92/98 bd Victor Hugo 92115 CLICHY France Tel 33 (0) 1 41 06 30 00 Tlex 620 428 SOFRGAZ Fax 33 (0) 1 47 37 16 27 E-mail

l : [email protected]

GENERAL SPECIFICATION INSTRUMENTATION

THIS DOCUMENT IS OUR PROPERTY AND SHALL NOT BE USED NOR REPRODUCED WITHOUT OUR WRITTEN AUTHORIZATION

CE DOCUMENT EST NOTRE PROPRIETE ET NE DOIT ETRE NI UTI LISE, NI REPRODUIT SANS NOTRE AUTORISATION ECRITE

FUJIAN LNG TERMINAL AND TRUNKLINES PROJECT

DISTRIBUTED CONTROL SYSTEM

Date : 18/12/03 Rv. / Amend. 1

Etablis. / Establ.
V. VIGUIER

Projet / Project
AG. BLAZQUEZ

EMISSION POUR / ISSUE FOR ISSUED FOR FEED Page 1/40

Vrif. / Check
L. BROCCOLI

Approbat. / Approval N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

REVISION RECORD

Rev. 0 1

Date 0/11/03 18/12/03

Established V. VIGUIER V. VIGUIER

Checked LP. BROCCOLI LP. BROCCOLI

Project AG. BLAZQUEZ AG. BLAZQUEZ

Issue for First issue Approved

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 2/42

CONTENTS 1 1.1 1.2 1.3 1.4 1.5 2 2.1 2.2 3 3.1 3.2 3.3 4 4.1 4.2 5 5.1 5.2 5.3 6 6.1 6.2 7
01.02

INTRODUCTION PURPOSE OF THIS DOCUMENT GENERAL PROCESS DESCRIPTION REFERENCES, CODES AND STANDARDS ENVIRONMENTAL CONDITIONS ABBREVIATIONS CENTRAL CONTROL SYSTEM (CCS) CCS CONCEPT DISTRIBUTED CONTROL SYSTEM GENERAL DEFINITIONS OF THE CONTROL LEVELS GENERAL DESCRIPTION OF THE SYSTEM FUNCTIONALITY AND GENERAL PERFORMANCES ACQUISITION AND CONTROL SYSTEM HARDWARE CHARACTERISTICS SOFTWARE CHARACTERISTICS AND PERFORMANCES SUPERVISORY SYSTEM SYSTEM ORGANISATION HARDWARE CHARACTERISTICS SOFTWARE CHARACTERISTICS AND PERFORMANCES COMMUNICATION SYSTEM INTERNAL DCS COMMUNICATION BUS COMMUNICATION WITH THIRD PARTY SYSTEMS ASSOCIATED SYSTEMS REQUIREMENT
Date 18/12/03 Date N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002 Page : 3/42

Rv. 1 Amend.

8 8.1 8.2 8.3 9 9.1 9.2 9.3

DOCUMENTATION HARDWARE DOCUMENTATION SOFTWARE DOCUMENTATION INSTRUCTION MANUALS DCS ACCEPTANCE TESTS MANUFACTURER INTERNAL TEST (IFAT) FACTORY ACCEPTANCE TESTS (FAT) SITE ACCEPTANCE TEST(SAT)

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 4/42

1 1.1

INTRODUCTION PURPOSE OF THIS DOCUMENT This general specification covers the minimum requirements for the design, supply, configuration, programming et tests of the Distributed Control System to be installed for the FUJIAN LNG TERMINAL project.

1.2

GENERAL PROCESS DESCRIPTION The Fujian LNG Terminal is an onshore import terminal with LNG carriers unloading facilities, LNG storage with vaporising facilities and gas export capability. The LNG terminal will be located at Xiuyu Harbor north shore development zone of PUTIAN city, Fujian province. Approximate latitude and longitude are North 25 12, East 110 59. The process of the Terminal can be described into three main functional sections: LNG unloading LNG carriers are berthed along terminal jetty. LNG is pumped out from ship using ship pumps and sent to storage tanks through 3 unloading arms and an unloading collector routed to shore on an aerial trestle. Part of the vapour displaced during tank filling operation is sent back to carrier via a vapour return line connected to ship by means of a gas return arm. LNG storage LNG is stored in tanks at pressure close to atmosphere (two identical tanks are installed for phase I). Tanks pressure is mainly controlled by withdrawal of boil-off gas by reciprocating compressors (2 installed). In case of abnormal pressure increase in tank, boil-off gas in excess is sent to flare. LNG / NG send out LNG is withdrawn from tank by cryogenic pumps (two per tanks). Simultaneous operation of three in-tank pumps is required to provide peak flow. Part of the pumped flow can be sent to an LNG trucks loading station. Main flow is sent to the HP send-out pumps and to the vaporisers. Upstream HP send-out pumps, the LNG flow is split in two streams. One stream is routed to a recondenser where it is put in contact with compressed boil-off gas to make it condense. The rest of the flow bypasses the recondenser. Downstream recondenser, low pressure LNG is pressurised by cryogenic pumps and sent to vaporisers. There are two different vaporisation lines:

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 5/42

a high pressure line (HP system) that supplies the trunklines to Wenzhou and to Zhangzhou, a medium pressure line (MP system) dedicated to Putian power plant.

Three identical HP pumps and three identical MP pumps are installed for phase I. Parallel operation of two pumps is required to provide peak flow. Under normal operating conditions LNG is vaporised by Open Rack Vaporisers (HP ORV and MP ORV) using seawater as warm fluid. For each pressure level (HP and MP), three ORV are installed during phase I with one spare. At terminal boundary, gas is delivered to two distribution pipelines. One metering station is provided on each export line, upstream Terminal battery limit. 1.3 REFERENCES, CODES AND STANDARDS All equipment constituting the Distributed Control System shall be designed and manufactured in accordance with the last issues of regulations, codes, norms and standards listed in the specification Applicable Codes and Standards N RC443.LL.000.B100.001. All the requirements of national legislation, regulations and codes, including regulations on environmental protection and safety, in force at site, take precedence over the minimum requirements cited in the context of this specification and must be complied with, even without explicit mention. The General Control System Overview architecture drawing RC443.PL.I040.0001 has to be read in conjunction with this document. 1.4 ENVIRONMENTAL CONDITIONS Refer to General RC443.NT.000.P030.0001 1.5 ABBREVIATIONS The following abbreviations are used : BOG CCS CPU DCS ESD FACP FGM FMS
01.02

number

Design

requirement

technical

note

Boil Off Gas Central Control system Central Processing Unit Distributed Control System Emergency Shut Down System Fire and Gas Alarm Control Panel Fire and Gas Mimic Facilities Management System
Date 18/12/03 Date N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Rv. 1 Amend.

