1 safety lifecycle – Rockwell Automation T8094 8000 Series TMR System Safety Manual User Manual

SAFETY MANUAL

D oc N umber T8094
I ssue 27 – June 2013

Page 9 of 103

2.2.1 Safety Lifecycle

The Safety Lifecycle is designed to structure a system’s production into defined stages
and activities, and should include the following elements:

• Scope definition
• Functional requirements specification
• System safety requirements specification
• System engineering
• Application programming
• System production
• System integration
• System safety validation
• System installation and commissioning
• System operation and maintenance procedures
• System modification
• Decommissioning

The definition of each lifecycle stage shall include its inputs, outputs and verification
activities. It is not necessary to have stages within the lifecycle addressing each of
these elements independently; it is important that all of these stages be covered within
the lifecycle. Specific items that need to be considered for each of these lifecycle
elements are described in the following sub-paragraphs.

2.2.1.1 Scope Definition

The initial step in the system lifecycle should establish the bounds of the safety-related
system and a clear definition of its interfaces with the process and all third party
equipment. This stage should also establish the requirements resulting from the
intended installation environment, including climatic conditions, power sources, etc.

In most cases, the client will provide this information. It is necessary to review this
information and establish a thorough understanding of the intended application, the
bounds of the system to be provided and its intended operating conditions. An
example checklist for the review of the scope definition is given in para. 4.1.1.

2.2.1.2 Functional Requirements

This stage is to establish the complete set of functions to be implemented by the
system. The timing requirements for each of the functions are also to be established.
Where possible, the functions should be allocated to defined modes of operation of the
process.

For each function, it is necessary to identify the process interfaces involved in each of
the functions. Similarly, where the function involves data interchanged with third party
equipment, the data and interface are to be clearly identified. Where non-standard
field devices, communications interfaces or communications protocols are required, it
is important that the detailed requirements for these interfaces be established and
recorded at this stage. In general, the client will provide the functional requirements. It
is, however, necessary to collate these requirements into a document, or document
set, including any clarification of the functional requirements. In cases where the client
provides the functional requirements in an ambiguous form it will be necessary to
clarify, document and establish agreement on the requirements with the client. It is
recommended that logic diagrams be used to represent the required functionality. An
example checklist for the review of the functional requirements is given in para. 4.1.2.