General Reference
SIS Management Data Model
The following diagram shows how the families used in SIS Management are related to one another.
All SIL Analyses begin with an SIL Analysis record. Each SIL Analysis can be linked to:
- One Equipment or Functional Location record.
- One or more Human Resource records.
- One or more Reference Document records.
- One or more Instrumented Function records.
- One or more Logic Solver records.
Each Logic Solver is linked to:
- One or more Instrumented Function records.
- One or more SIS Proof Test records.
- One or more SIS Proof Test Template records.
Each Instrumented Function is linked to:
- One Equipment or Functional Location record.
- One or more Protective Instrument Loop records.
- One or more Inspection Task records.
- One Risk Assessment record.
- One LOPA Assessment record.
- One Process Hazards Analysis (PHA) Assessment record.
- One or more External Assessment records.
- One or more SIS Proof Test records.
- One or more SIS Proof Test Template records.
To simplify the data model images, the following families are not included:
-
Risk Assessment Recommendation: Within the SIS Management data model, the Risk Assessment Recommendation family participates as the successor in the Has Recommendations relationship definition with the following families:
- Instrumented Function
- Protective Instrument Loop
- SIS Proof Test
- SIS Proof Test Template
- Hazards Analysis: The Hazards Analysis family participates as the successor in the Has HAZOP Reference relationship definition with the SIL Analysis and Instrumented Function families.
SIL Analysis Data Model
The following diagram shows how the families used in an SIL Analysis are related to one another.
You can see that records in the following families are linked directly to an SIL Analysis:
- Human Resource : Stores information about the people who will participate in the analysis as SIL analysis team members.
- Reference Document : Stores the URL path to a document that is external to GE Digital APM and contains reference information related to the SIL analysis.
- Instrumented Function : Stores information about the instrumented functions of the safety instrumented system that you are analyzing.
- Logic Solver : Stores information about the safety instrumented systems that you are analyzing.
Additionally, Logic Solver) records and Instrumented Function) records are linked to one another through the Has IF relationship. In addition to the relationships described above, an SIL analysis includes records in the families that are linked to the Logic Solvers and Instrumented Functions.
Instrumented Function Data Model
The following diagram shows how the families used to create an Instrumented Function are related to one another.
Instrumented Function records are linked directly to records in the following families:
- Inspection Task: Stores details on when a proof test should be performed on the Equipment that is linked to the Inspection Task, including the due date for the task.
- SIS Proof Test: Stores details about a test that is performed on a logic solver or an instrumented function and serves as a record of the event.
- SIS Proof Test Template: Stores details about the steps that should be taken when testing an instrumented function. When you create an SIS Proof Test, you must select an SIS Proof Test Template, and the details from the SIS Proof Test Template will be populated in the SIS Proof Test.
- SIS Proof Test Task: Stores details of proof test tasks that are scheduled for logic solvers or instrumented functions. SIS Proof Test Tasks can be linked to SIS Proof Tests.
- Risk Assessment: Stores the unmitigated risk associated with the item represented by the record to which the Risk Assessment record is linked.
- Protective Instrument Loop: Stores the details of the protective instrument loop and its components, including the calculated results of the proof test associated with the Logic Solver that is linked to the Protective Instrument Loop.
- LOPA Assessment: Stores the details of the Layer of Protection Analysis (LOPA) that conducted, including a description of the initiating event that is indicative of a process failure. The LOPA stores details of the risk assessment that is determined after conducting the Layer of Protection Analysis. The LOPA Assessment is linked to a LOPA record and the LOPA records are linked to Risk Assessment record.
- PHA Internal Assessment: Stores the details of the Process Hazards Analysis (PHA) assessment that you want to conduct, including the target Safety Integrity Level (SIL), Required Probability of Failure, Risk Reduction Factor, and the SIL Mode. These values are calculated based on the overall risk rank of the selected Hazards Analysis Consequence.
- Risk Matrix Internal Assessment: Stores the details of the risk matrix assessment that you want to conduct, including the target Safety Integrity Level (SIL), Required Probability of Failure, Risk Reduction Factor, and the SIL Mode. These values are calculated based on the risk rank that you specify using the risk matrix.
- External Assessment: Stores the details of the external assessment that you want to conduct, including the target SIL, Required Probability of Failure, Risk Reduction Factor, and the SIL Mode.
- SIF Common Cause Failure: Stores the details of a failure that affects the operation of multiple instrumented functions.
- Instrumented Function: Indicates that if both the instrumented functions represented by the two records are in their safe states at the same time, a hazardous event may occur.
Logic Solver Data Model
The following diagram shows how the families used to create a Logic Solver are related to one another.
In the diagram, the relationships between the Instrumented Function family and the SIS Proof Test, SIS Proof Test Task, and SIS Proof Test Template families are not included.
As shown in the image, Logic Solvers are linked to Instrumented Functions, which store information about the specific functions associated with the Logic Solver. Logic Solvers are also linked to records in the following families:
- SIS Proof Test : Stores details of proof tests that are performed on logic solvers or instrumented functions. SIS Proof Tests can be linked to Functional Test Details, which store the detailed steps that need to be performed during proof tests.
- SIS Proof Test Task : Stores details of proof test tasks that are scheduled for logic solvers or instrumented functions. SIS Proof Test Tasks can be linked to SIS Proof Tests.
- SIS Proof Test Template : Stores details of the steps that should be taken when testing a logic solver or an instrumented function. When you create an SIS Proof Test, you can select an SIS Proof Test Template and the details from the SIS Proof Test Template will be populated in the SIS Proof Test.
SIS Proof Test Template ) records can be linked to SIS Proof Test Template Detail) records, which store details on the steps that need to be performed during the proof test.
The SIS Proof Test, SIS Proof Test Template, and Reference Document families participate as successors in other relationships within the SIS Management data model. This means that these families appear in another portion of the data model.
Protective Instrument Loop Data Model
The following diagram shows how the families used in a Protective Instrument Loop are related to one another.
