Floating Power Plant A/S POSEIDON project

Similar documents
TECHNOLOGY QUALIFICATION MANAGEMENT

DNVGL-RP-A203 Edition June 2017

Technology qualification management and verification

REVIEW AND APPROVAL OF NOVEL CONCEPTS

THE USE OF A SAFETY CASE APPROACH TO SUPPORT DECISION MAKING IN DESIGN

PRIMATECH WHITE PAPER COMPARISON OF FIRST AND SECOND EDITIONS OF HAZOP APPLICATION GUIDE, IEC 61882: A PROCESS SAFETY PERSPECTIVE

TECHNICAL AND OPERATIONAL NOTE ON CHANGE MANAGEMENT OF GAMBLING TECHNICAL SYSTEMS AND APPROVAL OF THE SUBSTANTIAL CHANGES TO CRITICAL COMPONENTS.

This document is a preview generated by EVS

June Phase 3 Executive Summary Pre-Project Design Review of Candu Energy Inc. Enhanced CANDU 6 Design

This document is a preview generated by EVS

This is a preview - click here to buy the full publication

Voluntary Carbon Standard

Applied Safety Science and Engineering Techniques (ASSET TM )

Phase 2 Executive Summary: Pre-Project Review of AECL s Advanced CANDU Reactor ACR

This is a preview - click here to buy the full publication

INTERNATIONAL. Medical device software Software life cycle processes

(Non-legislative acts) DECISIONS

TYPE APPROVAL PROCEDURE

Independent Communications Authority of South Africa Pinmill Farm, 164 Katherine Street, Sandton Private Bag X10002, Sandton, 2146

Controlling Changes Lessons Learned from Waste Management Facilities 8

Fiscal 2007 Environmental Technology Verification Pilot Program Implementation Guidelines

How it works and Stakeholder Benefits

ISO INTERNATIONAL STANDARD. Petroleum and natural gas industries Offshore production installations Basic surface process safety systems

OWA Floating LiDAR Roadmap Supplementary Guidance Note

SATELLITE NETWORK NOTIFICATION AND COORDINATION REGULATIONS 2007 BR 94/2007

ARTES Competitiveness & Growth Full Proposal. Requirements for the Content of the Technical Proposal. Part 3B Product Development Plan

TECHNICAL RISK ASSESSMENT: INCREASING THE VALUE OF TECHNOLOGY READINESS ASSESSMENT (TRA)

GENERAL DESCRIPTION OF THE CMC SERVICES

Stakeholder Comments Template

Jerome Tzau TARDEC System Engineering Group. UNCLASSIFIED: Distribution Statement A. Approved for public release. 14 th Annual NDIA SE Conf Oct 2011

UNIT-III LIFE-CYCLE PHASES

Type Approval JANUARY The electronic pdf version of this document found through is the officially binding version

DNVGL-CP-0338 Edition October 2015

ISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Privacy framework

(R) Aerospace First Article Inspection Requirement FOREWORD

Background T

ARTES Competitiveness & Growth Full Proposal. Requirements for the Content of the Technical Proposal

8th Floor, 125 London Wall, London EC2Y 5AS Tel: +44 (0) Fax: +44 (0)

IEEE STD AND NEI 96-07, APPENDIX D STRANGE BEDFELLOWS?

Development of a Manufacturability Assessment Methodology and Metric

RESOLUTION MEPC.290(71) (adopted on 7 July 2017) THE EXPERIENCE-BUILDING PHASE ASSOCIATED WITH THE BWM CONVENTION

Safety of programmable machinery and the EC directive

Logic Solver for Tank Overfill Protection

JEFFERSON LAB TECHNICAL ENGINEERING & DEVELOPMENT FACILITY (TEDF ONE) Newport News, Virginia

Australian Standard. Design review AS IEC IEC 61160, Ed.2 (2005) AS IEC

EFRAG s Draft letter to the European Commission regarding endorsement of Definition of Material (Amendments to IAS 1 and IAS 8)

Impact on audit quality. 1 November 2018

Joint ILAC CIPM Communication regarding the. Accreditation of Calibration and Measurement Services. of National Metrology Institutes.

Getting the evidence: Using research in policy making

The Preliminary Risk Analysis Approach: Merging Space and Aeronautics Methods

SHTG primary submission process

LAW ON TECHNOLOGY TRANSFER 1998

East Central College

SAUDI ARABIAN STANDARDS ORGANIZATION (SASO) TECHNICAL DIRECTIVE PART ONE: STANDARDIZATION AND RELATED ACTIVITIES GENERAL VOCABULARY

White paper The Quality of Design Documents in Denmark

Essential requirements for a spectrum monitoring system for developing countries

Latin-American non-state actor dialogue on Article 6 of the Paris Agreement

Draft performance standards for shipborne "BeiDou" BDS receiver equipment

Office for Nuclear Regulation

GE/GN8648. Guidance on Positioning of Lineside Telephones. Rail Industry Guidance Note for GE/RT8048

MISSISSIPPI STATE UNIVERSITY Office of Planning Design and Construction Administration

Life Cycle Management of Station Equipment & Apparatus Interest Group (LCMSEA) Getting Started with an Asset Management Program (Continued)

NZFSA Policy on Food Safety Equivalence:

IET Standards Committee. Governance. IET Standards Committee Remit. IET Standards Committee Constitution

Initial draft of the technology framework. Contents. Informal document by the Chair

LICENSING THE PALLAS-REACTOR USING THE CONCEPTUAL SAFETY DOCUMENT

CHIEF ENGINEER PROCEDURE MANAGEMENT OF OVERLAPPING DESIGN AGREEMENT

A. Action Submittals: Written and graphic information that requires Architect's responsive action.

This document is a preview generated by EVS

INFCIRC/57. 72/Rev.6. under. Safetyy. read in. Convention. involve. National Reports. on Nuclear 2015.