Page : 6/42

FOC FTA F&G I/O TR LCD MCC ORV OTS PLC PMS SIL SCV UPS 2 2.1

Fibre Optic Cable Field terminal Unit Fire and Gas System Input / Output Technical Room Liquid Crystal Display Motor Control Centre Open Rack seawater Vaporiser Operator Training System Programmable Logic Controller Power Management System Safety Integrated Level Submerged Combustion Vaporiser Uninterruptible Power Supply

CENTRAL CONTROL SYSTEM (CCS) CCS CONCEPT The Central Control System (CCS) will comprise a group of related, integrated control systems in charge of the control and safety of FACILITIES operations. Major systems in the CCS are: a. b. c. d. e. f. DCS ESD F&G PMS PA/GA Distributed Control Systems Emergency Shutdown System Fire & Gas System (including spillage detection) Power Management System Public Address and Gas Alarm System Packages control systems (such as Tank Gauging Systems, BOG compressors, SCV, ORV, emergency diesel generators, and air & nitrogen systems, unloading arms) Metering systems Instrumentation

g. h.

This specification covers the requirements for the Distributed Control System (DCS) only.
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 7/42

2.2

DISTRIBUTED CONTROL SYSTEM The Distributed Control System (DCS) will be the primary control system and the backbone of the CCS in order to control and supervise the Terminal operations. The CCS will utilise the DCS capabilities for managing CCS data and presenting them to the operator via interactive workstations. DCS shall be in charge of: Operator Interface Alarm Management Historisation and reporting Regulatory Control, Sequencing , Logic and Monitoring Functions Interface to other PCS systems Interface to other third party systems

3 3.1

GENERAL DEFINITIONS OF THE CONTROL LEVELS The following definitions are used in this document: Level 0: Instrumentation This is the lowest level of the hierarchically ordered System structure. It regards all the field instruments like sensors, initiator and actuators. (They are not covered by this specification, refer to "Instrumentation General Specification N RC443.SG000.1500.0100) Level 1: Acquisition and control system This is the intermediate level of the hierarchically ordered structure of the System. It regards all the System equipment dedicated to Data Acquisition, Control, Automation and functions. Level 2: Supervisory system This level regards the System equipment having the function of HUMAN-MACHINE Interface (HMI). Level 2 is the supervisory level of the Plant. Level 3: Management system This is the level dedicated to Advanced Control and Plant Optimisation (not covered by this specification).

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 8/42

3.2

GENERAL DESCRIPTION OF THE SYSTEM The system shall be based on microprocessor modules for the control and data acquisition. It shall be equipped with resident software to carry out the regulatory control algorithms, the interlock and sequential control functions. The operator interface shall be implemented through interactive workstations equipped with data display console, keyboard and printer and capable of managing the supervision, control, graphic presentation, alarm, message, diagnostic functions. An engineer workstation dedicated to the configuration of the System and the implementation/modification of the user software shall also be provided. The control modules and workstations shall be connected by a data communications system. The system shall be capable of carrying on a dialog through an appropriate interface module with external electronic computers and/or data communications standard networks (Ethernet or equivalent).

3.2.1

Level 1: Acquisition and Control System The Level 1 equipment shall be suitable to carry out the following functions: Interface with field instrumentation such as transmitters, initiators, switches and final elements. Acquisition of process data from sensors to allow monitoring of process variables. Performance of basic control functions. Performance of calculation functions including arithmetic computation. Performance of complex control functions including adaptive gain, feed forward, signal selection, etc Execution of logic for performance of interlock, automation, and sequential functions. Execution of combined regulatory and logic functions. Handling of sequence of events with time recording for preparing alarms monitoring and data logging performed on level 2 Transfer to Level 2 of all data, measurements and acquired events, calculated or produced by Level 1 itself. Receive from Level 2 commands and set points.

3.2.2

Level 2 : Supervisory System Supervisory system represents the Operator's interface towards the Plant.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 9/42

 It handles and allows the following functions: Indication of all analogue or digital process variables, open or closed loops and all related parameters Manipulation of control loops, including: set-point change, operating mode, output, tuning, computation constants Alarm announcing Display of lived process graphics Logging and possibility of both historical and trend recording Display of sequence of events. Display of self-diagnostics messages. Still at Level 2, but through separate and independent equipment, the following functions are handled in addition to the above mentioned ones: Changes, additions, canceling to the configuration of Level 2 (user software) or of the lower levels. 3.2.3 DCS Communication System The equipment components forming the various levels are interconnected through a communication system allowing the functions described in the following paragraphs. The communication system shall be based on an open architecture using TCP/IP protocol or equivalent in a client/server environment. Also the communication medium shall be of standard manufacturers (Ethernet or equivalent). Proprietary communication systems are also acceptable; but they shall be submitted to review and approval. They shall be able to communicate with open systems based on TCP/IP protocol or equivalent. 3.2.4 Interface with other systems DCS shall also communicate with CCS systems, third party control systems and management computers. 3.3 FUNCTIONALITY AND GENERAL PERFORMANCES The DCS shall provide the following functionality and performances: 3.3.1 Capacity The DCS must be capable of supporting the entire plant process units. Speed of response for both control functions and man-machine interface should not be
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 10/42

degraded under any conditions (such as, for instance, alarm overload) taking into account that this is a relatively fast-responding process. Multiple local area networks are allowed provided that the overall functionality is satisfied. 3.3.2 Reliability and Availability The system shall be implemented by holding reliability in the utmost consideration and in particular the selection of the electronic components and the individual entities forming the system is carried out on the basis of a continuous operating time of 2 years. Availability The System shall be highly reliable and available. The availability shall be better than 99.9 % with a MTTR of 12 hours for all functions. The Probability of Failure on -2 Demand (PFD) shall be strictly lower than 10 . No error propagation: The malfunction of a unit of the System, at any level, shall not propagate to other apparatuses of other levels. 3.3.3 Modularity The system shall be of a modular construction and easily expansible. The module typology holds in due consideration the requirements of interchangeability and reduction of storage costs. 3.3.4 Redundancy High reliability is important if we take into account that the loss of critical process units would result in major upsets and costly restart time. The DCS should have ability to continue operation, without upsets, even in case of one critical equipment failure. Consequently, the System shall be configured in such a way that some equipment could be redundant. Particularly, all the following parts/functions of the System shall be completely redounded: all CPUs all communication buses all communication modules all power supply modules all parts dedicated to continuous control including I/O cards
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 11/42

