Section
1 General requirements
1.1 General
1.1.1 This
Chapter applies to all ships intended to be classed with Clasifications Register
(hereinafter referred to as 'LR'), and is in addition to other relevant
Sections of the Rules.
1.1.2 Control
engineering systems are to:
- provide control of required services and habitability requirements
during defined operational conditions. This is to include, but is
not limited to, power generation, propulsion and their associated
services;
- provide control of the engineering systems necessary to ensure
availability of essential and emergency safety systems during all
normal and reasonably foreseeable abnormal conditions;
- provide control of the engineering systems necessary to ensure
transitional power supplies remain available;
- be suitably protected against damage to itself under fault conditions
and to prevent injury to personnel; and
- not fail in a way which may cause machinery and systems located
in hazardous areas to create additional fire or explosion risk.
1.2 Documentation required for design review
1.2.2 Where control, alarm, monitoring and safety systems are intended for the
machinery or equipment as defined in Pt 6, Ch 1, 1.2 Documentation required for design review 1.2.3 the following are to be submitted:
- Description of operation with explanatory diagrams.
- Line diagrams of control circuits.
- List of monitored points.
- List of control points.
- Details of alarms and warnings to be presented by the user interface,
including:
(i) an approach to category assignments which
is in accordance with the IMO
Code on Alerts and Indicators, 2009
; and (ii) for alarms
required by these Rules, the intended operator response and the message
to be presented.
- Test schedules (for both works testing and sea trials) which should
include methods of testing (for example, simulation testing) and test facilities
provided, see
Pt 6, Ch 1, 1.4 Control, alarm and safety equipment 1.4.1.
- Failure Mode and Effects Analysis (FMEA) where required by other
sections of the Rules.
- List of safety functions and details of any overrides, including
consequences of use, see
Pt 6, Ch 1, 2.4 Safety systems, general requirements 2.4.8 and Pt 6, Ch 1, 2.6 Bridge control for main propulsion machinery 2.6.8.
1.2.3 Plans for the control, alarm, monitoring and safety systems of the following
are to be submitted:
- Air compressors.
- Bilge and ballast systems.
- Cargo pumping systems for tankers.
- Cargo and ballast pumps in hazardous areas.
- Cargo tank, cargo hold, ballast tank and void space instrumentation
where such arrangements are specified by other sections of the Rules
(e.g. water ingress detection, gas detection).
- Controllable pitch propellers.
- Electric generating plant.
- Lithium battery system installations, see also
Pt 6, Ch 2, 1.2 Documentation required for design review 1.2.17.
- Fixed water based local application fire-fighting systems, see
Pt 6, Ch 1, 2.9 Fixed water-based local application fire-fighting systems.
- Incinerators.
- Inert gas generators.
- Main propelling machinery including essential auxiliaries.
- Miscellaneous machinery or equipment (where control, alarm, monitoring
and safety systems are specified by other Sections of the Rules).
- Fuel oil transfer and storage systems.
- Steam raising plant. (Boilers and their ancillary equipment.)
- Steering gear.
- Thermal fluid heaters.
- Transverse thrust units.
- Valve position indicating systems.
- Waste-heat boiler.
- Water jets for propulsion purposes.
- Windlasses.
1.2.4
System operational concept. A description of the intended operation of the
control, alarm, monitoring and safety systems for the main and auxiliary machinery, and
other systems essential for the propulsion and safety of the ship. This description is
to include a demonstration that the design provides an effective means of operation and
control for all ship operating conditions.
1.2.5
Alarm
systems. Details of the overall alarm system linking the main
control station, subsidiary control stations, the bridge area and
accommodation are to be submitted.
1.2.6
Programmable
electronic systems. In addition to the documentation required
by Pt 6, Ch 1, 1.2 Documentation required for design review 1.2.2 the following is
to be submitted:
-
System requirements
specification.
-
System functional
description.
