92/98 bd Victor Hugo

92115 CLICHY – France GENERAL SPECIFICATION

Tel 33 (0) 1 41 06 30 00
Télex 620 428 SOFRGAZ
Fax 33 (0) 1 47 37 16 27
E-mail : [Link]@[Link] INSTRUMENTATION
THIS DOCUMENT IS OUR PROPERTY AND SHALL NOT BE USED NOR REPRODUCED WITHOUT OUR WRITTEN AUTHORIZATION
CE DOCUMENT EST NOTRE PROPRIETE ET NE DOIT ETRE NI UTILISE, NI REPRODUIT SANS NOTRE AUTORISATION ECRITE

FUJIAN LNG TERMINAL AND TRUNKLINES PROJECT

DISTRIBUTED CONTROL SYSTEM

Date : Etablis. / Establ. Projet / Project EMISSION POUR / ISSUE FOR

18/12/03 V. VIGUIER AG. BLAZQUEZ ISSUED FOR FEED
Rév. / Amend. Vérif. / Check Approbat. / Approval N° [Link].000.2900.1000
01.24

1 L. BROCCOLI Page 1/40

N° FJLNG-SPC-TS-IN-002
 REVISION RECORD

Rev. Date Established Checked Project Issue for

0 0/11/03 V. VIGUIER LP. BROCCOLI AG. BLAZQUEZ First issue

1 18/12/03 V. VIGUIER LP. BROCCOLI AG. BLAZQUEZ Approved
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 2/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 CONTENTS

1 INTRODUCTION

1.1 PURPOSE OF THIS DOCUMENT

1.2 GENERAL PROCESS DESCRIPTION

1.3 REFERENCES, CODES AND STANDARDS

1.4 ENVIRONMENTAL CONDITIONS

1.5 ABBREVIATIONS

2 CENTRAL CONTROL SYSTEM (CCS)

2.1 CCS CONCEPT

2.2 DISTRIBUTED CONTROL SYSTEM

3 GENERAL

3.1 DEFINITIONS OF THE CONTROL LEVELS

3.2 GENERAL DESCRIPTION OF THE SYSTEM

3.3 FUNCTIONALITY AND GENERAL PERFORMANCES

4 ACQUISITION AND CONTROL SYSTEM

4.1 HARDWARE CHARACTERISTICS

4.2 SOFTWARE CHARACTERISTICS AND PERFORMANCES

5 SUPERVISORY SYSTEM

5.1 SYSTEM ORGANISATION

5.2 HARDWARE CHARACTERISTICS

5.3 SOFTWARE CHARACTERISTICS AND PERFORMANCES

6 COMMUNICATION SYSTEM

6.1 INTERNAL DCS COMMUNICATION BUS

6.2 COMMUNICATION WITH THIRD PARTY SYSTEMS

7 ASSOCIATED SYSTEMS REQUIREMENT

01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 3/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 8 DOCUMENTATION

8.1 HARDWARE DOCUMENTATION

8.2 SOFTWARE DOCUMENTATION

8.3 INSTRUCTION MANUALS

9 DCS ACCEPTANCE TESTS

9.1 MANUFACTURER INTERNAL TEST (IFAT)

9.2 FACTORY ACCEPTANCE TESTS (FAT)

9.3 SITE ACCEPTANCE TEST(SAT)

01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 4/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 1 INTRODUCTION

1.1 PURPOSE OF THIS DOCUMENT

This general specification covers the minimum requirements for the design, supply,
configuration, programming et tests of the Distributed Control System to be
installed for the FUJIAN LNG TERMINAL project.

1.2 GENERAL PROCESS DESCRIPTION

The Fujian LNG Terminal is an onshore import terminal with LNG carriers
unloading facilities, LNG storage with vaporising facilities and gas export capability.

The LNG terminal will be located at Xiuyu Harbor north shore development zone of
PUTIAN city, Fujian province.

Approximate latitude and longitude are North 25° 12’, East 110° 59’.

The process of the Terminal can be described into three main functional sections:

LNG unloading

LNG carriers are berthed along terminal jetty. LNG is pumped out from ship using
ship pumps and sent to storage tanks through 3 unloading arms and an unloading
collector routed to shore on an aerial trestle. Part of the vapour displaced during
tank filling operation is sent back to carrier via a vapour return line connected to
ship by means of a gas return arm.

LNG storage

LNG is stored in tanks at pressure close to atmosphere (two identical tanks are
installed for phase I). Tanks pressure is mainly controlled by withdrawal of boil-off
gas by reciprocating compressors (2 installed). In case of abnormal pressure
increase in tank, boil-off gas in excess is sent to flare.

LNG / NG send out

LNG is withdrawn from tank by cryogenic pumps (two per tanks). Simultaneous
operation of three in-tank pumps is required to provide peak flow. Part of the
pumped flow can be sent to an LNG trucks loading station. Main flow is sent to the
HP send-out pumps and to the vaporisers.

Upstream HP send-out pumps, the LNG flow is split in two streams. One stream is
routed to a recondenser where it is put in contact with compressed boil-off gas to
make it condense. The rest of the flow bypasses the recondenser.

Downstream recondenser, low pressure LNG is pressurised by cryogenic pumps

and sent to vaporisers. There are two different vaporisation lines:
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 5/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 • a high pressure line (HP system) that supplies the trunklines to Wenzhou and
to Zhangzhou,
• a medium pressure line (MP system) dedicated to Putian power plant.
Three identical HP pumps and three identical MP pumps are installed for phase I.
Parallel operation of two pumps is required to provide peak flow.

Under normal operating conditions LNG is vaporised by Open Rack Vaporisers

(HP ORV and MP ORV) using seawater as warm fluid. For each pressure level (HP
and MP), three ORV are installed during phase I with one spare.

At terminal boundary, gas is delivered to two distribution pipelines. One metering

station is provided on each export line, upstream Terminal battery limit.

1.3 REFERENCES, CODES AND STANDARDS

All equipment constituting the Distributed Control System shall be designed and
manufactured in accordance with the last issues of regulations, codes, norms and
standards listed in the specification “Applicable Codes and Standards” N°
[Link].000.B100.001.

All the requirements of national legislation, regulations and codes, including

regulations on environmental protection and safety, in force at site, take
precedence over the minimum requirements cited in the context of this
specification and must be complied with, even without explicit mention.

The “General Control System Overview” architecture drawing number

[Link].I040.0001 has to be read in conjunction with this document.

