Urhoud: Specification FOR Integrated Control System

COMPANY’S DOC. NO.
7461-ORH-SP-J-87001
URHOUD-Organisation Ourhoud JOB No. DOC. NO. REV.
0-1800 S-000-1371-102 2
DATE 31-July-2014 SHEET 1 OF 43
PROJECT SPECIFICATION Name
ORGANISATION OURHOUD
REALISATION DES INSTALLATIONS DE PRODUCTION D’HUILE
OURHOUD, ALGERIE
CT-99-010-040
SPECIFICATION
DIST’N
CLIENT
FOR
OY
OM
OH
OS
INTEGRATED CONTROL SYSTEM
J
PJ-PMT G
PJ-CONST C
PJ-ENG /
PJ -CONTROL I
PROCESS N
PIPING I
PLINE T
CIVIL E
INST C
ELEC
ROTARY
FIRE
HSE
EQUIP
PAINT/INSU
SOLID-H
PKG
FUR
BLDG/HVAC
ACOUSTIC
OPER’T
LABO
EN-IT
EN-IT(MAT’L)
LEGAL
PPM
P- EQUIP
P- PIPING
P- INST Rev. Date Page Description Prep’d Chk’d App’d
P- ELEC
EXPED’G
0 8-Aug-‘00 ALL Issue for Information Y. S Y.T H. M
SHIPPING
QA
0a 17-Jul-01 ALL Issue for Approval SGJ/NA/YS Y.T H.M
QC
JPC 1 07-Aug-01 ALL For Construction N.A Y.T H.M
JGCSITE
JM (INITEC) 2 18-Mar-03 - As-built Y.T Y.T H.M
JUS
JEB
TELECOM
YEC
COMPANY’S DOC. NO. 7461-ORH-SP-J-87001
URHOUD - Organisation Ourhoud
JOB No. DOC. No. REV.
0-1800 S-000-1371-102 2
PROJECT SPECIFICATION
SHEET 2 OF 43
Specification for Integrated Control System
CONTENTS
1. General
2. Outline
2.1 Definition
2.2 Document Format
2.3 Project Communications
2.4 Approvals
2.5 International Codes and Standards
2.6 Project Document
3. System Overview
3.1 Installation Condition
3.2 Scope
3.3 Operating Principles
4. Process Control and Shutdown

4.1 Definition
4.2 System Scope and Configuration
4.3 Operator Interface – CCR
4.4 Operator Interface – LTRs (CTR and OTR)
4.5 Operator Interface – Satellite and Wellheads
4.6 Engineering Work Station
4.7 Functional Requirements – PCS
4.8 Functional Requirements – PSD
4.9 Supervisory Control and Data Acquisition (SCADA) System
4.10 Management Information System
4.11 System Input / Output (I/O) Facility
4.12 Alarm Handling
4.13 Data Logging and Printers
4.14 Communication Facilities
4.15 Satellite Station Control Nodes
4.16 Wellheads Remote Terminal Units (RTUs)
4.17 Leak Detection System
0-1800 S-000-1371-102 2
SHEET 3 OF 43
5. ESD and F&G System

5.1 Definition
5.2 General Requirement
5.3 System and Functional Requirement for ESD System
5.4 System and Functional Requirement for F&G System
6. Software Requirement
6.1 Application Software
6.2 On-line Self-diagnosis
6.3 Power-up Checks
6.4 Software Security
7. System Cubicles and Field Termination Cabinets

7.1 Components and Wiring
7.2 Year 2000 Compliance
7.3 Radio Interface
7.4 Electromagnetic Compatibility (EMC)
7.5 Earthing
7.6 Power Supplies
7.7 Interconnecting Cables
7.8 Hazardous Area Certification
7.9 Ingress Protection
7.10 Future System Extension
8. ICS Interface into Package Plant

8.1 General
8.2 Fully Integrated Packages
8.3 Partially Integrated Packages
8.4 Stand Alone Packages
8.5 Instrumentation Sub-system Packages
9. System Inspection and Testing

9.1 General
9.2 Test Procedure
9.3 Communication Interface
9.4 Site Acceptance Test
0-1800 S-000-1371-102 2
SHEET 4 OF 43
10. System Engineering

10.1 General
10.2 Pre-Order Documentation
10.3 Post-Order Documentation
10.4 Development
11. Operator Training

11.1 Training Facilities
11.2 Training Program
12. Guarantee
APPENDIX-1 ACCEPTANCE TESTS AND ACCCEPTANCE

APPENDIX-2 PRELIMINARY FUNCTIONAL DESCRIPTION OF DATA
PROCESSING
0-1800 S-000-1371-102 2
SHEET 5 OF 43
1. GENERAL
1.1 Definition
This document specifies the requirements for an Integrated Control System (ICS) for
REALISATION DES INSTALLATIONS DE PRODUCTIN D’HUILE.
This document should be read in conjunction with the specifications, codes, standards
and supporting documentation as specified in Control Philosophy
7461-ORH-TP-J-87001 (S-000-1371-101).
2. OUTLINE
2.1 Definition
The ICS shall comprise integrated but functionally separate Process Control (PCS),
Emergency Shutdown (ESD), Fire, and Gas (F&G) sub-systems. The component parts
of the ICS will be distributed throughout the CPF, the satellites, the wellheads and CSF
to form an overall control and protection facility.
The ICS supplier shall be responsible for the detail design, manufacture, assembly,
testing, shipment and installation supervision of the control systems and equipment as
detailed in this Specification and as required by the relevant design codes for safe,
efficient, reliable and accurate operation of the system.
The ICS supplier shall demonstrate a successful field record of at least two years with
the same type of components and architecture and with an installed capacity greater than
15000 I/O’s.
2.2 Document Format
This document initially provides a general overview of the functional and operational
requirements of the ICS. Further design detail is then provided for the PCS, including
operator interface facilities, and the required functional interfaces into the ESD and
F&G systems. Specific design detail is then provided for the functionally separate ESD
and F&G systems.
Refer to section 2.6 “project document” for support documentation.
0-1800 S-000-1371-102 2
SHEET 6 OF 43
2.3 Project Communications
Verbal agreements between Supplier and Purchaser shall not be official until confirmed
in writing by the Purchaser. All post-order Project communications and technical
documentation shall be in French and English.
2.4 Approvals
The Purchaser reserves the right to approve, prior to construction, the following : -
 Supplier’s documentation, e.g. drawings and design specifications
 Materials of construction
 Manufacturers and Model numbers of sub-contracted equipment
 Test procedures
Any approvals given by the Purchaser shall not release the Supplier from his contractual
responsibilities.
2.5 International Codes and Standards
Refer to the “Control Philosophy”, 7461-ORH-TP-J-87001 (S-000-1371-101)
2.6 Project Document
Doc. No
Doc. No. (JGC) Document Title
(Company)
ORH-TP-J-87001 S-000-1371-101 Control Philosophy
ORH-SP-J-87002 S-000-1371-103 Specification for Emergency Shutdown System
ORH-SP-J-87020 S-000-1371-104 Specification for Fire And Gas System
ORH-SP-J-87021 S-000-1371-105 Specification for Instrument/Electric Interface Cabinet
ORH-SP-J-87022 S-000-1371-106 Functional Specification for Field Termination Cabinet
ORH-SP-J-87073 S-000-1371-107 Architectural And Operational Requirement for Integrated
Control System
ORH-SP-J-87023 S-000-1371-111 Functional Specification for Process Control System And
Process Shutdown System
ORH-SP-J-87024 S-000-1371-112 Specification for Human Machine Interface Of Integrated
Control System
ORH-SP-J-87027 S-000-1371-115 Functional Specification for Serial Interface
ORH-SP-J-87028 S-000-1371-116 Functional Specification for Leak Detection System
ORH-LJ-J-87001 S-000-1371-121 Alarm/Trip Setpoint List
ORH-LJ-J-87002 S-000-1371-122 ICS Input/Output List
ORH-SP-J-87065 S-000-1371-123 Specification for Push-Button Matrix
0-1800 S-000-1371-102 2
SHEET 7 OF 43
Doc. No
Doc. No. (JGC) Document Title
(Company)
ORH-SP-J-87066 S-000-1371-124 Specification for F&G Mimic Panel
ORH-SP-J-87063 S-000-1371-201 Specification for Auxiliary Panel
ORH-SP-J-87011 S-000-1372-001 Specification for Simulator

