Safety Instrumented System (SIS) Worksheets and Documents

Understanding Safety Instrumented Systems (SIS) can be complicated, but the right resources make it easier.

Table of Contents

Safety Instrumented System (SIS) Worksheets

This blog offers a set of helpful worksheets and documents that can guide you in running a safety instrumented system (SIS) smoothly.

SIS Bypass Worksheet

This workbook facilitates a comprehensive review and dialogue concerning the reasons and implications of bypassing a particular instrument. It aids in scrutinizing the circumstances and choices made, while also evaluating the feasibility of bypassing an instrument and enumerating the steps to be taken thereafter.

Common Cause Failure Estimator

This worksheet adopts the approach delineated in the ISA 84.01 TR2 technical document to approximate the beta factor to be employed for common-cause failure percentages under different conditions.

Some of the checks are mentioned below.

Logic Solver

Are all signal cables for the channels routed separately at all positions?
Are the logic subsystem channels on separate printed circuit boards?
Are the logic subsystem channels in separate cabinets?
Do the channels employ different electrical technologies, e.g., one electronic or programmable electronic and the other relay?
Do the channels employ different electronic technologies, e.g., one electronic, the other programmable electronic?
Is medium diversity used, for example, hardware diagnostic tests using different technology?
Were the channels designed by different designers with no communication between them during the design activities?
Are separate test methods and people used for each channel during commissioning?
Is maintenance on each channel carried out by different people at different times?
Does cross-connection between channels preclude the exchange of any information other than that used for diagnostic testing or voting purposes?
Is the design based on techniques used in equipment that has been used successfully in the field for > 5 years?
Is there more than 5 years of experience with the same hardware used in similar environments?
Is the system simple, for example no more than 10 inputs or outputs per channel?
Are inputs and outputs protected from potential levels of over-voltage and over-current?
Have the results of the Failure Modes and Effects Analysis or Fault Tree Analysis been examined to establish sources of CCF and have predetermined sources of Common Cause Failure been eliminated by design?
Were CC failures considered in design reviews with the results fed back into the design? (Documentary evidence of the design review activity is required.)
Are all field failures fully analysed with feedback into the design? (Documentary evidence of the procedure is required.)
Is there a written system of work to ensure that all component failures (or degradations) are detected, the root causes established and other similar items inspected for similar potential causes of failure?
Are procedures in place to ensure that: maintenance (including adjustment or calibration) of any part of the independent channels is staggered, and, in addition to the manual checks carried out following maintenance, the diagnostic tests are allowed to run satisfactorily between the completion of maintenance on one channel and the start of maintenance on another?
Do the documented maintenance procedures specify that all parts of redundant systems (for example, cables, etc.), intended to be independent of each other, are not to be relocated?
Is all maintenance of printed-circuit boards, etc. carried out off-site at a qualified repair center, and have all the repaired items gone through full pre-installation testing?
Does the system have low diagnostic coverage (60 % to 90 %) and report failures to the level of a field-replaceable module?
Does the system have medium diagnostics coverage (90 % to 99 %) and report failures to the level of a field-replaceable module?
Does the system have high diagnostics coverage (>99 %) and report failures to the level of a field-replaceable module?

Field Devices

Are all signal cables for the channels routed separately at all positions?
If the sensors/final elements have dedicated control electronics, is the electronics for each channel on separate printed-circuit boards?
If the sensors/final elements have dedicated control electronics, is the electronics for each channel indoors and in separate cabinets?
Do the devices employ different physical principles for the sensing elements, e.g., pressure and temperature, vane anemometer and Doppler transducer, etc?
Do the devices employ different electrical principles/designs, e.g., digital and analogue, different manufacturer (not re-badged) or different technology?
Is low diversity used, for example hardware diagnostic tests using same technology?
Is medium diversity used, for example, hardware diagnostic tests using different technology?
Were the channels designed by different designers with no communication between them during the design activities?
Are separate test methods and people used for each channel during commissioning?
Is maintenance on each channel carried out by different people at different times?
Does cross-connection between channels preclude the exchange of any information other than that used for diagnostic testing or voting purposes?

F&G Model RFQ

This document delineates the goals of a performance-oriented Fire and Gas Study, the approach used to evaluate the efficiency of a client’s Fire and Gas System, and the tools and computations needed for confirming Fire and Gas coverage areas.

The RFQ further outlines supplementary records generated from the study, such as the Fire and Gas System Requirements Specification, Cause-Effect Diagrams, and Verification and Validation Test Plans and Checklists.

Confidence Limit Worksheet

This worksheet computes the failure rate of a component, allowing for user-configurable confidence levels, such as the 70% recommended by the IEC 61508 standard.

Simple Failure Mode and Diagnostic Analysis (FMEDA) Worksheet

This worksheet offers a structured format for conducting a straight-forward failure modes, effects, and diagnostic assessment. It is particularly useful for evaluating the global failure traits of a system with multiple components, like dual transmitters used for differential pressure calculations, or a set-up involving a solenoid, actuator, and valve with partial stroke tests.

Input Device Failure Conversion Tool

Often, vendor-supplied failure statistics are categorized into fail-high, fail-low, and types of dangerous failures (detected or undetected). This worksheet tool transmutes these raw data into classifications of safe and dangerous failures, based on whether the equipment operates upscale or downscale.

Bypass Alternate Protection Plan Worksheet

This workbook aids in identifying the roles of employees and safety mechanisms to guarantee overall protection within the facility in case of bypass situations.

Proven in Use Worksheet

This tool consists of a checklist designed to address considerations when substantiating the proven-in-use status of a component. The workbook also incorporates a feature for executing a 70% confidence limit calculation for the failure rate of the component.

Some of the checks are mentioned below.

Does the Manufacturer have a Quality Management System for hardware? How is it known?
Does the Manufacturer have a Quality Management System for software? How is it known?
Does the Manufacturer have a Configuration Management? How is it known?
Have there been quality problems and/or failure issues with this device that are unresolved?

Documents: Click Here to Download

This well-rounded collection of tools and resources is invaluable for professionals involved in the oversight and evaluation of Safety Instrumented Systems. They help ensure that your safety measures are both effective and compliant with relevant standards.

Source: kenexis