You are on page 1of 14

Materials System Specification

34-SAMSS-621 1 December 2010 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable) Document Responsibility: Instrumentation Standards Committee

Saudi Aramco DeskTop Standards


Table of Contents 1 2 3 4 5 6 7 8 9 10 11 Scope............................................................. 2 Conflicts and Deviations................................ 2 References..................................................... 2 Environmental Conditions.............................. 4 Electrical Requirements and Certifications.... 4 Basic Design Philosophy............................... 5 ESD System Configuration............................ 5 ESD System Construction and Spares........ 10 Quality Control............................................. 10 Documentation Requirements...................... 11 ESD System Testing.................................... 12

Previous Issue: 30 November 2005 Next Planned Update: 1 December 2015 Page 1 of 14 Primary contact: Brell, Austin on 966-3-8747219
CopyrightSaudi Aramco 2010. All rights reserved.

Document Responsibility: Instrumentation Standards Committee Issue Date: 1 December 2010 Next Planned Update: 1 December 2015

34-SAMSS-621 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable)

Scope This specification together with 34-SAMSS-820, (Instrument Control Cabinets Indoor) or 34-SAMSS-821, (Instrument Control Cabinets - Outdoor) defines the minimum mandatory requirements for hard-wired, non-programmable, fail-safe, solidstate emergency shutdown (ESD) systems. In case of any conflict between these documents, the requirements of this specification shall prevail. Excluded from this specification are programmable controller-based ESD systems (refer to 34-SAMSS-623), and relay-based ESD systems (see 34-SAMSS-622). All terminology used in the documentation shall be in accordance with IEEE 100.

Conflicts and Deviations 2.1 Any conflicts between this specification and other applicable Saudi Aramco Materials Systems Specifications (SAMSSs), Engineering Standards (SAESs), Standard Drawings (SASDs), or industry standards, codes, and forms shall be resolved in writing by the Company or Buyer Representative through the Manager, Process and Control Systems Department of Saudi Aramco, Dhahran. Direct all requests to deviate from this specification in writing to the Company or Buyer Representative, who shall follow internal company procedure SAEP-302 and forward such requests to the Manager, Process and Control Systems Department of Saudi Aramco, Dhahran.

2.2

References Material or equipment supplied to this specification shall comply with the latest edition of the references listed below, unless otherwise noted. 3.1 Saudi Aramco References Saudi Aramco Engineering Procedure SAEP-302 Instructions for Obtaining a Waiver of a Mandatory Saudi Aramco Engineering Requirement

Saudi Aramco Materials System Specifications 34-SAMSS-820 34-SAMSS-821 Instrument Control Panel - Indoor Instrument Control Panel - Outdoor

Page 2 of 14

Document Responsibility: Instrumentation Standards Committee Issue Date: 1 December 2010 Next Planned Update: 1 December 2015

34-SAMSS-621 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable)

Saudi Aramco Inspection Requirements Form 175-344200 3.2 Industry Codes and Standards American National Standards Institute/ National Fire Protection Association NFPA 70 Canadian Standard CSA C22.2 No. 0 CSA General Requirements (Electrical) National Electrical Code ESD Systems Hard-Wired Solid-State (Nonprogrammble)

Institute of Electrical and Electronics Engineers IEEE 100 Standard Dictionary of Electrical and Electronics Terms

Instrument Society of America ISA-S84.01, w/Annex B Application of Safety Instrumented Systems for the Process Industries (Solid-State Logic)

International Electrotechnical Commission (IEC) IEC 61000-6-2 IEC 61000-4-3 Generic Standards Immunity for Industrial Environments Testing and Measurement Techniques Radiated, Radio Frequency, Electromagnetic Field Immunity Tests Functional Safety of Electrical / Electronic / Programmable Electronic Safety-Related Systems

IEC 61508

International Organization for Standardization ISO 9001 Quality Systems - Model for Quality Assurance in Design/Development, Production, Installation and Servicing

National Electrical Manufacturers Association NEMA ICS 6 3.3 Engineering Units All dimensions and measurements shall be in the International System of
Page 3 of 14

Enclosures for Industrial Controls and Systems

Document Responsibility: Instrumentation Standards Committee Issue Date: 1 December 2010 Next Planned Update: 1 December 2015

34-SAMSS-621 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable)

Units (SI), and may be followed by the equivalent value in English units between brackets.
Exception: This requirement does not apply to the vendor's standard documentation.