The following protective instrument loop elements are defined in the GE Digital APM system:
- Logic Solver
- Sensor System
- Sensor Group
- Sensor
- Final Element System
- Final Element Group
- Final Element
By default, every protective instrument loop consists of at least one of each element. When you create a Protective Instrument Loop, the GE Digital APM system creates one record for each of these elements, and links to the Protective Instrument Loop as shown in the data model.
SRS Project Data Model
The following diagram shows how the families used in an SRS Project are related to one another.
SRS Project records are linked directly to records in the following families:
- Environment
- General Data
- Electrical
- Hardware
- IF SRS
- Interfaces
- Operations
- Performance Data
- SIL SRS
- Software
- Testing/Faults
- SIL Analysis
- Instrumented Function
- Logic Solver
- Protective Instrument Loop
SIS Management Security Groups
The following table lists the baseline Security Groups available for users within this module, as well as the baseline Roles to which those Security Groups are assigned.
| Security Group | Roles |
|---|---|
| MI SIS Administrator |
MI Safety Admin |
| MI SIS Engineer |
MI Safety Admin MI Safety Power MI Safety User |
| MI SIS User |
MI Safety Admin MI Safety Power MI Safety User |
| MI SIS Viewer |
MI APM Viewer MI Safety Admin MI Safety Power MI Safety User MI SIS Engineer |
The baseline family-level privileges that exist for these Security Groups are summarized in the following table.
| Family | MI SIS Administrator | MI SIS Engineer | MI SIS User | MI SIS Viewer |
|---|---|---|---|---|
| Entity Families | ||||
| Asset Criticality Analysis | View | None | None | View |
| Asset Criticality Analysis System | View | None | None | View |
| Consequence | View, Update, Insert, Delete | View | View | View |
| Equipment | View | View | View | View |
| External Assessment | View, Update, Insert, Delete | View, Update, Insert, Delete | None | View |
| Functional Location | View | View | View | View |
| Functional Systems | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Functional Test Detail | View, Update, Insert, Delete | View, Update, Insert, Delete | View, Update, Insert, Delete | View |
| Human Resource | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Instrumented Function | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| LOPA Assessment | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Proven In Use Justification | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Safety Integrity Level | View, Update, Insert, Delete | View | View | View |
| Relationship Families | ||||
| Analysis Has Human Resource | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Asset Criticality Analysis Has System | View | None | View | View |
| Equipment Has Equipment | View | View | View | View |
| Functional Location Has Equipment | View | View | View | View |
| Functional Location Has Functional Location | View | View | View | View |
| Has Equipment | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Functional Location | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Functional Location Detail | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Functional Test | View, Update, Insert, Delete | View, Update, Insert, Delete | View, Update, Insert, Delete | View |
| Has_Functional_Test_Detail | View, Update, Insert, Delete | View, Update, Insert, Delete | View, Update, Insert, Delete | View |
| Has Hazard Event | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has HAZOP Reference | View, Update, Insert, Delete | View, Update, Insert, Delete | View, Update, Insert, Delete | View |
| Has IF | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Instrumented Function Revision | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Instrument Loop | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Instrument Loop Revision | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has LOPA | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has LOPA Revision | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has PIL Device | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has PIL Device Revision | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has PIL Group | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has PIL Group Revision | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has PIL Subsystem | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has PIL Subsystem Revision | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Proven In Use Justification | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has RBI Components | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Recommendations | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Reference Documents | View, Update, Insert, Delete | View, Update, Insert, Delete | View, Insert | View |
| Has Reference Values | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Risk | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Risk Category | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Risk Matrix | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has SIF Common Cause Failures | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has SIL Assessment | View, Update, Insert, Delete | View, Update, Insert, Delete | None | View |
| Has SIS Analysis Revision | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has SIS Revision | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has SIS Trip Report Detail | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Site Reference | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Task History | View, Update, Insert, Delete | View, Update, Insert, Delete | View, Insert | View |
| Has Tasks | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Task Revision | View | View | View | View |
| Has Template Detail | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Templates | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Has Time Based Inspection Interval | View | View | View | View |
| Migrates Risk | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
| Was Promoted to ASM | View, Update, Insert, Delete | View, Update, Insert, Delete | View | View |
Security Permissions for SRS Families
The security permissions for the SRS Project and SRS Template families are summarized in the following table.
| Security Group | Type | Permissions |
|---|---|---|
| MI SIS Administrator | Group | View, Update, Insert, Delete |
| MI SIS Engineer | Group | View, Update, Insert, Delete |
| MI SIS User | Group | View |
SIS Management URLs
There is one URL route associated with SIS Management: asset-safety/sis. The following table describes the various paths that build on the route, and the elements that you can specify for each.
