Safety Considerations Guide for Trident v2 Systems - TUV ...
Safety Considerations Guide for Trident v2 Systems - TUV ...
Safety Considerations Guide for Trident v2 Systems - TUV ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
General <strong>Guide</strong>lines<br />
This section describes standard industry guidelines that apply to:<br />
All <strong>Safety</strong> <strong>Systems</strong><br />
• All safety systems<br />
• Emergency shutdown (ESD) systems<br />
• Burner management systems<br />
• Fire and gas systems<br />
General <strong>Guide</strong>lines 17<br />
These general guidelines apply to all user-written safety applications and procedures:<br />
• A design-change review, code-change review, and functional testing are recommended<br />
to verify the correct design and operation.<br />
• An integrator using a Triconex controller should have training and experience in<br />
development using the TriStation 1131 software, training in functional safety and<br />
Triconex maintenance, and knowledge of Triconex documentation:<br />
— Enhanced Diagnostic Monitor User’s <strong>Guide</strong><br />
— TriStation 1131 Developer’s <strong>Guide</strong><br />
— TriStation 1131 Libraries Reference<br />
— <strong>Safety</strong> <strong>Considerations</strong> <strong>Guide</strong> <strong>for</strong> <strong>Trident</strong> <strong>v2</strong> <strong>Systems</strong><br />
— Communication <strong>Guide</strong> <strong>for</strong> <strong>Trident</strong> <strong>v2</strong> <strong>Systems</strong><br />
— Planning and Installation <strong>Guide</strong> <strong>for</strong> <strong>Trident</strong> <strong>v2</strong> <strong>Systems</strong><br />
— Product Release Notices <strong>for</strong> <strong>Trident</strong> <strong>v2</strong>.x and Later <strong>Systems</strong><br />
— TÜV Website: http://www.tuv-fs.com<br />
• After a safety system is commissioned, no changes to the system software (operating<br />
system, I/O drivers, diagnostics, etc.) are allowed without type approval and recommissioning.<br />
Any changes to the application or the control application should be<br />
made under strict change-control procedures. For more in<strong>for</strong>mation on change-control<br />
procedures, see Project Change and Control on page 26. All changes should be<br />
thoroughly reviewed, audited, and approved by a safety change control committee or<br />
group. After an approved change is made, it should be archived.<br />
• In addition to printed documentation of the application, two copies of the application<br />
should be archived on an electronic medium that is write-protected to avoid accidental<br />
changes.<br />
• Under certain conditions, a PES may be run in a mode that allows an external computer<br />
or operator station to write to system attributes. This is normally done by means of a<br />
communication link. The following guidelines apply to writes of this type:<br />
— The communication link should use Modbus or other approved protocols with CRC<br />
checks.<br />
— The communication link should not be allowed to write directly to output points.<br />
<strong>Safety</strong> <strong>Considerations</strong> <strong>Guide</strong> <strong>for</strong> <strong>Trident</strong> <strong>v2</strong> <strong>Systems</strong>