Environmental Conditions 4.1 Indoor Installations Solid-state ESD cabinets installed in air-conditioned buildings shall be designed to meet a continuous operation at 50C (122F) and relative humidity of 95% (non-condensing).
Commentary Note: The temperature of 50C allows for a 35C room ambient plus a 15C rise within the cabinet.

4.2

Outdoor Installations All ESD equipment specified for outdoor installation shall be designed to operate continuously at the environmental conditions specified in 34-SAMSS-821.

Electrical Requirements and Certifications 5.1 Unless otherwise specified, solid-state ESD equipment shall be powered from individual UPS branch feeders at 120 VAC (tolerance of 110 126 VAC), 60 Hz ( 2Hz ), which are over-current protected. Unless otherwise specified, ESD components shall be installed within a general purpose, non classified electrical area per NFPA 70, National Electrical Code (NEC) Article 505. ESD system components shall be listed, labeled, and conform to UL, FM, or CSA standards or guidelines. ESD systems operating in outdoor cabinets shall be certified for use in Class I, Zone 2 hazardous areas. Safety System Certification Solid-state, fail-safe ESD systems shall be compliant with IEC 61508 to SIL-3 or above. The testing and certification of proposed safety systems shall be carried out by an internationally recognized testing agency such as TUV, SIRA, or UL.
Page 4 of 14

5.2

5.3 5.4 5.5

Document Responsibility: Instrumentation Standards Committee Issue Date: 1 December 2010 Next Planned Update: 1 December 2015

34-SAMSS-621 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable)

Basic Design Philosophy 6.1 The ESD system shall be designed as a SIL-3 hardwired logic system in accordance with IEC-61508. The ESD system shall be configured to perform the operational and process requirements shown in basic logic and/or cause and effect diagrams supplied by the Buyer or Buyer's engineer. Solid-state ESD systems shall consist of separate sections with Input-Output (I/O) modules, logic modules, and power supplies (logic and/or field). The ESD Logic solver shall be designed as a 24 VDC solid state system regardless of input/output module, voltage or current requirements. The ESD system shall be configured to fail-safe, i.e., any single failure or defect in system hardware or logic, shall cause the affected logic and output(s) to deenergize immediately to its designated failure position. Fail-safe ESD configurations, which are also fault-tolerant (i.e., those which utilize multiple input or output modules or logic solver arrangements) may be quoted as options, depending on the specification requirements for fault tolerance. The ESD system shall include comprehensive diagnostics for individual I/O, logic, and power supply modules, i.e., automatic internal checking and diagnostics, with the capability of detecting both overt and covert faults in hardware and logic elements. Should a component or functional failure occur within the I/O, logic, or power supply sections, an alarm and/or shutdown shall be initiated, along with a diagnostic message or fault code, to an associated graphic display unit and communications/printer port. All components or modules using edge connectors shall use gold-plated contacts. Edge connectors, which incorporate a keying system, are the preferred method of preventing incorrect positioning of a board or module. Plug-in components shall be capable of being removed and replaced while energized. Each module or component shall be identified by a type number.