| Element | Description | Accepted Value(s) | Notes |
|---|---|---|---|
| asset-safety/sis/overview: Displays the SIS Management Overview page. | |||
| asset-safety/sis/sil/<EntityKey>: Displays the Analysis Summary workspace of the SIL Analysis with the specified Entity Key. | |||
| <EntityKey> | Specifies the Entity Key of the analysis that you want to access. | Any numeric Entity Key that corresponds to an existing analysis. |
Opens the specified SIL Analysis in a new tab. This value is required to access an existing analysis from a URL. |
| asset-safety/sis/sil/prooftesttask/<EntityKey1>/<EntityKey2>: Displays the Proof Test Task datasheet with the specified Entity Key and linked to the the specified Instrumented Function or the Logic Solver. | |||
| <EntityKey1> | Specifies the Entity Key of the Instrumented Function or the Logic Solver that is linked to the Proof Test Task that you want to access. | Any numeric Entity Key that corresponds to an existing Instrumented Function or Logic Solver. | None |
| <EntityKey2> | Specifies the Entity Key of the Proof Test Task that you want to access. | 0 | Opens the blank datasheet of a Proof Test Task, allowing you to create a new one. |
| Any numeric Entity Key that corresponds to an existing Proof Test Task. |
Opens the specified Proof Test Task in a new tab. This value is required to access an existing Proof Test Task from a URL. | ||
| asset-safety/sis/sil/verification/<EntityKey>: Displays the Protective Instrument Loop Template with the specified Entity Key. | |||
| <EntityKey> | Specifies the Entity Key of the Protective Instrument Loop Template that you want to access. | Any numeric Entity Key that corresponds to an existing Protective Instrument Loop Template. |
Opens the specified Protective Instrument Loop Template in a new tab. This value is required to access an existing Protective Instrument Loop Template from a URL. |
| asset-safety/sis/FDM/<CustomDeviceType>/<EntityKey>: Displays the datasheet of a Custom Device of the specified type and Entity Key. | |||
| <CustomDeviceType> | Specifies the type of the Custom Device whose Failure Data you want to access. | All | None |
| sensor | |||
| logic-solver | |||
| final-element | |||
| <EntityKey> | Specifies the Entity Key of the Custom Device whose Failure Data you want to access. | Any numeric Entity Key that corresponds to an existing Custom Device. |
Opens the specified Custom Device in a new tab. This value is required to access an existing Custom Device from a URL. |
| Example URL | Destination |
|---|---|
| asset-safety/sis/overview | The SIS Management Overview page |
| asset-safety/sis/sil/2355677 | The Analysis Summary workspace of the SIL Analysis with the Entity Key 2355677 |
| asset-safety/sis/sil/prooftesttask/73443556/34545566 | The Proof Test Task datasheet with the Entity Key 34545566, linked to an Instrumented Function or a Logic Solver with the Entity Key 73443556 |
| asset-safety/sis/sil/verification/35945456 | The Protective Instrument Loop Template datasheet with the Entity Key 35945456 |
| asset-safety/sis/FDM/sensor/75334565 | The Sensor Custom Device datasheet with the Entity Key 75334565 |
SIS Management System Code Tables
The following table lists the System Code Tables that are used by SIS Management.
|
Table ID |
Table Description |
Function |
|---|---|---|
| MI_IPL_TYPE | LOPA IPL TYPE | Populates the Type field in an Independent Layer of Protection. |
| MI_SIL_ASSESSMENT_METHOD | SIL Assessment Method | Populates the SIL Assessment Method field in an Instrumented Function. |
| MI_SIL_FINALELEMVOTE | SIL FinalElement Vote | Populates the Voting field in a Protective Instrument Loop Final Element Group. |
| MI_SIL_SENSORVOTE | SIL Sensor Vote | Populates the Voting field in a Protective Instrument Loop Sensor Group. |
| UOME | Unit of Measure | Populates the Trip Point Units field in a SIS Proof Test Template Detail. |
About SIL Analysis State Configuration
This topic describes attributes of the State Configuration that is defined for the SIL Analysis family in the baseline GE Digital APM database.
The following baseline states are defined in the GE Digital APM application:
- Planning
- Active
- Review
- Pending Approval
- Complete
The following baseline operations are defined in theGE Digital APM application:
- Begin
- Propose
- Submit
- Accept
- Reject
- Modify/Reassess
These baseline states and operations are reserved, which means you cannot modify or remove them. You can, however, add your own states and operations to the state configuration.
The following flow diagram illustrates the State Configuration for the SIL Analysis family. In this image, a box represents a state, and an arrow represents an operation. The state to which an arrow points represents a successor state.
By default, the MI SIS Administrator and MI SIS Engineer State Configuration roles are assigned to all states in the SIL analysis state configuration. You can assign State Configuration roles to any state. In addition, for each state, the Require a specific user to be assigned to a state check box is selected.
About Protective Instrument Loop State Configuration
This topic describes attributes of the State Configuration that is defined for the Protective Instrument Loop family in the baseline GE Digital APM database.
The following baseline states are defined in the GE Digital APM application:
- Design
- Pending Approval
- Approval
- In Service
- Out of Service
The following baseline operations are defined in the GE Digital APM application:
- Submit
- Accepted
- Rejected
- Commissioned
- Modify
- Reinstate
These baseline states and operations are reserved, which means you cannot modify or remove them. You can, however, add your own states and operations to the state configuration.
The following flow diagram illustrates the State Configuration for the SIL Analysis family. In this image, a box represents a state, and an arrow represents an operation. The state to which an arrow points represents a successor state.
By default, the MI SIS Administrator and MI SIS Engineer State Configuration roles are assigned to all states in the SIL analysis state configuration. You can assign State Configuration roles to any state.
About the SIS Trip Report State Configuration
This topic describes attributes of the State Configuration that is defined for the SIS Trip Report family in the baseline GE Digital APM database.
The following State Configuration is defined for the SIS Trip Report family. In this image, a box represents a state, and an arrow represents an operation. The state to which an arrow points represents a successor state.
None of these states and operations are reserved, which means you can remove or modify any of them. You can also add your own states and operations to the state configuration.
State Configuration Roles
By default, the MI SIS Administrator and MI SIS Engineer State Configuration roles are assigned to all states in the SIS Trip Report state configuration. You can assign State Configuration roles to any state. In addition, for each state, the Require a specific user to be assigned to a state check box is selected.
About State Management of an SRS Project
The following states are configured for an SRS Project:
- In Progress: Indicates that the SRS Project is in progress or yet to be sent for approval. You can modify an SRS Project only if it is in the In Progress state. After you have entered all the required information in the SRS Project, you can send it for approval by changing the state to Pending Approval.
- Pending Approval: Indicates that the SRS Project has been sent for approval. If you approve the SRS Project, the state of the SRS Project changes to Approved. If you reject the SRS Project, the state of the SRS Project changes to In Progress.
- Approved: Indicates that the SRS Project has been approved. After the state of an SRS Project is set to Approved:
- The associated SRS Project is cycled. That is, the Last Date field is set to the date on which the state of the SRS Project is set to Approved. The Next Date field is set to the date on which the SRS Project must be performed again (in case of a recurring task).
Illustration of the State Management of SRS Projects
By default, the following states exists for an SRS Project:
About State Management of SRS Templates
The following states are configured for SRS templates:
- In Progress: Indicates that the SRS Template is in progress or yet to be sent for approval. You can modify an SRS Template only if it is in the In Progress state. After you have entered all the required information in the SRS Template, you can send it for approval by changing the state to Pending Approval.