ORH-SP-J-87010 S-000-1372-002 Specification for Management Information System
ORH-SP-J-87067 S-000-1372-003 Specification for Management Information System Tag List
ORH-SP-J-87068 S-000-1372-004 Specification for Management Information System Reports
ORH-DX-J-87001 D-000-1370-200 General Safety Logic Diagram Overview

ORH-DX-J-87002 D-000-1370-201/ General Safety Logic Diagram for ESD & PSD System
/87020 219
ORH-DX-J-87101 D-000-1370-301/ Safety Logic Diagram for Fire & Gas PLC
/87160 360
3. SYSTEM OVERVIEW
3.1 Installation Condition
Refer to “Control Philosophy” 7461-ORH-TP-J-87001 (S-000-1371-101), closure 1.3.
3.2 Scope
The design objective for the Integrated Control System shall be to provide a fully
integrated monitoring, control, protection and safety system for all production,
processing, and utility facilities throughout the Ourhoud development. The basis on
which to achieve this objective shall be the selection of a single supplier for the entire
system, such that common control and protection system hardware and software is
provided wherever practical, and a common operator interface is presented throughout
the installation.
In addition to the operational and maintenance efficiencies achieved by the above
approach, the safe operation of the facility will be enhanced by common equipment and
procedures for all control and safety related actions.
0-1800 S-000-1371-102 2
SHEET 8 OF 43
The Integrated Control System for this Project comprises the following control and
safety sub-systems :
 Process Control System (PCS)
 Process Shutdown System (PSD)
 Supervisory Control and Data Acquisition System (SCADA)
 Fire and Gas Detection/Protection System (F&G)
 Emergency Shutdown System (ESD)
 Leak Detection System
Note: The SCADA and the PSD functions will be incorporated into the PCS. The
above listed systems will include inter-system and external communication
facilities.
The operator interface facilities for the above systems will be within the Central
Control Room (CCR) and Local Technical Rooms (LTRs) at the CPF. The control
and protection system cubicles will however be distributed into the Central Equipment
Room (CER) adjacent to the CCR, the Compressor Technical Room (CTR), the Oil
Technical Room (OTR), and to the satellite stations, wellheads and CSF.
In all cases the design objective shall be simplicity of control system design, instrument
hardware, and interfaces. Proven principles and equipment shall be used, with
avoidance of “advanced” controls or prototype components or software. The design
shall be “fit for purpose”.
3.3 Operating Principles
The overall operating philosophy for the installation, as relevant to the control and
protection system, is outlined below.
The overall production facility, including the satellites and wellheads, will be normally
controlled and monitored by a minimum number of operators at the CPF CCR. These
operators will be assisted by mobile field operators. These personnel, operating on a
24 hour basis, would be backed-up by additional technicians for fault diagnosis.
The satellite stations and wellheads will be normally un-manned, except for
maintenance and the following operating procedures:
 Multi-phase flow meter at the satellite stations
 Well start-up at the wellheads
 Local resetting of ESD trip actions
0-1800 S-000-1371-102 2
SHEET 9 OF 43
The following operational scenarios have been selected to provide an overview of the
operating philosophy:
1) Start-up
Start-up actions for individual wells will initially comprise manual opening of the
required valves. Isolation valves at the wellhead will then be opened from the local
wellhead panel, and production rate controlled by local operation of the wellhead
choke valves.
Start-up of a separation train at the CPF will normally be possible from the CCR,
although certain manual actions by the field operators may be required during
system pressurisation, etc.
Start-up of major mechanical plant, e.g. gas compressors, will normally be
undertaken at the related Unit Control Panel (UCP) in the associated LTR with
operation interlock in PSD safety bar. Machine start facilities will however be
provided at the CCR operator stations, for use at operator console. In all cases it
is envisaged that local operators will be required for compressor casing drain, etc.,
operation during compressor start-up. Automated casing drains will not be
provided.
The compressor UCPs will contain the machine vibration monitors displaying all
vibration amplitudes, and providing full vibration diagnostic facilities. The
vibration signal that is trigger of Compressor trip will be connected to Compressor
Trip by hardwire, and monitoring signal will be transmitted to PCS and PSD via
serial link. Compressor start-up in the Compressor Technical Room (CTR) will be
assisted by use of an ICS operator station in the CTR to monitor or manipulate the
gas process stream during machine start-up.
Full information shall be transmitted from the UCP to the CCR operator interface
(via the PCS) such that essential pre-start criteria can be ascertained, and that
acceptable running status confirmed. The data transmitted to the CCR shall provide
full graphic displays of machine lube oil and seal systems, etc.
Start-up of stand-by process and utility pumps, air compressors, etc., shall be
possible from the CCR without local operator actions.
0-1800 S-000-1371-102 2
SHEET 10 OF 43
2) Normal Running
Under normal operating conditions the operator interface facilities for the
PCS/PSD, ESD and F&G systems within the CCR shall enable functional
monitoring of the process, utility and personnel protection equipment throughout
the installation.
Certain auxiliary plant items however, typically air compressor oil systems, may
require the inspection of local indicators, pressure gauges, etc., for detailed status
information. All key variables, common alarms and trip alarms, shall be
transmitted to the CCR.
3) Upset Conditions
Any condition throughout the production facility requiring operator attention or
action, and all trip alarms, shall be annunciated within the CCR. In certain
instances, specifically where the resultant operator action is entirely local, a
package “common alarm” may dictate that an operator is required to examine a
locally mounted annunciator to ascertain the exact cause of the fault. Typically, the
air compressor package will operate on the common alarm principle. Alarm
system “cascade groups” shall operate on the first-up principle, with time stamping,
to define the originating alarm.
In a “non-critical” plant trip situation, where full plant status is known to the CCR
operator, the trip action may be reset at the CCR operator station. However, in a
“critical” ESD trip situation or where plant damage may have occurred, it is
essential that the operator can reset the trip action only locally.
4. PROCESS CONTROL AND SHUTDOWN
4.1 Definition
The definition “PCS” within this document refers to the combined Process Control
System (PCS), Process Shutdown (PSD), and Supervisory Control and Data Acquisition
(SCADA) facility, which covers the following functionality:
 The modulating control of flows, pressures, temperatures, levels, etc., for process
and utility fluids throughout the production facility.
 The process shutdown (PSD) of plant in the event of process upset.
 The centralised monitoring of all wellheads and satellites.
 Sequence logic control for start-up or auto changeover, etc., of process and
machinery units.
0-1800 S-000-1371-102 2
SHEET 11 OF 43
 The presentation of process and safety information and alarms to the operator,
and facilities for the operator to issue control commands.
 The logging of selected events and operator actions, together with all warning
and trip alarms.
 Blowdown system
4.2 System Scope and Configuration
The following is a summary of the component parts and configuration of the PCS :-
 CCR operator console containing VDU/keyboard Operator Stations (OS),
Management Information System (MIS) interface facility, and a pushbutton
matrix for key shutdown actions and blowdown operation.
 CCR wall mounting “wide screen display” facility for dynamic process control
graphics.
 Printing and data storage facilities.
 Engineering Work Station (EWS) for location in a maintenance office
 LTR operator interface facilities, in the form of cubicle or desk mounted
VDU/keyboard units.
 Distributed control cubicles, containing control, logic and communication
hardware for the PCS, PSD and SCADA functions. These will be distributed
into : -
- CER
- Compressor Technical Room (CTR)
- Oil Technical Room (OTR)
- Satellite stations
 Field Termination Cubicles (FTCs). These will be distributed to the CER and
LTRs in conjunction with the system control cubicles.
 System plug/socket cables for interconnections between control cubicles, FTCs,
operator console, ESD/F&G systems, etc.
 Interface racks for PCS/motor control interfacing, located in the related electrical
sub-station.
 A distributed PCS/PSD control node at each satellite, communicating with the
SCADA node in the CER.
 Remote Terminal Units (RTUs), located at each wellhead, communicating with
the SCADA node in the CER via the satellite station nodes.
 A computer only for monitoring in Security Control Room (SCR) in Fire Station.
0-1800 S-000-1371-102 2
SHEET 12 OF 43
4.3 Operator Interface - CCR
Operator interface to the wellheads, satellites, and CPF process/utility plant throughout
the Ourhoud development shall be primarily by CCR console mounted Operator
Stations (OSs), comprising VDU, purpose-built keyboard, and an activating.
The operation keyboard for OSs shall be of water-proof, semi-stroke or pressure
sensitive type; access to control and display functions shall be possible through
dedicated control and function keys. The function keys shall include dedicated keys for
most often used functions, such as; confirm/delete, open/close, next/previous,
alarm/buzzer acknowledge, tune, trend and mimics/groups of mimics direct access. An
industrial type trackball shall be added to the keyboard.
It is envisaged that four process operator station assemblies will be required for the
overall Ourhoud process and utility plant. A total of six (6) identical operator stations
shall however be supplied with the PCS to provide redundancy, with each station
having full PCS/PSD/SCADA/ESD/F&G operating capability. In normal circumstances
it is envisaged that four (4) stations would be allocated to process plant duty, and two
(2) to F&G duty.
Note that a separate Engineering Work Station (see Section 4.6) will be located in an
office adjacent to the CCR and a visual display unit of a Management Information
System (see Section 4.10) will be provided in the CCR.
The Operator Stations will provide as a minimum the following features : -