1.4 ENVIRONMENTAL CONDITIONS

Refer to “General Design requirement” technical note N°
[Link].000.P030.0001

1.5 ABBREVIATIONS
The following abbreviations are used :
BOG Boil Off Gas
CCS Central Control system
CPU Central Processing Unit
DCS Distributed Control System
ESD Emergency Shut Down System
FACP Fire and Gas Alarm Control Panel
FGM Fire and Gas Mimic
FMS Facilities Management System
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 6/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 FOC Fibre Optic Cable
FTA Field terminal Unit
F&G Fire and Gas System
I/O Input / Output
TR Technical Room
LCD Liquid Crystal Display
MCC Motor Control Centre
ORV Open Rack seawater Vaporiser
OTS Operator Training System
PLC Programmable Logic Controller
PMS Power Management System
SIL Safety Integrated Level
SCV Submerged Combustion Vaporiser
UPS Uninterruptible Power Supply

2 CENTRAL CONTROL SYSTEM (CCS)

2.1 CCS CONCEPT

The Central Control System (CCS) will comprise a group of related, integrated
control systems in charge of the control and safety of FACILITIES operations.

Major systems in the CCS are:

a. DCS Distributed Control Systems

b. ESD Emergency Shutdown System

c. F&G Fire & Gas System (including spillage detection)

d. PMS Power Management System

e. PA/GA Public Address and Gas Alarm System

f. Packages control systems (such as Tank Gauging Systems,

BOG compressors, SCV, ORV, emergency diesel generators,
and air & nitrogen systems, unloading arms…)

g. Metering systems

h. Instrumentation

This specification covers the requirements for the Distributed Control System
(DCS) only.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 7/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 2.2 DISTRIBUTED CONTROL SYSTEM
The Distributed Control System (DCS) will be the primary control system and the
backbone of the CCS in order to control and supervise the Terminal operations.

The CCS will utilise the DCS capabilities for managing CCS data and presenting
them to the operator via interactive workstations.

DCS shall be in charge of:

• Operator Interface
• Alarm Management
• Historisation and reporting
• Regulatory Control, Sequencing , Logic and Monitoring Functions
• Interface to other PCS systems
• Interface to other third party systems

3 GENERAL

3.1 DEFINITIONS OF THE CONTROL LEVELS

The following definitions are used in this document:

Level 0: Instrumentation

This is the lowest level of the hierarchically ordered System structure. It regards all
the field instruments like sensors, initiator and actuators. (They are not covered by
this specification, refer to "Instrumentation General Specification” N° [Link]-
000.1500.0100)

Level 1: Acquisition and control system

This is the intermediate level of the hierarchically ordered structure of the System.
It regards all the System equipment dedicated to Data Acquisition, Control,
Automation and functions.

Level 2: Supervisory system

This level regards the System equipment having the function of HUMAN-MACHINE
Interface (HMI).

Level 2 is the supervisory level of the Plant.

Level 3: Management system

This is the level dedicated to Advanced Control and Plant Optimisation (not
covered by this specification).
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 8/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 3.2 GENERAL DESCRIPTION OF THE SYSTEM
The system shall be based on microprocessor modules for the control and data
acquisition. It shall be equipped with resident software to carry out the regulatory
control algorithms, the interlock and sequential control functions.

The operator interface shall be implemented through interactive workstations

equipped with data display console, keyboard and printer and capable of
managing the supervision, control, graphic presentation, alarm, message,
diagnostic functions.

An engineer workstation dedicated to the configuration of the System and the

implementation/modification of the user software shall also be provided.

The control modules and workstations shall be connected by a data

communications system.

The system shall be capable of carrying on a dialog through an appropriate

interface module with external electronic computers and/or data communications
standard networks (Ethernet or equivalent).

3.2.1 Level 1: Acquisition and Control System

The Level 1 equipment shall be suitable to carry out the following functions:

Interface with field instrumentation such as transmitters, initiators, switches and

final elements.

• Acquisition of process data from sensors to allow monitoring of process

variables.
• Performance of basic control functions.
• Performance of calculation functions including arithmetic computation.
• Performance of complex control functions including adaptive gain, feed forward,
signal selection, etc
• Execution of logic for performance of interlock, automation, and sequential
functions.
• Execution of combined regulatory and logic functions.
• Handling of sequence of events with time recording for preparing alarms
monitoring and data logging performed on level 2
• Transfer to Level 2 of all data, measurements and acquired events, calculated
or produced by Level 1 itself.
• Receive from Level 2 commands and set points.

3.2.2 Level 2 : Supervisory System

Supervisory system represents the Operator's interface towards the Plant.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 9/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 • It handles and allows the following functions:
• Indication of all analogue or digital process variables, open or closed loops and
all related parameters
• Manipulation of control loops, including: set-point change, operating mode,
output, tuning, computation constants
• Alarm announcing
• Display of lived process graphics
• Logging and possibility of both historical and trend recording
• Display of sequence of events.
• Display of self-diagnostics messages.
• Still at Level 2, but through separate and independent equipment, the following
functions are handled in addition to the above mentioned ones:
• Changes, additions, canceling to the configuration of Level 2 (user software) or
of the lower levels.

3.2.3 DCS Communication System

The equipment components forming the various levels are interconnected through
a communication system allowing the functions described in the following
paragraphs.

The communication system shall be based on an open architecture using TCP/IP

protocol or equivalent in a client/server environment.

Also the communication medium shall be of standard manufacturers (Ethernet or

equivalent).

Proprietary communication systems are also acceptable; but they shall be

submitted to review and approval. They shall be able to communicate with open
systems based on TCP/IP protocol or equivalent.

3.2.4 Interface with other systems

DCS shall also communicate with CCS systems, third party control systems and
management computers.

3.3 FUNCTIONALITY AND GENERAL PERFORMANCES

The DCS shall provide the following functionality and performances:

3.3.1 Capacity
The DCS must be capable of supporting the entire plant process units. Speed of
response for both control functions and man-machine interface should not be
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 10/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 degraded under any conditions (such as, for instance, alarm overload) taking into
account that this is a relatively fast-responding process.

Multiple local area networks are allowed provided that the overall functionality is
satisfied.

3.3.2 Reliability and Availability

The system shall be implemented by holding reliability in the utmost consideration
and in particular the selection of the electronic components and the individual
entities forming the system is carried out on the basis of a continuous operating
time of 2 years.

Availability

The System shall be highly reliable and available. The availability shall be better
than 99.9 % with a MTTR of 12 hours for all functions. The Probability of Failure on
-2
Demand (PFD) shall be strictly lower than 10 .

No error propagation:

The malfunction of a unit of the System, at any level, shall not propagate to other
apparatuses of other levels.

3.3.3 Modularity
The system shall be of a modular construction and easily expansible. The module
typology holds in due consideration the requirements of interchangeability and
reduction of storage costs.

3.3.4 Redundancy
High reliability is important if we take into account that the loss of critical process
units would result in major upsets and costly restart time. The DCS should have
ability to continue operation, without upsets, even in case of one critical equipment
failure.

Consequently, the System shall be configured in such a way that some equipment
could be redundant.

Particularly, all the following parts/functions of the System shall be completely

redounded:

• all CPU’s
• all communication buses
• all communication modules
• all power supply modules
• all parts dedicated to continuous control including I/O cards
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 11/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 • all parts dedicated to interlock or sequential logic control
All boards or equipment shall be equipped with redounded supply system
connected to separate supply systems.