6.2

6.3

6.4

6.5

6.6

6.7

ESD System Configuration 7.1 Input-Output Section The I/O section shall consist of I/O chassis, housing, or board assemblies in which I/O modules (with associated termination panels or assemblies) and I/O bypass switch panels reside. Housings shall be rack-mounted, or sub-panel

Page 5 of 14

Document Responsibility: Instrumentation Standards Committee Issue Date: 1 December 2010 Next Planned Update: 1 December 2015

34-SAMSS-621 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable)

mounted and be of rigid, heavy-duty construction. Termination panels or assemblies shall have screw type terminals for the field wiring. 7.1.1 I/O Modules 7.1.1.1 The I/O modules shall be plug-in type only (without screw terminals) to allow insertion into or removal from the I/O housings without disturbing external wiring connections. External wiring shall be terminated at a separate I/O module termination panel or assembly. Light Emitting Diodes (LEDs) or similar type indicators on the visible front edge of the I/O modules shall indicate the status of all I/O channels, as well as the health-fault status of logic modules.

7.1.1.2

7.1.2

I/O Module Signal Levels 7.1.2.1 Input modules shall be capable of accepting either discrete or analog type (24 VDC, 0-20 ma) input signals. Where analog inputs from 2-wire transmitters are utilized, the input module should provide the 24 VDC power for the transmitter, a signal out-of-range alarm and short circuit alarm. Discrete input circuits shall incorporate optical or electrical isolation and noise/transient filtering rated for a minimum of 500 V RMS or 500 VDC common-mode. Analog input circuits shall be designed to function normally when the applied voltage varies between 85% and 110% of its normal value. Output modules shall convert logic level signals to AC or DC output circuits capable of supplying power to individually isolated, field loads (e.g., motor starters elementary circuits, interposing relays, single or dual solenoids arrangements, etc.). Output modules shall be capable of handling a 2 amp resistive load. Output circuits shall be designed with protective elements (e.g., reverse diode, transient suppression circuits, short circuit, and reverse voltage) to protect against transients resulting from switching inductive loads or improper wiring connections.

7.1.2.2

7.1.2.3

7.1.2.4

Page 6 of 14

Document Responsibility: Instrumentation Standards Committee Issue Date: 1 December 2010 Next Planned Update: 1 December 2015

34-SAMSS-621 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable)

7.1.3

I/O Housing and Module Orientation 7.1.3.1 I/O modules shall be oriented in the vertical plane with heat generation sources, e.g., power supplies, located above them. It shall be possible to install the I/O modules in any configuration within chassis or back-planes, regardless of signal voltage level. Input and output circuits shall be physically grouped within modules and chassis so that a potential failure of one module or card will not adversely affect more than one piece of equipment of the group or shutdown multiple process trains.

7.1.3.2

7.1.4

External Input Bypass Switches 7.1.4.1 Each shutdown input into the ESD system shall have individual or grouped, key-lockable switch(s) bypassing the particular field device without impairing the associated dedicated alarm, or alarm print out function. Each bypass switch shall have an associated INPUT CLEAR indicator showing that the switch may be safely returned to its normal position. A separate and unique BYPASS indicator shall also be provided, identifying that the switch is in the bypass position. The BYPASS indicator shall be driven from a dedicated lamp driver circuit to indicate the true bypass status in the system logic. All bypass switch contacts shall be encapsulated or sealed. Each bypass switch shall have a pair of independent contacts, wired to a terminal strip, for remote indication. Each bypass switch shall have a name plate identifying the tag number of the device it bypasses.

7.1.4.2

7.1.4.3 7.2

ESD Logic Section 7.2.1 ESD logic shall be designed to use 24 VDC solid-state, discrete, analog or timer modules or a combination of solid-state components to achieve fail-safe logic design per detailed logic or cause and effect drawings. ESD logic and output design shall prevent incorrect commands from being sent to output devices when main power is applied or restored. This means that power to the output drivers shall not be applied before

7.2.2

Page 7 of 14

Document Responsibility: Instrumentation Standards Committee Issue Date: 1 December 2010 Next Planned Update: 1 December 2015