 Reference display, listing application and required key codes for all facilities
available to the operator, engineer or supervisor as appropriate.
 Graphic displays with control and alarm details, providing operator information
and guidance on all process and utility plant.
 Group displays arranged such that interactions between control loops can be
ascertained.
 Single loop displays detailing full process status and instrument calibration
parameters.
 Alarm and plant status listing in order of initiation, detailing class of alarm, e.g.
trip, pre-trip, information, etc.
 Real-time trends and short term historical trends on all analogue process
variables, with selectable long term historical trends.
 Flow rates, hourly and daily averages of fiscal process flows.
 Operator control input, via activating device, providing the facility to:
- amend controller set points
0-1800 S-000-1371-102 2
SHEET 13 OF 43
- select manual/remote/auto control

- stop/start pumps and drives
- make duty/standby selections
- acknowledge alarms
- open/close remote operated valves
- reset alarms and process shutdowns
- initiate start-up overrides and inhibits.
With regard to historical trending, the ICS memory capacity shall allow the followings,
 Gas Lift Wells : 5 samples each 30s during 10 days for 50 wells
 Regulators : 5 samples each 10 s during 24 hours for 500 loops
 Supervision and security : 1 sample each 30 s during 3 days for 5000 points
Alarm and event log for 10 days
Graphic displays, using French descriptors, shall be developed by the ICS Supplier in
conjunction with the Purchaser. For the purpose of the Bids, Suppliers shall allow for
600 pages of graphic display of average complexity.
Any OS shall have the possibility to access any display in the system. The display
facility shall allow for at least three levels (overview, system, sub-system).
Additionally the system shall allow for object displays. It shall be possible to move
directly between display levels.
During detail design the Operator Station package shall be subject to a detailed
operability study covering all operating scenarios, with particular emphasis on alarm
and trip situations. Design personnel undertaking this study must have relevant (and
recent) operating experience.
The OSs shall be desktop type. In additions to the OSs, the operator console shall be
sized to allow for:
 ESD/F&G push button matrix (Refer to “Specification for Push Button Matrix”
7461-ORH-SP-J-87065 (S-000-1371-123))
 Management information facility (see Section 4.10)
 Communication facilities (see Note below).
 Two document worktop areas, each 1.5m long
0-1800 S-000-1371-102 2
SHEET 14 OF 43
In addition to the console mounted displays, the ICS scope shall include for a dynamic
wide screen display facility. This wall mounted facility shall have the capability to
display all graphics available on the PCS operator stations, with display selection
possible from any operator station keyboard. It is envisaged that display facility size
will be approximately 3m wide, such that it will be visible by a seated console operator
(viewing distance approximately 4m).
Note: Communication equipment for console mounting will comprise PA control

panel, CPF intercom control panel, 3 telephone handsets, trunk radio handset,
CCTV control panel, and HF radio unit with handset. A console length of 1.5m
shall be allowed for this equipment.
4.4 Operator Interface - LTRs (CTR and OTR)
In general, the operator interface for normal operation of the process plant shall be in
the CCR. The gas compressors, and certain other special purpose mechanical packages,
will however be supplied with LTR located UCPs (complete with local operator
interface facilities) for the control of the package skids. A local PCS operator interface
assembly shall be supplied for location in each LTR to provide a facility for the
operator to determine status of the related process system during local package start-up.
The operator station assembly shall comprise two (2) operator stations with
VDU/keyboard units in each LTR for redundancy.
The local operation station shall be desktop type. The assembly shall provide the full
range of facilities described for the CCR operator station, although it shall not be
possible to insert operator commands into the LTR operator station unless a permissive
has been given from the CCR.
The CCR operator will be provided with an overview of all actions being undertaken in
the LTR.
4.5 Operator Interface - Satellite and Wellheads
There is no requirement for permanent PCS operator interface facilities at either the
satellite stations or the wellheads. All measurements, including multi-phase flows,
will be provided with local indicators for operator information. The ICS supplier shall
provide the facilities as required to enable maintenance activities on PCS components
at the satellites and wellheads.
0-1800 S-000-1371-102 2
SHEET 15 OF 43
4.6 Engineering Work Station
The CCR shall contain one Engineering Workstation (EWS). The EWS shall be
supplied as a separate dedicated unit, but with the facility to display the full range of
process data. The station shall, as a minimum, be able to perform the following tasks:-
 Configure the system and point database
 Undertake loop optimisation
 Build Operator displays
 Save and load configuration data.
The EWS shall be capable of both on-line and off-line configuration of the system, and
shall be fully key or password protected.
The keyboard shall be standard stroke type and a mouse shall be provided as a pointing
devise.
Reporting facilities for the EWS shall include user configurable trending functions to
assist in loop optimisation. In addition, the EWS shall provide read only access to all
engineering documentation for the entire ICS, with the facility to undertake selective
printing in at least 20 configurable formats.
4.7 Functional Requirements - PCS
The PCS shall allow dependable and effective control of the plant and shall be designed
for maximum integrity and reliability by use of dual redundant control processors,
communication sub-systems and power supplies. The hardware and software
configuration for the PCS shall be such that each processor shall check the control
action of the other, and failure of one processor shall not affect the operation of the
other. The ICS Supplier shall advise, in his bid, the expected availability (in % terms)
of his proposed PCS configuration.
The design of the PCS, I/O racks and cabling shall permit selective shutdown of
duplicated processing facilities without prejudicing the control of the rest of the plant.
Typically, it shall be possible to undertake hardware component replacement on
compressor train A while compressor train B is operational.
The controller functions shall be executed by microprocessor based multi-loop
controllers. System configuration shall be achieved easily with the use of function
software block techniques. System Suppliers shall employ wherever possible a library
of proven system configuration “modules” directly applicable to oil and gas production
facility applications.
0-1800 S-000-1371-102 2
SHEET 16 OF 43
The controllers shall provide algorithms necessary to implement all required control
strategies, sequencing and logic functions. Where practicable, controller algorithms
should always reside at the lowest level of the control system hierarchy.
All control loops shall be arranged to fail safe, typically by cascade controllers
reverting to local set point in the event of failure of the master or supervisory controller.
Although the design objective is to minimise system complexity, customised software
based facilities shall be provided within the PCS for certain applications. Typically
these facilities shall include start sequence logic for gas compressors, gas mass flow
computations, etc.
The response time for controllers (passing time between the change of a status or of
inlet value or the threshold crossing and the activation of the corresponding outlet) is,
1. Analogue functions (ex. Regulations.) : 500 ms
2. Discrete functions (ex. Logic of security, sequences.) : 500 ms
3. Rapid functions (ex. Load Shedding.) : 50 ms
The critical input status shall be displayed on the operator station within 1 second of
scanned sensing. A graphic refresh shall be undertaken within 1 second, and
generation of a new graphic page within 2 seconds. These times are to include the
display of both the background and live data.
The detail control system configuration will be determined from the Piping and
Instrument Diagrams (P&IDs) and supporting documentation as developed during the
detail design of the process and utility facilities. Input/Output count shall be referred
to “ICS Input/Output List” ORH-LJ-J-87002 (S-000-1371-122). The PCS controllers
shall be sized to allow at least 50% expansion of computational capability on factory
completion of the system.
For reference ICS Functional Specification (preliminary) is attached as Appendix-2.
4.8 Functional Requirements - PSD
The logic facilities for Process Shutdown (PSD) actions shall be incorporated within
the PCS, shall be based on identical hardware, but shall be functionally segregated and
fully redundant. The hardware and software configuration for the PSD shall be such
that each processor shall check the control action of the other, and failure of one
processor shall not affect the operation of the other.
0-1800 S-000-1371-102 2
SHEET 17 OF 43
As an option, however, the Supplier may propose combined PCS/PSD hardware,