The redundancy layouts shall be implemented in such a way that the transfer from
each element to its back-up in redundancy and return to normal situation is
immediate, automatic and such as not to affect the process, the operator stations,
the computation or other functions.

The transfer from a unit to the back up one shall be in any case alarmed.

The System is fitted with a redunded memory comparing automatic device, which
generates an alarm signal in the event that the result of comparison is negative. In
the event of a discrepancy between the contents of the memories, it shall be
possible to eliminate such difference keeping the System running.

The System will be implemented in such a way that it is possible to replace the unit
in redundancy of the main one without affecting the operation of the System itself.

3.3.5 Security
A DCS, by nature, is relatively easy to reconfigure. The system should provide
various levels of password and/or key protection to allow for different levels of
authorisation when maintenance is being performed.

3.3.6 Memories
Memories of non-volatile type shall be provided for the configuration data. It shall
not be necessary to reload other "offline" devices in case of System restarting.

In the event that RAM are used with buffer batteries, these shall be suitable to
maintain the memories for 30 days.

The battery charge state shall be continuously monitored. A special alarm shall be
generated when the required maintenance times cannot be ensured.

All batteries shall be replaceable without needing to interrupt the functionality of

the associated memories.

The System is fitted with memory sufficient to carry out all the required control,
protection and automation functions.

The System configuration shall be such as to leave at least 30% of memory space
available for future changes.

It is preferred that all memory modules are expansible with no need of hardware or
software changes.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 12/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 3.3.7 Synchronisation
All System apparatuses at any level shall maintain an internal clock having a
resolution of 1 millisecond. Such clock shall be resettable from the operator station
or from the configuration station. All system clocks shall be synchronised within 1
millisecond one from the other.

Within the System there are more Master stations in such a way that the
malfunction of an individual apparatus cannot affect the operation or the
synchronisation of the others.

Each Level 1 apparatus of the System shall be suitable to generate such

synchronisation signal.

3.3.8 Data Base

All Input/Output signals to the System shall be identified with the same identifying
tag name, generally that one of the field instrument.

The System allows the input, output signals or internal variable to be identified with
a name of 12 digits at least.

For each input, output or internal variable, this name will be unique and can be
used in any level of the DCS and for any function (acquisition, control, supervision,
configuration and programming, visualisation, logging, etc..)

3.3.9 Basic control.

DCS shall allow implementation of standard control functions (PID, ratio, cascades,
etc.).

3.3.10 Extended control

The DCS should provide ways to implement user functions including modifying
standard algorithms or defining new ones.

This functionality should be available by use of a high-level programming language

from an industry standard. The ability to include logic functions (e.g. interlocks)
may be necessary for implementing certain advanced control functions.

3.3.11 Multivariable control

A highly desirable feature of the DCS is that multivariable predictive control (MPC)
can be performed directly rather than in process control computer interfaced.

This will allow high speed, high reliability and state-of-the-art advanced control
within the basic instrumentation system.

It also allows, for the operator interface, to be consistent with standard control
functions display for all advanced process control applications.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 13/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 Multivariable control should be able to run as fast as every 15 seconds, even if,
typically, run once per minute is enough.

3.3.12 Loop processing

Some functions need to be processed rapidly, at least twice per second (4 to 10
times per second desired). Others can be done much less frequently (once per
minute to 4 times per minute typically for multivariable controls).

The DCS must provide a mechanism to distribute the processing load so that this
wide range of loop execution frequency can be accommodated.

The load distribution shall not affect any functionality.

3.3.13 Communications with third party systems

The DCS must offer possibility of interface with third party systems.

Three types of communication may be considered:

• For major CCS systems such as safety systems (ESD and Fire and Gas
systems, etc…).
• In this case, the preferred DCS interface shall be via the DCS's own internal
communication system where the CCS subsystems appear as nodes on the
system and have established and integrated software.
• For external control systems such as machinery and package control systems,
tank gauging systems, metering system, motorised valves management system,
power management system, HVAC control system etc…
• In that case, standard serial link (RS 232, 485, etc..) redundant or not according
to application with proven protocol (such as MODBUS) shall be used.
• High level of communication can be also considered after review and approval.
• For management and associated systems such as Management information
system, Asset management system, operator training system, advanced control
system etc..
• In that case, DCS shall be able to carry on a dialog through appropriate
interface module and communications standard network (Ethernet or
equivalent).

3.3.14 Installation of the system

The system will be installed in a non-classified area (control room, technical room)
- ISA S71.04 & S71.01 G1AX

The System shall be suitable to operate in a room with the following ambient
parameters:

Maximum: T = 40°C Relative Humidity = 90%

01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 14/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 Minimum: T = 10° Relative Humidity = 20%

The system shall be suitable to be stored in a warehouse with the following limit
ambient parameters:

T from 0 to + 50°C

Relative Humidity from 20% to 95%

DCS equipment shall be in accordance with IEC 6100 norms regarding EMC
interference.

Earth shake protection

Shock of 15G, 10 millisecond duration or steady state vibration of 2.5G, 5-500 Hz

shall not result in any damage or malfunction.

3.3.15 System Electric Supply

The system shall be supplied at 220 V - 50 Hz from a UPS supply with the
following tolerances:

Voltage 220 V + 10%, 220 V - 10%

Frequencies 50 Hz + 3%, 50 Hz - 4%

The system is to supply all external loops except those identified as "externally
supplied".

All supply units shall be redundant and implemented in such a way as to prevent
that the malfunction of a unit may extend to the other units as well.

The transfer of supply from the unit under failure to the back up one is
instantaneous and without interruptions in the normal operation of the System.

The outputs of all supply units shall be monitored by the System and any
malfunctions shall be immediately identified and alarmed.

In case of interruption then coming back of the power, the system shall
automatically start with no need of a manual data reloading from disks, tapes or
else.

The starting and reset of each System component shall not require the
performance of complex procedures.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 15/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 4 ACQUISITION AND CONTROL SYSTEM

4.1 HARDWARE CHARACTERISTICS

4.1.1 Input /Output cards

[Link] General
The I/O cards shall be of a strong design, high quality and manufactured in such a
way as to be suitable for the installation in an industrial environment.

The System shall be implemented in such a way that all types of I/O cards may be
installed in all positions of the relevant nest. It shall be implemented in such a way
that every I/O card may be removed or inserted under voltage. The System shall
be equipped with diagnostics suitable to prevent that the insertion and removal of
I/O cards may cause errors in signal scanning.

Each individual I/O channel shall be protected by fuses.

All fuses shall be equipped with optical indicator; furthermore the fuses may be
replaced with no need to remove the card, keeping in operation all channels not
protected by the fuse to be replaced.

The minimum insulation between I/O channels and between the channels and the
common is 75 MΩ.

[Link] Analogue Input Cards

The analogue input cards available are suitable for the following typologies of
signals:

• 1 - 5 VDC
• 4 - 20 mA self supplied or externally supplied
• thermocouples (I, K, T, E)
• RTD 100 Ω Pt
The analogue input cards 4-20mA shall be equipped with a device to check the
functionality of the loop (open - short circuit detection).

