, lightning, flooding, extreme temperatures.
  • Requirements for intrinsic safety / explosion proof.
  • SIS equipment and junction boxes identification / tags / color painted, etc.
  • Possible sources of common cause failures of the SIS.
  • Non-safety instrumented functions in the SIS that may negatively affect a SIF shall be treated as part of the SIS complying with the highest SIL requirements.
  • Common hardware and software SIS that share SIF of different SIL will be designed to meet the highest SIL.
  • BPCS-SIS separation, independence and diversity shall be assessed.
  • Requirements for operability, maintainability and testability shall be assessed. (i.e. bypass facilities for on-line testing, including alarms when in bypass).
  • Design of HMI shall account for human capabilities and limitations and accommodate level of operator training.
  • Manual E-Stop should be implemented per the SRS.
  • Subsystems that do not fail to the safe state on loss of power require line monitoring and special power loss detection measures.
  • Action required upon detection of a fault, either by diagnostics or proof testing.
  • Operator response time to critical alarms shall be accounted for.
  • Bypasses protection by key locks or passwords shall be implemented.
  • SIS status, such as active, bypassed or tripped shall be a function of the HMI.
  • SIS operator interface shall be protected against unauthorized changes.
  • Any failure of the SIS maintenance/engineering interface should not prevent the SIS from bringing the process to its safe state.
  • The maintenance /engineering interface should not be used as operator interface.
  • SIS communication failures should not prevent the SIS from bringing the process to its safe state.
  • Electromagnetic interference and power surges in the SIS communication should not cause dangerous failures.
  • Where required by the SRS, the design should allow for on-line proof testing of the SIS, either end to end or in parts.
  • Operator should be alerted of the bypass of any part of the SIS by an alarm or procedure.
  • Forcing of I/O in the PES should not be allowed, unless supplemented by procedures and access security.
Conceptual Design
Inputs: PCS LogoDeliverables:
  • SRS - Safety Requirements Specification
  • Field technology / voting
  • PES technology
  • Power sources data
  • Environmental data
  • Project data gathered during study
  • Power & Grounding conceptual drawings
  • Field installation typical drawings
  • Bypass typical drawings
  • E-Stop typical drawings
  • HMI Requirements
  • Communication requirements
  • SIS P&ID’s (as applicable)
  • SIS Cause & Effect Matrix (as applicable)