provided the Supplier can demonstrate functional segregation between the PCS and
PSD software, and an adequate level of reliability for the PSD actions.
PSD loops on redundant process equipment, e.g. duty/standby pumps, should be
allocated to different I/O cards and controller files to minimise the impact of control
system hardware failure.
Trip actions initiated via the PSD may be reset at the PCS operator station, and no local
reset in the field will normally be required. Overrides and inhibits for start-up and
maintenance may be undertaken within the PCS/PSD system, using the PCS operator
station. The operation of overrides or inhibits shall be monitored and controlled by
alarms and time-out circuits. The PSD controllers shall be sized to allow at least 50%
expansion of computational capability on factory completion of the system.
4.9 Supervisory Control and Data Acquisition (SCADA) System
In this project, Supervisory Control and Data Acquisition (SCADA) system shall be
used for long distance data transmission system via optical communication link as a
part of ICS.
The PCS control and monitoring facility shall include a “node” at the CPF dedicated to
the Supervisory Control and Data Acquisition (SCADA) sub-system, monitoring the
satellite and wellhead. This stand-alone node of the PCS shall be configured to provide
a communication link with the control nodes at the satellites, and the Remote
Transmission Units (RTUs) at the wellheads.
The SCADA node shall communicate with the other PCS nodes, and the CCR operator
interface facilities, via the common redundant communications bus. Where applicable,
hardwired I/O interfacing may be considered between the SCADA node, and other
nodes of the PCS (typically the gas injection compressor PSD node) where high
integrity of signal transmission is required.
The optical communication between CPF and Satellites is defined as the extension of
ICS system communication facility.
4.10 Management Information System
A PC based Management Information System (MIS) shall be provided as a separate

data management and storage facility for the ICS. The MIS shall continuously gather
selected plant data from the ICS via the data highway.
0-1800 S-000-1371-102 2
SHEET 18 OF 43
For detail, refer to the “Specification for Management Information System,

7461-ORH-SP-J-87010 (S-000-1372-002).
4.11 System Input/Output (I/O) Facilities
The redundancy of Input/Output facility shall be determined in accordance with the

results of RAM study. System I/O modules shall be rack mounted. Each individual
I/O channel per card shall have status indication for healthy and fault. There shall be at
least 20%, 50% at satellite, spare hardwired I/O capacity available, for each signal type,
on factory completion of the system.
The number of Process I/O shall be referred to ICS Input/Output List.
Where the PCS/PSD system is required to provide digital output to solenoid valves, the
solenoids shall be powered 24 Vdc, via 24 Vdc coil interposing relays, using the UPS
power system supply. The required interposing relays shall be within the ICS Supplier
scope, and shall be located within a segregated section of the Field Termination
Cabinets (FTCs).
4.12 Alarm Handling
A comprehensive alarm handling facility shall be included within the application

software package for the complete ICS.
The system Supplier shall develop this package during system configuration to ensure
that no alarms are “standing” on the operator displays under normal operation.
Typically, discharge low pressure alarms on 2 x 100% pump sets shall be configured to
be automatically cancelled when the related pump is selected to be in the standby mode.
The alarm handling facilities shall include time stamped alarm and status logging within
each controller node to a resolution better than 500 msec.
4.13 Data Logging and Printers
A data logging facility shall be provided for status changes and general operational data.
A minimum of two CCR located printers shall be provided to record all alarms. In
addition, a separate colour printer shall be provided for hard copy from trend displays
etc., off any operator station VDUs. Additional printer(s) shall be provided if required
to ensure redundancy.
0-1800 S-000-1371-102 2
SHEET 19 OF 43
4.14 Communication Facilities
Dual redundant communication facilities, operating at a speed of at least 10 Mb/sec,

shall be provided for communications between the main components within each node
of the ICS, e.g. between I/O facilities and control processors. A dual redundant bus
facility shall be provided to link the various PCS nodes, the operator stations, ESD
system, F&G system.
The Optical communication between CPF and satellites shall be defined as the
extension of ICS system communication facility. Single communication interface shall
be provided for satellite station communication to the wellhead RTUs.
Interfaces between the PCS and the ESD/F&G systems shall be designed to ensure that
the integrity of these systems is not compromised by any fault in the PCS. Interfaces to
other control systems, e.g. UCPs, shall be designed to ensure that the PCS is fully
protected from corruption and invalid commands emanating from such sub-systems.
Serial interfaces shall be provided to interface between the major process package UCPs
and the relevant nodes of the PCS to enable full remote control and monitoring of the
packages from the CCR operator stations. The serial interfaces shall be fully redundant
for each application, and should standardise on a single protocol for commonality, e.g.
RS485 using Modbus RTU protocol.
Interface between the PCS and the MCCs for motor stop/start and status monitoring
shall be via redundant link. This link shall also transmit PSD signals to relevant
electrical drives where applicable. The status of the power distribution system can also
be monitored via the serial link.
ESD trip of electrical drives, where required, shall be hardwired from the ESD system,
via interposing relay racks located in the relevant sub-station, to the relevant contactor.
The relay coils shall be powered 24 Vdc from the ESD system, with volt free contacts
for the motor control circuit.
All communication facilities, including serial interfaces, shall be sized to allow at least
100% expansion of signal transfer capability on factory completion of the system.
0-1800 S-000-1371-102 2
SHEET 20 OF 43
4.15 Satellite Station Control Nodes
The use of PCS/PSD control stations, communicating with the SCADA node of the PCS
in the CPF, is proposed for the satellite stations. These units shall be capable of
processing linear and non-linear signals, such as square root for d.p. flow measurement,
etc. In addition, a limited number (up to 20) PID controller functions will be required at
each satellite station, together with approximately 32 PSD functions.
It should be noted that no operator interface facilities are required for the satellite
station PCS/PSD nodes, as all required local operator information will be provided by
local gauges or milliammeters.
Signal transmission from the satellite control node shall include node fault alarms for
display in the CCR. The fault monitoring functions shall include individual card faults,
power failure, high ambient temperature etc, and alarms to indicate local room door
open. The ICS Supplier shall include within his bid for portable facilities, which can be
readily taken between satellite stations, to undertake detailed fault diagnosis of the
satellite station nodes. The Supplier shall advise any alternative to the use of a portable
facility for fault diagnosis.
The satellite station nodes shall interface ICS system bus communication via dual
multi-core fibre-optic cables. The CPF/Satellite communication facility shall be fully
redundant, via redundant modems and the dual fibre optic cables. The ICS Supplier
shall advise on the possible use of redundant controllers at the satellite station. The ICS
Supplier shall provide all components (excluding cable) and software as required for
both ends of this link (note: the fibre optic cables will include spare cores for telephone
connection to the satellites).
The field telephone system (supplied by others) will use additional cores within the CPF
to satellite fibre optic cable, and will include the provision of a telephone multiplexer
unit at each satellite station.
The instrument room maintained by a small HVAC shall be provided in the satellite
substation for the satellite station control node, and associated equipment.
4.16 Wellheads Remote Terminal Units (RTUs)
Remote signal terminal units, generally located within the wellhead hydraulic control
panels, are proposed for the monitoring and control of the wellheads. The RTUs shall
interface, multiplex and transmit analogue and digital signals to and from the SCADA
node of the PCS at the instrument room in the satellite substation.
0-1800 S-000-1371-102 2
SHEET 21 OF 43
The wellhead RTUs will be required to undertake simple, but high integrity, closed loop
PSD logic actions, typically the sensing of high oil flowline pressure and consequent
closing of wellhead valves. The design objective is to provide a logic system at the
wellhead with an availability of 99.99%. The ICS Suppliers shall make proposals within
their Bids to achieve this level of availability.
Various analogue process parameters, e.g. wellhead pressure and temperature, shall also
be transmitted via the RTU. In addition, the RTU facility will be required to monitor
choke position feedback. No PID control actions are required at the wellhead.
Facilities shall be provided within the PSD logic for local manual override of low
pressure trip inputs, to enable well start-up. Manual override functions shall include
time-outs, and local manual input to the logic for this purpose will be from pushbuttons
(by others) located on the wellhead control panel (WCP).
No indication facilities are required on the RTU for normal operation or routine testing.
Simulation of analogue and digital inputs to the RTU for test purposes will be
undertaken by use of pressure test facilities and milliammeters supplied by others. Logic
outputs for local shutdown action will be verified by solenoid valve initiation.
Signal transmission from the RTU shall include fault alarms for display in the CCR.
The fault monitoring functions shall include communication failure and common alarm
of other failure for card faults, etc. The ICS Supplier shall include within his bid for
portable facilities, which can be readily taken between wellheads, to undertake detailed
fault diagnosis of the RTUs. The Supplier shall advise any alternative to the use of a
portable facility for fault diagnosis.
The RTUs shall include the single optical communication interface facilities as required
to enable communication with the related satellite, and hence the SCADA node of the
PCS. The logic within the RTU shall initiate well closure if communication is totally
lost for more than 15 minutes (adjustable).
It is proposed that the RTUs, optical communication unit, etc., should be mounted in an
enclosure and free-issued to the WCP Supplier, for location within his ventilated local
panel. The RTUs shall include facilities suitable for termination of the field cables. The
ICS Supplier is required to confirm that the equipment proposed is suitable for location
in a hydraulic oil based WCP. The WCPs will be located adjacent to the wellheads, in
a safe open desert area.
WCP and RTU are required for oil production wellheads and gas injection wellheads. In
other wellheads, WCP and RTU are not required.
0-1800 S-000-1371-102 2
SHEET 22 OF 43
4.17 Leak Detection System
Export oil leak detection shall be realised by specialised software in a dedicated