Health Based Exposure Limits (HBEL) and Q&As

ISO INTERNATIONAL STANDARD. Safety of machinery Basic concepts, general principles for design Part 1: Basic terminology, methodology

IAASB Main Agenda (March, 2015) Auditing Disclosures Issues and Task Force Recommendations

Requirements Analysis aka Requirements Engineering. Requirements Elicitation Process

Establishment of Electrical Safety Regulations Governing Generation, Transmission and Distribution of Electricity in Ontario

Part 2: Medical device software. Validation of software for medical device quality systems

Australian/New Zealand Standard

Recommended Practice for Wet and Dry Thermal Insulation of Subsea Flowlines and Equipment API RECOMMENDED PRACTICE 17U FIRST EDITION, FEBRUARY 2015

DNV GL Marine Renewables

Continuous On-line Measurement of Water Content in Petroleum (Crude Oil and Condensate)

Guidelines for the avoidance of vibration induced fatigue failure in process pipework

Systems. Professor Vaughan Pomeroy. The LRET Research Collegium Southampton, 11 July 2 September 2011

Risk Based Classification of Offshore Production Systems Matthew D. Tremblay, ABS; Jorge E. Ballesio, ABS; Bret C. Montaruli, ABS

Fact Sheet IP specificities in research for the benefit of SMEs

ETSI EN V1.1.2 ( ) Harmonized European Standard

Bulk Electric System Definition Reference Document

Scotian Basin Exploration Drilling Project: Timeline

Value Paper. Are you PAT and QbD Ready? Get up to speed

1 SERVICE DESCRIPTION

ANSI/IEC American National Standard for Environmentally Conscious Design for Electrical and Electronic Products

Extract of Advance copy of the Report of the International Conference on Chemicals Management on the work of its second session

Model Based Systems Engineering (MBSE) Business Case Considerations An Enabler of Risk Reduction

Principles and structure of the technology framework and scope and modalities for the periodic assessment of the Technology Mechanism

-and- (the Artist ) maquette means the drawing or model, prepared by the Artist, of the proposed Art Work;

Incentive Guidelines. Aid for Research and Development Projects (Tax Credit)

Guidelines: Review and evaluation of high-end infrastructure proposals and award of funding allocations

Engineering Recommendation M30 Issue Standard Electricity Network Operator Electricity Smart Meter Configurations

Technology Needs Assessments under GEF Enabling Activities Top Ups

A NEW METHODOLOGY FOR SOFTWARE RELIABILITY AND SAFETY ASSURANCE IN ATM SYSTEMS

ISO INTERNATIONAL STANDARD

Transcription:

Floating Power Plant A/S POSEIDON project Report: Certification Qualification and Documentation for Certification Process Work package: WP3 Subtask: D.3.2 Date: 28 February 2017 Revision: 1 External Public Lead: Jørund Moseid This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement No 673976

Contents 1 Background... 3 1.1 Purpose... 3 1.2 Task Description... 3 1.3 References... 3 2 Availability of Certification Procedure... 3 2.1 Objectives... 3 2.2 Identification of Certification Entities... 3 2.2.1 Bidding Process... 3 2.2.2 Evaluation Criteria... 3 2.2.3 Results and Selection... 4 3 Development of Certification Documentation... 4 3.1 Basis of Certification Process... 4 3.2 Practical Application... 4 4... 5 4.1 Appraisal - Stage 1... 5 4.2 Plan and Execute - Stage 2... 5 4.3 Review and Certification - Stage 3... 6 5 Key Recommendations... 6 2 This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement No 673976

1 Background 1.1 Purpose The purpose of this deliverable D.3.2 is to define the identification process of certification and the road to developing standards for certification of a combined wave and wind power device. The work builds on work done in Work Package 3.1 and Ref /1/. 1.2 Task Description D3.2: Report on needed certifications and documentation for certification process [21] A report will be written describing the currently available certification procedures, and their suitability for Floating Power Plant s device. Also included will be potential options for developing further certification procedures more specifically applicable to Floating Power Plant. Comparisons will be made regarding the time-lines, costs and reputation associated with each procedure. 1.3 References /1/ D.3.1 Classification in Key Markets /2/ Guidance Notes for, Lloyds Register, December 2014 2 Availability of Certification Procedure The process of identifying the availability of certification procedures has been described in Ref. /1/. In that process the need for development of new certification procedures were identified. 2.1 Objectives A tender was issued from FPP in order to: establish the level of details needed for certification process identify activities and knowledge around the process of development of certification standards reduce cost and expenditure of time of such development draw on reputation and experience 2.2 Identification of Certification Entities 2.2.1 Bidding Process Two major certification entities were identified representing the two most reputable companies for third party validation in the market place. The tender goals were based on the objectives in the tender and developed to the following evaluation criteria: 2.2.2 Evaluation Criteria Lump sum price Hour rate CV/People Experience with similar technology Quality of proposal Based on a defined scope, cost was defined. Hour Rates for extra work Qualifications/References. Rating based on industry market knowledge to wave and wind industry and new technology development of certification standards. Evaluation based on submission of proposal. 3 This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement No 673976

Long term certification option What role certification entity wold have in key markets. 2.2.3 Results and Selection Based on a full evaluation between the two tenderers, one was selected based on the sum of all weighted evaluation criteria. 3 Development of Certification Documentation 3.1 Basis of Certification Process The hybrid device is a floating installation on a fixed location with temporary manning. There is no requirement to apply a flag to the unit and hence the Classification approach is not suitable. A certification process has been identified. In order to define standards applicable, the following was required: Design Goals for the Project (tangible goals for design and operation) Project Goal Matrix Registry of Applicable Rules and Regulations Regulatory Matrix 3.2 Practical Application In the process of developing an innovative solution and defining the Regulatory Matrix to design to, there is an inherent risk that standards covers only partly the solution. Where there are gaps in the available standards, a bridging is needed to fill in the gaps. Such activity can be done by the developer themselves, but this process is often complex and confusing. A technology qualification process is offered by the certification bodies, as a standardized process of defining the various components and the applicable standards and the lack of those. Typical Regulatory Matrix format shown in Figure 1. Figure 1: Regulatory Matrix FPP Poseidon Project 4 This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement No 673976

