Rockwell Automation AADvance Controller Safety Manual User Manual





Document: 553630
ICSTT-RM446K-EN-P Issue: 10

_C

2-7

Safety System Validation

Safety system validation shall test the integrated system to ensure

compliance with the safety requirements specification at the intended
safety requirements class. The validation activities should include those

necessary to prove that the system implements the safety actions during

normal start-up and shutdown and under abnormal fault modes.
The validation shall confirm that each functional safety requirement has

been implemented at the specified safety integrity level, and that the

realization of the function achieves its performance criteria, specifically

that the process safety time requirements have been met.
The validation shall also consider the potential external common cause

failures (power sources and environmental conditions) and ensure that

the system will provide fail-safe operation when these conditions
exceeded its design capabilities.

Operation and Maintenance Plan

The provision of an Operation and Maintenance Plan ensures that
functional safety can be maintained beyond the commissioning of the

system. The in-service operation and maintenance is normally outside the

responsibility of the system integrator, but the system integrator can

provide guidance and procedures to ensure that the persons or
organizations responsible for operation and maintenance can ensure the

system operates to the specified safety levels.
The Operating and Maintenance Plan shall include the following items:



Clear definitions of power up and down sequences. These definitions

shall ensure that the sequences cannot result in periods when the

system is unable to respond safely whilst a hazard may be present.



The procedures for re-calibrating sensors and actuators. The

recommended calibration periods shall also be included.



The procedures for periodically testing the system, together with

definitions of the maximum intervals between testing.



Definitions of the overrides to be applied to be able to carry

maintenance of the sensors and actuators.



The procedures for maintaining system security.

Maintaining Functional Safety

Design changes will inevitably occur during the system life-cycle; to
ensure that the system safety is maintained, such changes shall be carefully

managed. Procedures defining the measures for updating the plant or

system shall be defined and documented. These procedures are the
responsibility of the end user, but the system integrator shall provide

sufficient guidance so that the procedures maintain the required level of

functional safety during and after the changes.