2 installation design, 8 planning the migration, 9 replicating the application 9.9.1 prerequisites – Rockwell Automation T8094 8000 Series TMR System Safety Manual User Manual
Page 104
SAFETY MANUAL
D oc N umber T8094
I ssue 27 – June 2013
Page 83 of 103
9.7 SITE PLANNING AND INSTALLATION DESIGN
9.7.1 Operational Environment
Make sure that the intended operational environment meets the published
specifications for the Trusted system, including the T8162 CS300 bridge module.
The temperature of the CS300 equipment enclosure must be monitored by at least two
temperature sensors and an alarm created if the panel exceeds the designed
maximum operating temperature. If appropriate, forced air cooling can be applied to
lower the usual operating temperature.
9.7.2 Installation Design
The installation of the CS300 equipment and the TC 322-02 Trusted
TM
expansion
interface cable must comply with all of the installation requirements for Trusted
TM
.
Refer to section 3.13.3.
9.8 PLANNING THE MIGRATION
The migration represents an overall modification and retrofit as defined by
IEC 61508-1:1998, and includes the following tasks:
•
The migration activities must be planned to make sure that the functional safety for
the legacy CS300 safety-related system is appropriate, both during and after the
migration. This objective applies to the equipment under control as well as to the
CS300 and Trusted
TM
controllers.
•
The migration must be preceded by a request for modification or retrofit under the
local procedures for the management of functional safety.
•
A migration plan must be created, approved and implemented.
•
The plan must begin by finding the boundary of the equipment under control and
the control system, and then specifying the scope of the hazard and risk analysis
(for example process hazards and environmental hazards
•
The migration plan will then follow the safety lifecycle.
The success of the migration will be measured by the achievement of the required
functional safety for the safety-related systems, both during and after the modification
and retrofit phase, and by chronological documentation of the operation, repair and
maintenance of the safety-related systems.
The CS300 system must be taken offline to perform the migration. Before doing
this, the process must be safely shut down and the plant brought to a
safe/neutral state.
9.9 REPLICATING THE APPLICATION
9.9.1 Prerequisites
Obtain the ‘as operational’ data for the existing system. This will usually consist of the
‘as built’ drawings, updated to include the details of all subsequent onsite modifications
and upgrades.