4 Process of technology qualification is combined with a set of design goals for the project and the defined regulatory framework. Main activities once the design goals are made is to define the decomposition of the technology before moving into the assessment stage. A technology qualification scheme is outlined in 2. Figure 2: Scheme, Outline (Source: Lloyds Register) 4.1 Appraisal - Stage 1 Activities carried out for definition of Plan system decomposition: Desktop screening establishing available standards within the industry, gathering and presentation of these. Review of design documents and design goals Definition of system decomposition Workshop (risk-based approach) The outcome of such activities would be found in a Plan, defining the requirements for development on an individual component/system level. The plan and assessment deals with the following two categories Level of Technology Maturity, similar to Technology Readiness Level (TRL) Level of Integration Maturity, deals with how well developed the technology is within this particular service/application. Further information in Ref /2/. 4.2 Plan and Execute - Stage 2 The Plan is established based on the agreed activities that needs to be carried out for each system to reach the acceptable maturity level. Once the plan is agreed and the methods and tests have been established, acceptance criteria has been defined and comments and remarks have been cleared off, this phase is decorated by the issuance of a Statement of Endorsement as a first certificate in the process as a proof of that the Plan is sound. 5 This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement No 673976

Figure 3: Flowchart for activities within the Plan and Execution stage for a wind and wave device. Source: Lloyds Register) 4.3 Review and Certification - Stage 3 Once the results from the risk assessments and test plans have been cleared out, the plan moves into execution, which ultimately leads into a Certificate of. References herein are to Ref /2/. Figure 4: Final Stage of, Wave and Wind Device (Source: Lloyds Register) 5 Key Recommendations The process of technology qualification is one way of approaching the lack of those design standards that are required for defining a roadmap for certification. The alternative route, which in broad terms is to develop the design standard together with other stakeholders and competitors, is also feasible, however this process is less predictable and requires a very clear timeframe and agreement between the parties and industry stakeholders. The process of technology qualification may be more time consuming, however it is easier to influence in terms of defining required activities and enter into direct discussions with the certification body about the level of details that would be required at different stages of the process. It is therefore FPP s recommendation to follow this process by defining 1) the rules available, 2) design goals for the project and 3) design premises. Together these three form a great basis for evaluation into stage 1 of the technology qualification process. 6 This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement No 673976

Guidance Notes for Technology Qualification December 2014

Guidance Notes for Technology Qualification December 2014

A guide to the Guidance Notes and published requirements Guidance Notes for Introduction These Guidance Notes are intended to be a live document and are subject to change without notice. A comprehensive List of Contents is placed at the beginning of these Notes. Numbering and Cross-References A decimal notation system has been adopted throughout. Five sets of digits cover the divisions, i.e., Part, Chapter, Section, sub-section and paragraph. The textual cross-referencing within the text is as follows, although the right hand digits may be added or omitted depending on the degree of precision required: (a) In same Chapter, e.g., see 2.1.3 (i.e., down to paragraph). (b) In same Part but different Chapter, e.g., see Ch 3,2.1 (i.e., down to sub-section). (c) In another Part, e.g., see Pt 5, Ch 1,3 (i.e., down to Section). The cross-referencing for Figures and Tables is as follows: (a) In same Chapter, e.g., as shown in Fig. 2.3.5 (i.e., Chapter,Section and Figure Number). (b) In same Part but different Chapter, e.g., as shown in Fig. 2.3.5 in Chapter 2. (c) In another Part, e.g., see Table 2.7.1 in Pt 3, Ch 2. Lloyd s Register is a trading name of Lloyd s Register Group Limited and its subsidiaries. For further details please see http://www.lr.org/entities Lloyd s Register Group Limited, its subsidiaries and affiliates and their respective officers, employees or agents are, individually and collectively, referred to in this clause as Lloyd s Register. Lloyd s Register assumes no responsibility and shall not be liable to any person for any loss, damage or expense caused by reliance on the information or advice in this document or howsoever provided, unless that person has signed a contract with the relevant Lloyd s Register entity for the provision of this information or advice and in that case any responsibility or liability is exclusively on the terms and conditions set out in that contract. Lloyd s Register

Guidance Notes for, December 2014 Contents Section 1 Introduction 2 2 Abbreviations and Definitions 4 3 Principles 4 4 TQ Stage 1: Technology Appraisal 6 5 TQ Stage 2: Plan and Execution 11 6 TQ Stage 3: Performance Review and Certification 14 Appendix 1 Existing Guidance on 16 2 Roadmap 17 3 Technology Maturity Level 18 4 Integration Maturity Level 19 5 IML Adjusted TML Assignment Methods 19 Lloyd s Register Group Limited 2014. All rights reserved. Except as permitted under current legislation no part of this work may be photocopied, stored in a retrieval system, published, performed in public, adapted, broadcast, transmitted, recorded or reproduced in any form or by any means, without the prior permission of the copyright owner. Enquiries should be addresse Lloyd s Register Group Limited 2014 Published by Lloyd s Register Group Limited Registered office (Reg. no. 08126909) 71 Fenchurch Street, London, EC3M d to Lloyd s Register Group Limited, 71 Fenchurch Street, London, EC3M 4BS. Lloyd s Register 1