The supply to field transmitters for the 4-20 mA loops shall be 24 VDC.

The thermocouple input cards shall be equipped with compensation of the cold
junction and with a device to detect any burnout.

The linearization of the signals from thermocouples or thermo-resistors shall be

made at card level or at software level.

The scan rate for analogue inputs, which are part of control loops, shall not be
more than 0.25 seconds.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 16/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 The scan rate for analogue inputs not involved in control loops, shall not be more
than 1.0 seconds.

The only exception to the above, can be the loop relevant to temperature
measurement for which a scan rate of 5.0 seconds can be accepted.

Each card shall be equipped with its own A/D conversion unit.

[Link] Analogue Output Cards

The analogue output cards shall comply with the following technical requirements:

• they are suitable to control a load of 400 Ω at least;

• the output range is 4-20 mA
• the resolution is 12 bits
• the linearity is 0.1%
• the action in the event of malfunction of the card or the logic shall be pre-
selectable (high - low or unchanged)
• The card circuitry shall be suitable to monitor the state of the loop connected
and in particular the conditions of open loop or short circuit ones.
• Analogue output cards shall have an individual D/A converter for each analogue
output.
• The scan rate (output update) for analogue outputs, which are part of control
loops, shall not be more than 0.25 seconds.

[Link] Digital Input Cards

The digital or low frequency pulse inputs cards shall comply with the following
requirements:

• each entry shall be optically isolated (2500 V),

• each loop shall be supplied from the system, which recognises loop state
changes with impedance of 1000 ohms at least (including the contact
resistance),
• the state of each digital input shall be visible on the card front through a special
LED.
• the digital input channels shall be equipped with filter suitable to discard signals
having duration of less than 2 millisec.
• the pulse counters shall have a range from 0.1 to 100 Hz; the duration of pulses
may vary starting from a minimum of 5 millisec.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 17/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 [Link] Digital Output Cards
Output cards shall normally be solid state able to drive field solenoid valves and
relays for electrical interface. Solid state outputs shall be 24 VDC and be capable
providing at least 300 mA to the external coil. No interposing relays shall be used
with exception of electrical interface. In this case the interposing relays could be
installed in a dedicated cabinet located in the electrical sub-station.
In case of relays mounted on digital output cards included in the DCS supply, the
same shall comply with the following technical requirements:

• they are capable of switching 2 A under 220 V 50 Hz

• they bear a continuous peak load of 10 A
• it is possible to select the state of each "normally open". or "normally close"
output
• the relays used on the cards are suitable to bear 1.000.000 operations at the
provided load.
• the relays shall be exempt from vibrations.

[Link] Remote I/O

The DCS shall be able to drive remote control systems, which include dedicated
DCS processors and I/O cards and/or remote I/O in order to implement the
Electrical/Instrument Interface in electrical substation (if any) or when the distance
between field instrumentation and Control Building becomes too long (e.g. jetty).

The remote communication shall be via redundant fibre optic devices. All
necessary equipment, FO converters and the accessories relevant to the fibre
optic system will be part of the DCS supply.

[Link] Fieldbus system

Field bus system will not be used for this project

[Link] Scanning
It shall be possible to assign, by configuration, various scanning times to I/O
signals. The selection of the scanning time is carried out by taking in due
consideration the speed with which each signal changes from its normal operating
state to the abnormal one.

The scanning time of some I/O signals may be automatically modified by program.
This will allow that points with normally slow dynamics could be sampled at greater
frequencies during some particular transients (starting).

[Link] Checking of loop integrity

The system constantly shall check all the analogue I/O to verify that they are within
the fixed ranges and activate an alarm signal in case of malfunction. The displayed
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 18/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 data relevant to the points in malfunction state shall be the last valid one
measured; in this event the status "freeze value" shall be clearly indicated.

As a rule the malfunction of an analogue input signal of a control loop shall cause
the controller to be switched to the manual mode and an alarm to be generated in
order to call the attention of the operator.

4.1.2 Controllers
Controllers shall be multiloops microprocessors based modules.

Power supply modules such as interface modules with internal communication

system shall be systematically redundant.

Control processor unit (CPU) shall be redundant if regulatory functions are

performed by the relevant controller.

No processor shall be loaded at more than 70% of its processing capacity.

Field I/O’s shall be grouped and assigned to CPU’s using the following guidelines:

• Communication between CPU’s across the DCS communication network (peer

to peer communication) shall be minimised.
• CPU I/O assignment should be designed according to process area
segregation. This means that generally each process area cannot be controlled
by different CPUs.

4.1.3 Installation
All equipment and modules related to acquisition and control system shall be
completely installed and wired inside system cabinets.

These cabinets shall be self-standing and designed for 19” rack mounting,
standard Rittal type or equivalent. Nevertheless the following requirements must
be taken into account:

• Cabinets shall have front and rear access.

• Cables entry shall be from bottom
• Preferred dimensions (WxHxD) : 800 x 2100 x 800 mm
Field Terminal Assemblies (FTA) shall be separated from I/O cards.

They shall be installed inside marshalling cabinets in which intrinsic safety barriers
and marshalling related to field multicore cables shall be also mounted.

Cross connections between marshalling and terminal units shall be part of vendor
supply.

Marshalling cabinets shall have the following characteristics:

01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 19/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 • Front and rear access or front access only.
• Cables entry shall be from bottom
• Preferred dimensions (WxHxD) : 800 x 2100 x 800 mm or 1600 x 2100 x 400
mm for marshalling with front access only.
Standard cables with end connectors shall be used to connect FTA and their
corresponding I/O cards.

System and marshalling cabinets shall be installed in the technical room within the
Control Building. Nevertheless depending to the proposed architecture some
remote control modules could also be installed within the following buildings:

• Jetty control room

• Compressor building
• Main electrical substation
• Loading control building
• Sea water systems building

4.2 SOFTWARE CHARACTERISTICS AND PERFORMANCES

4.2.1 Regulatory control functions

The control functions of the System shall be carried out by a microprocessor
multiloops controller.

The controller shall be capable of accepting signals from the various sensors
installed on the process through the I/O cards mentioned in paragraph 4.1.1

The following typologies of regulation shall be available:

• PID Controller
The controller shall have the proportional band algorithms available as well as
integral and derived action in order to implement the control strategies.

The controller shall be capable of operating in the following modes: manual,

automatic, cascade, backup cascade.

The control algorithm shall be implemented in such a way that the transfer from
manual to automatic is "bumpless".

The System shall contain the possibility of automatic tracking of the controller input
or output as required by the controller mode.

It shall be possible to configure alarms on the deviation between the measured

variable and the set point of the controllers.

• Other control functions

01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 20/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 The controller shall have all the algorithms available which are suitable to allow the
implementation of control strategies such as: PID, adaptive gain, feed forward,
signal selection, etc. in addition to the base algorithms.