computer reporting to the ICS.
Necessary process data of export side shall be gathered by remote I/O unit in CSF and
transmitted to calculation unit in CER via RTU with optical communication function.
One PC shall be provided in CSF as leak detection monitor communicating to
calculation unit via RTU with optical communication function.
Installation space for Remote I/O unit, RTU and monitoring PC with HVAC and
electricity will be provided in CSF by Company.
Refer to the “Functional Specification for Leak Detection System” 7461-ORH-SP-J-
87028 (S-000-1371-116).
5. ESD AND F&G SYSTEM
5.1 Definition
The purpose of the functionally separate ESD and F&G systems is to provide a reliable
means for monitoring, and safely closing down, the total or critical portions of the
process and utilities plant throughout the installation.
5.2 General Requirement
The ESD and F&G systems shall be functionally separate, and shall operate in
stand-alone mode wherever practical. If appropriate, the two systems may however be
built as an integrated protection facility, mounted within a single cabinet or suite of
cabinets. The ESD and F&G systems shall use identical hardware components and
functional principles. In order to maintain a degree of standardisation of hardware, the
hardware manufacturer shall be subject to Client Approval.
The ESD and F&G systems shall include facilities for interfacing into the PCS, and the
communications systems, for the initiation of detail displays and alarms.
5.3 System and Functional Requirement for ESD System
Refer to the “Specification for Emergency Shutdown System”, 7461-ORH-SP-J-87002

(S-000-1371-103).
0-1800 S-000-1371-102 2
SHEET 23 OF 43
5.4 System and Functional Requirement for F&G System
Refer to the “Specification for Fire and Gas System”, 7461-ORH-SP-J-87020

(S-000-1371-104).
6. SOFTWARE REQUIREMENTS
6.1 Application Software
The application software shall employ the principles of diversity to minimise common
mode failures of the system. As a minimum, application software shall be divided into
operational logic and auto-test programs. The operational logic shall be produced by a
separate group of programmers to that producing the auto test programmes.
6.2 On-line Self-diagnosis
The ESD and F&G systems shall be designed to ensure that the whole system is fully
operational at all times, and that any faults are clearly defined to the operator. In order to
meet this criteria and to reduce spurious trips, a comprehensive self diagnostic facility
shall be included. The self diagnostic facility shall provide the following as a minimum:
 Two hardware watchdogs shall be provided to detect hardware or software system
failure. As a further safeguard the two watchdog programs shall run in separate
memory areas. Action to be taken on fault detection within a redundant system
shall be to raise an alarm and revert to non-voting operation on the second
channel or unit by automatic removal of the faulty equipment from service.
 The ability of each I/O module to communicate with CPU. The self check
routine shall also detect any module not being updated. Outputs shall be
de-energised on communication failure and indication of the failed module shall
be detailed on the ESD status/services display as a module fault.
 All serial communications with the ESD and associated systems shall be
subjected to exhaustive error detection procedures. Provision for communication
of detected failure to the display systems and local indication of failed
sub-assemblies is required.
 Each PLC shall have the ability to monitor the other PLC during diagnostic and
self check routines and annunciate any failure or discrepancy.
0-1800 S-000-1371-102 2
SHEET 24 OF 43
6.3 Power-up Checks
When primary power is applied to the PLC the following checks shall be carried out as a
minimum:
 RAM checked in its entirety for read/write ability
 Stored user software to be checked for corruption
 Internal high speed data buses to be checked for integrity of data transfer
 Logic and arithmetic manipulation ability of the PLC CPU as a whole to be
verified
 Ability of the CPU to operate with the I/O modules and the integrity of all
interconnecting circuits to be verified including backplane conductors.
 I/O module complement to be checked.
6.4 Software Security
The Supplier shall advise in the Bid his standard procedure for the protection of software
package during design development. A QA procedure shall be incorporated within the
QA manual for the secure development and storage of all software.
On completion of the final 'as built' software package, the Supplier shall place a
dedicated project copy within a secure storage area. This copy shall not be revised, and
any further amendments shall be undertaken on additional copies.
6.5 Functional Specification
Refer to Section 2.6 for the detail specification of ICS.
7. SYSTEM CUBICLES AND FIELD TERMINATION CABINETS
7.1 Components and Wiring
The control system cubicles, located in the CPF CER and LTRs, shall contain the
electronic components for the ICS, and shall be located adjacent to the associated Field
Termination Cabinets (FTC) for the field cabling. The CCR and CER will be provided
with computer type suspended flooring, and the partly raised LTRs provided with floor
slots. In all cases, system cubicles and FTCs shall be suitable for bottom entry of
cables.
0-1800 S-000-1371-102 2
SHEET 25 OF 43
The ICS Supplier shall supply, install and wire all components, racks, power supplies and
accessories within the ICS cubicles and FTCs. All assemblies shall be complete and
ready for site connection of power inputs, earthing and field cabling.
Wiring shall be on cable trays or in trunking so designated as to produce a neat and
accessible layout, properly supported and wherever necessary, loomed up. Separate
wire-ways and terminals shall be provided for intrinsically safe signals (if used),
non-intrinsically safe signals and power wiring.
Minimum conductor size for internal panel wiring shall be 0.5 sq mm except for special
purpose and ribbon cables. All insulating material shall be flame retardant, low halogen
content. Identification sleeves shall be fitted to each end of wiring runs, and shall be
inscribed with instrument tag number (where applicable) and terminal number.
All terminals in Junction Boxes, FTCs and System cubicles will use “cage-clamp” type
terminal.
Terminals and gland plates shall be provided for incoming and outgoing field and
interconnecting cables. Field and interconnecting cables shall enter from the bottom of
the cubicles. 40% spare capacity is required at all entries into the cubicles unless agreed
otherwise in writing by the Purchaser. This spare capacity shall also be provided within
the cable trunking.
A separate terminal shall be provided for each conductor and shall be suitable for a
minimum of 2.5 sq mm copper conductors. Sufficient terminals shall be provided for the
termination of all spare cores within the field cables. Terminals for field cables shall be
test/disconnect type to enable circuit isolation or test. The field cables will comprise
individually screened pairs, hence facilities shall be provided in the FTCs for the
termination and grounding of these screens.
The Supplier shall install means of isolating power supplied to the panel.
7.2 Year 2000 Compliance
The ICS components and systems shall be Year 2000 Compliant. The term “Year 2000
Compliant” means that the system, when configured and used according to the
documented instructions, will, without manual intervention or interruption:-
 Correctly handle and process date information, before, during and after January
1st, 2000, accepting date input, providing date output and performing calculations,
including but not limited to sorting and sequencing, on dates or portions of dates.
 Function according to the design documentation during and after January 1, 2000
without changes in operation resulting from the advent of the new century.
0-1800 S-000-1371-102 2
SHEET 26 OF 43
 Where appropriate, respond to two-digit date input in a way that resolves any
ambiguity as to the century in a disclosed, defined and predetermined manner.
 Store and provide input of date information in ways that are unambiguous with
regard to the century.
7.3 Radio Interface
The ICS equipment shall be immune to interference from hand-held radio transceivers in
the immediate vicinity with signal strength of 10V/m over the range 27 to 500 MHz, and
shall not affect the operation of other equipment.
7.4 Electromagnetic Compatibility (EMC)
In order to comply with the requirements of IEC 61000 all electrical equipment shall
meet the current applicable levels of “emission” and “immunity”. All applicable
equipment shall be designed so that the Electromagnetic disturbance it generates does not
exceed a level allowing telecommunications equipment and other relevant apparatus to
operate as intended.
The design of equipment should be of an adequate standard to maintain its performance
during its operational life in its installed environment. For the purpose of EMC the
performance of apparatus which must comply, is taken to be degraded if permanent or
temporary loss of function occurs.
7.5 Earthing
Reference should be made to the Instrument Installation Specification for general