- Pending Approval: Indicates that the SRS Template has been sent for approval. If you approve the SRS Template, the state of the SRS Template changes to Approved. If you reject the SRS Template, the state of the SRS Template changes to In Progress.
- Approved: Indicates that the SRS Template has been approved. After the state of an SRS Template is set to Approved:
- The associated SRS Template is cycled. That is, the Last Date field is set to the date on which the state of the SRS Template is set to Approved. The Next Date field is set to the date on which the SRS Template must be performed again (in case of a recurring task).
Illustration of the State Management of SRS Templates
By default, the following states exists for SRS Templates:
SIS Management Site Filtering
In SIS Management, an SIL Analysis is assigned a site on the Definition workspace and spread to all the related records, such as Instrumented Function records and Logic Solver records.
In SIS Management, users will see only SIL Analysis that are assigned to their site(s) or that are global records.
Consider an organization that has three sites, Site X, Site Y, and Site Z. The following SIL Analysis records exist:
- SIL Analysis A: Assigned to Site X
- SIL Analysis B: Assigned to Site Y
- SIL Analysis C: Assigned to Site Z
- SIL Analysis D: No site assigned (global records)
Scenario 1: User assigned to only Site X
This user will see SIL Analysis A and SIL Analysis D.
Scenario 2: User assigned to both Site X and Site Y
This user will see SIL Analysis A, B and D.
Scenario 3: Super User
This user will see SIL Analysis A, B, C and D.
About Reports in SIS Management
The SIS Management module provides the following types of baseline reports.
SIL Analysis Report
The SIL Analysis report contains the information from the following fields stored in the SIL Analysis records:
| Report Column | Field Name in SIL Analysis Record |
|---|---|
| Analysis Description | Analysis Description |
| Analysis ID | Analysis ID |
| Analysis Long Description | Long Description |
| Analysis Owner Name | Owner |
| End Date | Analysis End Date |
| Last Modified By | Last Modified By |
| Last Modified Date | Last Modified Date |
| Process Hazards Analysis Reference | Hazards Analysis Reference |
| Process Hazards Analysis Rev Date | Hazards Analysis Date |
| Process Hazards Analysis Rev No | Hazards Analysis Revision |
| Site Description | Site Description |
| Site ID | Site ID |
| Start Date | Analysis Start Date |
| Unit Description | Unit Description |
| Unit ID | Unit ID |
SRS Project Report
The SRS report contains all the details from an SIL Analysis that are required to meet compliance for IEC standard 61511. You can use this report to:
- Provide proof of compliance with IEC 61511.
- Identify gaps in compliance with IEC 61511.
The SRS report displays values that are stored in the SIL Analysis records, and related records that comprise an SIL Analysis. Information in the SRS report is organized in the following sections:
- Introduction
- General Requirements for the Safety Instrumented System
- General Requirements for the Safety Instrumented Functions
- Summary of Safety Instrumented Functions
- SIF Safety Requirement Specification
- Process & Operational Requirements
- Loop Components
- Sensor Part
- Logic Solver Part
-
Final Element Part
Instrumented Function Report
The Instrumented Function report contains information from the following fields stored in the Instrumented Function records:
| Report Column | Field Name in Instrumented Function Record |
|---|---|
| Availability Target | Availability Target |
| Consequence Description | Consequence Description |
| Failure Rate UOM | Failure Rate UOM |
| Frequency of Initiating Event (per yr) | Frequency of Initiating Event (per yr) |
| Function Type | Function Type |
| Hazardous Event | Hazardous Event |
| Hazards Analysis Ref | Hazards Analysis Reference |
| Hazards Analysis Rev Date | Hazards Analysis Date |
| IF Description | PIF Description |
| IF ID | PIF ID |
| Initiating Event | Initiating Event |
| Initiating Event Description | Initiating Event Description |
| Last Modified By | Last Modified By |
| Last Modified Date | Last Modified Date |
| Maximum Probability of Failure | Required Probability of Failure |
| Process Speed | Process Speed |
| Response Time | Response Time |
| Risk Reduction Factor | Risk Reduction Factor |
| Safe State Description | Safe State Description |
| Selected SIL Level | Selected SIL Level |
| SIL Assessment Method | SIL Assessment Method |
| SIL Mode | SIL Mode |
| SIS System ID | SIS System ID |
| Site ID | Site ID |
| Spurious Trip Limit | Spurious Trip Limit (per yr) |
| Unit ID | Unit ID |
Protective Instrument Loop Report
The Protective Instrument Loop report contains a summary of results for the selected Protective Instrument Loop (PIL). This report also includes a summary of calculated results for the Logic Solver, Sensor System, and Final Element System associated with the Protective Instrument Loop.
The PIL report displays the following information from the Protective Instrument Loop records:
| Report Column | Field Name in Protective Instrument Loop Record |
|---|---|
| Achieved SIL | Achieved SIL |
| Evaluated Systematic Capabilities | Calculated SIL Systematic Capabilities |
| Last Modified By | Last Modified By |
| MTTS (years) | MTTFS |
| Status Changed By | Status By |
| Systematic Capability Validation | Systematic Capability Validation |
| Description | Description |
| Evaluated Architectural Constraints | Calculated SIL Architectural Constraints |
| Last Modified Date | Last Modified Date |
| Long Description | Long Description |
| Loop Class | Loop Class |
| Loop ID | ID |
| Loop Type | Loop Type |
| Meets SIL Requirements | Meets SIL Requirement? |
| Mission Time | Mission Time |
| Probability of Failure | Loop PFH |
| Required SIL | Required SIL |
| Risk Reduction Factor | Risk Reduction Factor |
| SIL Demand Mode | Demand Mode |
| SIL Validation Method | SIL Validation Method |
| Startup Time | Startup Time |
| Status | Status |
| Status Changed Date | Status Date |
| Test Architectural Constraints | Test Architecture Constraints |
The Protective Instrument Loop report also includes a table, which contains the following information that is stored in the Protective Instrument Loop Logic Solver records, and Protective Instrument Loop System records linked to the Protective Instrument Loop record:
| Report Column | Field Name in Protective Instrument Loop Logic Solver Record | Field Name in Protective Instrument Loop System Record | |
|---|---|---|---|
| for Sensor System | for Final Element System | ||
| Arch Cons | SIL Architectural Constraints | SIL Architectural Constraints | SIL Architectural Constraints |
| Avail | Availability | Availability | Availability |
| MTTFS | MTTFS | MTTFS | MTTFS |
| MTTFS Cont | MTTFS Contribution | MTTFS Contribution | MTTFS Contribution |
| PFD Avg | Calculated PFD Avg | Calculated PFD Avg | Calculated PFD Avg |
| PFD Cont | PFD Contribution | PFD Contribution | PFD Contribution |
| PFH | Calculated PFH | Calculated PFH | Calculated PFH |
| PTI | Proof Test Interval | N/A | N/A |
| Sys Cap | SIL Systematic Capability | SIL Systematic Capability | SIL Systematic Capability |
Family Fields that are Updated While Importing Data from Exida
This topic maps the exSILentia fields with the corresponding Family Fields that gets updated when you import data from Exida.