 all parts dedicated to interlock or sequential logic control All boards or equipment shall be equipped with redounded supply system connected to separate supply systems. The redundancy layouts shall be implemented in such a way that the transfer from each element to its back-up in redundancy and return to normal situation is immediate, automatic and such as not to affect the process, the operator stations, the computation or other functions. The transfer from a unit to the back up one shall be in any case alarmed. The System is fitted with a redunded memory comparing automatic device, which generates an alarm signal in the event that the result of comparison is negative. In the event of a discrepancy between the contents of the memories, it shall be possible to eliminate such difference keeping the System running. The System will be implemented in such a way that it is possible to replace the unit in redundancy of the main one without affecting the operation of the System itself. 3.3.5 Security A DCS, by nature, is relatively easy to reconfigure. The system should provide various levels of password and/or key protection to allow for different levels of authorisation when maintenance is being performed. 3.3.6 Memories Memories of non-volatile type shall be provided for the configuration data. It shall not be necessary to reload other "offline" devices in case of System restarting. In the event that RAM are used with buffer batteries, these shall be suitable to maintain the memories for 30 days. The battery charge state shall be continuously monitored. A special alarm shall be generated when the required maintenance times cannot be ensured. All batteries shall be replaceable without needing to interrupt the functionality of the associated memories. The System is fitted with memory sufficient to carry out all the required control, protection and automation functions. The System configuration shall be such as to leave at least 30% of memory space available for future changes. It is preferred that all memory modules are expansible with no need of hardware or software changes.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 12/42

3.3.7

Synchronisation All System apparatuses at any level shall maintain an internal clock having a resolution of 1 millisecond. Such clock shall be resettable from the operator station or from the configuration station. All system clocks shall be synchronised within 1 millisecond one from the other. Within the System there are more Master stations in such a way that the malfunction of an individual apparatus cannot affect the operation or the synchronisation of the others. Each Level 1 apparatus of the System shall be suitable to generate such synchronisation signal.

3.3.8

Data Base All Input/Output signals to the System shall be identified with the same identifying tag name, generally that one of the field instrument. The System allows the input, output signals or internal variable to be identified with a name of 12 digits at least. For each input, output or internal variable, this name will be unique and can be used in any level of the DCS and for any function (acquisition, control, supervision, configuration and programming, visualisation, logging, etc..)

3.3.9

Basic control. DCS shall allow implementation of standard control functions (PID, ratio, cascades, etc.).

3.3.10

Extended control The DCS should provide ways to implement user functions including modifying standard algorithms or defining new ones. This functionality should be available by use of a high-level programming language from an industry standard. The ability to include logic functions (e.g. interlocks) may be necessary for implementing certain advanced control functions.

3.3.11

Multivariable control A highly desirable feature of the DCS is that multivariable predictive control (MPC) can be performed directly rather than in process control computer interfaced. This will allow high speed, high reliability and state-of-the-art advanced control within the basic instrumentation system. It also allows, for the operator interface, to be consistent with standard control functions display for all advanced process control applications.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 13/42

Multivariable control should be able to run as fast as every 15 seconds, even if, typically, run once per minute is enough. 3.3.12 Loop processing Some functions need to be processed rapidly, at least twice per second (4 to 10 times per second desired). Others can be done much less frequently (once per minute to 4 times per minute typically for multivariable controls). The DCS must provide a mechanism to distribute the processing load so that this wide range of loop execution frequency can be accommodated. The load distribution shall not affect any functionality. 3.3.13 Communications with third party systems The DCS must offer possibility of interface with third party systems. Three types of communication may be considered: For major CCS systems such as safety systems (ESD and Fire and Gas systems, etc). In this case, the preferred DCS interface shall be via the DCS's own internal communication system where the CCS subsystems appear as nodes on the system and have established and integrated software. For external control systems such as machinery and package control systems, tank gauging systems, metering system, motorised valves management system, power management system, HVAC control system etc In that case, standard serial link (RS 232, 485, etc..) redundant or not according to application with proven protocol (such as MODBUS) shall be used. High level of communication can be also considered after review and approval. For management and associated systems such as Management information system, Asset management system, operator training system, advanced control system etc.. In that case, DCS shall be able to carry on a dialog through appropriate interface module and communications standard network (Ethernet or equivalent). 3.3.14 Installation of the system The system will be installed in a non-classified area (control room, technical room) - ISA S71.04 & S71.01 G1AX The System shall be suitable to operate in a room with the following ambient parameters: Maximum: T = 40C
01.02

Relative Humidity = 90%

Rv. 1 Amend.

Date 18/12/03 Date

Minimum: T = 10

Relative Humidity = 20%

The system shall be suitable to be stored in a warehouse with the following limit ambient parameters: T from 0 to + 50C Relative Humidity from 20% to 95% DCS equipment shall be in accordance with IEC 6100 norms regarding EMC interference. Earth shake protection Shock of 15G, 10 millisecond duration or steady state vibration of 2.5G, 5-500 Hz shall not result in any damage or malfunction. 3.3.15 System Electric Supply The system shall be supplied at 220 V - 50 Hz from a UPS supply with the following tolerances: Voltage Frequencies 220 V + 10%, 220 V - 10% 50 Hz + 3%, 50 Hz - 4%

The system is to supply all external loops except those identified as "externally supplied". All supply units shall be redundant and implemented in such a way as to prevent that the malfunction of a unit may extend to the other units as well. The transfer of supply from the unit under failure to the back up one is instantaneous and without interruptions in the normal operation of the System. The outputs of all supply units shall be monitored by the System and any malfunctions shall be immediately identified and alarmed. In case of interruption then coming back of the power, the system shall automatically start with no need of a manual data reloading from disks, tapes or else. The starting and reset of each System component shall not require the performance of complex procedures.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 15/42

