Automation Asset Integrity of Safety Instrumented Systems (SIS)
|Publication Date:||1 January 2019|
Scope and purpose
A process hazards analysis is used to identify the safety functions necessary to reduce the risk of identified hazardous events. When a safety function is implemented in a safety instrumented system (SIS), it is referred to as a safety instrumented function (SIF). The risk reduction required from the SIF is related to one of four discrete safety integrity levels (SILs). The SIS, which executes one or more SIF, is designed and managed according to ANSI/ISA-61511, which establishes requirements necessary to claim a specified SIL.
A critical aspect of maintaining the SIL is the monitoring and management of the automation asset integrity (AAI) of the SIS equipment. Automation failures are often viewed in the process hazardous analysis as binary-either the equipment fails dangerously, allowing a hazardous event to propagate, or fails spuriously, causing a SIS to initiate its SIF. Today's automation practices generally include diagnostics or other monitoring to identify degradation or "misoperation," allowing equipment to be repaired or replaced prior to a functional failure. This technical report is an informative document providing guidance on establishing an effective AAI program that demonstrates through traceable and auditable documentation that the SIS and its equipment is inspected, tested, and maintained in a manner that ensures safe operation of the process.
This edition of ISA-TR84.00.03 provides considerations for establishing an AAI program for SIS; it focuses on how to plan and implement a comprehensive AAI program. This technical report does not provide complete details on how to safely or fully execute all AAI activities in an operating facility. Individuals who are assigned responsibility for AAI activities must determine what is necessary to maintain the safety integrity of a specific SIS.
The AAI program involves many activities that occur throughout the SIS lifecycle, but it predominantly focuses on the timely detection and correction of incipient/degraded conditions and complete failures to ensure that the SIS operates as specified when required. Rigorous inspection and thorough proof testing are needed for all SIS equipment whether existing or new. While the frequency of these activities may vary due to the required SIL, the intent and purpose of inspection and proof testing are not affected by the SIL. This technical report provides detailed guidance and examples to support user-specific work processes as part of an overall AAI program.
This technical report provides guidance and examples on the following subjects :
• transferring project documentation;
• selecting the maintenance strategy;
• developing AAI maintenance procedures;
• collecting and retaining maintenance documentation;
• defining personnel roles and responsibilities;
• ensuring maintenance personnel skills and training;
• planning for verification and validation;
• developing a verification and validation plan;
• developing factory acceptance test , loop commissioning, site acceptance test procedures;
• defining a management system and performance metrics;
• implementing configuration management and management of change;
• performing an audit to determine AAI program compliance.
This technical report refers to other ISA publications. This technical report does not repeat or replicate the content of these publications. References are provided when it is felt that the reader should pay particular attention to the publication's more detailed guidance and requirements. For this technical report, the following are considered foundational publications:
• ISA-TR108.1-2015, Intelligent Device Management Part 1: Concepts and Terminology
• ANSI/ISA-18.2-2016, Management of Alarm Systems for the Process Industries