The Protective Instrument Loop family
| Property Name | Field ID | Field Caption | exSILentia Class/Field |
|---|---|---|---|
| Calculator | None | None | None |
| Diagram | MI_PRE_I_LP_DIAGRAM_B | Diagram | None |
| DemandMode | MI_PRE_I_LP_DEMAND_MODE_C | Demand_Mode | clsSILverData_DemandMode |
| LoopID | MI_FNCL_SYS_ID_C | ID | None |
| MissionTime | MI_PRE_I_LP_MISSION_TIME_N | Mission_Time | clsSILverData_calctime |
| StartupTime | MI_PRE_I_LP_STARTUP_TIME_N | Startup_Time | clsSILverData_startup |
| TestArchitectureContraints | MI_PRE_I_LP_TST_ARCHTCTE_CNS_C | Test_Architecture_Constraints | None |
| SystematicCapabilityValidation | MI_PRE_I_LP_SYSTMTC_CPBY_VLN_L | Systematic_Capability_Validation | clsSILverData_ConsiderSILCapability |
| SensorMCI | MI_PRE_I_LP_SENSOR_MCI_N | Sensor_MCI | clsSILverData_MCI_Sensors |
| FinalElementMCI | MI_PRE_I_LP_FINALELEMENT_MCI_N | Final_Element_MCI | clsSILverData_MCI_FinalElements |
| LogicSolverMCI | MI_PRE_I_LP_LOGICSOLVER_MCI_N | Logic_Solver_MCI | clsSILverData_MCI_LogicSolver |
| RequiredSIL | MI_PRE_I_LP_REQUIRED_SIL_N | Required_SIL | clsSILverData_TargetSILV |
The Protective Instrument Loop Final Element family
| Property Name | Field ID | Field Caption | exSILentia Class/Field |
|---|---|---|---|
| GUID | MI_PRE_ELT0_GUID_C | GUID | None |
| RAV | MI_PRE_FLT0_RAV_L | Remote_Actuated_Valve | clsFinalElemLegData_RAV_ |
| TightShutOffRequired | MI_PRE_FLT0_TIGHT_SHTFF_RQRD_L | Tight_Shutoff_Required | clsFinalElemLegData_TShutoffReq_ |
| UncleanService | MI_PRE_FLT0_UNCLEAN_SERVICE_L | Severe_Service | clsFinalElemLegData_UncleanService |
| UseCombination | MI_PRE_FLT0_USE_COMBINATION_L | Use_Combination | clsFinalElemLegData_UseActValCombo |
| UsePVST | MI_PRE_FLT0_USE_PVST_L | Partial_Valve_Stroke_Testing | clsFinalElemLegData_UsePVST_ |
| UsePVSTCov | MI_PRE_FLT0_USE_PVSTCOV_L | Use_Custom_PVST_Coverage | clsFinalElemLegData_UsePVSTCov |
| ValveTripOpen | MI_PRE_FLT0_VALVE_TRIP_OPEN_L | Valve_Trip_Open | clsFinalElemLegData_ValveTripOpen |
| CustomPVSTCoverage | MI_PRE_FLT0_CUSTM_PVST_CVRGE_N | Custom_PVST_Coverage | clsFinalElemLegData_AT_Coverage_ |
| CustomPVSTInterval | MI_PRE_FLT0_PVST_INTER_N | PVST_Interval | clsFinalElemLegData_AT_Interval |
| CustomPVSTIntervalUOM | MI_PRE_FLT0_PVST_INTER_UOM_C | PVST_Interval_UOM | None |
The Protective Instrument Loop System family
| Property Name | Field ID | Field Caption | exSILentia Class/Field |
|---|---|---|---|
| SystemType | MI_PRE_SYM0_SYSTEM_TYPE_C | System_Type | None |
| GUID | MI_PRE_ELT0_GUID_C | GUID | None |
| Parent | None | None | None |
| CommonCauseBetweenGroupsBeta | MI_PRE_SYM0_COMMON_CAUSE_N | Common_Cause_(Beta) | clsSILverData_GroupBetaSens |
| NumberofGroups | MI_PRE_SYM0_NUMBEROF_GROUPS_N | Number_of_Groups | clsSILverData_numsensors |
| GroupVoting | MI_PRE_SYM0_VOTING_BTWN_GRPS_C | Voting_Between_Groups | clsSILverData_sensorvote_ |
The Protective Instrument Loop Sensor family
| Property Name | Field ID | Field Caption | exSILentia Class/Field |
|---|---|---|---|
| GUID | MI_PRE_ELT0_GUID_C | GUID | None |
| IsAnalog | MI_PRE_SNR0_ISANALOG_L | Analog_Input | None |
| AnalogTrip | MI_PRE_SNR0_ANALOG_TRIP_N | Analog_Trip | clsSensorLegData_AnalogTrip |
| ExternalComparison | MI_PRE_SNR0_EXTERNAL_COMPRSN_L | External_Comparison | clsSensorLegData_ExternalComp_ |
| ExternalComparisonValue | MI_PRE_SNR0_EXTER_COMPA_VALUE_N | External_Comparison_Value | clsSensorLegData_ExternalCompCov |
| AlarmSetting | MI_PRE_SNR0_HIGH_ALARM_L | Alarm_Setting(High/Low) | clsSensorLegData_Jumper |
| RangeChecking | MI_PRE_SNR0_RANGE_CHECKING_L | Over/Under_Range | clsSensorLegData_RangeChecking |
| InputFilters | MI_PRE_SNR0_INPUT_FILTER_L | Alarm_Filter | clsSensorLegData_InputFiltering |
| SensorTripOnAlarm | MI_PRE_SNR0_SNSR_TRP_ON_ALRM_L | Alarm_Voted_as_Trip | clsSensorLegData_TripOnAlarm |
| SensorType | MI_PRE_SNR0_SENSOR_TYPE_C | Sensor_Type | clsSensorLegData_SensType |
| EnableTrip | MI_PRE_SNR0_ENABLETRIP_L | EnableTrip | None |
The Protective Instrument Loop Group family