Guidance Notes for, December 2014 Section 1 Section 1 Introduction 2 Abbreviations and Definitions 3 Principles 4 TQ Stage 1: Technology Appraisal 5 TQ Stage 2: Plan and Execution 6 TQ Stage 3: Performance Review and Certification Section 1 Introduction 1.1 General The increasing complexity and innovation in new technology can often lead to the development of novel designs, concepts or applications not covered by existing rules, normative standards and industry practices. Innovative engineering concepts and/or the application of existing technology to new environments challenge the certification bodies, regulators and standard procedures. Therefore the unknown associated with the deployment of novel technology needs to be assessed to prevent undesired outcomes. 1.2 Purpose These Guidance Notes present Lloyd s Register s Technology Qualification (TQ) methodology to quantify the risks brought in by novel technologies, which should be applied prior to deployment of the new technology. The is a robust and systematic risk assessment process that demonstrates to interested parties that the uncertainties introduced by a novel technology, or new application of an existing technology have been considered and any associated risks mitigated. The is a goal risk-based process that uses the readiness level framework, total system perspective and whole lifecycle approach to qualify new technologies, unconventional designs and new ways of applying existing technology. TQ is a methodology that provides assurance to owners, operators, suppliers and investors at the different stages of novel technology development. The TQ process is a methodology developed with specific acceptance criteria for technology under review. This is focused on, but not limited to, the following areas: Safety Environmental Functionality Performance Reliability Availability This includes, but is not limited to, the following activities: Identifying technology elements and their readiness levels Assessing risks posed by the elements Establishing acceptance criteria and goals Evidence collection Further analysis and testing including test failure analysis Performance review. The TQ process can be applied at any stage during the lifecycle of development of systems or technology. The outcomes of the process at one stage of the TQ process will be used as inputs for the next stage. Traceability from qualification requirements, qualification activities, testing results, qualification results (including recommendations to mitigate identified risks) is ensured throughout the whole process. 1.3 Overview of the Process Figure 1.2 shows the stages in the TQ process and is followed by a summary of the stages in Sections 4, 5 and 6. Figure 1.1 Lifecycle of development of systems or technology Business feasibility Concept Design Detailed Engineering Construction Operation & Maintenance Decommission 2 Lloyd s Register

Guidance Notes for, December 2014 Section 1 Figure 1.2 TQ process stages Stage 1: Appraisal (see Section 4) Technology Assessment System Decomposition Risk Assessment 1.4.2.2 Risk Assessment The analysis identifies which technological elements drive the risk and issues risk reducing measures. It is recommended that the risk assessment uses methods acceptable to LR to analyze the risks of failure, which means estimating the consequence and frequency of occurrence. 1.5.1 Plan & Execute (Section 5) At this stage qualification methods are selected based on inputs from the previous stages. LR can prepare the TQ plan or support its development or provide an independent review of the plan. A Statement of Endorsement can be provided upon satisfactory review of the TQ. The TQ plan is implemented and outcomes of qualification activities according to the plan are documented. Stage 2: Plan & Execute (see Section 5) Stage 3: Review & Certification (see Section 6) 1.4 Summary of TQ stages: 1.4.1 Appraisal (Section 4) There are two steps within the Appraisal Stage; System Decomposition and Technology Assessment & Risk Assessment (as two separate activities). 1.4.1.1 System Decomposition The first stage in the Technology Appraisal is to break down the technology into distinct elements that can be individually assessed. System Decomposition is a structural and functional breakdown of the overall system into subsystems, equipment, and components down to the smallest element that can be assessed. The outcome of System Decomposition step will provide the basis for review and assessment. It defines, but is not limited to, the scope for the review, document system and operating conditions, functions and sub-functions requirements, process sequences and operations and capabilities with respect to qualitative and quantitative claims and goals. 1.6.1 Review and Certification (Section 6) For those TQ activities which are not undertaken by LR, the results are submitted to LR for review and assessment. Qualification activities on critical technologies that govern safety systems or provide safety functions are witnessed by LR s approved personnel. Once the evidence, analysis and reasonable arguments have been documented the content may be submitted to LR for review whereupon LR will issue a Certificate of Technology Qualification, approving the readiness of the technology for application or as regulatory compliance documents, if the documentation is found to be in accordance with this TQ process specified in this guidance note. In the scenario where the documentation does not satisfy the process specified in this Guidance Note the documentation (including all the gathered evidence and analyses) may be developed further for those areas that were not satisfied. 1.4.2.1 Technology Assessment Technology Assessment uses the Technology Readiness Level (TRL) approach to screen the maturity and integration of the technology or items of equipment. Based on the assigned TRL and the operating experience for each technology or each item of equipment, a screening level from 0 to 7 is determined. This score dictates how thorough and intensive the qualification activities should be. Integration of technology or equipment into a system can provide challenges even for matured technology or equipment; therefore, an integration readiness review is performed as part of the TRL assessment. Lloyd s Register 3

