8 nfpa 86 requirements – Rockwell Automation T8094 8000 Series TMR System Safety Manual User Manual

SAFETY MANUAL

D oc N umber T8094
I ssue 27 – June 2013

Page 27 of 103

3.2.8 NFPA 86 Requirements

The 8000 system is certified to be used in NFPA 86 compliant systems.

The systems should be integrated in accordance with NFPA 86. In particular the
following shall be applied.

•

The supplier of the application software for the programmable controller shall
provide the end user and the authority having jurisdiction with the documentation
needed to verify that all related safety devices and safety logic are functional
before the programmable controller is placed in operation.

•

In the event of a power failure, the programmable controller (hardware and
software) shall not prevent the system from reverting to a safe default condition. A
safe condition shall be maintained upon the restoration of power.

•

The control system shall have a separate manual emergency switch, independent
of the programmable controller, that initiates a safe shutdown.

•

Any changes to hardware or software shall be documented, approved, and
maintained in a file on the site.

•

System operation shall be tested and verified for compliance with this standard
and the original design criteria whenever the programmable controller is replaced,
repaired, or updated.

•

Whenever application software that contains safety logic or detection logic is
modified, system operation shall be verified for compliance with this standard and
the original design criteria.

•

The NFPA certification is only applicable where the system is applied in
accordance with the safety manual and NFPA86 requirements.

•

A programmable controller not listed for combustion safety service shall be
permitted to monitor safety interlocks, or to provide burner control functions,
provided that its use complies with both of the following:

(1) The programmable controller shall not interfere with or prevent the operation of
the safety interlocks.

(2) Only isolated programmable controller contacts (not directly connected to a
power source) shall be permitted to be wired in series with the safety interlocks to
permit burner control functions.