-
System integration
plan, see
Pt 6, Ch 1, 2.14 Programmable electronic systems – Additional requirements for integrated systems 2.14.2.
-
Failure Mode and
Effects Analysis (FMEA), see
Pt 6, Ch 1, 2.14 Programmable electronic systems – Additional requirements for integrated systems 2.14.5.
-
Details of the
hardware configuration in the form of a system block diagram, including
input/output schedules.
-
Hardware certification
details, see
Pt 6, Ch 1, 2.10 Programmable electronic systems - General requirements 2.10.5 and Pt 6, Ch 1, 2.13 Programmable electronic systems - Additional requirements for essential services and safety critical systems
2.13.3.
-
Software production
plans, including applicable procedures, see
Pt 6, Ch 1, 2.10 Programmable electronic systems - General requirements 2.10.20.
-
Factory acceptance,
integration and sea trial test schedules for hardware and software.
-
Details of data
storage arrangements, see
Pt 6, Ch 1, 2.10 Programmable electronic systems - General requirements 2.10.10 and Pt 6, Ch 1, 2.13 Programmable electronic systems - Additional requirements for essential services and safety critical systems
2.13.6.
1.2.7 For
wireless data communication equipment:
-
Details of manufacturer’s
installation and maintenance recommendations;
-
network plan with
arrangement and type of aerials and identification of location;
-
specification
of wireless communication system protocols and management functions, see
Pt 6, Ch 1, 2.12 Additional requirements for wireless data communication links 2.12.4; and
-
details of radio
frequency and power levels, including details of those permitted by
the National Administration.
1.2.8 Plans
showing the location and details of control stations, e.g. control
panels and consoles. Location and details of controls and displays
on each panel. Detailed user interface specifications. A general arrangement
plan of control rooms showing the position of consoles, handrails,
operator area, lighting, door and window arrangements. Drawing of
HVAC systems including vent arrangements.
1.2.9
Fire
detection systems. Plans showing the system operation, and
the type and location of all machinery space fire detector heads,
manual call points and the fire detector indicator panel(s) are to
be submitted. The plans are to indicate the position of the fire detectors
in relation to significant items of machinery, ventilation and extraction
openings.
1.3 Documentation required for supporting evidence
1.3.1 For optical fibre data communication systems:
- details of manufacturer’s installation and maintenance recommendations;
- data communications network diagram; and
- details of the minimum power levels required to maintain the correct
operation of the data communications system, which is to include an
allowance for the effects of optical fibre degradation due to aging.
1.4 Control, alarm and safety equipment
1.4.2 Equipment
used in control, alarm and safety systems is to be suitable for its
intended purpose, and accordingly, whenever practicable, be selected
from the List of Type Approved Products published by
LR. A copy of the Procedure for LR Type Approval System will
be supplied on application. For fire detection alarm systems, see
Pt 6, Ch 1, 2.8 Fire detection and fire alarm systems 2.8.3 and for programmable electronic
systems, see
Pt 6, Ch 1, 2.10 Programmable electronic systems - General requirements 2.10.5 and Pt 6, Ch 1, 2.13 Programmable electronic systems - Additional requirements for essential services and safety critical systems
2.13.3.
1.4.4 Assessment
of performance parameters, such as accuracy, repeatability, etc. are
to be in accordance with an acceptable National or International Standard,
e.g. IEC 60051: Direct acting indicating analogue electrical
measuring instruments and their accessories (all parts).
1.4.5 Special
consideration will be given to arrangements that comply with a relevant
and acceptable National or International Standard, such as IEC 60092-504:Electrical installations in ships – Part 504: Special features
– Control and instrumentation.
1.5 Alterations and additions
1.5.1 When
an alteration or addition to the approved system(s) is proposed, plans
are to be submitted for approval. The alterations or additions are
to be carried out under survey and the installation and testing are
to be to the Surveyor's satisfaction.
1.5.2 Details
of proposed software modifications are to be submitted for consideration.