Guidance Notes for, December 2014 Sections 2 & 3 Section 2 Abbreviations and Definitions Section 3 Principles The following abbreviations are applicable to these Guidance Notes unless otherwise stated. CTE FHA FMECA HAZID HAZOP IML KAOS LR LR TQ Team* MDR MODU MOU RCA SME SWIFT TQ TQP TML TRL Critical Technology Element Functional Hazard Assessment Failure Mode, Effects and Criticality Analysis Hazard Identification Hazard & Operability Analysis Integration Maturity Level Knowledge Acquisition in Automated Specification Lloyd's Register Lloyd's Register Team* Master Document Register Mobile Offshore Drilling Unit Mobile Offshore Unit Root Cause Analysis Subject Matter Expert Structured What-If Technique Plan Technology Maturity Level Technology Readiness Level *Lloyd s Register Team (LR TQ Team) LR can provide a LR TQ Team (independent third party) comprised of all required, authorized competencies in representative design, manufacturing, operation and maintenance (end-users). The LR TQ Team will also have or be able to access the necessary technical expertise in risk assessment, implementation, integration and installation of the technology and systems. The LR TQ Team will be assigned to evaluate the TQ Program and analyse the independent tests, the evidence, claims, and arguments which confirm compliance to this TQ procedure and specified Rules & Standards through witnessing and assessing implementation of the TQ Process or specific tests and analyses. Proven technology elements can be verified to be in compliance with standards which are acceptable to LR or to be required to provide relevant evidence of their performance records. Participation of the LR TQ Team at each TQ stage is advised, as stated in the guidance. Where applicable, the managerial and/or organizational relationship between the facilities where testing and/or validation activities are being performed and the LR TQ Team may be documented. The Team might also comprise of members from other stakeholders In the TQ process. 3.1 General At early stages of TQ and/or early development stages of the technology elements, expert opinions contribute a significant role to TQ. The opinion includes identification of elements to be qualified, safety and reliability evidence to be developed, and interpretation of the evidence provided. It is recommended to use a structured process for drawing expert opinions, and demonstration of systematically analysing this information to the satisfaction of the technology element s safety and reliability claims and goals. TQ is an iterative process and before deployment, a technology concept may be reviewed and improved several times using observations and the results at different steps of the TQ process at different development stages of the technology. Traceability to demonstrate the link among identified technology elements, identified risks, and collected evidence is hence required throughout the TQ process for the whole development lifecycle of the technology. TQ cost is mainly accounted for by evidence collection (mainly testing); therefore resources should be focused on building and improving the relevant data and information of the right evidence. The structured and systematic process and approach should be able to determine which aspects of the evidence are required to be enhanced and to easily identify main factors contributing to the uncertainty about the satisfaction of TQ requirements. In this procedure, a systematic and structured assessment approach built on the notion of goal-based assurance cases might be applied for modelling goals and claims, expert opinion elicitation, structuring arguments and evidence, identifying and decomposing qualification acceptance criteria, qualification plans, and arriving at conclusions. Several goal modelling languages exist, such as i* and KAOS. The basic objectives of the process should be established and agreed before the start of the TQ process. These objectives should be documented as measurable criteria covering all aspects of the technology such as already mentioned; Safety, Environmental, Functionality, Performance, Reliability and Availability. 3.2 Basic Inputs to TQ Throughout the TQ process, documentation needs to be clear, transparent, traceable and well defined to avoid misinterpretations and where specifically required by LR, documentation should be recorded in the standard format approved by LR. The information submitted for TQ review by LR should aim to satisfy and confirm that performance requirements, goals and claims of the technology in its target operating environment are met. 4 Lloyd s Register

Guidance Notes for, December 2014 Section 3 In addition, the following information would need to be submitted: Requirements definition List of Codes and Standards applied General descriptions Context of use If a Master Document Register (MDR) is available then this should also be submitted. Operation and Maintenance: Relevant operating and maintenance manuals Allowable values of operating, maintenance, and, environmental conditions Specification and procedures of maintenance, inspection, and repair, upgrade, or modification in the intended context of use. 3.3 Requirements Definition Define the functional behavior and performance requirements of the technology in the environments to which the technology is intended to be operating in and identify the source of requirements. 3.4 General Description Introduce the technology, its intended functionality, capability and performance when operating in the target environment. The general description should be supported by the following information as applicable for the Technology under consideration: Technology: Basis of design: Documentation of justifications to applied codes and boundary limits if exceeding recognised scope of standard, standards, and regulations for design criteria Capacity and performance requirements, reliability philosophy, operation and maintenance and repair philosophies, etc. Reference to other criteria Functional descriptions and drawings: Equipment list General arrangement drawings System block diagrams Single line diagrams Description of operating modes Description of safety related arrangements Description of interfaces to other machinery, equipment and systems Plans of physical arrangements Changes or modifications from original approved qualified design or context of use Software-architecture, functional specifications, user interface, data flow, control logic sequences, etc. Detailed drawings and descriptions of technology elements to be qualified Records and content of document revisions 3.5 Confidentiality Confidentiality agreements should be established among involved parties where applicable. However, this requirement also needs to take account of legislative requirements or when disclosure is authorised by the involved parties. Availability of the required documentation for TQ review should not be restrained by confidentiality agreements. More thorough testing and analysis may be expected in the scenario that the original documents are unavailable or inaccessible. 3.6 Context of use The context of the equipment or system undergoing Technology Qualification needs to be defined. The context should refer to the operating environment, the integration with existing systems, the human interactions, and the operation and maintenance. A comprehensive statement describing in detail the operating environment where the technology is deployed should cover the following points, as a minimum: Fully and clearly describe the manner and purpose of use for the technology Identify existing key points of reference Address any important criteria regarding the circumstances under which the technology is qualified Define the boundaries within which the available data adequately justifies deployment in operating environment Potential value outside these boundaries Outline of the goals of the technology and the context of use in which the technology is intended Data from additional studies obtained over time may be submitted to expand the qualified context of use Manufacturing and installation: Manufacturing, installation, and software development process, procedures, certification, records Specification of tools, machinery, and materials (including relevant certificates) Other certificates as relevant Lloyd s Register 5

