WBF: ISA-88 Applications

May 1, 2007
Jack Greene, from Alkermes, Inc. talked about incorporation of S88 and GAMP software design models into an integrated commissioning and validation strategy can reduce plant start-up timelines. What PLC should control my equipment? First, he said, separate the utilities from systems that serve a single Process Cell. Keep all the Units on a Process Cell together. It becomes hard to pass data if you don't. Separate validated and non-validated equipment. Do this early in the des...
Jack Greene, from Alkermes, Inc. talked about incorporation of S88 and GAMP software design models into an integrated commissioning and validation strategy can reduce plant start-up timelines. What PLC should control my equipment? First, he said, separate the utilities from systems that serve a single Process Cell. Keep all the Units on a Process Cell together. It becomes hard to pass data if you don't. Separate validated and non-validated equipment. Do this early in the design, or you can't do it at all. Separate your systems based on Building Phase. Trying to graft onto existing systems generally results in destabilizing the system, which immediately results in your getting called into the general manager's office where he eats your liver. Who should develop your PLC software? Select an OEM vendor when using COTS equipment. Pick a skid maker and a system integrator. We aren't in the business of building vacuum systems. We're a drug company. Select an OEM when little interlocking is needed. These systems (chiller, air compressor) have no reason to be own-written code. Select OEM when OEM systems are pre-optimized; where there is no need for process improvements, and no planned PAT initiatives. Develop a standard control module library, because it saves the project time and money. Validate once, and you can use it many times. Simplify I/O checkout, standardize the look and feel across systems, facilitate a granual permission scheme-- and use the library again for the next project. This makes it easy for you-- and your integrator-- to build the next project, and the one after that, and the process of repairing, maintaining, and re-validating systems. Greene showed a mapping scheme for mapping GAMP to ISA-88. URS-->Batch Recipe-->Process Development-->PQ FRS-->Equipment Module-->FAT-->OQ DDS-->Control Module-->SAT-->IQ YOu can have Quality, Cost and Time...pick any two.  A traditional approach is to validate the plant after mechanically complete, but before process development. All changes required per PD are done under change control. CC process ads significant time and resource loads, and leads to a "it's good enough" approach, and then the issues are resolved in procedures, instead of being corrected. So nobody remembers what to do, because we didn't fix it in software. Early validation leasds to a timeline driven project with high time and cost. Or you can valideat the plant after process developemnt is finished. All chagnes required per PD done prior to change control...but unless changes are rigorously tracked, it is difficult to leverage the commisssioning effort for Validation, and this leads to a complete repeat (under protocol) of all commissioning testing. We blew our timeline. You ahve a quality driven program. What we do now is to integrate the C&Q plan into one Effort at FAT. We write the FAT based upon the equipment module design We execute the FAT udner protocol, with GMP signatures We maintain change and incident logs with retest evidence We hold open until the end of the PD effort to capture/track PD changes and the retest. This leads to complete 100% testing of the Equipment Module functions which can be leiveraged by Validation. We integrate the C&Q Plan into one effort at SAT We write the SAT based upon the I/O Checkout and the PID loop tuning effort We execute the SAT under protocol with GMP signatures We maintain chang and incident logs with retest evidence We hold this protocol open to capture/track I/O mvoes/adds/chagnes and retests until the end of PD changes. This leads to complete 100% testing of the Control Modlules HMI and I/O which can be leveraged by Validation. Current interpretation of 21CFR11 is that since a running PLC runs without operator intervention, it does not create electronic records. While analog/digital SCADA data are electronic records-- there is no associated User ID just time and date stamps. The only records that need a User ID come from the HMI and are recorded in the Activity and Alarm Logs. So, HMI Matters!!!The brand of PLC used in the plant does not matter- so long as it is OPC compliantSince an HMI log processing and reporting scheme only works for that brand of HMI, the more brands of HMI, the more work to become 21CFR11 compliant. How is HMI served? The more source code copies running, the more support and validation headaches you have. Traditional HMI has the source code on each station. Newer HMI deploys code to terminal servers, using client stations. If you use server based HMI, all your plant stations become thin server clients, and you immediately validate all when you validate one. Use of the S88 mdel and integrated commissioning and qualification can help build blants that have lower design and implementaiton costs, better commissioned ssytems, lower TCO as they are maintained, expanded and improved...with lower costs of validation and easier 21CFR11 compliance. Random lessons: Schedule numerous design reviews develop a good control module and equipment modlule library review modules as they are developed-- do not wait to the end put the best resources on FAT-- it is your chance to improve the design Try not to outsource SAT-- doing so wastes a training opportunity!

Sponsored Recommendations

IEC 62443 4-1 Cyber Certification – Why ML 3 is So Important

The IEC 62443 Security for Industrial Automation and Control Systems - Part 4-1: Secure Product Development Lifecycle Requirements help increase resilience for control systems...

Multi-Server SCADA Maintenance Made Easy

See how the intuitive VTScada Services Page ensures your multi-server SCADA application remains operational and resilient, even when performing regular server maintenance.

Your Industrial Historical Database Should be Designed for SCADA

VTScada's Chief Software Architect discusses how VTScada's purpose-built SCADA historian has created a paradigm shift in industry expectations for industrial redundancy and performance...

Linux and SCADA – What You May Not Have Considered

There’s a lot to keep in mind when considering the Linux® Operating System for critical SCADA systems. See how the Linux security model compares to Windows® and Mac OS®.