The global safety standard IEC 61511 Functional safety – Safety instrumented systems for the process industry sector describes the validation process.
The objective of the requirements of this clause is to validate, through inspection and testing, that the installed and commissioned safety instrumented system and its associated safety instrumented functions achieve the requirements as stated in the safety requirement specification.
I saw some great questions asked about this:
I turned to Emerson’s Andy Crosland for his thoughts.
When a system is validated you must know somehow that nothing is changed in the logic solver. When there is a download to a CSLS [DeltaV CHARM Smart Logic Solver] is there any validation number created so it can be compared what’s in the logic solver and what is in the module? Or is it necessary to have any other program installed then?
Basically, the answer is cyclic redundancy check (CRC) Numbers. Every time you do a download configuration to a SIS Logic Solver, a CRC Number is generated, which is like a 32 bit integer that uniquely represents the configuration. Actually, there are several CRC Numbers.
There’s an overall CRC for the complete CSLS/SLS1508, then there are individual CRC’s for each SIS Software Module allocated to the Logic Solver … and there are CRC’s for the IO Configurations too.
So if there’s been a change in the overall CRC Number, you know that something changed in the configuration. Then you can drill down and check the module CRC’s and the IO CRC’s, and pinpoint more accurately what has changed. This could save you re-validating SIS Software Modules that haven’t changed, if all you did on the CSLS was assign one or two new IO Channels to a new, separate SIS Module.
When you do a logic solver download, the dialogue box tells you if the CRC of the logic solver is the same as the previous download, or if it was different. You can also see all the CRC numbers on the Diagnostics for the logic solver.
There is also one option, if you would like to use it, you can add DeltaV Configuration Audit Trail (VCAT) to your system (requires a Server ProPlus). You can enable this just for the SIS part of the system, and it will then track all changes to SIS Configuration, keeping a record of who made the change and when, and allowing you to compare different versions of the same module to see what has changed. But this is an OPTION. You don’t have to have it to use the CRC’s; they’re there in the system anyway.
The CRC numbers will tell you that something changed, and help you pin it down to a specific SIS Software Module, or IO Configuration. VCAT can help you to identify exactly what has changed within a specific module, and goes quite some way towards helping you comply with the Modifications section of IEC 61511.
Andy notes that by exploring (right-click) the Local Safety Network within the DeltaV Explorer, a report is available showing the CRCs of all the CHARMs Smart Logic Solvers on this network.
If you’ll be attending the October 24-28 Emerson Exchange conference in Austin, there are many great safety-related sessions that you can attend. A few include Safety Instrumented Systems, Improving Safety Integrity Through Advanced Diagnostics, Improve Safety Proof Test Capabilities with Intelligent Instrumentation, Condition Monitoring as an Effective Safety Risk Mitigation Strategy, What’s the Health of Your Valve? Experts Talk Wireless, Safety, Low-Bleed and Remote Diagnostics and many more. Make sure to visit the SIS applications area in the exhibits hall where Andy will be demonstrating Fire & Gas and high-integrity pressure protection system (HIPPS) applications each day.
You can also connect and interact with other safety experts in the Safety Instrumented Systems group in the Emerson Exchange 365 community.