Section 1 Safety Operator Warnings
Warnings
2PAA110888-600 - Warnings based on 3BNP004865-600 RevA
21
Operation Procedures
The operation procedures shall emphasize the operator's responsibility to verify his
operations by checking the Confirm Operation dialog.
If the HART routing functionality of AI880A is not restricted by the configuration
settings of the module, the operation procedures shall include restrictions for use of
this function.
Remote Operation Procedure
The VPN connection for Remote Operation shall be configured as described in
System 800xA 6.0 Network Configuration, 3BSE034463*.
Maintenance Procedures
In redundant DO880 configurations, faulty DO880 modules shall be removed from
the system within the repair time of 72 hours to avoid channel error.
Online replacement (Hot Insert) of the SM811 will lead to a short stop of the SIL3
applications. The stop time is limited by the configured FDRT.
Application Modifications
To verify that no unintended changes to the SIS part of the system are done, always
examine the difference report before download, (see Difference Report).
Firmware Upgrade
To ensure a safe Firmware Upgrade of a stopped AC 800M HI, the steps described
in Table 21. Firmware Upgrade Procedure shall be performed.
Before Online Upgrade is started, check that the “Online Upgrade Handover Limit”
is set in accordance with the time demands of the process under control. If the SIF
includes IAC or MMS, the extended communication time-out during OLU needs to
be considered as well.
Online Upgrade of an AC 800M HI is not allowed if any changes to the controller
configuration or application is made.