4 4.1 4.1.1

ACQUISITION AND CONTROL SYSTEM HARDWARE CHARACTERISTICS Input /Output cards

4.1.1.1 General The I/O cards shall be of a strong design, high quality and manufactured in such a way as to be suitable for the installation in an industrial environment. The System shall be implemented in such a way that all types of I/O cards may be installed in all positions of the relevant nest. It shall be implemented in such a way that every I/O card may be removed or inserted under voltage. The System shall be equipped with diagnostics suitable to prevent that the insertion and removal of I/O cards may cause errors in signal scanning. Each individual I/O channel shall be protected by fuses. All fuses shall be equipped with optical indicator; furthermore the fuses may be replaced with no need to remove the card, keeping in operation all channels not protected by the fuse to be replaced. The minimum insulation between I/O channels and between the channels and the common is 75 M. 4.1.1.2 Analogue Input Cards The analogue input cards available are suitable for the following typologies of signals: 1 - 5 VDC 4 - 20 mA self supplied or externally supplied thermocouples (I, K, T, E) RTD 100 Pt The analogue input cards 4-20mA shall be equipped with a device to check the functionality of the loop (open - short circuit detection). The supply to field transmitters for the 4-20 mA loops shall be 24 VDC. The thermocouple input cards shall be equipped with compensation of the cold junction and with a device to detect any burnout. The linearization of the signals from thermocouples or thermo-resistors shall be made at card level or at software level. The scan rate for analogue inputs, which are part of control loops, shall not be more than 0.25 seconds.
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 16/42

The scan rate for analogue inputs not involved in control loops, shall not be more than 1.0 seconds. The only exception to the above, can be the loop relevant to temperature measurement for which a scan rate of 5.0 seconds can be accepted. Each card shall be equipped with its own A/D conversion unit. 4.1.1.3 Analogue Output Cards The analogue output cards shall comply with the following technical requirements: they are suitable to control a load of 400 at least; the output range is 4-20 mA the resolution is 12 bits the linearity is 0.1% the action in the event of malfunction of the card or the logic shall be preselectable (high - low or unchanged) The card circuitry shall be suitable to monitor the state of the loop connected and in particular the conditions of open loop or short circuit ones. Analogue output cards shall have an individual D/A converter for each analogue output. The scan rate (output update) for analogue outputs, which are part of control loops, shall not be more than 0.25 seconds. 4.1.1.4 Digital Input Cards The digital or low frequency pulse inputs cards shall comply with the following requirements: each entry shall be optically isolated (2500 V), each loop shall be supplied from the system, which recognises loop state changes with impedance of 1000 ohms at least (including the contact resistance), the state of each digital input shall be visible on the card front through a special LED. the digital input channels shall be equipped with filter suitable to discard signals having duration of less than 2 millisec. the pulse counters shall have a range from 0.1 to 100 Hz; the duration of pulses may vary starting from a minimum of 5 millisec.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 17/42

4.1.1.5 Digital Output Cards Output cards shall normally be solid state able to drive field solenoid valves and relays for electrical interface. Solid state outputs shall be 24 VDC and be capable providing at least 300 mA to the external coil. No interposing relays shall be used with exception of electrical interface. In this case the interposing relays could be installed in a dedicated cabinet located in the electrical sub-station. In case of relays mounted on digital output cards included in the DCS supply, the same shall comply with the following technical requirements: they are capable of switching 2 A under 220 V 50 Hz they bear a continuous peak load of 10 A it is possible to select the state of each "normally open". or "normally close" output the relays used on the cards are suitable to bear 1.000.000 operations at the provided load. the relays shall be exempt from vibrations. 4.1.1.6 Remote I/O The DCS shall be able to drive remote control systems, which include dedicated DCS processors and I/O cards and/or remote I/O in order to implement the Electrical/Instrument Interface in electrical substation (if any) or when the distance between field instrumentation and Control Building becomes too long (e.g. jetty). The remote communication shall be via redundant fibre optic devices. All necessary equipment, FO converters and the accessories relevant to the fibre optic system will be part of the DCS supply. 4.1.1.7 Fieldbus system Field bus system will not be used for this project 4.1.1.8 Scanning It shall be possible to assign, by configuration, various scanning times to I/O signals. The selection of the scanning time is carried out by taking in due consideration the speed with which each signal changes from its normal operating state to the abnormal one. The scanning time of some I/O signals may be automatically modified by program. This will allow that points with normally slow dynamics could be sampled at greater frequencies during some particular transients (starting). 4.1.1.9 Checking of loop integrity The system constantly shall check all the analogue I/O to verify that they are within the fixed ranges and activate an alarm signal in case of malfunction. The displayed
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 18/42

data relevant to the points in malfunction state shall be the last valid one measured; in this event the status "freeze value" shall be clearly indicated. As a rule the malfunction of an analogue input signal of a control loop shall cause the controller to be switched to the manual mode and an alarm to be generated in order to call the attention of the operator. 4.1.2 Controllers Controllers shall be multiloops microprocessors based modules. Power supply modules such as interface modules with internal communication system shall be systematically redundant. Control processor unit (CPU) shall be redundant if regulatory functions are performed by the relevant controller. No processor shall be loaded at more than 70% of its processing capacity. Field I/Os shall be grouped and assigned to CPUs using the following guidelines: Communication between CPUs across the DCS communication network (peer to peer communication) shall be minimised. CPU I/O assignment should be designed according to process area segregation. This means that generally each process area cannot be controlled by different CPUs. 4.1.3 Installation All equipment and modules related to acquisition and control system shall be completely installed and wired inside system cabinets. These cabinets shall be self-standing and designed for 19 rack mounting, standard Rittal type or equivalent. Nevertheless the following requirements must be taken into account: Cabinets shall have front and rear access. Cables entry shall be from bottom Preferred dimensions (WxHxD) : 800 x 2100 x 800 mm Field Terminal Assemblies (FTA) shall be separated from I/O cards. They shall be installed inside marshalling cabinets in which intrinsic safety barriers and marshalling related to field multicore cables shall be also mounted. Cross connections between marshalling and terminal units shall be part of vendor supply. Marshalling cabinets shall have the following characteristics:
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 19/42

 Front and rear access or front access only. Cables entry shall be from bottom Preferred dimensions (WxHxD) : 800 x 2100 x 800 mm or 1600 x 2100 x 400 mm for marshalling with front access only. Standard cables with end connectors shall be used to connect FTA and their corresponding I/O cards. System and marshalling cabinets shall be installed in the technical room within the Control Building. Nevertheless depending to the proposed architecture some remote control modules could also be installed within the following buildings: Jetty control room Compressor building Main electrical substation Loading control building Sea water systems building 4.2 4.2.1 SOFTWARE CHARACTERISTICS AND PERFORMANCES Regulatory control functions The control functions of the System shall be carried out by a microprocessor multiloops controller. The controller shall be capable of accepting signals from the various sensors installed on the process through the I/O cards mentioned in paragraph 4.1.1 The following typologies of regulation shall be available: PID Controller The controller shall have the proportional band algorithms available as well as integral and derived action in order to implement the control strategies. The controller shall be capable of operating in the following modes: manual, automatic, cascade, backup cascade. The control algorithm shall be implemented in such a way that the transfer from manual to automatic is "bumpless". The System shall contain the possibility of automatic tracking of the controller input or output as required by the controller mode. It shall be possible to configure alarms on the deviation between the measured variable and the set point of the controllers. Other control functions
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 20/42