34-SAMSS-621 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable)

power to the logic circuitry has been established and all circuits have been reset. 7.3 ESD System Power Supplies 7.3.1 ESD Chassis Power Supplies Redundant chassis power supplies shall be used in all cases to supply power to internal ESD system modules (or cards). Each power supply must be separate and distinct; connected via robust cabling or internal bus structure. Each power supply shall be sized to provide 100% of the ampacity requirements (at rated voltage, connected load, and maximum cabinet temperature) for the specified configuration of I/O cards, logic modules, etc., including provision for expansion capability (see paragraph 8.2), with all modules and outputs energized and carrying their maximum connected load. 7.3.2 Field I/O Power Supplies Redundant, switch mode or linear field power supplies shall be used to power the I/O portion of the ESD system. Each I/O power supply shall be sized to continuously supply 125% of its connected load (at rated voltage, ampacity, and at maximum cabinet temperature). It shall be possible to configure power supplies in either a master-slave or load sharing arrangement and to locally monitor the output voltage and current of each power supply. Power supply loads shall be calculated with all points energized, and all outputs carrying their maximum connected load. The load calculation shall include provision for installed spares and future expansion capability. 7.3.3 Power Supply Protection Each power supply shall be protected by a properly sized circuit breaker or fuse. Output protection shall be provided via a combination of strategies (i.e., diode auctioning/isolation - where diodes are rated at not less than 300% of the maximum power supply current delivery and time-over voltage/over-current protection). Fast-acting crow-bar circuits, designed to shunt output loads are not permitted. Fuses or circuit breakers shall be capable of being replaced or reset without physically having to remove any wiring terminations. 7.3.4 ESD Chassis Power Supply Diagnostics System diagnostics shall detect events which may compromise internal (ESD chassis) power supply health or integrity (e.g., whenever extreme
Page 8 of 14

Document Responsibility: Instrumentation Standards Committee Issue Date: 1 December 2010 Next Planned Update: 1 December 2015

34-SAMSS-621 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable)

overvoltage, overcurrent, or high temperature conditions are detected within the power supply or at the DC output(s) of the power supply. Power supply (health/fault) status shall be indicated on its faceplate and be externally communicated via discrete alarm contacts (or data communications link) to an alarm display and printer. 7.4 ESD System Diagnostics 7.4.1 The ESD system shall be designed with automatic test or diagnostic circuits which continuously monitor its own health and operational status. ESD system diagnostics or status indicators shall be capable of being viewed on a local graphic display panel as well as being communicated via a data port to an external computer or DCS. Should an ESD output module failure occur, the respective output circuits shall de-energize, as specified in the material requisition or specification. At least two sets of isolated contacts for a remote common alarm shall be provided. ESD system self-diagnostics shall include: a) b) c) d) e) 7.4.4 7.5 Open or short-circuited semiconductors Interrupted I/O wiring, relay coils, and connections to terminals, contacts, or connectors Failures in I/O and logic modules Loss of individual power supplies, power supply regulation, or auctioneering diode failure Removal of any subsystem component or printed circuit board.

7.4.2

7.4.3

Cabinet or control panel mounted indicating lights shall be provided with a lamp test input.

ESD Event Logging and Recording 7.5.1 Unless otherwise specified, transitions of discrete ESD input devices, including bypass switches, shutdown push/pull-buttons, manual reset push buttons, or of equivalent analog signal converters used as trip switches, shall be time-tagged and discriminated by device tag number, using a first-out event-logging recorder or equivalent historian device. The event logger may be external to or resident within the ESD system. The minimum resolution of all ESD event transitions, after filtering and/or buffering of input signals shall be 10 milli-seconds or less.

