The specific recommendations for alarm and shutdown systems follow from these basic principles:
• Protective systems are designed to prevent or mitigate specific events.
• Protective systems must protect equipment while providing acceptable unit availability.
• Protective systems should be as simple as possible. They should be segregated from process functions to minimize the possibility of routine maintenance and modification work inducing common mode faults that defeat the protective function and the process function or spurious trips of the equipment being protected. Special care is needed so that power supplies and distribution permit non safety-related equipment to be powered down for maintenance without impairing shutdown system operation.
• Protective systems must be designed so that in-service maintenance and checking by trained operators or maintenance personnel can be accomplished without actually shutting down the process. Maintenance and checking capabilities must also be available on a plant that is shut down. Whenever possible, planned shutdowns of equipment should utilize protective systems to test shutdown equipment and to train personnel.
• Protective systems must be operated and maintained by properly trained personnel.