The System shall include a wide library of continuous control algorithms, including
standard algorithms and of specialised functions.

Special functions such as mass-flow, function generation, logarithmic functions,

etc. shall be included in the program library.

The continuous control algorithms are of type such that the operating mode, the
set points and the tuning parameters can be modified from the operator station or
by the logic control functions.

4.2.2 Data acquisition function

The System shall allow the transfer of data from the input card to the higher levels.

The scanning times of the variables simply acquired shall be compatible with the
supervisory system response times.

4.2.3 Logic control function

The System shall perform as combinatory and sequential logic functions.

The sequential control shall be able to use all the analogue/digital signals and
internal variables resident in the database.

Logic control functions can be implemented by means of the application of

standard or pre-configured control algorithm

The following logic algorithms shall be available:

• Valve module
• Motor module
• Etc.
It shall be possible to perform combined logic and continuous functions such as:

• Forcing loop in manual mode

• Changing set-point (with possibility of ramp)
• Changing tuning parameters
• Forcing the output signal.
The logic or sequential programs are to be equipped with comments of such a
quality as to allow a quick interpretation.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 21/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 4.2.4 Response times

[Link] Continuous control function

The response time is defined as the time between the moment when a signal
changes in value at the input channel of a card and the moment when the
controller takes the consequent action and the output signal is sent assuming that
the following conditions occur:

Worse position from the varying point inside the scanning cycle

Maximum complication of the control algorithm

Maximum traffic on the communication systems between levels.

Under the previous conditions, the system responds within the times specified
below:

• Slow loops 0.50 s

• Fast loops 0.25 s
• Critical loops 0.10 s
In any case, the basic processing cycle shall be adjustable.

[Link] Logic or sequential control functions performance times

• Logic control (motors, interlocks) 0.5 s
• Sequence 0.5 s

5 SUPERVISORY SYSTEM

5.1 SYSTEM ORGANISATION

Control Room Operators will be organised on 12-hour shift basis, each shift will
include two teams dedicated to both process and utilities, and the other to power
generation and distribution. The power generation and distribution team will control
and monitor the power generation and distribution from dedicated electrical control
room by means of PMS duly interfaced with DCS installed in the Control Room.

At least the following equipment shall be provided for the Process and Integrated
Utilities Control Room Operators:

• 4 nos. Independent Process operator Consoles (including large screen

displays), ergonomically arranged to provide the operators with facilities to
efficiently and safely operate the LNG Terminal.
Provision shall be made to install the instrumentation package unit operator
(such as CCTV, and Tank level Systems), the PA/GA system console, the radio
console and telephones.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 22/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 • 2 nos. Empty tier consoles and accessories for ESD panel and F&G panel
(FACP) mosaic type.
• 2 nos. Alarm and Event Matrix Printers and accessories assigned, respectively,
to the process area and to the utilities area.
• 2 nos. Logging and reports Matrix Printers and accessories assigned,
respectively, to the process area and to the utilities area.
• 1 nos. Video-copy colour Printer and accessories assignable from any control
room’s operator consoles, engineering console and training & Management
consoles.
At least the following equipment shall be provided for the DCS system Engineers:

• 1 nos. Engineering Workstation.

• 1 nos. Matrix Printer and accessories.
• 1 nos. Laser Jet Printer and accessories.
• 1 nos. Table support for all above equipment.
At least the following equipment shall be provided for The training Engineers:

• 1 nos. Engineering Workstation.

• 1 nos. Laser Jet Printer and accessories.
• 1 nos. Table support for all above equipment.
At least the following equipment shall be provided for The Management
Engineers:

• 1 nos. Engineering Workstation.

• 1 nos. Laser Jet Printer and accessories.
• 1 nos. Table support for all above equipment.

5.2 HARDWARE CHARACTERISTICS

5.2.1 Process Operator consoles

Each operator console shall consist as minimum of:

• 1 nos. Workstation electronics with 21" min flat LCD screen and keyboard
• Empty desk for all above equipment's
Videos shall be equipped with colour screens, 21", high resolution, capable of
showing either alphanumeric pages or graphic pages.

Various colours shall be used in order to distinguish the information supplied.

01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 23/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 All information visible on a video of one console shall be visible on the other video
of the same console. The videos of an operator console shall be interchangeable.

Any change in the database from a video station shall be automatically updated on
the video of the same console and on all other consoles.

Keyboard

The keyboard shall be of the "self explanatory type", easy to operate, and will allow
an easy performance of the system control functions.

Easy-to-learn "Call routines" shall help the operator in his task.

A software of interactive type shall be used for all operations.

The operator keyboard shall preferably be of the "touch sensitive" membrane type
and shall be tight to dust and humidity.

All commands from the keyboard shall be recognisable by means of a sound.

• At least, through the keyboard, it shall be possible to :

• Select all displays including the direct access to the loops in alarm, select the
video pages (overview, group, loop), etc.
• Acknowledge alarms
• Insert new parameters or cancelling existing wrong parameters. This type of
access shall have to be documented
• Easily position the cursor for the selection of all parameters
• Request the photocopy of the video, prints of logging and alarms, address
signals and trend recorders
• Change the operating mode (automatic/manual/cascade) of each controller
Furthermore, the keyboard shall have the possibility of assigning some functions to
personnel of a higher level.

These functions have to be protected by means of "security keys" or by

passwords.

At least, it shall be possible to:

• Inhibit alarms (installation stopped or under maintenance)

• Change the alarm set
• Access to the loop tuning parameters
• Adjust the clock
• Assign parameters for the historical recordings.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 24/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 The system shall be suitable to be use also with additional pointer devices (mouse,
track ball or equivalent).

For some console, an engineer keyboard should be also connected to the video.
This will allow to perform more complex actions.

Electronics

The workstation electronics shall consist of a microprocessor based system that

supports the keyboard and the VDU drives printers, transmits data and receives
data from the I/O devices via the data DCS Network.

All links to the keyboards, VDUs and trackballs or mouses shall be foreseen.

Desk Furniture

The basic empty desk furniture to be supplied with the Workstations shall be
complied with the operator design requirements:

• Desk wedge units for arc-shape arrangement,

• Flat to desk units to provide space for documents
• Chairs.
All components installed within the desk shall be flush mounted.

5.2.2 Logging printer

Two printers dedicated to the reports shall be provided.

Reports shall be printed, according to the configuration:

• Per hour
• Per shift
• Per day
• Upon operator request.
The information relating to each report are kept till a maximum time of 15 minutes
after the predetermined print-out time.

5.2.3 Alarm and event printer

These two printers shall be dedicated to:

• Print the process and system alarms as soon as they appear or of the alarm
historic situation request by the operators;
• Each print out shall show, at least, the data relating to: Tag name, service, day
and hour of the alarm, type of silencing, hour when normal situation resumed
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 25/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 • Print the events (understood as actions taken by the operator through the
keyboard).