The controller shall have all the algorithms available which are suitable to allow the implementation of control strategies such as: PID, adaptive gain, feed forward, signal selection, etc. in addition to the base algorithms. The System shall include a wide library of continuous control algorithms, including standard algorithms and of specialised functions. Special functions such as mass-flow, function generation, logarithmic functions, etc. shall be included in the program library. The continuous control algorithms are of type such that the operating mode, the set points and the tuning parameters can be modified from the operator station or by the logic control functions. 4.2.2 Data acquisition function The System shall allow the transfer of data from the input card to the higher levels. The scanning times of the variables simply acquired shall be compatible with the supervisory system response times. 4.2.3 Logic control function The System shall perform as combinatory and sequential logic functions. The sequential control shall be able to use all the analogue/digital signals and internal variables resident in the database. Logic control functions can be implemented by means of the application of standard or pre-configured control algorithm The following logic algorithms shall be available: Valve module Motor module Etc. It shall be possible to perform combined logic and continuous functions such as: Forcing loop in manual mode Changing set-point (with possibility of ramp) Changing tuning parameters Forcing the output signal. The logic or sequential programs are to be equipped with comments of such a quality as to allow a quick interpretation.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 21/42

4.2.4

Response times

4.2.4.1 Continuous control function The response time is defined as the time between the moment when a signal changes in value at the input channel of a card and the moment when the controller takes the consequent action and the output signal is sent assuming that the following conditions occur: Worse position from the varying point inside the scanning cycle Maximum complication of the control algorithm Maximum traffic on the communication systems between levels. Under the previous conditions, the system responds within the times specified below: Slow loops Fast loops Critical loops 0.50 s 0.25 s 0.10 s

In any case, the basic processing cycle shall be adjustable. 4.2.4.2 Logic or sequential control functions performance times Logic control (motors, interlocks) Sequence 5 5.1 SUPERVISORY SYSTEM SYSTEM ORGANISATION Control Room Operators will be organised on 12-hour shift basis, each shift will include two teams dedicated to both process and utilities, and the other to power generation and distribution. The power generation and distribution team will control and monitor the power generation and distribution from dedicated electrical control room by means of PMS duly interfaced with DCS installed in the Control Room. At least the following equipment shall be provided for the Process and Integrated Utilities Control Room Operators: 4 nos. Independent Process operator Consoles (including large screen displays), ergonomically arranged to provide the operators with facilities to efficiently and safely operate the LNG Terminal. Provision shall be made to install the instrumentation package unit operator (such as CCTV, and Tank level Systems), the PA/GA system console, the radio console and telephones.
01.02

0.5 s 0.5 s

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 22/42

 2 nos. Empty tier consoles and accessories for ESD panel and F&G panel (FACP) mosaic type. 2 nos. Alarm and Event Matrix Printers and accessories assigned, respectively, to the process area and to the utilities area. 2 nos. Logging and reports Matrix Printers and accessories assigned, respectively, to the process area and to the utilities area. 1 nos. Video-copy colour Printer and accessories assignable from any control rooms operator consoles, engineering console and training & Management consoles. At least the following equipment shall be provided for the DCS system Engineers: 1 nos. Engineering Workstation. 1 nos. Matrix Printer and accessories. 1 nos. Laser Jet Printer and accessories. 1 nos. Table support for all above equipment. At least the following equipment shall be provided for The training Engineers: 1 nos. Engineering Workstation. 1 nos. Laser Jet Printer and accessories. 1 nos. Table support for all above equipment. At least the following equipment shall be provided for The Management Engineers: 1 nos. Engineering Workstation. 1 nos. Laser Jet Printer and accessories. 1 nos. Table support for all above equipment. 5.2 5.2.1 HARDWARE CHARACTERISTICS Process Operator consoles Each operator console shall consist as minimum of: 1 nos. Workstation electronics with 21" min flat LCD screen and keyboard Empty desk for all above equipment's Videos shall be equipped with colour screens, 21", high resolution, capable of showing either alphanumeric pages or graphic pages. Various colours shall be used in order to distinguish the information supplied.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 23/42

All information visible on a video of one console shall be visible on the other video of the same console. The videos of an operator console shall be interchangeable. Any change in the database from a video station shall be automatically updated on the video of the same console and on all other consoles. Keyboard The keyboard shall be of the "self explanatory type", easy to operate, and will allow an easy performance of the system control functions. Easy-to-learn "Call routines" shall help the operator in his task. A software of interactive type shall be used for all operations. The operator keyboard shall preferably be of the "touch sensitive" membrane type and shall be tight to dust and humidity. All commands from the keyboard shall be recognisable by means of a sound. At least, through the keyboard, it shall be possible to : Select all displays including the direct access to the loops in alarm, select the video pages (overview, group, loop), etc. Acknowledge alarms Insert new parameters or cancelling existing wrong parameters. This type of access shall have to be documented Easily position the cursor for the selection of all parameters Request the photocopy of the video, prints of logging and alarms, address signals and trend recorders Change the operating mode (automatic/manual/cascade) of each controller Furthermore, the keyboard shall have the possibility of assigning some functions to personnel of a higher level. These functions have to be protected by means of "security keys" or by passwords. At least, it shall be possible to: Inhibit alarms (installation stopped or under maintenance) Change the alarm set Access to the loop tuning parameters Adjust the clock Assign parameters for the historical recordings.
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 24/42

The system shall be suitable to be use also with additional pointer devices (mouse, track ball or equivalent). For some console, an engineer keyboard should be also connected to the video. This will allow to perform more complex actions. Electronics The workstation electronics shall consist of a microprocessor based system that supports the keyboard and the VDU drives printers, transmits data and receives data from the I/O devices via the data DCS Network. All links to the keyboards, VDUs and trackballs or mouses shall be foreseen. Desk Furniture The basic empty desk furniture to be supplied with the Workstations shall be complied with the operator design requirements: Desk wedge units for arc-shape arrangement, Flat to desk units to provide space for documents Chairs. All components installed within the desk shall be flush mounted. 5.2.2 Logging printer Two printers dedicated to the reports shall be provided. Reports shall be printed, according to the configuration: Per hour Per shift Per day Upon operator request. The information relating to each report are kept till a maximum time of 15 minutes after the predetermined print-out time. 5.2.3 Alarm and event printer These two printers shall be dedicated to: Print the process and system alarms as soon as they appear or of the alarm historic situation request by the operators; Each print out shall show, at least, the data relating to: Tag name, service, day and hour of the alarm, type of silencing, hour when normal situation resumed
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 25/42