| Property Name | Field ID | Field Caption | exSILentia Class/Field |
|---|---|---|---|
| GUID | MI_PRE_ELT0_GUID_C | GUID | None |
| Parent | None | None | None |
| GroupType | MI_PRE_GRP0_GROUP_TYPE_C | Group_Type | None |
| LegsNumber | MI_PRE_GRP0_SUBSYSTEM_NUMBER_N | Subsystem_Number | None |
| N | MI_PRE_GRP0_N_N | Custom_Vote_N | clsFinalElemGroupData_CustVoteN |
| M | MI_PRE_GRP0_M_N | Custom_Vote_M | clsFinalElemGroupData_CustVoteM_ |
| FinalElementVote | MI_PRE_GRP0_VOTING_C | Voting | clsFinalElemGroupData_Vote |
| CommonCauseBeta | MI_PRE_GRP0_COMMON_CAUSE_BTA_N | Common_Cause_(Beta) | clsFinalElemGroupData_Beta |
| MTTR | MI_PRE_GRP0_MTTR_N | MTTR | clsFinalElemGroupData_MTTR_ |
| ProofTestCoverage | MI_PRE_GRP0_PROOF_TEST_CVRGE_N | Proof_Test_Coverage | clsFinalElemGroupData_ProofTestCov |
| PrrofTestInterval | MI_PRE_GRP0_PROOF_TST_INTRVL_N | Proof_Test_Interval | clsFinalElemGroupData_ProofTestInt |
| VoteType | MI_PRE_GRP0_DIVERSE_L | Diverse | clsFinalElemGroupData_IsVoteDiverse |
The Protective Instrument Loop Logic Solver Channel family
| Property Name | Field ID | Field Caption | exSILentia Class/Field |
|---|---|---|---|
| Parent | None | None | None |
| Entity | None | None | None |
| ChannelType | MI_PRE_CHL0_CHANNEL_TYPE_C | Channel_Type | clsLogicSolverPartData_ChannelType |
| ExidalD | MI_PRE_DVE0_EXIDA_ID_N | Exida_ID | clsLogicSolverPartData_EID |
| DangerousDetected | MI_PRE_DVE0_DANGEROUS_DETCTD_N | Dangerous_Detected | clsLogicSolverPartData_FailDD |
| DangeroudUndetected | MI_PRE_DVE0_DANGEROS_UNDTCTD_N | Dangerous_Undetected | clsLogicSolverPartData_FailDU |
| FailureAnnunciationDetected | MI_PRE_DVE0_FLRE_ANNNCTN_DTD_N | Failure_Annunciation_Detected | clsLogicSolverPartData_FailAD |
| FailureAnnunciationUndetected | MI_PRE_DVE0_FLRE_ANNNCTN_UND_N | Failure_Annunciation_undetected | clsLogicSolverPartData_FailAU |
| FailureDetected | MI_PRE_DVE0_FAILURE_DETECTED_N | Failure_Detected | clsLogicSolverPartData_FailDetected |
| FailureHigh | MI_PRE_DVE0_FAILURE_HIGH_N | Failure_high | clsLogicSolverPartData_FailHigh |
| FailureLow | MI_PRE_DVE0_FAILURE_LOW_N | Failure_Low | clsLogicSolverPartData_FailLow |
| Residual | MI_PRE_DVE0_RESIDUAL_N | Residual | clsLogicSolverPartData_FailNoEffect |
| SafeDetected | MI_PRE_DVE0_SAFE_DETECTED_N | Safe_Detected | clsLogicSolverPartData_FailSD |
| SafeFailureFraction | MI_PRE_DVE0_SSF_N | Safe_Failure_Fraction | clsLogicSolverPartData_SFF |
| SafeUndetected | MI_PRE_DVE0_SAFE_UNDETECTED_N | Safe_Undetected | clsLogicSolverPartData_FailSU |
| Channels | None | None | clsLogicSolverPartData_Channels |
| Name | MI_PRE_DVE0_NAME_C | Module_Name | clsLogicSolverPartData_Model |
| ReferenceDateSourceTitle | MI_PRE_ELT0_REFRNCE_DTA_SRCE_C | Reference_Data_Source | None |
| ReferenceDateSource | MI_PRE_ELT0_RFRNCE_DTA_RFRNE_C | Reference_Data_Reference | None |
| ReferenceDataDate | MI_PRE_ELT0_REFERNCE_DTA_DTE_D | Reference_Data_Date | None |
| ReferenceRevision | MI_PRE_ELT0_REFRNCE_DTA_RVSN_C | Reference_Data_Revision | None |
The Protective Instrument Loop Logic Solver family
| Property Name | Field ID | Field Caption | exSILentia Class/Field |
|---|---|---|---|
| GroupType | MI_PRE_GRP0_GROUP_TYPE_C | Group_Type | None |
| GUID | MI_PRE_ELT0_GUID_C | GUID | None |
| Parent | None | None | None |
| MTTR | MI_PRE_GRP0_MTTR_N | MTTR | .clsSILverData_LogicSolver.MTTR |
| ProofTestCoverage | MI_PRE_GRP0_PROOF_TEST_CVRGE_N | Proof_Test_Coverage | clsSILverData_LogicSolver.ProofTestCoverage |
| ProofTestInterval | MI_PRE_GRP0_PROOF_TST_INTRVL_N | Proof_Test_Interval | clsSILverData_LogicSolver.ProofTestInterval |
| EnableAutoPTS | MI_PRE_SLR0_ATMTC_PRFTST_SWR_L | Automatic_Prooftest_Switchover | clsSILverData_LogicSolver.AT_Enabled |
| AutoPTSI | MI_PRE_SLR0_ATMC_PRT_SWR_INL_N | Automatic_Prooftest_Switchover_Interval | clsSILverData_LogicSolver.AT_Interval |
| AutoPTSICov | MI_PRE_SLR0_ATMC_PRT_SWR_INL_N | Automatic_Prooftest_Switchover_Converage | clsSILverData_LogicSolver.AT_Coverage |