5.2.4 Colour printer

A colour printer unit shall be used to obtain copies of the video display (on request
through the operator or engineer console).

The video photocopied display shall be halted during 5 seconds maximum.

The printer shall be addressable from any of the operator stations.

5.2.5 Configuration station

The configuration station (or Engineering Workstation) shall perform the following:

All apparatuses at any level of the system may be configured or reconfigured on-
line from the configuration station through the communication bus, without causing
interference’s or interruptions to the normal running operations.

The loading of the programs developed off-line may take place in a partial or
scattered way without trouble for the normal operation.

The system configuration shall be based on high level language. The configuration
through blocks is required.

The system shall be suitable to carry out programs written in high level languages
such as FORTRAN, C, BASIC. Furthermore some utilities software shall be
available to prepare pre-configured control blocks with such types of languages.

The system shall contain routines suitable to verify that the changes and/or
additions are correct and not in contradiction with the existing configuration.

The configuration station shall be equipped with password system to avoid that
unauthorised personnel may tamper with the software.

The configuration station shall store both the date and time of the intervention and
the originator of the change.

5.3 SOFTWARE CHARACTERISTICS AND PERFORMANCES

5.3.1 General
Supervision system shall work as a minimum with Microsoft Windows NT operating
system. It shall include interfacing capabilities using DDE and OPC protocols.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 26/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 5.3.2 Process display

[Link] Overview
The overview display shall allow the overall vision of the various groups of loops or
variables or alarms forming the process unit.

It shall be possible to have on the overview an indication of the deviations from the
normal operating values of all analogue variables.

Any conditions of deviation from the set-point shall be shown by means of

variations in colour.

The condition of operation of each loop (auto/man/cascade) shall be clearly

signalled.

[Link] Group display

The group display shall indicate individually the groups of loops shown in the
overview display.

Each loop of the group display shall be indicated, at least, by the tag name,
description of the service and unit of measure.

The group display shall at least make visible the following detail information:

• Value of the analogue variable both in the form of a "bargraph" and in

engineering units.
• Value of the set point, both in the form of a "bargraph" and in engineering units.
• Value of the analogue output both in the form of a "bargraph" and in percentage
by means of alphanumeric display;
• Mode of operation of the controller (auto/manual/cascade, etc.)
• Alarms of the measured variable, deviation alarms, etc.
• Indication of the selected loop (inside the group;
• Position of the valve in case of failure
It shall be possible to insert the same loop on various group without restriction.

[Link] Loop display

The loop displays shall be able to supply detail information on all loops configured
in the system.

The graphic representation shall be similar to that of the group display, but the
following additional information shall be supplied:

• Values of the tuning constants

01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 27/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 • Values of bottom and full scale of the variables
• Set points of the alarms on the various parameters
• Limits on set point, output, etc
• Control action (direct or reverse);
• Position of failure of the final control element
• Values of computation (reports, bias, etc.)
• Value of output
• Engineering units employed
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 28/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 It shall be possible to modify the following parameters through key from the
keyboard:

• Tuning constants
• Zero and range
• Limits
• Alarm set points
• Control mode
• Output
• For the digital points, it shall be possible to execute start/stop or closing/opening
commands
The control of further parameters shall be restricted, by means of key on
password, to the only authorised people.

At the level of loop display, it shall be possible to configure trend curves with
maximum sampling interval of 1 second and basic time of 60 sec, at least, to be
used for tuning the control loops.

[Link] Graphic displays

It will be possible to obtain dynamic displays of graphics relating to the various
units of the installation on the screens of the operator consoles.

The graphics shall be configurable (only through the engineer console) by applying
standard symbols or symbols defined by the user.

The graphics shall be of the interactive type and a complete control of the process
shall be possible through these displays.

The commands of valve opening/closing and motor start/stop shall also be

possible and the state change shall be shown by colour modification.

Information regarding process measurements and alarms shall be visible and it

shall be possible to read and modify indications, set points and operating mode
etc..

Symbols and colours shall meet the EN60073 requirements.

[Link] Recording display

The system shall be capable of providing the following displays with recording:

• Trend recording
• Historical recording.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 29/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 The historical data shall be stored on non-volatile memory equipment (for instance:
hard disk).

The recording, either trend or historical, shall be possible for each variable or
parameter such as input, output, set point, etc.

It will be possible to sample and store instantaneous data or data of variables

generated at the predefined intervals; for example: 2, 15, 60, 600 s.

As minimum, real time trends shall be stored in the system for 2 hours with a
sampling time of 2 s.

At least 1000 of the most recent events shall be saved on the hard disk and then
archived for long-term storage.

Furthermore, both "scrolling" and basic time expansion shall be possible.

The selection of the loops to be recorded and of the sampling times shall be
possible from the operator keyboard.

The system shall be able to reproduce "multi-trend" displays( several different

curves on the same axes) and allow a direct comparison of different variables or
parameters.

The recording display shall be either of "bargraph" type or of single line type.

[Link] Monitor and alarm display

When an alarm occur, it shall be instantaneously visible via a display, which shall
overlay whatever display is present on the screen.

It will appear also on the dedicated display (alarm summary display).

The alarm is also shown at overview display level by means of a change in colour
of the involved group.

It shall be possible to have access to the variable under alarm (at loop level) with
two commands maximum from operator keyboard.

The alarm sequence (apparition, silence, acknowledgement, disappearance) shall

be in accordance with ISA 18.1 A

If provided by the configuration, a video alarm and an audio signal shall be

generated simultaneously. Such signal shall be silenced only in the event of the
alarm being recognised by the operator.

It shall be possible to set the value of the alarm limits for the process variables
from the engineer keyboard

Types of configured alarms shall be:

01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 30/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 • Absolute value of the input variable,
• Speed of variation of the input variable
• Deviation from the set point.
An alarm summary display is available. The alarms shall be listed in chronological
order.

The alarm situation shall be cancelled from the display only if the cause has
ceased and the alarm has been recognised by the operator.

• The alarm shall display lists, at least, the following information for each alarm:
• Time and date of the alarm
• Tag name
• Description of service
• Type of alarm (absolute or deviation)
The system shall be capable of listing on the alarm summary display a minimum of
100 alarms.

The system will ensure the historical management of the alarms. In particular the
history of the alarm conditions is kept in the database of the alarm display and
printed on the basis of the times defined at configuration level.

The alarm display and the print shall include, at least, the following information:

Date of the event with the time in seconds

• Tag Name
• Description of the service
• Type of alarm (absolute or deviation)
• Time when the alarm has been acknowledged
• Time when the cause has disappeared
• The system shall be capable of handling historically 300 alarms at least.
• It shall be possible to assign 7 alarm priority levels.
The system shall be capable of carrying out self-diagnostic functions (refer to
paragraph 5.3.4).

For each abnormal condition in each subsystem or other equipment a "system

alarm" shall be generated with a message to the operator.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 31/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 [Link] Sequence display
The system shall be capable of displaying, through the sequence display, the
progress state of sequential operations. In particular, the display shall show
information regarding:

• Sequence identification number

• Sequence descriptive identification
• Operating phase in which the sequence finds itself
• Any messages to the operator.
Any alarm or operating malfunction situations of the sequence shall be signalled to
the operator by altering the colour of the information on display.

5.3.3 Logging functions

It shall be possible to obtain the logging of variables measured and/or calculated,
actions by the operator, alarms, trends, etc. from the operator console.

The logging functions may be carried out on predefined time basis or on operator
request (refer to paragraph 5.2.2).

It shall be possible to have at least 20 logs.

All parameters required for logging are stored in the memory with the database
updating time.

High-level software languages are available and sufficient free spaces shall be
provided in the memories.

5.3.4 Self diagnostics

The system shall have an extended set of self-diagnostic routines allowing the
identification of malfunctions at module level at least, through detailed display and
prints.

The self-diagnostic messages relating to the malfunction of each system

component shall appear on the screens of the operator console, independently
from the display selected at that moment.

At local level the malfunction of a system component is identifiable by LED or by a

lamp on the cabinet.

Display of the system structure with identification of the system component under
failure and the type of malfunction shall be available in order to help the
maintenance.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 32/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 5.3.5 Response Time
At Level 2, the response time is defined as the time elapsing between the change
of value or state of an input of an I/O card at Level. 1 and the moment when the
same information is available to the operator at Level 2 at the screen or printer.
The response time is calculated in the worst possible conditions, which are:

• Unfavourable position of the input and card with respect to scanning

• Maximum complication of the control loop
• Maximum traffic on the bus between levels;
• Times of the display, the video buffers, etc.
Considering what above, the response times shall be 2seconds maximum.

The display changing time further to operator request shall be less than 2 seconds.

6 COMMUNICATION SYSTEM

6.1 INTERNAL DCS COMMUNICATION BUS

6.1.1 General specifications

The communication system shall be based on an open architecture using TCP/IP
protocol or equivalent in a client/server environment.

The communication medium shall be of standard manufacturers (Ethernet or

equivalent).

Proprietary communication systems are also acceptable; but they shall be

submitted to review and approval.

The communication system shall be of the dual/redundant type, consisting of two

buses and two systems of interface for each connected equipment.

The speed of communication on the bus shall be enough to ensure the data base
update. The performances of the system shall not be degraded by load
fluctuations from 10% to 100%.

In case of failure of the main bus or any other equipment, the transfer on the back-
up bus or unit shall occur automatically, without interruption of the operations and
without requiring interventions of the operator.

The system shall count the data rejected by the processors dedicated to the
transmission bus. An alarm shall be generated when the counter exceeds a pre-
defined value.

Peer to peer links between the various controllers of the acquisition and control
system shall be possible. They shall use the communication bus.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 33/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 6.1.2 Communication Times
The response time of the communication bus is defined as the time needed for a
datum in the memory of an apparatus of one level to be transferred in the memory
of another apparatus of the same or a different level; what above in the worst
possible circumstances.

The transmission time thus defined shall be such as to satisfy the requisites
indicated in the paragraph 5.3.5.

6.1.3 Hardware specification

The DCS data highways cables shall be Fibre Optic Cable (FOC) running in ducts
when connections between buildings are necessary.

When data highways runs in the same building, standard type of cable could be
used.

Data highways shall be dual redundant and routed by secure, separate and
diverse routes.

The manufacturer shall specify the characteristics of the optic fibres or the cables
constituting the communication bus.

When specific modules are required (example: optic converters), they shall be part
of the DCS vendor scope of supply.

6.2 COMMUNICATION WITH THIRD PARTY SYSTEMS

6.2.1 Communication with CCS main subsystems

For Major CCS subsystems such as safety systems (ESD and Fire and Gas
systems, etc.), the preferred DCS interface shall be via the DCS's own internal
communication system where the CCS subsystems appear as nodes on the
system and have established and integrated software.

The next option is to use established and proven data links between the
subsystem and the DCS. The priority is a secure link, using standard software and
maximum functionality. The interface shall be invisible to the operator.

6.2.2 Communication with other control system

The standard serial link (RS 232, 485, etc..) redundant or not according to
application with proven protocol (such as MODBUS) will be used for the following
external control systems:

• Tank gauging systems,

• Power Management System (PMS),
• SCADA MTU,
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 34/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 • BOG compressors,
• Meterings,
• SCV,
• Unloading arms,
• Berthing system (HOLD),
• Truck loading, …
High level of communication can be also considered after review and approval.

6.2.3 Communication with management and associated systems

For Management and associated systems such as Management Information
System, Asset Management System, Operator Training System, Advanced Control
System, etc. DCS shall be able to carry on a dialog through appropriate interface
module and communications standard network (Ethernet or equivalent).

7 ASSOCIATED SYSTEMS REQUIREMENT

The minimum requirements for the design and implementation of the Management
Information System (MIS) and the Operator Training System (OTS) shall be as
follow.

7.1.1 Facilities Management System

The Facilities Management System (FMS) will extract data from relevant PCS
systems and automatically present to management reports on performance,
material balances over the office network.

7.1.2 Operator Training System

An Operator Training System (OTS) will be required for the training of Operators
for the LNG Terminal project.

The OTS will be a tool to aid in the training of operators for the LNG Terminal.

The operation staff shall be trained prior to and following the start-up of the
Facility, in particular in:

• Procedures for plant cold start-up, shutdown and emergency situations

• Handling of plant trips, cutbacks and other upsets
• Fault diagnosis and correctives actions in case of equipment malfunctions
• Normal operation.
The OTS shall simulate the dynamic operation of the Terminal facilities on an area
by area basis.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 35/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 8 DOCUMENTATION
The documentation is an integral part of the provision. It includes:

• Hardware documentation
• Software documentation
• Instruction manuals
NOTE: all drawings shall be produced using CAD tools, AUTOCAD or
INTERGRAPH MICROSTATION compatible.

8.1 HARDWARE DOCUMENTATION

8.1.1 Listing of power consumption

A detailed list with all of the System power users and corresponding thermal loads.

The list shall include at least the following:

• Type of electric load

• Load characteristic
• Type of internal distribution
• Type and manufacturer of protective devices
• Protection device data
• Grounding requirements

8.1.2 Feeding System

A drawing detailing the whole electrical network from the distribution board up to
the users (included those supplied by others, if integral part of the system).

8.1.3 Cables List

A detailed list of system cables included in the supply, with the following
information:

• Cable item
• Cable type (identification code) and length
• Starting and terminal points.

8.1.4 Dimensional Drawings

Dimensional drawings of every DCS devices shall be included.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 36/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 8.1.5 Cabinet Layouts
Drawings showing the positions of all the devices inside the cabinets and consoles
(plan and front views) shall be included.

8.1.6 Rack Layout - Tag Assignment

Documentation showing:

• System modules layout inside the cabinets

• Tag assignment in the I/O cards
shall be provided.