 Print the events (understood as actions taken by the operator through the keyboard). 5.2.4 Colour printer A colour printer unit shall be used to obtain copies of the video display (on request through the operator or engineer console). The video photocopied display shall be halted during 5 seconds maximum. The printer shall be addressable from any of the operator stations. 5.2.5 Configuration station The configuration station (or Engineering Workstation) shall perform the following: All apparatuses at any level of the system may be configured or reconfigured online from the configuration station through the communication bus, without causing interferences or interruptions to the normal running operations. The loading of the programs developed off-line may take place in a partial or scattered way without trouble for the normal operation. The system configuration shall be based on high level language. The configuration through blocks is required. The system shall be suitable to carry out programs written in high level languages such as FORTRAN, C, BASIC. Furthermore some utilities software shall be available to prepare pre-configured control blocks with such types of languages. The system shall contain routines suitable to verify that the changes and/or additions are correct and not in contradiction with the existing configuration. The configuration station shall be equipped with password system to avoid that unauthorised personnel may tamper with the software. The configuration station shall store both the date and time of the intervention and the originator of the change. 5.3 5.3.1 SOFTWARE CHARACTERISTICS AND PERFORMANCES General Supervision system shall work as a minimum with Microsoft Windows NT operating system. It shall include interfacing capabilities using DDE and OPC protocols.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 26/42

5.3.2

Process display

5.3.2.1 Overview The overview display shall allow the overall vision of the various groups of loops or variables or alarms forming the process unit. It shall be possible to have on the overview an indication of the deviations from the normal operating values of all analogue variables. Any conditions of deviation from the set-point shall be shown by means of variations in colour. The condition of operation of each loop (auto/man/cascade) shall be clearly signalled. 5.3.2.2 Group display The group display shall indicate individually the groups of loops shown in the overview display. Each loop of the group display shall be indicated, at least, by the tag name, description of the service and unit of measure. The group display shall at least make visible the following detail information: Value of the analogue variable both in the form of a "bargraph" and in engineering units. Value of the set point, both in the form of a "bargraph" and in engineering units. Value of the analogue output both in the form of a "bargraph" and in percentage by means of alphanumeric display; Mode of operation of the controller (auto/manual/cascade, etc.) Alarms of the measured variable, deviation alarms, etc. Indication of the selected loop (inside the group; Position of the valve in case of failure It shall be possible to insert the same loop on various group without restriction. 5.3.2.3 Loop display The loop displays shall be able to supply detail information on all loops configured in the system. The graphic representation shall be similar to that of the group display, but the following additional information shall be supplied: Values of the tuning constants
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 27/42

 Values of bottom and full scale of the variables Set points of the alarms on the various parameters Limits on set point, output, etc Control action (direct or reverse); Position of failure of the final control element Values of computation (reports, bias, etc.) Value of output Engineering units employed

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 28/42

It shall be possible to modify the following parameters through key from the keyboard: Tuning constants Zero and range Limits Alarm set points Control mode Output For the digital points, it shall be possible to execute start/stop or closing/opening commands The control of further parameters shall be restricted, by means of key on password, to the only authorised people. At the level of loop display, it shall be possible to configure trend curves with maximum sampling interval of 1 second and basic time of 60 sec, at least, to be used for tuning the control loops. 5.3.2.4 Graphic displays It will be possible to obtain dynamic displays of graphics relating to the various units of the installation on the screens of the operator consoles. The graphics shall be configurable (only through the engineer console) by applying standard symbols or symbols defined by the user. The graphics shall be of the interactive type and a complete control of the process shall be possible through these displays. The commands of valve opening/closing and motor start/stop shall also be possible and the state change shall be shown by colour modification. Information regarding process measurements and alarms shall be visible and it shall be possible to read and modify indications, set points and operating mode etc.. Symbols and colours shall meet the EN60073 requirements. 5.3.2.5 Recording display The system shall be capable of providing the following displays with recording: Trend recording Historical recording.
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 29/42

The historical data shall be stored on non-volatile memory equipment (for instance: hard disk). The recording, either trend or historical, shall be possible for each variable or parameter such as input, output, set point, etc. It will be possible to sample and store instantaneous data or data of variables generated at the predefined intervals; for example: 2, 15, 60, 600 s. As minimum, real time trends shall be stored in the system for 2 hours with a sampling time of 2 s. At least 1000 of the most recent events shall be saved on the hard disk and then archived for long-term storage. Furthermore, both "scrolling" and basic time expansion shall be possible. The selection of the loops to be recorded and of the sampling times shall be possible from the operator keyboard. The system shall be able to reproduce "multi-trend" displays( several different curves on the same axes) and allow a direct comparison of different variables or parameters. The recording display shall be either of "bargraph" type or of single line type. 5.3.2.6 Monitor and alarm display When an alarm occur, it shall be instantaneously visible via a display, which shall overlay whatever display is present on the screen. It will appear also on the dedicated display (alarm summary display). The alarm is also shown at overview display level by means of a change in colour of the involved group. It shall be possible to have access to the variable under alarm (at loop level) with two commands maximum from operator keyboard. The alarm sequence (apparition, silence, acknowledgement, disappearance) shall be in accordance with ISA 18.1 A If provided by the configuration, a video alarm and an audio signal shall be generated simultaneously. Such signal shall be silenced only in the event of the alarm being recognised by the operator. It shall be possible to set the value of the alarm limits for the process variables from the engineer keyboard Types of configured alarms shall be:
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 30/42

 Absolute value of the input variable, Speed of variation of the input variable Deviation from the set point. An alarm summary display is available. The alarms shall be listed in chronological order. The alarm situation shall be cancelled from the display only if the cause has ceased and the alarm has been recognised by the operator. The alarm shall display lists, at least, the following information for each alarm: Time and date of the alarm Tag name Description of service Type of alarm (absolute or deviation) The system shall be capable of listing on the alarm summary display a minimum of 100 alarms. The system will ensure the historical management of the alarms. In particular the history of the alarm conditions is kept in the database of the alarm display and printed on the basis of the times defined at configuration level. The alarm display and the print shall include, at least, the following information: Date of the event with the time in seconds Tag Name Description of the service Type of alarm (absolute or deviation) Time when the alarm has been acknowledged Time when the cause has disappeared The system shall be capable of handling historically 300 alarms at least. It shall be possible to assign 7 alarm priority levels. The system shall be capable of carrying out self-diagnostic functions (refer to paragraph 5.3.4). For each abnormal condition in each subsystem or other equipment a "system alarm" shall be generated with a message to the operator.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 31/42