Guidance Notes for, December 2014 Section 4 Section 4 TQ Stage 1: Technology Appraisal Stage 1: Appraisal (see Section 4) Technology Assessment System Decomposition This stage describes the principles to derive the list of technology elements through decomposition analysis, a goal-based structured and systematic approach to handle expert opinions elicitation, TQ cost, traceability, hazard identification, risk assessment and the input to the next TQ stage. 4.1.1 System decomposition Risk Assessment Stage 2: Plan & Execute (see Section 5) Stage 3: Review & Certification (see Section 6) 4.1.1 System Decomposition Principles A system is defined as a group of interacting elements or technologies having a functional relationship that when grouped or integrated, provide some processes or services. System performance is often as strong as its weakest technology element(s). The outcome of the system decomposition provides the basis for review and assessment. It defines, but is not limited to, the scope for review, document system and operating conditions, functions and sub-functions requirements, process sequences and operations, control-logic sequences, and capabilities with respect to qualitative and quantitative claims and goals. The decomposition methodologies should be selected and agreed upon by the LR TQ team with respect to the complexity of the integration and the development stage of the systems and/or technology elements under qualification. If the system is software-intensive, the selected methodologies are applicable to such systems. The decomposition process should start with the functions at the highest level, which is usually at the system-level. The decomposition process stops at components and/or technology elements whose maturity and operating experience is identifiable and assessable and their novelty or uncertainties, including the interfaces and integration technology between them, allow the technology to be assessed by codes or good practice. The decomposition process should also apply to both hardware and software elements. There are several possible approaches which can be used together or alone. A structure-based breakdown of hardware or architecture-based approach for software-based systems is one avenue. Another method is a function-based approach to sub-divide main functions into sub-functions in order to identify which (sub-) functions are performed by which elements and then to derive the physical and logical location and/or connection with other components/sub-systems/systems. These approaches are to determine how the functions should be accomplished, the expected performance level by which technology elements need to perform those functions. 4.1.1.1 Approach to System Decomposition System engineering principles and processes should be adopted in the decomposition analysis starting from system-level functions and structure, human-machine interaction, roles and responsibilities of organizations and personnel participating in the system development. A goal-based analysis should be applied in the decomposition analysis to identify relevant functions, boundary conditions, interfaces and sub-goals for each identified element. Descriptions of the purpose of use, operating modes, and integration issues for each decomposed element should be documented. A goal-based scheme might be applied to structure the goals, claims, arguments, and evidences for all elements. High level goals and/or claims of the system or technology elements should be documented together with the context of use in the target operating environment which is identified and confirmed by SMEs in the LR TQ team. The decomposition can be either full or partial. Full decomposition means that a parent goal has been completely refined and that no more sub-goals will be added to the decomposition; whereas partial decomposition means that more sub-goals may be added in the future. 4.1.2 Critical Technology Elements A technology element is critical if Its application or the element itself is either new or novel, or in an area that poses major technological, business, environmental or safety risk for each phase of its development life cycle, such as detailed design, manufacture, installation, commissioning, operation, or decommissioning; and The LR TQ team will determine if each technology element identified in the decomposition step is a CTE. All CTEs should be identified and qualified. The CTEs are labelled using a decision matrix, a criticality rating scheme and a criticality 6 Lloyd s Register

Guidance Notes for, December 2014 Section 4 assessment approach which is fully documented and is approved by LR. The following are documented: How the CTEs are identified Why the CTEs are important (criticality assessment) Maturity assessment of CTEs Novelty, areas of major risks, and adequate performance in the appropriate environment of CTEs further review to reduce uncertainty are to be based on the technology readiness level and the operating maturity level (see 4.2.2.1). This screening step is to reduce economic cost of qualification through eliminating the identified proven technology elements; hence the qualification resources and scope are to focus only on the unproven elements. It is allowable, after review by and where acceptable to LR, for a non-critical technology element to avoid subsequent qualification steps. In that scenario, the assumptions and justifications for the decision of skipping the qualification of those elements and all information related to the skipped elements should be documented and reported, and the elements should also be listed in the goal-based analysis. 4.1.2.1 Measurable criteria for the selection of CTE It should be ensured that the decision on CTE-related aspects such as selection or ranking choice(s), traceability of recommendations, solutions or opinions is documented and verified by SMEs and reviewed LR. Documentation should be unambiguous. Figure 2 Proven Limited experience New Initial screening matrix For example, available supporting evidence documented in a database containing different sets of numerical data and using different datasets of the same database can result in different qualification states/levels. Hence, expert opinions should be gathered and utilized as the basis to deciding the most relevant set of data for a specific goal/function used in a specific application in a specific environment. 4.2 Technology Assessment The technology assessment considers the technology readiness level and its operating environment, and also requires an integration review for the areas which are recognized as well proven in the same application but are connected to a novel system. Technology assessment is performed through a structured workshop with participation of SMEs in the systems design, technologies, maintenance and operations, and third party independent technical authorities. In this stage, the following items are considered: Equipment List Readiness level for each item Operational, reliability and maintainability aspects for each item Integration issues Review of relevant philosophies Report that identifies the technology readiness for each item of equipment, and overall systems. Established areas to be considered during a risk assessment 4.2.1 Technology Initial Screening All elements identified in the system decomposition step should be screened and assigned an uncertainty rating colour-coded rating of red, green or yellow. Screening of technology elements for The color-coded category matrix depicted in Fig.2 with respect to the experience level in the target operating environment and the technology readiness level should be used to assign uncertainty level for each element. Qualification review requirements for each uncertainty level are briefly described in Fig.3 Figure 3 0 2 3 5 6 7 Technology Readiness Level Qualification review levels No new technical uncertainties review medium review high The elements in the red category are highly likely to introduce new technical uncertainties and should be subjected to the high qualification review comprising of the most intensive review requirements in the subsequent qualification steps (see 5.3.1) High qualification review attempts to reduce technical uncertainties and/or bring up the TRL of these elements. Requirements and recommendations about (including but not limited to) testing, risk mitigation, and design improvements aiming at moving those elements to categories of a higher certainty in the same or subsequent technology and/or system development stages should be determined and provided. Lloyd s Register 7