instrument earthing requirements.
Two separate instrument earthing systems shall be provided within the system cubicles
and FTCs as follows : -
Electrical earth: Connection to installation earth of all electrical equipment, for
personnel safety. The electrical earth shall be used for panel steel,
and power supply earth.
Instrument earth: Used for termination of instrument cable screens at the FTC. The
instrument earth bar must be insulated from steel or any other earth
system.
0-1800 S-000-1371-102 2
SHEET 27 OF 43
7.6 Power Supplies
The power supply of ICS shall be dual separated supplies 230Vac from individual
Uninterrupted Power Supply (UPS) with 30 min backup (2 hours for F&G), on 100%
system load. UPS fault alarm shall be transmitted to ICS.
All CPF and satellite station UPS facilities will be supplied by Purchaser.
The power supply circuits shall be redundant by individual dual power supply line 230
Vac / 24 Vdc with isolating diode units so that if one of the supplies fails the supply to
the system is maintained, and the faulty unit initiates an alarm.
The power supply to the RTU at each oil production and gas injection wellhead will be
230 Vac from the electrical feeder to the wellhead. The RTUs for these wellheads shall
include a small battery, and charging facility, to enable continued wellhead monitoring
for a period of 15 minutes following mains power failure.
7.7 Interconnecting Cables
It is a requirement to make maximum use of system cabling to minimise site installation

work. The ICS Supplier shall provide system cables for all interconnections within
rooms between FTCs and system cabinets, system cabinets to operator console, and to
mimic/matrix facilities, etc.
System interconnections shall comprise multicore cables, with plug and socket
assemblies. The connectors shall be of robust construction which, when connected, are
locked in place with anti vibration screws. The Supplier shall propose and give details
of his recommended type.
For the purpose of this Specification the Supplier shall allow 20 metres of cable ready
made up between cabinets, cubicles, console, and CCR matrix. The lengths shall be
more accurately defined during the detail design.
Conductors shall be stranded annealed copper of 0.5 sq mm suitably insulated for the
specified voltage. Cabling shall be flame retardant PVC insulated, twisted pairs with
overall screens.
The ICS Supplier shall include for the required fibre optic core termination facilities for
both ends of the CPF to satellite communication link.
0-1800 S-000-1371-102 2
SHEET 28 OF 43
7.8 Hazardous Area Certification
For the purpose of the ICS enquiry, it shall be assumed that electrical instrumentation
located in hazardous areas will be certified flameproof (EEx’d’). Where suitable
EEx’d’ equipment is not available, intrinsically safe (EEx’i’) equipment may be used,
subject to Purchaser approval. If EEx’i’ equipment is selected, galvanic isolators
(rather than Zener barriers with dedicated IS earth bars) shall be used within the FTCs.
All ICS components, except possibly the wellhead RTUs, will be located in safe areas.
7.9 Ingress Protection
Field mounted equipment at the wellheads and satellites shall have an ingress protection
to IP56 (protected against dust and strong jets of water) to EN 60529. Control room
equipment shall be protected to a minimum of IP21.
7.10 Future System Extension
The separate PCS, ESD and F&G subsystems shall each be capable of future expansion.
In addition to the I/O, terminations, etc., sparage detailed previously including MGF
spare, all control PLCs or microprocessors, and operational condition (air conditioning
power supply ,cable route, etc.) shall have the capability of handling an additional 50%
control and monitoring functions.
8. ICS INTERFACE INTO PACKAGED PLANT
8.1 General
Packaged plant, typically gas compressors, air compressors, etc., will be interfaced into
the ICS to enable monitoring and control (where applicable) of the equipment from the
operator interface facilities in the CCR. In general, this interface will be one of the
following three forms:
 Fully Integrated
 Partially Integrated
 Stand Alone
0-1800 S-000-1371-102 2
SHEET 29 OF 43
8.2 Fully Integrated Packages
These Packages, typically water treatment filters with auto-changeover and backwash
facilities, will be supplied as skid mounted process plant units, generally with instrument
cabling wired to skid edge junction boxes. All control and monitoring functions will be
undertaken within the PCS/PSD, to a design (typically sequence logic functions) by the
Package Supplier.
8.3 Partially Integrated Packages
These Packages, typically gas compressors, will be supplied as fully cabled skids, with
skid edge junction boxes. The total Package will be controlled and monitored in two
forms:
 The machine driver, compressor bearings, lube oil systems, etc., will be
monitored and controlled from the Package Supplier’s Unit Control Panel (UCP),
which will be located in a safe area LTR. The UCP will also contain surge
protection and load control systems as required for the compressor.
 The gas side of the compressors (excluding surge protection and load control)
will be generally monitored and controlled by the PCS/PSD system, using a node
of the PCS located adjacent to the compressor machine UCP in the LTR.
The compressor UCP shall communicate via redundant serial link with the dedicated
PCS node to enable monitoring of the compressor from the CCR operator work stations.
The scope of the signals communicated to the PCS shall be sufficient to enable
development of VDU displays, with alarms and indications, for the machine and the
supporting lube oil systems, etc. Although vibration alarms and amplitudes will be
transmitted to the PCS for CCR display, vibration analysis (shaft position against
vibration amplitude) will only be made available on the Package Supplier’s UCP.
Sequence interlocks and PSD functions between the gas side PCS node and the machine
UCP shall be undertaken by hardwired signals.
In general, ESD functions will be external to the compressor Package, undertaking
isolation of the gas stream and fuel gas supply. There will, however, be an ESD signal to
gas turbine drivers where applicable. Although F&G detection/protection facilities will
generally be external to the Package, gas turbine hoods will be supplied with F&G
detectors, which shall be wired to F&G logic within the UCP. Control outputs will be
taken to the Package Supplier’s extinguishant system, HVAC dampers, etc.
0-1800 S-000-1371-102 2
SHEET 30 OF 43
8.4 Stand Alone Packages
These Packages, typically air compressors, will be supplied with on-skid control panels,
incorporating local annunciators and indicators. A simple hardwired interface will be
cabled into the relevant distributed PCS node, providing a small number of status signals
and common alarms for CCR display.
8.5 Instrumentation Sub-System Packages
In addition to mechanical plant Packages, the control/instrumentation scope for the