5.3.2.7 Sequence display The system shall be capable of displaying, through the sequence display, the progress state of sequential operations. In particular, the display shall show information regarding: Sequence identification number Sequence descriptive identification Operating phase in which the sequence finds itself Any messages to the operator. Any alarm or operating malfunction situations of the sequence shall be signalled to the operator by altering the colour of the information on display. 5.3.3 Logging functions It shall be possible to obtain the logging of variables measured and/or calculated, actions by the operator, alarms, trends, etc. from the operator console. The logging functions may be carried out on predefined time basis or on operator request (refer to paragraph 5.2.2). It shall be possible to have at least 20 logs. All parameters required for logging are stored in the memory with the database updating time. High-level software languages are available and sufficient free spaces shall be provided in the memories. 5.3.4 Self diagnostics The system shall have an extended set of self-diagnostic routines allowing the identification of malfunctions at module level at least, through detailed display and prints. The self-diagnostic messages relating to the malfunction of each system component shall appear on the screens of the operator console, independently from the display selected at that moment. At local level the malfunction of a system component is identifiable by LED or by a lamp on the cabinet. Display of the system structure with identification of the system component under failure and the type of malfunction shall be available in order to help the maintenance.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 32/42

5.3.5

Response Time At Level 2, the response time is defined as the time elapsing between the change of value or state of an input of an I/O card at Level. 1 and the moment when the same information is available to the operator at Level 2 at the screen or printer. The response time is calculated in the worst possible conditions, which are: Unfavourable position of the input and card with respect to scanning Maximum complication of the control loop Maximum traffic on the bus between levels; Times of the display, the video buffers, etc. Considering what above, the response times shall be 2seconds maximum. The display changing time further to operator request shall be less than 2 seconds.

6 6.1 6.1.1

COMMUNICATION SYSTEM INTERNAL DCS COMMUNICATION BUS General specifications The communication system shall be based on an open architecture using TCP/IP protocol or equivalent in a client/server environment. The communication medium shall be of standard manufacturers (Ethernet or equivalent). Proprietary communication systems are also acceptable; but they shall be submitted to review and approval. The communication system shall be of the dual/redundant type, consisting of two buses and two systems of interface for each connected equipment. The speed of communication on the bus shall be enough to ensure the data base update. The performances of the system shall not be degraded by load fluctuations from 10% to 100%. In case of failure of the main bus or any other equipment, the transfer on the backup bus or unit shall occur automatically, without interruption of the operations and without requiring interventions of the operator. The system shall count the data rejected by the processors dedicated to the transmission bus. An alarm shall be generated when the counter exceeds a predefined value. Peer to peer links between the various controllers of the acquisition and control system shall be possible. They shall use the communication bus.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 33/42

6.1.2

Communication Times The response time of the communication bus is defined as the time needed for a datum in the memory of an apparatus of one level to be transferred in the memory of another apparatus of the same or a different level; what above in the worst possible circumstances. The transmission time thus defined shall be such as to satisfy the requisites indicated in the paragraph 5.3.5.

6.1.3

Hardware specification The DCS data highways cables shall be Fibre Optic Cable (FOC) running in ducts when connections between buildings are necessary. When data highways runs in the same building, standard type of cable could be used. Data highways shall be dual redundant and routed by secure, separate and diverse routes. The manufacturer shall specify the characteristics of the optic fibres or the cables constituting the communication bus. When specific modules are required (example: optic converters), they shall be part of the DCS vendor scope of supply.

6.2 6.2.1

COMMUNICATION WITH THIRD PARTY SYSTEMS Communication with CCS main subsystems For Major CCS subsystems such as safety systems (ESD and Fire and Gas systems, etc.), the preferred DCS interface shall be via the DCS's own internal communication system where the CCS subsystems appear as nodes on the system and have established and integrated software. The next option is to use established and proven data links between the subsystem and the DCS. The priority is a secure link, using standard software and maximum functionality. The interface shall be invisible to the operator.

6.2.2

Communication with other control system The standard serial link (RS 232, 485, etc..) redundant or not according to application with proven protocol (such as MODBUS) will be used for the following external control systems: Tank gauging systems, Power Management System (PMS), SCADA MTU,

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 34/42

 BOG compressors, Meterings, SCV, Unloading arms, Berthing system (HOLD), Truck loading, High level of communication can be also considered after review and approval. 6.2.3 Communication with management and associated systems For Management and associated systems such as Management Information System, Asset Management System, Operator Training System, Advanced Control System, etc. DCS shall be able to carry on a dialog through appropriate interface module and communications standard network (Ethernet or equivalent). 7 ASSOCIATED SYSTEMS REQUIREMENT The minimum requirements for the design and implementation of the Management Information System (MIS) and the Operator Training System (OTS) shall be as follow. 7.1.1 Facilities Management System The Facilities Management System (FMS) will extract data from relevant PCS systems and automatically present to management reports on performance, material balances over the office network. 7.1.2 Operator Training System An Operator Training System (OTS) will be required for the training of Operators for the LNG Terminal project. The OTS will be a tool to aid in the training of operators for the LNG Terminal. The operation staff shall be trained prior to and following the start-up of the Facility, in particular in: Procedures for plant cold start-up, shutdown and emergency situations Handling of plant trips, cutbacks and other upsets Fault diagnosis and correctives actions in case of equipment malfunctions Normal operation. The OTS shall simulate the dynamic operation of the Terminal facilities on an area by area basis.
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 35/42

DOCUMENTATION The documentation is an integral part of the provision. It includes: Hardware documentation Software documentation Instruction manuals NOTE: all drawings shall be produced using CAD tools, AUTOCAD or INTERGRAPH MICROSTATION compatible.

8.1 8.1.1

HARDWARE DOCUMENTATION Listing of power consumption A detailed list with all of the System power users and corresponding thermal loads. The list shall include at least the following: Type of electric load Load characteristic Type of internal distribution Type and manufacturer of protective devices Protection device data Grounding requirements

8.1.2

Feeding System A drawing detailing the whole electrical network from the distribution board up to the users (included those supplied by others, if integral part of the system).

8.1.3

Cables List A detailed list of system cables included in the supply, with the following information: Cable item Cable type (identification code) and length Starting and terminal points.

8.1.4

Dimensional Drawings Dimensional drawings of every DCS devices shall be included.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 36/42

8.1.5

Cabinet Layouts Drawings showing the positions of all the devices inside the cabinets and consoles (plan and front views) shall be included.