| ArchitecturalConstraints | MI_PRE_GRP0_SL_ARCHTCTRL_CNS_N | SIL_Architectural_Constraints | clsSILverData_LogicSolver.HFT |
| EquipmentFailureModeTypeAsPerIEC61508 | MI_PRE_SLR0_EQUIPMENT_TYPE_C | Architectural_Type | clsSILverData_LogicSolver.ArchType |
| CommonCauseBeta | MI_PRE_GRP0_COMMON_CAUSE_BTA_N | Common_Cause_(Beta) | clsSILverData_LogicSolver.Beta |
| SILCapability | MI_PRE_GRP0_SIL_CAPABILITY_N | SIL_Systematic_Capability | clsSILverData_LogicSolver.LimitingSIL |
| Voting | MI_PRE_GRP0_VOTING_C | Voting | clsSILverData_LogicSolver.MyVoting |
| IsCustomerized | MI_PRE_SLR0_ISCUSTOMERIZED_L | Manual_Entry | None |
| ExidaID | MI_PRE_SLR0_EXIDA_ID_N | Exida_ID | clsSILverData_LogicSolver.EquipmentID |
| ExidaName | MI_PRE_SLR0_EXIDA_NAME_C | Exida_Name | clsSILverData_LogicSolver.exidaName |
| ReferenceDateSourceTitle | MI_PRE_ELT0_REFRNCE_DTA_SRCE_C | Reference_Data_Source | None |
| ReferenceDateSource | MI_PRE_ELT0_RFRNCE_DTA_RFRNE_C | Reference_Data_Reference | None |
| ReferenceDataDate | MI_PRE_ELT0_REFERNCE_DTA_DTE_D | Reference_Data_Date | clsSILverData_LogicSolver.SERHVer |
| ReferenceRevision | MI_PRE_ELT0_REFRNCE_DTA_RVSN_C | Reference_Data_Revision | clsSILverData_LogicSolver.SERHVer |
| Automatic | MI_PRE_SLR0_AUTOMATIC_L | Automatic_Channel_Count | clsSILverData_LogicSolver.Automatic |
| LogicSolverChannels | None | None | None |
The Protective Instrument Device family
| Property Name | Field ID | Field Caption | exSILentia Class/Field |
|---|---|---|---|
| ExidalD | MI_PRE_DVE0_EXIDA_ID_N | Exida_ID | clsSILverDeviceData_EquipmentID |
| IsCustomerized | MI_PRE_DVE0_ISCUSTOMED_L | Manual_Entry | None |
| Tag | MI_PRE_DVE0_DEVICE_TAG_C | Device_Tag | None |
| IsApproved | MI_PRE_ELT0_APPROVEDTOUSE_L | Approved_Custom_Device | None |
| AnalogAI_AO | MI_PRE_DVE0_ANALOG_CHANNELS_N | Analog_Channels | clsSILverDeviceData_ChannelCount |
| DigitalDI_DOHigh | MI_PRE_DVE0_DIGTL_HGH_CHNNLS_N | Digital_High_Channels | clsSILverDeviceData_ChannelCount |
| DigitalDI_DOLow | MI_PRE_DVE0_DIGITL_LW_CHNNLS_N | Digital_Low_Channels | clsSILverDeviceData_ChannelCount |
| Name | MI_PRE_DVE0_NAME_C | Exida_Name | clsSILverDeviceData_exidaName |
| ArchitecturalType | MI_PRE_DVE0_ARCHITECTRL_TYPE_C | Architectural_Type | clsSILverDeviceData_ArchType |
| CertifiedSIL | MI_PRE_DVE0_CERTIFIED_SIL_N | Certified_SIL | clsSILverDeviceData_CertifiedForSIL |
| DangerousDetected | MI_PRE_DVE0_DANGEROUS_DETCTD_N | Dangerous_Detected | clsSILverDeviceData_FailDD |
| DangerousUndetected | MI_PRE_DVE0_DANGEROS_UNDTCTD_N | Dangerous_Undetected | clsSILverDeviceData_FailDU |
| DeviceType | MI_PRE_DVE0_DEVICE_TYPE_C | Device_Type | clsSILverDeviceData_DeviceType |
| FailureAnnunciationDetected | MI_PRE_DVE0_FLRE_ANNNCTN_DTD_N | Failure_Annunciation_Detected | clsSILverDeviceData_FailAD |
| FailureAnnunciationUndetected | MI_PRE_DVE0_FLRE_ANNNCTN_UND_N | Failure_Annunciation_undetected | clsSILverDeviceData_FailAU |
| FailureDetected | MI_PRE_DVE0_FAILURE_DETECTED_N | Failure_Detected | clsSILverDeviceData_FailDetected |
| FailureHigh | MI_PRE_DVE0_FAILURE_HIGH_N | Failure_high | clsSILverDeviceData_FailHigh |
| FailureLow | MI_PRE_DVE0_FAILURE_LOW_N | Failure_Low | clsSILverDeviceData_FailLow |
| Residual | MI_PRE_DVE0_RESIDUAL_N | Residual | clsSILverDeviceData_FailNoEffect |
| SafeDetected | MI_PRE_DVE0_SAFE_DETECTED_N | Safe_Detected | clsSILverDeviceData_FailSD |
| SafeUndetected | MI_PRE_DVE0_SAFE_UNDETECTED_N | Safe_Undetected | clsSILverDeviceData_FailSU |
| SuggestedPTC | MI_PRE_DVE0_SUGGESTEDPTC_N | Suggested_PTC | clsSILverDeviceData_SuggestPTC |
| TripRestrict | MI_PRE_DVE0_TRIPRESTRICT_C | Trip_Restrict | clsSILverDeviceData_TripRestrict |
| ReferenceDataSourceTitle | MI_PRE_ELT0_REFRNCE_DTA_SRCE_C | Reference_Data_Source | None |
| ReferenceDataDate | MI_PRE_ELT0_REFERNCE_DTA_DTE_D | Reference_Data_Date | clsSILverDeviceData_SERHVer |
| ReferenceRevision | MI_PRE_ELT0_REFRNCE_DTA_RVSN_C | Reference_Data_Revision | clsSILverDeviceData_SERHVer |
The Protective Instrument Loop Element family
