1 INTRODUCTION
1.1 SCOPE AND PURPOSE OF DOCUMENT
1.2 RISK REDUCTION, SIS AND SAFETY BARRIERS
2 THE IEC 61508 AND IEC 61511 STANDARDS
3 REFERENCES
4 ABBREVIATIONS AND DEFINITIONS
4.1 ABBREVIATIONS
4.2 DEFINITIONS
5 MANAGEMENT OF FUNCTIONAL SAFETY
5.1 OBJECTIVE
5.2 REQUIREMENTS
6 VERIFICATION, VALIDATION AND FUNCTIONAL SAFETY ASSESSMENT
6.1 INTRODUCTION
6.2 INTERPRETATION OF TERMS
6.3 VERIFICATION
6.4 VALIDATION
6.5 FUNCTIONAL SAFETY ASSESSMENT
7 DEVELOPMENT OF SIL REQUIREMENTS
7.1 OBJECTIVE
7.2 APPROACH
7.3 DEFINITION OF EUC
7.4 HAZARD AND RISK ANALYSIS
7.5 DEFINITION OF SAFETY FUNCTIONS
7.6 MINIMUM SIL REQUIREMENTS
7.7 HANDLING OF DEVIATIONS FROM THE MINIMUM SIL REQUIREMENTS
7.8 SAFETY REQUIREMENTS SPECIFICATION
8 SIS DESIGN AND ENGINEERING
8.1 OBJECTIVES
8.2 ORGANISATION AND RESOURCES
8.3 PLANNING
8.4 INPUT
8.5 REQUIREMENTS
8.6 SELECTION OF COMPONENTS
8.7 HMI - HUMAN MACHINE INTERFACE
8.8 INDEPENDENCE BETWEEN SAFETY SYSTEMS
8.9 FACTORY ACCEPTANCE TEST (FAT)
8.10 DOCUMENTATION FROM DESIGN PHASE
9 SIS INSTALLATION, MECHANICAL COMPLETION AND VALIDATION
9.1 OBJECTIVES
9.2 PERSONNEL AND COMPETENCE
9.3 REQUIREMENTS
10 SIS OPERATION AND MAINTENANCE
10.1 OBJECTIVE
10.2 OPERATION AND MAINTENANCE PLANNING
10.3 OPERATIONS AND MAINTENANCE PROCEDURES
10.4 COMPETENCE AND TRAINING
10.5 MAINTENANCE
10.6 COMPENSATING MEASURES UPON OVERRIDES AND FAILURES
10.7 REPORTING OF NON-CONFORMITIES AND DEMANDS
10.8 CONTINUOUS IMPROVEMENT OF OPERATION AND MAINTENANCE PROCEDURES
11 SIS MODIFICATION
11.1 OBJECTIVE OF MANAGEMENT OF CHANGE (MOC)
11.2 MOC PROCEDURE
11.3 MOC DOCUMENTATION
12 SIS DECOMMISSIONING
12.1 OBJECTIVES
12.2 REQUIREMENTS
APPENDIX A BACKGROUND FOR MINIMUM SIL REQUIREMENTS
A.1 INTRODUCTION
A.2 DATA DOSSIER
A.3 PSD FUNCTIONS
A.4 SEGREGATION THROUGH ESD WITH ONE ESD VALVE
A.5 BLOWDOWN
A.6 ISOLATION OF TOPSIDE WELL
A.7 ISOLATION OF RISER
A.8 FIRE DETECTION
A.9 GAS DETECTION
A.10 ELECTRICAL ISOLATION
A.11 FIREWATER SUPPLY
A.12 BALLASTING SAFETY FUNCTIONS
A.13 ISOLATION OF SUBSEA WELL
A.14 DRILLING AND WELL INTERVENTION
A.15 MANUAL INITIATORS
A.16 REFERENCES
APPENDIX B EXAMPLES ON HOW TO DEFINE EUC
B.1 INTRODUCTION
B.2 DEFINITION OF EUC FOR LOCAL SAFETY FUNCTIONS
B.3 DEFINITION OF EUC FOR GLOBAL SAFETY FUNCTIONS
APPENDIX C HANDLING OF DEVIATIONS - USE OF QRA
C.1 INTRODUCTION
C.2 EXAMPLES ON HANDLING OF DEVIATIONS (EXAMPLE 1 AND 2)
C.3 VERIFICATION BY QRA OF A STATED SAFETY INTEGRITY LEVEL (EXAMPLE 3)
C.4 QRA AND IEC 61508
APPENDIX D QUANTIFICATION OF PROBABILITY OF FAILURE ON DEMAND (PFD)
D.1 RELATION BETWEEN PFD AND OTHER MEASURES FOR LOSS OF SAFETY
D.2 FAILURE CLASSIFICATION
D.3 COMMON CAUSE FAILURE MODEL
D.4 CALCULATION OF PFDUK
D.5 CALCULATION OF PFDK
D.6 WHY SHOULD WE ALSO QUANTIFY SYSTEMATIC FAILURES (PSF)?
D.7 RECOMMENDED APPROACH FOR QUANTIFICATION OF LOSS OF SAFETY WHEN IEC 61508 IS USED
D.8 EXAMPLE QUANTIFICATION
D.9 COMMON CAUSE FAILURES BETWEEN DIFFERENT TYPES OF COMPONENTS (DIVERSITY2
D.10 SOME USEFUL FORMULAS
D.11 REFERENCES
APPENDIX E LIFECYCLE PHASES, ACTIVITIES AND DOCUMENTATION
E.1 LIFECYCLE PHASES FOR A TYPICAL OFFSHORE PROJECT
E.2 SRS STRUCTURE AND CONTENT
E.3 SAR STRUCTURE AND CONTENT
APPENDIX F SIL FOLLOW UP 136
F.1 OVERVIEW OF OPERATION AND MAINTENANCE ACTIVITIES FOR SIL WORK
F.2 PROCEDURES FOR UPDATE OF TEST INTERVALS
F.3 ACTUAL SHUTDOWNS AS TEST
APPENDIX G INDEPENDENCE BETWEEN SAFETY FUNCTIONS
G.1 IMPLEMENTATION OF INDEPENDENCE BETWEEN SYSTEMS
G.2 CONNECTION BETWEEN SYSTEMS
G.3 CONNECTIONS TO EXTERNAL SYSTEMS
G.4 DATA FLOW BETWEEN SYSTEMS