8.1.7 Marshalling cabinets drawings

Marshalling wiring drawings shall be produced.

Particularly, drawings showing cross wring details between the field terminal
assemblies and the field cables marshalling shall be provided.

8.1.8 Ground System

Drawings showing how and where the System has to be connected to the Ground
System. In particular, ground conductors sections and connection points will be
indicated.

8.2 SOFTWARE DOCUMENTATION

These following documents shall be in accordance with Std. ISA S5 instructions.

8.2.1 Data Base

All necessary information regarding Input, Output and other variables will be
prepared and provided to vendor for configuration.

Vendor is requested to draw attention on data, which would not be specified. In

this case, either the detailed missing information will be provided or general rules
to be applied will be defined in relationship with the vendor.

8.2.2 Functional Specification

All necessary information for control functions definition will be provided to the
vendor for configuration and programming. These documents could be of various
forms (lists, ISA loop drawings, logic diagrams, causes and effects diagrams,
narratives, etc.).
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 37/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 Vendor is requested to draw attention on data, which would not be specified. In
this case, either the detailed missing information will be provided or general rules
to be applied will be defined in relationship with the vendor.

8.2.3 Human-machine interface

All necessary information for human-machine interface definition and particularly
graphic displays will be provided to vendor for configuration and programming. The
documents issued will be mainly:

• General specification describing general rules for Human-machine interface

• Simplified sketches for background pictures (when authorised by project
management, partial and commented copies of P&ID's shall be furnished only)

8.3 INSTRUCTION MANUALS

The provision includes the following manuals:

8.3.1 Operator Manuals

The scope of these manuals is to give to the operators a guide to use the System.

The Operator Manual must have a "Quick Reference" Section, suitable for a
prompt consultation.

These manuals shall be in English language.

8.3.2 Installation and Maintenance Manuals

They have to cover both system hardware and software. They have to give the
necessary instructions for trouble-shooting, software loading and management.

9 DCS ACCEPTANCE TESTS

System shall be tested in three separate steps:

• Manufacturer internal test (IFAT)

• Owner witnessed hardware and software test at DCS manufacturer premises or
Factory Acceptance tests (FAT)
• Site acceptance test.(SAT)

9.1 MANUFACTURER INTERNAL TEST (IFAT)

This test shall be carried out on the basis of manufacturer internal procedures. The
manufacturer shall issue a test certificate, at the end of this step. The vendor will
attest, by this certificate, that the system is ready for starting the factory
acceptance test.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 38/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 9.2 FACTORY ACCEPTANCE TESTS (FAT)
This test shall start at the end of the IFAT. This FAT will be witnessed by Customer
and Engineering representatives.

9.2.1 Documentation
The following documents, at least, shall be ready and used as reference
documents:

• Hardware test procedure (previously agreed)

• System architecture
• Hardware System drawings
• Cabinet layouts
• I/0 assignments
• Data base
• Functional specification
• Human-machine interface documentation

9.2.2 System preparation prior to tests

Prior the starting of the test activities, the system shall be installed in an area of
adequate dimensions. It shall have all elements connected together and, if
necessary, to test benches foreseen for that purpose. It has to be powered on.

9.2.3 Hardware tests

The test shall include the connection to the system bus of all the system
equipment's, including fibre optic converter and fibre optic cables. in order to have
complete hardware system configuration.

During the test following checking shall be done:

• General quantity and quality check for conformity with the specifications
• Check of correct installation of equipment’s and components
• Check of correct installation of processor racks
• Check of correct installation of I/0 racks
• Check of correct installation of I/0 modules, field termination panels and barriers
• Check of correct equipment and components tagging and identification
• Check of correct installation and of conformity of auxiliary components (push
buttons, lamps, selectors, etc.) to the specifications.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 39/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 Once the visual checking activities have been completed with satisfactory results
the hardware test shall start.

• Hardware test shall mainly consist of:

• Power supply system test
• Power supply system redundancy test
• General system test by means of system diagnostic routines.
Main equipment failure simulation (video stations, processors, power supply units,
I/0 card, communication bus and relevant equipment) and check of response of the
system diagnostics.

Input signals simulation (from marshalling cabinet terminal strips) check of

response from video stations and vice versa for output signal.

I/0 simulation shall be done on a significant sample of the signals (minimum 30%)
in case of bad performance, the check shall be done on 100% of the signals.

9.2.4 Software and configuration tests

Once the hardware tests have been completed with satisfactory results the
software tests shall start.

Scope of these tests is to demonstrate the correct functionality of the application

software including:

• Correct implementation of the control strategy

• Correct implementation of the data base
• Correct configuration of the human machine interface (including all the custom
graphics).
The software tests shall be carried out on all the configured points.

the software tests shall include but shall not be limited to:

• Check of correct implementation of the data base (engineering units, full scale,
service description, alarm set, controller action, etc.).
• Check of correct implementation of the continuous control algorithms, of the
sequential controls and of the combinatory logic controls. Test shall be done by
simulating the input signal and verifying the output at the marshalling cabinets.
Measured variables and output values, alarm and status indications shall be
checked and verified on the custom graphic pages and on standard group
displays.
• Check of correct configuration of the alarm displays.
• Check of correct configuration of the group displays.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 40/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 • Check of correct configuration and sub-routine application of the custom graphic
displays.

9.2.5 Integrated Test

The test is relevant to all those equipment that are not part of the DCS but are
interfaced to the system in order to allow the centralised operability from the DCS
operator station.

Scope of this test is to demonstrate the correct functionality of the communication.

Adequate modules of third party systems shall be delivered to the FAT area and
complete connection of intercommunication modules shall be realised.

The following shall be tested:

• Correct functioning of the link

• Correct functioning of the protocol.
• Correct configuration and programming of data base table on each side
The test shall be performed in accordance with an agreed test procedure and shall
be carried out in parallel with the DCS software test (parallel test is mandatory as
the DCS need to be physically connected to the external equipment to
demonstrate the full hardware and software functionality).

9.3 SITE ACCEPTANCE TEST(SAT)

9.3.1 System power up

After the installation of the system on the field, the system will be powered on
under control of vendor representative. Good functioning of equipment shall be,
again, tested by repeating tests done during FAT.

During the Site acceptance test, particular care shall be taken to check the power
supply system and the grounding network

9.3.2 Loop tests

A dynamic complete test of all the loops shall be performed. This test will allow the
checking, from the local sensors up to the operator console, of the good
functioning of:

• Sensor
• Wiring up to Input card
• Corresponding data base
• Control function (including alarms, associated calculations, etc.)
• Display on adequate views (group, graphic, alarm, etc.)
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 41/42
Amend. Date N° FJLNG-SPC-TS-IN-002
 And vice versa for output information.
01.02

Rév. Date N° [Link].000.2900.1000

1 18/12/03 Page : 42/42
Amend. Date N° FJLNG-SPC-TS-IN-002