Modifications are to be undertaken in accordance with defined modification
processes which are part of the supplier’s or system integrator’s
quality management system. The following documentation is to be submitted:
-
Project-specific
software modification plan.
-
An impact analysis
which identifies the effect(s) of the proposed modification. The results
of the analysis are to be used to inform the extent of verification
and validation that is to be applied. This analysis is to consider
both the local impact and, where applicable, the system level impact
of the modification.
-
Configuration
management records that satisfy the requirements of ISO 10007, to
demonstrate the traceability of the proposed modification.
-
Factory acceptance,
integration and sea trial test schedules as determined by the impact
analysis in Pt 6, Ch 1, 1.5 Alterations and additions 1.5.2.(b).
-
Updated documentation
as detailed in Pt 6, Ch 1, 1.2 Documentation required for design review 1.2.5.
1.5.3 Verification
and validation activities are to demonstrate that the modified functionality
performs as expected and that the modification has not unintentionally
modified functionality outside the scope of the modification.
1.5.4 Software
versions are to be uniquely identified by number, date or other appropriate
means. Modifications are not to be made without also changing the
version identifier. A record of changes to the system since the original
issue (and their identification) is to be maintained and made available
to the LR Surveyor on request.
1.6 Definitions
1.6.1 An Emergency Stop (E-Stop) is a safeguard instigated by a single human
action. It requires a stop of all movement within the controlled system as rapidly as
possible to prevent a hazard occurring or to reduce an existing hazard to persons,
machinery or the vessel.
1.6.2 An Emergency Trip (E-Trip) is a safeguard instigated by a single human
action and means the disconnection of fuel, electrical, hydraulic or other power source
from the controlled system to prevent a hazard occurring or to reduce an existing hazard
to persons, machinery or the vessel. Movement within the system may be allowed to
continue.
1.6.3 An Emergency Stop Function may be either an Emergency Stop or Emergency
Trip, as appropriate to the system and risk being controlled.
1.6.4 Alarm System: a system which will alert relevant personnel to faults,
abnormal situations and other conditions requiring attention in the machinery and the
safety and control systems.
1.6.5 Control System: a system which responds to input signals from the process
and/or operator and generates output signals causing the equipment under control to
operate in the desired manner.
1.6.6 Failure: a loss of the ability of a structure, system or element to
function within acceptance criteria.
1.6.7 Fail safe: a system design such that, when a failure occurs, the system
reverts to the least hazardous state.
1.6.8 A reasonably foreseeable abnormal condition is an event, incident or
failure that :
- has happened and could happen again;
- is planned for (e.g. emergency actions cover such a situation,
maintenance is undertaken to prevent it, etc.).
They should be identified by:
- using analysis processes that were capable of revealing abnormal
conditions;
- employing a mix of personnel including competent safety / risk
professionals and those with relevant domain knowledge and understanding to apply the
processes;
- referencing relevant events and historic data; and
- documenting the results of the analysis.
1.6.9 Safety System: a designated system that:
- implements the required safety functions necessary to achieve or
maintain a safe state for the equipment under control; and
- is intended to achieve, on its own or with other safety systems, the
necessary safety needed for the required safety functions.
1.6.10 Safe State: the state of equipment under control when safety is achieved.
For some situations, a safe state only exists so long as the equipment under control is
continuously controlled. Such continuous control may be for a short or indefinite
period.
1.6.11 System: a set of elements which interact according to a design, where an
element of a system can be another system, called a sub-system, which may be a
controlling system or a controlled system, and may include hardware, software and human
interaction.
1.6.12 Sub-system: identifiable part of a system, which may perform a specific function or set
of functions.
1.6.13 Programmable electronic equipment: physical component where software is installed.
1.6.14 Software module: a module is a standalone piece of code that provides specific and
closely coupled functionality.
1.6.15 Simulation tests: system testing where simulation tools replace parts or all of the
equipment, or where parts of the communication network and lines are replaced with
simulation tools.
|