7.5.2

Page 9 of 14

Document Responsibility: Instrumentation Standards Committee Issue Date: 1 December 2010 Next Planned Update: 1 December 2015

34-SAMSS-621 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable)

ESD System Construction and Spares 8.1 ESD cabinet construction shall be as per 34-SAMSS-820/34-SAMSS-821 except where superseded by this specification. 8.1.1 ESD cabinet layout and equipment spacing shall be designed assuming heat dissipation by convection ventilation. Ventilation inlet/outlet cross-sectional area requirements shall be determined by cabinet heat rise calculations using internal component or module heat generation data. Fans shall only be installed within cabinets installed indoors to assist in heat removal. Each indoor cabinet shall be equipped with two continuously running fans and be fitted with replaceable or washable filter screens inserted behind slotted louver inlets for cabinet air supply. Fan-failure or over-temperature detection circuitry shall be provided, including local alarm status indication and contacts for external alarm annunciation. Each cabinet which contains system components, such as I/O and communications modules or which house power supply modules shall contain a temperature sensing device. This device shall provide temperature indication and high temperature alarming to the operators.

8.1.2

8.1.3

8.2

The ESD system design and configuration shall include the following minimum spares to allow for future system design modifications: a) b) c) 20% spare terminals for each type of terminal used, 10% installed spare I/O and logic channels of each type used, 10% spare output isolation devices.

Quality Control 9.1 Quality Control Procedures 9.1.1 Vendor's QA/QC program shall conform to the guidelines of ISO 9001, quality systems - Model for quality assurance in design/development, production, installation, and servicing. Sampling techniques shall be applied where practical, but never used for final acceptance and burn-in of system components. Where statistical inspections are applied, the plan shall conform to the guidelines of ISO 9001.

9.1.2

Page 10 of 14

Document Responsibility: Instrumentation Standards Committee Issue Date: 1 December 2010 Next Planned Update: 1 December 2015

34-SAMSS-621 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable)

9.2

Qualification Tests Vendor's ESD system (cabinet configuration) and component/modules shall be capable of meeting the following minimum parameters. All testing techniques shall be in compliance with IEC standards: a) b) Vibration - Per axis sinusoidal (Sinusoidal Sweep) 8.4 to 150 Hz 1.0 G Shock Non-Operating : Operating c) Temperature Indoor Operating: 0 to 50C (indoor internal cabinet temperature) Outdoor Operating: 0 to 70C (internal cabinet temperature) d) e) f) Thermal Stress: 70C (represents storage temperature) Humidity: 5 - 95% relative, non-condensing Electromagnetic Compatibility (EMC) ESD equipment shall comply with immunity levels stated in IEC 61000-6-2. Alternatively, the vendor shall provide testing results to confirm that the equipment will operate without disturbance when energized and subjected to an electromagnetic field from a radiating source equivalent to a level 3 disturbance as detailed in IEC 61000-4-3. g) Hipot & Ground Continuity: Per CSA C22.2 No. 0 (or equal) : 15 G for 11 msec 6 G for 11 msec

10

Documentation Requirements 10.1 Required Vendor's Documentation Prior to commencement of a Factory Acceptance Test (FAT), the Vendor shall provide the following Non-Material Requirements (NMR's) to designated Company representatives, preferably in electronic format or via media which utilizes a Vendor's engineering workstation printer support utilities: a) b) A listing of the ESD system configuration identifying each module type, location, and tag name; Annotated printout or drawing of all ESD logic in logic element or function block format including all pertinent embedded comments
Page 11 of 14

Document Responsibility: Instrumentation Standards Committee Issue Date: 1 December 2010 Next Planned Update: 1 December 2015

34-SAMSS-621 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable)

describing logic functionality. Descriptors for logic element/blocks shall include completed I/O addresses and tag numbers, set points, logic element parameter identification, and logic execution sequence so as to facilitate ESD system troubleshooting; c) d) e) f) g) h) An index of all I/O points correlating individual tag name(s) to ESD logic blocks/pages; I/O and internal element cross reference where logic is shown on different logic sheets; Event log configuration file (if so specified); A narrative describing the operation and sequence of the logic system (based on the buyer's original logic and or narrative description); A fault finding/troubleshooting guide for the ESD system including all integrated components. Preferred format is a cause and effect diagram. Installation and maintenance manuals containing: Module circuit schematics/diagrams (for repair and fault-finding) parts lists, assembly and interconnecting wiring diagrams, field device/input-output termination/wire number/ I/O module indexes, cabinet construction, assembly and interconnecting wiring diagrams; and cabinet arrangement drawings showing front and rear views of enclosure.