Ourhoud project will include certain instrumentation sub-systems. The following
paragraph outlines a typical unit:
A dedicated tankage monitoring system will be provided to monitor level and

temperature of the various water and oil storage tanks. This system will include for
special purpose volume computations in accordance with inserted tank data, and will be
located in a separate cubicle within the OTR. The tankage monitoring system shall
interface into the ICS via serial link to enable transfer of tankage data to the operator and
the MIS.
9. SYSTEM INSPECTION AND TESTING
9.1 General
After final system assembly, the Supplier shall carry out his own comprehensive testing
procedures to ensure full functionality of the complete system prior to offering the
equipment for witnessed Factory Acceptance Test (FAT). The overall testing and
commissioning procedure is envisaged to be in at least four stages as follows :
 Supplier’s tests.
 Supplier shall confirm the heat soak test as card by card to be done during
assembling period. Then the global 72 hours test can be suppressed.
 Witnessed FAT (including FATs at sub-contracted suppliers’ works as
appropriate), with Client and Third Party present, to demonstrate functionality of
the equipment and system using simulated inputs. Overload test shall be carried
out during FAT also, with reference to the Appendix-1.
 Site Acceptance Test (SAT) to confirm full functionality of the system following
installation.
0-1800 S-000-1371-102 2
SHEET 31 OF 43
The Supplier should note that the Client and Third Party require three weeks’ notice for
attendance at witnessed tests.
The scope of the tests shall fully demonstrate the capability of the ICS to meet the
requirements of Statutory Regulations, this Specification, and all supporting
documentation.
9.2 Test Procedure
Full test procedures shall be developed by the Supplier and provided for Client/Third
Party comment/approval, prior to FAT and SAT. These procedures shall define all test
criteria, and shall contain an acceptance column for all systems, sub-systems and
components that have to meet specified functional or integrity criteria. The procedures
shall also include the Supplier’s proposals for presentation and control of a ‘deviation
report’ and ‘outstanding items’ system to provide a historical record of problems
encountered during testing and means used to overcome them.
The preliminary test procedure shall be shown in Appendix-1 as “ACCEPTANCE
TESTS AND ACCEPTANCE”. Detail procedure shall be discussed and determined in
detail engineering stage.
9.3 Communication Interface
All inter-system bus and serial links within the ICS shall be fully verified, and
simulations undertaken to verify the communication loading is within the specified limits.
The ICS Supplier shall also include for the functional verification of all serial and bus
links into related systems, e.g. machinery Package Supplier UCPs.
The ICS Suppliers scope shall include for a minimum of two portable serial link test units,
comprising hardware and software identical to that used for the delivered PCS/PSD
systems. These units shall be made available for use by the packaged plant Suppliers
during UCP tests.
Complete communication test (retrieval of tables and sending / receiving of commands
with the final application) shall be done before the FAT to allow for the latter to be run
with the final configuration. It is the ICS Supplier’s responsibility to liase with the UCP
suppliers as necessary to ensure full compatibility between the various systems.
Communication between PCS/PSD and wellhead RTUs via SCADA node with optical
communication way shall be tested with a minimum one (1) complete set of RTU.
0-1800 S-000-1371-102 2
SHEET 32 OF 43
9.4 Site Acceptance Test
The complete inventory of ICS components including spare parts and consumable items
shall be inspected at site. All ICS functions including application software and
Sub-system communication shall meet the applicable specifications.
The ICS Supplier has the responsibility to confirm above tests at site as Site Acceptance
Test (SAT).
10. SYSTEM ENGINEERING
10.1 General
The Supplier shall include for an engineering documentation package in accordance with
the Supplier’s Documentation Requirements Schedule (SDRS) incorporated in the
Technical Requisition.
Where practicable, documentation shall be provided in electronic as well as hard copy
format.
10.2 Pre-Order Documentation
The Supplier shall provide, with his Proposal, adequate documentation to demonstrate
that the proposed design satisfies the requirements of this Specification and other
documentation referred to herein.
This shall include, but not necessarily be limited to: -
 System topology diagrams
 Separate Outline Specifications for the separate PCS, PSD, SCADA, ESD and
F&G parts of the system.
 I/O card counts and sparage calculations
 Initial reliability calculations for PCS, ESD and F&G systems
 Supplier proposals, and analysis, for satellite and wellhead control units
 Proposals on use of computer based design techniques
 Preliminary electrical load list for individual items of equipment
 Spare parts lists for commissioning, and for 2 years’ operation
 Insurance spares
0-1800 S-000-1371-102 2
SHEET 33 OF 43
10.3 Post-Order Documentation
The Supplier shall provide the documentation in accordance with the Supplier
Documentation Requirements Schedule (SDRS). All Supplier documentation shall be
made available in both paper and electronic format.
The ICS Supplier shall allow for the following documentation:
 Functional design specification for the overall ICS, and the separate PCS, PSD,
SCADA, MIS, ESD and F&G systems
 Overall and system dedicated topology diagram
 Bills of material for separately definable hardware components within each system
 Cubicle and console internal and external layouts, including card locations
 Power distribution and earthing schematics
 Field cable termination diagrams
 Interconnecting cable schedule, connection details, and block diagram
 Listing and details of serial links to external systems
 Tagged system databases, one for each system, recording configuration details for
each tagged signal.
 Load and heat emission calculations for electrical components
 System manuals containing, as a minimum, procedures for the following:
- System start-up and shutdown
- System maintenance
- System test and fault diagnosis
- On-line and off-line loop configuration
- Sequence logic configuration
The Supplier shall propose procedures for the following engineering actions:
 The receipt of ICS design data from the Purchaser in database format, and the
direct transfer of this core data into the configuration of the system.
 The configuration of loops, sequence and shutdown logic.
 The development of graphic displays.
0-1800 S-000-1371-102 2
SHEET 34 OF 43
10.4 Development
An architecture study shall be done to implement the results of the RAM study and may
lead to ICS architecture simplification.
Application Development shall be done directly in French (programming and Human
Interface); all application specific documents shall be in French. Some standard
Manufacturer’s Technical Documentation may be accepted in English, pending
COMPANY Approval.
Provisions shall be made for two Sonatrach employees to actively participate in
application development and FAT on ICS vendor premises.
Prior to full application development a series of “typicals” (programming and HMI) shall
be developed for basic functions in co-operation with COMPANY; only after “typicals”
have been subjected to a successful FAT by COMPANY, shall they be used as
elementary building blocks for the development of the complete application.
A preliminary non-exhaustive list: Analog input, Analog input with 4 thresholds, Triad of
analog inputs with voting, Discrete input, Discrete output, Discrete output with line
monitoring, Analog output, Regulator, Control valve, SDV simplex, / ROV, SDV duplex,
ESDV, LV pump, HV pump, LV electric starter, HV electric starter, Monowell,
Multiwell, Safety bar, Normal / Helper / Spare 3 pumps @ 50%, Normal / Helper / Spare
2 pumps @ 100%, Normal / Spare 2 pumps @ 100%
The content and hierarchy of Graphic displays on ICS Operator station shall have to be
approved by COMPANY before implementation.
IEC-61131 (Programming method) and ISO-12207 (Guideline for development of
application) shall be applicable for engineering development and programming.
11. OPERATOR TRAINING
11.1 Training Facilities
An operator station assembly, which consists of three operator stations, one instructor
console, simulator computer and communication bus, shall be provided 3 months prior to
on-site commissioning, and shall be supplied complete with a software package enabling
training of operators on the control and monitoring facilities provided by the Project
system. The software package shall simulate all control and protection functions which
will be available on the supplied equipment. The required simulator function is shown
in Project Specification ORH-SP-J-87011, (S-000-1372-001) “Specification for
Simulator”.
0-1800 S-000-1371-102 2
SHEET 35 OF 43
The “Training” portion of the simulator must be operational three month before the
beginning of the commissioning operations; the “Optimization/Tuning” portion of the
simulator must be operational from the beginning of the start-up.
11.2 Training Program
The supplier will be required to provide the Training Courses on total ICS for operating
and maintenance personnel as detailed in Table 11.1 below: However, this program shall
be integrated into the general project training program for Sonatrach personnel.
Table 11.1
Number of Persons
Maintenanc
Scope Operating
e
1 week at Supplier’s works on software procedures 16 4
1 week systems training during FAT of overall system 16 4
1 week application training on site during
16 4
commissioning.
4 weeks for configuration and system maintenance - 4
12. GUARANTEE
The supplier shall guarantee the integrity, workmanship, engineering ability and the
materials of hardware. The supplier shall guarantee the equipment for the warranty
period and the conditions stated in the enquiry/purchase order documents (as applicable).
0-1800 S-000-1371-102 2
SHEET 36 OF 43
APPENDIX – 1
ACCEPTANCE TESTS AND ACCEPTANCE
1. Application software
Each application shall be the subject of acceptance tests.
The software shall comprise an assembly of copies of standard software modules

