Operation and maintenance procedures for Safety Instrumented Systems (SIS) will vary from company to company. However, there are some specific requirements that need to be covered for safe continued operation.
The first blog on this topic discussed general operation and maintenance (O&M) requirements for sustaining the integrity of a SIS. This second article discusses the requirements for developing and maintaining SIS O&M procedures.
Competence for Operators & Maintenance (O&M) Personnel
It is critical for operators and maintenance personnel to know the SIS in-depth. When it comes to a safety system, even the best-designed systems can be reduced to worthless junk if their significance is misunderstood.
At a minimum, O&M personnel who regularly interact with an SIS are required to know the following:
- How each SIS/SIF (safety instrumented function) works. For example, the trip conditions and actions that will be taken if a demand occurs.
- The hazard that each function is protecting against.
- The correct operation and management of any bypass, override or inhibit, including when they can be applied.
- Action to be taken on an SIS alarm or fault.
- The expected use of manual shutdown or emergency call-points.
- The reset and start-up procedures following a trip.
Operator training will be key to achieving this. It should fully detail the above content and also assess understanding. Training and assessment records should be logged in a competence management system.
Scheduled inspection requirements
The required frequency and expectations of SIS field device inspections should be documented. A policy and planned response should be specified for dealing with any overt SIS faults. Faults may become apparent in the form of an alarm or trip condition, or can be picked up on a scheduled inspection. Either way, the escalation path for fixing a degraded function or system must be clear to everyone.
Permit-to-work procedures
Most hazardous plants deal with system access by requiring strict adherence to permit-to-work procedures. Permit to work on any SIS should be given a status which is set at an appropriate authority level, especially if on-line testing is required. The process sector standard IEC 61511 requires bypass risk assessment, logging of bypasses and consideration of compensating measures during bypass. These rules should be clearly laid down in the SIS O&M Procedure.