2) Who verified that the "self-certification" process used to produce that documentation meets IEC requirements?
The importance of asking those two questions and being comfortable with the answers is summed up by asking yourself; "If we get it wrong, who is most likely to go to jail?"
The alternative to establishing a self-certification process is to utilize certified devices from any one of the growing number of manufacturers offering devices certified for SIS applications.
When you look closely at how manufacturers are certifying devices for SIS applications you find three different approaches:
• Self-developed device certification processes;
• Self-developed and third-party audited device certification processes;
• Independent third-party device certification.
The first is self-explanatory. The manufacturer develops the certification process per its interpretation of IEC standards and certifies that its devices are tested and proven against those processes.
The second is similar to the first with the caveat of having an independent third-party review that the manufacturer developed procedures are consistent with IEC standards.
Manufacturers choosing the third approach submit their devices to an independent third-party (i.e., exida and/or TÜV) who then uses its own certification processes to test and certify that the device meets the manufacturer's safety system claims.
Regardless of which of the three "purchased certified" approach is used, when you purchase a certified device, it should come with a copy of the device certification and a detailed user safety manual that includes such things as restrictions on where and/or how the device may be used.
You may view a comprehensive list of third-party certified devices at http://www.exida.com/applications/sael/index.asp.
Yep, regardless of how you go about it, certification equates to dollars, but in the case of conforming to IEC safety standards, you can either spend dollars to establish your own self-certification process, or you can pay the slightly higher per device cost and purchase third-party certified SIS devices. Doing neither and having a major incident will undoubtedly cost even more.
With that I would like to leave you with this thought; the most likely cause of a shut-down that was initiated by the Safety Instrumented System (SIS) is most likely the result of one of three things:
1. A sensor (input) provided a false signal to the logic solver;
2. Some form of human error occurred;
3. There was an unsafe process condition, and the SIS did exactly what it was designed to do.
If you are told the cause of the shut-down was because of a false signal (#1), you need to review the maintenance and testing procedures of the sensor, logic solver and final element for that SIF (safety loop). It shouldn't take too long to review that one SIF, and the findings will likely reveal that your procedures are inadequate or more likely, aren't being followed. Either way the time spent to find and correct the cause of that unscheduled shut-down will pay huge dividends in the future.
If the cause of the shut-down was the result of human error (#2), you need to review training and operational procedures. One common cause is the result of technicians performing scheduled, routine testing of the SIS while the process remains operational. For example, manually conducted partial-stroke testing is a fairly complex procedure requiring the proper application of mechanical travel stops. Sometimes the travel stops are improperly installed. The result is an unscheduled shutdown.
If the cause of the shut-down was because an unsafe condition was detected (#3), you need to review what was going on with the process and the BPCS and perhaps more important, you need to review why your operators didn't notice and take appropriate action before the process reached an unsafe condition.
Regardless of the findings, every unscheduled shut-down should be viewed as an opportunity to improve production performance.
ADDITIONAL SIS RESOURCES
The Internet is awash with SIS related information. Here's a few that I believe represent the best-of-the-best:
Emerson's PlantWeb University SIS Course – 11 different courses. Each will take about 15 minutes to complete and you can earn points for some fun gifts. http://plantweb.emersonprocess.com/university/engSch_SIS_XML.asp
Emerson's DeltaV Book Store includes process control-related books from a lot of different authors and sources. It's really a good single-stop shop. http://easydeltav.com/bookstore/
SIS-TECH Technical Information – SIS-TECH is an independent company that specializes in SIS consulting, services and training. The SIS-TECH web site has a really good collection of SIS related material, and it's all free. http://www.sis-tech.com/technical_resources.html
Exida is an independent company that specializes in SIS consulting, training, competency certification of individuals and third-party device certification. exida also hosts a regularly updated SIS device certification list. http://www.exida.com/
TÜV Rheinland Group is an independent company that specializes in SIS related services including competency certification of individuals, and third-party device certification. http://www.tuvasi.com/