(assumed correct) and/or validated, custom software modules. The objective of
acceptance testing is to verify the connections between the software modules and the
parameter settings of the copies (names, message texts, colour coding, threshold values,
etc).
The tests should be easily reproducible to ensure that any modifications made are
consistent with their specifications and have not affected the satisfactory operation of the
parts assumed unaffected ("non-regression" check).
2. Non-standard software
The aim of acceptance testing is to check that the non-standard software modules are
compliant with their specification.
1) Each typical module shall be the subject of an acceptance test based on the
acceptance test procedure for the related standard function. The supplier shall
propose a procedure, a platform and the tools for acceptance testing all types of
software modules involved in implementing the standard function.
2) With each change of version of a typical module, the acceptance test of the standard
function ought to be repeated.
3) The acceptance test shall be applied to an identified version of the software and its
documentation.
4) The documentation must therefore be available at the time of acceptance testing.
5) It would be desirable for the supplier to submit the results of his own inspections
prior to acceptance testing.
0-1800 S-000-1371-102 2
SHEET 37 OF 43
3. "System" acceptance test specification
3.1 Objectives
1) To measure specified performance levels under maximum load conditions.

2) To measure, under such maximum load conditions, the loading on the machines and
the networks. The acceptance criteria shall be the value supplied in the design
documentation.
3) To check out operation of the system display and level 1 service procedures (fault
locating and identification).
4) To check that system operation in degraded situations is in accordance with
specifications: redundancy arrangements, management of communication link faults;
shutdown, restarting and initialisation of subsystems.
5) To check that a total shutdown, battery-based data backup time and restarting of the
entire system are all carried out correctly.
6) To check that the system's administration and maintenance procedures are correct.
3.2 Procedure (principles)
1) Measurement and reading of machine loads (PLC and controller cycle times, CPU
and disk load, etc) and network loads in "normal" situation.
2) Simultaneous startup of test generators in normal situation and recording of loads.
3) Determination of the maximum load supported by the system supplied and recording
of specified characteristics.
4) Verification or steady-state operation of the system in degraded situations, of the
system display and of the redundancy mechanisms.
5) Verification of steady-state operation of partial restarts.
6) Verification of operation under load (generators running) of the system in degraded
situations, of the system view and of the redundancy mechanisms.
7) Verification of operation under load of partial restarts.
8) Verification of the simultaneous restart of all of the system after a general power
supply failure for a specified time.
9) Verification of administration and maintenance procedures and tools,
 Failures
- Fault tracing based on information from the system display and/or the
administration and maintenance system.
- Identification of the type of failure.
- Return to service after rectification.
 Modifications
0-1800 S-000-1371-102 2
SHEET 38 OF 43
- Implementation, commissioning and backing up of changes to each type of

software.
- System configuration management.
3.3 Resources
1) System design documentation:

 A map of the applications and the information flows (see ... ).
 A map of the system: communication networks, architecture of machines /
firmware / software (see ...).
 Administration and maintenance procedures.
2) Load generators (principles):

 Periodic flows
100%
signal sent
signal
returned
0%
figure 1
 The test signals shall include signals of modifiable frequencies (for example,
sawtooth wave signals, easy to produce). The generation, recording and
display of these signals, the operator interfaces required for implementing these
functions and modifying the parameters shall be constructed using the system's
technical functions.
 The principle is to inject a test signal and record the signals sent and received.
The phase difference represents the group delay time and the distortion of the
signal transmitted reveals how the software modules through which the signal
has passed are operating.
 Injection of signals of variable frequencies on different paths in the system in
operation is used to determine performance levels, given the loading of the
system at the time of the test, and to explore the "reliable" operation of the
system, still under the same load conditions. Since the systems are non-linear,
the limit on the acceptable region represents the frequencies beyond which the
transmitted signal is highly distorted.
0-1800 S-000-1371-102 2
SHEET 39 OF 43
 The repetition of these measurements for different system loading provides a

means of exploring all of the acceptable operating range.
 This test shall be used to measure the performance levels of the following
technical functions:
 Display of analogue measurements and MMI.
 Operator commands.
 Execution of processes, machine performance and communication network
performance.
 History load and trend.
 Event flows
 The test signals shall comprise generators specially developed for this purpose
and for which the labels provide a rapid indication of which events have been
lost or transposed, and/or shall be based on application alarms.
 This test shall be used to measure the performance levels of the alarm process
(logging, sorting).
 The file transfer function shall be tested using files of maximum size and the
protocols that are to be used.
3) Machine and network load measurement tools:

 Communication protocol analyzers ("sniffer" type from Network General).
 Machine loading analyzers (CPU, disk, swap zone, queues), "HP-Glance" type
for HP-UX.
 SNMP administration tools (MIB, supervisor).
4) System display and DCS and network administration tools.
5) Test procedures. These will need to be prepared in detail by the supplier and/or the
systems integrator, and shall be designed to achieve the objective.

Urhoud: Specification FOR Integrated Control System

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Urhoud: Specification FOR Integrated Control System

Uploaded by

Copyright:

Available Formats

COMPANY’S DOC. NO.

4. Process Control and Shutdown

5. ESD and F&G System

7. System Cubicles and Field Termination Cabinets

8. ICS Interface into Package Plant

9. System Inspection and Testing

10. System Engineering

11. Operator Training

APPENDIX-1 ACCEPTANCE TESTS AND ACCCEPTANCE

2.2 Document Format

2.3 Project Communications

2.5 International Codes and Standards

Refer to the “Control Philosophy”, 7461-ORH-TP-J-87001 (S-000-1371-101)

2.6 Project Document

ORH-SP-J-87011 S-000-1372-001 Specification for Simulator

ORH-DX-J-87001 D-000-1370-200 General Safety Logic Diagram Overview

3.1 Installation Condition

Refer to “Control Philosophy” 7461-ORH-TP-J-87001 (S-000-1371-101), closure 1.3.

3.3 Operating Principles

4. PROCESS CONTROL AND SHUTDOWN

4.2 System Scope and Configuration

4.3 Operator Interface - CCR

The Operator Stations will provide as a minimum the following features : -

- select manual/remote/auto control

Note: Communication equipment for console mounting will comprise PA control

4.4 Operator Interface - LTRs (CTR and OTR)

4.5 Operator Interface - Satellite and Wellheads

4.6 Engineering Work Station

4.7 Functional Requirements - PCS

4.8 Functional Requirements - PSD

As an option, however, the Supplier may propose combined PCS/PSD hardware,

4.9 Supervisory Control and Data Acquisition (SCADA) System

4.10 Management Information System

A PC based Management Information System (MIS) shall be provided as a separate

For detail, refer to the “Specification for Management Information System,

4.11 System Input/Output (I/O) Facilities

The redundancy of Input/Output facility shall be determined in accordance with the

4.12 Alarm Handling

A comprehensive alarm handling facility shall be included within the application

4.13 Data Logging and Printers

4.14 Communication Facilities

Dual redundant communication facilities, operating at a speed of at least 10 Mb/sec,

4.15 Satellite Station Control Nodes

4.16 Wellheads Remote Terminal Units (RTUs)

4.17 Leak Detection System

Export oil leak detection shall be realised by specialised software in a dedicated

5. ESD AND F&G SYSTEM

5.2 General Requirement

5.3 System and Functional Requirement for ESD System

Refer to the “Specification for Emergency Shutdown System”, 7461-ORH-SP-J-87002

5.4 System and Functional Requirement for F&G System

Refer to the “Specification for Fire and Gas System”, 7461-ORH-SP-J-87020

6.1 Application Software

6.2 On-line Self-diagnosis

6.3 Power-up Checks

6.4 Software Security

6.5 Functional Specification

Refer to Section 2.6 for the detail specification of ICS.

7. SYSTEM CUBICLES AND FIELD TERMINATION CABINETS

7.1 Components and Wiring

7.2 Year 2000 Compliance

7.3 Radio Interface

7.4 Electromagnetic Compatibility (EMC)