| Property Name | Field ID | Field Caption | exSILentia Class/Field |
|---|---|---|---|
| Parent | None | None | None |
| Constantine | None | None | None |
| DisplayInfo | MI_PRE_ELT0_VISUAL_ATTRIBUTS_T | Visual_Attributes | None |
The Instrumented Function family
| Property Name | Field ID | Field Caption | exSILentia Class/Field |
|---|---|---|---|
| SafetyLoops | None | None | None |
| UnitID | MI_PIF00000_UNIT_ID_C | Unit_ID | clsSILverData_UnitName |
| DescriptionVS) | MI_PIF00000_DESC_C | PIF_Description | clsSILverData_SIFDesc |
| HazardousEvent | MI_PIF00000_HAZAR_EVENT_C | Hazardous_Event | clsSILverData_HazardDesc |
| ConsequenceDescription | MI_PIF00000_CONS_DESC_T | Consequence_Description | clsSILverData_ConseqDesc |
| SafeStateDescription | MI_PIF00000_SAFE_STATE_DESCR_T | Safe_State_Description | clsSILverData_SafeState |
| ResponseTime | MI_PIF00000_RESPO_TIME_N | Response_Time | clsSILverData_RespTime |
| SpuriousTripLimit | MI_PIF00000_SPURI_TRIP_LIMIT_N | Spurious_Trip_Limit_(per_yr) | clsSILverData_ReqSTR_ |
| SelectedSILLevel | MI_PIF00000_SELEC_SIL_LEVEL_N | Selected_SIL_Level | clsSILverData_TargetSIL |
| SILMode | MI_PIF00000_SIL_MODE_C | SIL_Mode | None |
| SILAssessmentMethod | MI_PIF00000_SIL_ASSES_METHO_C | SIL_Assessment_Method | None |
| ProcessHazardsAnalysisReference | MI_PIF00000_PROC_HAZ_AN_REF_C | Hazards_Analysis_Reference | None |
| ProcessHazardsAnalysisDate | MI_PIF00000_PROC_HAZ_AN_DATE_D | Hazards_Analysis_Date | None |
| SiteID | MI_PIF00000_SITE_ID_C | Site_ID | None |
| SILAnalysisKey | MI_PIF00000_SIL_ANALY_KEY_N | SIL_Analysis_Key | None |
About Upgrade of LOPA and Safeguards to V4.3.0.0.0
In versions prior to V4.3.0.0.0, you could create a LOPA to assess SIL value for an Instrumented Function from the SIL Analysis. In V4.3.0.0.0, you can create and manage LOPAs using the Layers of Protection Analysis module. To assess the SIL value for an Instrumented Function using LOPA, you can create a LOPA Assessment record for the Instrumented Function by linking the LOPA.
When you upgrade the module to V4.3.0.0.0, LOPA Assessment records are created automatically by copying values from the existing LOPAs. The LOPA Assessments are then linked to the corresponding Instrumented Functions and LOPAs. The following table contains the fields in LOPA that are mapped to fields in LOPA Assessment:
| Values in the Following Fields in the LOPA... | Copied to the following fields in the LOPA Assessment |
|---|---|
| LOPA ID | LOPA Assessment ID |
| LOPA ID | Linked LOPA ID |
| Entity Key | Linked LOPA Key |
| Frequency of Initiating Event | Frequency of Initiating Event |
| Mitigated Consequence Frequency | Mitigated Consequence Frequency |
| Required Mitigated Consequence Frequency | Required Mitigated Consequence Frequency |
| Required PIF PFD | Required Probability of Failure |
| Required PIF Risk Reduction Factor | Risk Reduction Factor (RRF) |
| Unmitigated Consequence Frequency | Unmitigated Consequence Frequency |
| Total IPL PFD | Total IPL PFD |
| Calculated SIL | Selected SIL Level |
Also, in V4.3.0.0.0, the Hazards Analysis Safeguard records is used to store the details of Independent Layer of Protection. Hence, when you upgrade to V4.3.0.0.0, Hazards Analysis Safeguards records are created by copying values from the Independent Layer of Protection records associated with the existing LOPA records. The Safeguards created are then associated with the corresponding LOPA.
| Values in the Following Fields in the Independent Layer of Protection ... | Copied to the following fields in the associated Hazards Analysis Safeguard |
|---|---|
| PFD | PFD |
| IPL ID | Safeguard ID |
| Type | IPL Type |
In V4.3.0.0.0, for each Safeguard, IPL Checklist records are created to store your selection for the criteria that are used to determine if a Safeguard is an IPL. When you upgrade to V4.3.0.0.0, for each previously existing Independent Layer of Protection record, IPL Checklist records are created and associated with the corresponding Safeguard in V4.3.0.0.0.