8.1.6

Rack Layout - Tag Assignment Documentation showing: System modules layout inside the cabinets Tag assignment in the I/O cards shall be provided.

8.1.7

Marshalling cabinets drawings Marshalling wiring drawings shall be produced. Particularly, drawings showing cross wring details between the field terminal assemblies and the field cables marshalling shall be provided.

8.1.8

Ground System Drawings showing how and where the System has to be connected to the Ground System. In particular, ground conductors sections and connection points will be indicated.

8.2

SOFTWARE DOCUMENTATION These following documents shall be in accordance with Std. ISA S5 instructions.

8.2.1

Data Base All necessary information regarding Input, Output and other variables will be prepared and provided to vendor for configuration. Vendor is requested to draw attention on data, which would not be specified. In this case, either the detailed missing information will be provided or general rules to be applied will be defined in relationship with the vendor.

8.2.2

Functional Specification All necessary information for control functions definition will be provided to the vendor for configuration and programming. These documents could be of various forms (lists, ISA loop drawings, logic diagrams, causes and effects diagrams, narratives, etc.).

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 37/42

Vendor is requested to draw attention on data, which would not be specified. In this case, either the detailed missing information will be provided or general rules to be applied will be defined in relationship with the vendor. 8.2.3 Human-machine interface All necessary information for human-machine interface definition and particularly graphic displays will be provided to vendor for configuration and programming. The documents issued will be mainly: General specification describing general rules for Human-machine interface Simplified sketches for background pictures (when authorised by project management, partial and commented copies of P&ID's shall be furnished only) 8.3 INSTRUCTION MANUALS The provision includes the following manuals: 8.3.1 Operator Manuals The scope of these manuals is to give to the operators a guide to use the System. The Operator Manual must have a "Quick Reference" Section, suitable for a prompt consultation. These manuals shall be in English language. 8.3.2 Installation and Maintenance Manuals They have to cover both system hardware and software. They have to give the necessary instructions for trouble-shooting, software loading and management. 9 DCS ACCEPTANCE TESTS System shall be tested in three separate steps: Manufacturer internal test (IFAT) Owner witnessed hardware and software test at DCS manufacturer premises or Factory Acceptance tests (FAT) Site acceptance test.(SAT) 9.1 MANUFACTURER INTERNAL TEST (IFAT) This test shall be carried out on the basis of manufacturer internal procedures. The manufacturer shall issue a test certificate, at the end of this step. The vendor will attest, by this certificate, that the system is ready for starting the factory acceptance test.
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 38/42

9.2

FACTORY ACCEPTANCE TESTS (FAT) This test shall start at the end of the IFAT. This FAT will be witnessed by Customer and Engineering representatives.

9.2.1

Documentation The following documents, at least, shall be ready and used as reference documents: Hardware test procedure (previously agreed) System architecture Hardware System drawings Cabinet layouts I/0 assignments Data base Functional specification Human-machine interface documentation

9.2.2

System preparation prior to tests Prior the starting of the test activities, the system shall be installed in an area of adequate dimensions. It shall have all elements connected together and, if necessary, to test benches foreseen for that purpose. It has to be powered on.

9.2.3

Hardware tests The test shall include the connection to the system bus of all the system equipment's, including fibre optic converter and fibre optic cables. in order to have complete hardware system configuration. During the test following checking shall be done: General quantity and quality check for conformity with the specifications Check of correct installation of equipments and components Check of correct installation of processor racks Check of correct installation of I/0 racks Check of correct installation of I/0 modules, field termination panels and barriers Check of correct equipment and components tagging and identification Check of correct installation and of conformity of auxiliary components (push buttons, lamps, selectors, etc.) to the specifications.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 39/42

Once the visual checking activities have been completed with satisfactory results the hardware test shall start. Hardware test shall mainly consist of: Power supply system test Power supply system redundancy test General system test by means of system diagnostic routines. Main equipment failure simulation (video stations, processors, power supply units, I/0 card, communication bus and relevant equipment) and check of response of the system diagnostics. Input signals simulation (from marshalling cabinet terminal strips) check of response from video stations and vice versa for output signal. I/0 simulation shall be done on a significant sample of the signals (minimum 30%) in case of bad performance, the check shall be done on 100% of the signals. 9.2.4 Software and configuration tests Once the hardware tests have been completed with satisfactory results the software tests shall start. Scope of these tests is to demonstrate the correct functionality of the application software including: Correct implementation of the control strategy Correct implementation of the data base Correct configuration of the human machine interface (including all the custom graphics). The software tests shall be carried out on all the configured points. the software tests shall include but shall not be limited to: Check of correct implementation of the data base (engineering units, full scale, service description, alarm set, controller action, etc.). Check of correct implementation of the continuous control algorithms, of the sequential controls and of the combinatory logic controls. Test shall be done by simulating the input signal and verifying the output at the marshalling cabinets. Measured variables and output values, alarm and status indications shall be checked and verified on the custom graphic pages and on standard group displays. Check of correct configuration of the alarm displays. Check of correct configuration of the group displays.
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 40/42

 Check of correct configuration and sub-routine application of the custom graphic displays. 9.2.5 Integrated Test The test is relevant to all those equipment that are not part of the DCS but are interfaced to the system in order to allow the centralised operability from the DCS operator station. Scope of this test is to demonstrate the correct functionality of the communication. Adequate modules of third party systems shall be delivered to the FAT area and complete connection of intercommunication modules shall be realised. The following shall be tested: Correct functioning of the link Correct functioning of the protocol. Correct configuration and programming of data base table on each side The test shall be performed in accordance with an agreed test procedure and shall be carried out in parallel with the DCS software test (parallel test is mandatory as the DCS need to be physically connected to the external equipment to demonstrate the full hardware and software functionality). 9.3 9.3.1 SITE ACCEPTANCE TEST(SAT) System power up After the installation of the system on the field, the system will be powered on under control of vendor representative. Good functioning of equipment shall be, again, tested by repeating tests done during FAT. During the Site acceptance test, particular care shall be taken to check the power supply system and the grounding network 9.3.2 Loop tests A dynamic complete test of all the loops shall be performed. This test will allow the checking, from the local sensors up to the operator console, of the good functioning of: Sensor Wiring up to Input card Corresponding data base Control function (including alarms, associated calculations, etc.) Display on adequate views (group, graphic, alarm, etc.)
01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 41/42

And vice versa for output information.

01.02

Rv. 1 Amend.

Date 18/12/03 Date

N RC443.SG.000.2900.1000 N FJLNG-SPC-TS-IN-002

Page : 42/42