Guidance Notes for, December 2014 Section 4 The elements in the yellow category should be subjected to the medium qualification review whose qualification activities and requirements are a subset of the high qualification review. Medium qualification review should include required processes and requirements of risk assessment. The elements in the green category should be considered as introducing no new technical uncertainties and screened out in order not to go through the remaining qualification process. They should be subjected to review by established codes and standards. 4.2.2 Technology Readiness Level Assessment The technology readiness level (TRL) is a function of the Technology Maturity Level (TML) and the Integration Maturity Level (IML) 4.2.2.1 Technology Maturity Level Agreed by the LR TQ team as acceptable to LR, the ranking of TML of technologies should be chosen to be relevant to the industry in which their applications are specifically required by the regulations. This procedure aligns with TML ranking in API 17N. A comparison between different TML ranking regimes such as NASA is provided in Appendix 3. TML assessment of any CTE is tied to the intended application through the performance specifications provided. It is possible that the same technology element will be assigned for different TML in different applications or in different operating environments. For example, the TML of a coating technology may be 7 in a noncritical/low spec application, but could be 3 in a critical/high spec application. Where applicable, the technology maturity level review for an element or set of elements should include the review of and account for the novelty aspects of the integration of the element(s). (See 4.2.2.2) A scheme and/or a method to adjust TML assigned to an element with respect to different IMLs of the sub-elements should be determined and agreed with the LR TQ team as acceptable to LR. The scheme and method might be qualitative or quantitative or combined by both and should be consistent throughout the TQ review process. Appendix 5 provides an illustration to qualitative and quantitative aspects of the IML-adjusted TML assignment methods. 4.2.2.1.1 Technology Maturity Level Assignment Process Supporting tools and models to assist TML calculation might be employed; in that case the calculation steps and methods are to be documented in the technology assessment report and be agreed upon by the LR TQ team as acceptable to LR. Where data is limited for concluding a calculable TML assignment, expert opinions should be considered and applied in assigning TML for the elements under review. Expert opinions might be referred to in order to determine the TML for integrated elements whose TML and IML are not identical, in case of limited data available to be used to assess the TML quantitatively. It should be noted that the TML of an element at a higher level in the hierarchy should not be higher than the lowest TML among the integrated CTEs of the element if the element and those integrated CTEs are operating in an identical environment (see Appendix 4). 4.2.2.1.2 Software-based Technology Elements Software is continually changing and a new release/modification of software could introduce new faults or break down the architectural integrity of software. Therefore software degradation might alter previously confirmed maturity level. Assessment of TML for software-based elements might adopt a different philosophy from mechanical or non-software-based technologies. The TML of the software could be assessed at any development stage without waiting until the actual code is produced. For example, the maturity level of critical algorithms could be assessed through analysing their pseudo code in addition to their implemented code. Software-based technology elements should be categorized as either standalone or non-standalone where applicable. The standalone category is to include elements such as operating system and computer-based process control system. The nonstandalone category is to include elements that are required to operate on non-pc hardware such as PLC-based software, network, and device drivers. Issues related to the integration of software-based elements are often challenging and costly to resolve at the later development stage. The maturity level of the standalone elements might be assessed through techniques, models, and methods in the existing standards, which are acceptable to LR, governing software development lifecycle in the target operating environment. A procedure to assess TML of software-based technology elements should be established and be acceptable to LR. 4.2.2.2 Integration Maturity Level Technology elements could pose technology challenges and uncertainties when integrated into a system, even if the standalone element(s) is a matured technology. Review of integration issues should be performed for each element identified at the system decomposition step to determine the novelty of the integration. This review attempts to determine if elements within systems have been previously integrated and to review documented experience or performance of the integration and issues. Information and data used to assess the IML should be provided. For example, processrelated integration issues might be reviewed through process flow diagrams (PFDs), while software-related integration issues might be reviewed through data flow diagrams. More attention might be paid to the integration aspects of elements whose qualification outcomes could affect the critical claims and goals. 4.2.3 Technology Operating Maturity Level All of the elements identified in the system decomposition step should be assigned to a maturity level of operating in the target operating environment in one of three categories: proven, limited experience and new. 8 Lloyd s Register

Guidance Notes for, December 2014 Section 4 A technology element could have the highest TML, but still be new to or have a limited experience in a target environment. The operating maturity of a technology element is relatively determined by the technology s operating performance. The body of knowledge about the operating performance of technology is therefore confirmable, accessible and verifiable. The maturity in an operating environment is determined by the time period the technology has been continuously used in the operating environment, and also by the technical uncertainties posed by the technology as perceived by the LR TQ team, SMEs, third party technical independent assessors and/or determined by the specific guidelines/requirements from regulators and end-users. Where applicable, a consensus-based decision should be applied to determine the operating maturity level in the target operating environment for all elements identified in the system decomposition step. 4.3 Risk Assessment The intended scope of this step is to provide the risk management principles and processes determined via examination by SMEs throughout the lifecycle for each of the technology elements identified at System Decomposition (see 4.1.1) and screened in the technology assessment (see 4.2). The elements include CTEs, equipment and systems where novel technology is used. Each technology element is identified and reviewed individually, and recommendations for qualifications or mitigations are identified, recorded and traceable throughout the qualification process. It is an iterative process until all mitigation and qualification activities are satisfactorily identified. It is possible that the list of technology elements and/or their screening assessments identified at earlier qualification steps might be adjusted during the detailed Risk Assessment steps. The assessment process aims to ensure that all reasonably foreseeable hazards associated with a particular technology are identified and adequately controlled, such as hazards related to novel aspects of system integrity failure, and control/isolation failure. Adequate risk control measures should follow the risk control hierarchy acceptable to LR and/or recommended in respective international standards (e.g. see ISO 17776, ISO/IEC 31010). The adequate measures could be, but are not limited to, such as elimination, prevention, reduction or mitigation, and can be realised in the forms such as physical equipment, process control systems, operating or maintenance procedures for all aspects. Where a technology undergoing qualification is derived from a technology previously qualified by LR or other qualified assessment organization, the risk assessment to be undertaken may refer to the relevant parts of risk assessment resulting from the previous qualification and also include the differences in integration and/or in the application of its use. Risk Assessment is established to ensure any risks stemming from the technology are addressed, to ensure risks are eliminated wherever possible and risks which cannot be eliminated are mitigated. 4.3.1 Risk Assessment Team Risk assessment is not a substitute for good engineering judgment and expertise. In order for risk assessment to be effective the persons involved in the process must have the knowledge and experience in the technology area and/or target operating environment to provide a high quality, robust evaluation of the technology and systems being assessed. Independent third party expert(s) should be involved in the risk assessment process for high ranking hazards identified at the high-level hazard review, for example HAZID/HAZOP (see 4.3.3). The risk assessment team should include: a. Key Stakeholder (e.g. owner, operator/end-user, designer/ developer, third party assessor) b. Technical SMEs (pertaining to technology area and target operating environment) c. Regulators or the jurisdictional authorities, if deemed necessary d. A risk SME should chair the team during the risk assessment process 4.3.2 Assessment Methods This document does not mandate any particular risk assessment method and does not offer acceptance criteria. It defines the principles and processes which LR requires to ensure that the risk assessment is performed to an acceptable standard. The methodology of risk assessment should meet the intent of international, national and industry standards acceptable to LR, such as LR risk assessment guidelines. The selection of methods and techniques should take into consideration the nature of the CTE, the system and equipment to be reviewed, safety and environmental factors, the risk profile, regulatory requirements and other pertinent variables. The selected risk assessment technique and risk management procedure should be approved by LR. Acceptable risk assessment approaches should be identified and dependent on engineering complexity, availability of data regarding sub-systems/components integrity and reliability. The selected method should consider complexity and maturity of the technology being assessed. Comprehensive descriptions of the risks should be provided. ISO/IEC 31010 provides guidance on selection and application of systematic techniques for risk assessment. ISO 17776 identifies some of the tools and techniques that can be used to identify hazards and risks in the offshore exploration and production industry and provides guidance on how they may be applied to particular activities. Risk assessments may be built on a foundation of applying the appropriate codes and standards where appropriate. Lloyd s Register 9