10.2

Quick-Reference Charts Quick-reference charts shall be attached to, or enclosed within, ESD cabinet doors or enclosures. The charts shall clarify proper module placement and assist in the interpretation of ESD status indicators.

11

ESD System Testing Saudi Aramco Testing and Inspection Form 175-344200, logic or cause and effect diagrams, in conjunction with ESD system functional narrative, attached to the material requisition or ESD specification, shall be used as the basis for a Factory Acceptance Test (FAT) of all vendor supplied ESD equipment. 11.1 Factory Acceptance Testing (FAT) 11.1.1 During the FAT test the complete ESD system including all cabinets, termination-marshaling panels or assemblies, and associated equipment will be checked and verified against approved construction drawings and wiring diagrams. ESD components and logic (including all interconnecting wiring) shall be subject to both structured and unstructured functional tests.
Page 12 of 14

Document Responsibility: Instrumentation Standards Committee Issue Date: 1 December 2010 Next Planned Update: 1 December 2015

34-SAMSS-621 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable)

11.1.2

These tests shall demonstrate the functionality of each individual input and output point and associated logic elements making up the logic structure of the integrated ESD system. This includes all discrete, analog or timer/counter elements, sub-assemblies, or modules. During the time of testing the vendor shall make available to Buyers representatives (i.e., FAT team), testing and calibration equipment (e.g., VOM meters, portable calibrators, data loggers, etc.) capable of simulating all specified input signals, measuring output signals, verifying event log function and discrimination, and fault-finding system problems. Facilities to simulate each and every input condition, vary the power supply voltage, simulate overloads on inputs and outputs, shall also be made available. Wire tagging and terminations shall be checked against wiring diagrams and Tug tested. (A tug test involves physically stressing a wire termination to determine whether it has been crimped and terminated properly. The intent is not to break wiring or stress insulation or components but to test the integrity of the termination). All ESD logic functionality shall be checked against logic drawings and dynamically tested and verified for proper ESD sequence and functionality. The dynamic test will involve physically simulating all inputs and outputs in their proper operational sequence, and verifying that specified ESD application program logic is executed properly. Fail safe output states will be tested in response to simulated input/output module failures and loss of ESD module power. All diagnostic routines shall be tested by simulating I/O module-individual point failures; power supply failure, communications interface failures, card replacement induced failures. Fault histories/summaries, if specified shall be logged and annunciated both on an external printer and an operators workstation or console. All event logging functions shall be demonstrated by randomly generating input event cycles, with the specified point resolution being demonstrated. Where practical, all communications interfaces shall be functionally tested using actual cable types and intended cable lengths. ESD Cabinet heat load and heat dissipation calculations shall be checked against the vendor's calculation method and procedure. ESD cabinet temperatures shall be monitored throughout FAT tests to verify and validate that normal ESD cabinet temperatures are consistent with vendor's design calculations and the specified parameters listed in this document. If fans are used to assist in ESD cabinet ventilation, cabinet

11.1.3

11.1.4

11.1.5

11.1.6

Page 13 of 14

Document Responsibility: Instrumentation Standards Committee Issue Date: 1 December 2010 Next Planned Update: 1 December 2015

34-SAMSS-621 ESD Systems - Hard-Wired - Solid-State (Nonprogrammable)

temperatures shall be verified to be within design limits when all fans are deenergized for a period not less than 8 hours. 11.1.7 All discrepancies noted in the FAT shall be resolved to the satisfaction of the Buyer. Results of the FAT test shall be documented by a written report, supported by the FAT procedure used.

1 December 2010

Revision Summary Major revision.

Page 14 of 14