Guidance Notes for, December 2014 Section 4 4.3.3 Hazard Identification A prerequisite of risk assessment is hazard identification. A complete list of hazards related to a technology, subcomponent, equipment and system should be identified by means of a structured and systematic approach. HAZID and HAZOP are possible techniques for identification of all significant hazards. Each identified hazard is reviewed to determine whether it is significant and requires further evaluation by applying hazard evaluation techniques. It is important to record all identified hazards and the reasons for classifying some as not significant. This ensures traceability as the qualification progresses into later stages. Hazards to personnel, environment, and asset should be identified and potential associated risks should be evaluated. A formal hazards register should be prepared, detailing each hazard together with appropriate data such as potential cause, potential consequence, and actions for risk control measures. More information on HAZID should be referred to ISO 17776 Annex B and Annex D. 4.3.3.1 HAZOP - Hazard & Operability study The basis of HAZOP is a systematic examination of deviations from expected operational boundary conditions. It is performed by using a series of guidewords and parameters to identify if any of the combinations can occur, and if so the possible causes and consequences. In addition, existing measures to minimize causes and consequences are listed together with any recommendations to eliminate the deviation or improve upon the existing measures. IEC 61882 might be referenced to as a guide for HAZOP studies of systems, providing guidance on application of the technique and on the HAZOP study procedure, including definition, preparation, examination sessions, resulting documentation and follow-up. 4.3.3.2 SWIFT - Structured What-IF Technique SWIFT is similar to HAZOP as it is a structured brainstorming session; it uses a set of questions to stimulate discussion on consequences, safeguards and recommendations. Instead of using the guidewords and parameters in the HAZOP, standard what-if type phrases and a set of prompt words associated with the system are used to facilitate the discussion. The SWIFT technique is described in ISO 31010. 4.3.3.3 FHA - Functional Hazard Assessment Functional Hazard Assessment is a top-down safety assessment technique defined in SAE ARP4761. FHA is a predictive technique that attempts to explore the effects of functional failures of parts of a system. FHA is first carried out for the whole system working from a description of system functions. Then, following allocation of functions to the systems, FHA is performed again for each subsystem. 4.3.3.4 Risk Identification Identification and assessment of the failure modes of the systems should be performed. The selected technique should be relevant and adequate for this purpose. FMECA, FTA and ETA are possible methods. 4.3.3.5 FMECA - Failure Modes, Effects and Criticality Analysis The function of each decomposed element of the system is analysed and for each element, consideration is given to the failures or incorrect performance that may occur. The associated cause of each failure and the corresponding effects of the failures are listed alongside each failure mode. Each failure mode identified is ranked according to its importance or criticality. There are several ways this may be conducted. Common methods include the measure of the probability that the mode being considered will result in failure of the system as a whole, level of risk by combining the consequences of a failure mode occurring with the probability of failure or a semi-quantitative measure of criticality obtained by multiplying numbers from rating scales (usually between 1 and 10) for consequence of failure, likelihood of failure and ability to detect the problem. IEC 60812 provides the procedure for the FMECA technique. 4.3.3.6 FTA - Fault Tree Analysis The FTA is used to qualitatively identify the potential causes and pathways to a failure. It can also be used quantitatively to calculate the probability of the failure given the probabilities of the causes. IEC 61025 describes the process of a Fault Tree Analysis and IEC 60300-3-9 gives guidelines on dependability management which is used to develop the fault tree of the system. 4.3.3.7 ETA - Event Tree Analysis The ETA is used to illustrate and quantify all possible outcomes from an initiating event by considering what can happen next. The tree is used to map the different ways the initiating event can escalate and the effectiveness of the control measures at each juncture. IEC 62502 gives guidance on carrying out the ETA technique. 4.3.4 Risk Evaluation and Reporting An LR-acceptable risk ranking methodology should be determined and carried out at each critical milestone/gate/phase for qualifying and managing the process of the whole lifecycle. 4.3.4.1 Risk Likelihood & Severity and Classification The selection of method (quantitative vs. qualitative) should take into consideration the complexity and maturity of the technology being assessed. Likelihood and severity ratings should be discussed and agreed upon at the beginning of the risk assessment workshop by all SMEs. An appropriate risk classification methodology should be agreed upon and established at the beginning of the risk assessment process by all SMEs to assess how new technology has been qualified and managed through the qualification process. A Risk Matrix is one possible method for classifying risks. 10 Lloyd s Register

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback