TABLE OF CONTENTS 
Functional testing must be carried out periodically in order to verify the operation of a safety instrumented system (SIS) and to ensure that target safety integrity levels (SIL) are being met. Testing must include the entire system (i.e., sensors, logic solver, final elements, and associated alarms) and be based on clear and well-defined objectives. Responsibilities must be assigned and written procedures must be followed.
Testing should be regarded as a normal preventative maintenance activity. An SIS cannot be expected to function satisfactorily without periodic functional testing. Everything fails, it's just a matter of when. Since safety systems are passive, not all failures are self-revealing. Sensors and valves may stick and electronic components may fail energized. Therefore, safety systems must be tested in order to find dangerous failures that would prevent the system from responding to a true demand.
Testing can be either automatic or manual and can include hardware and/ or software. Testing software is a controversial issue. One should realize that mere testing alone cannot detect all software errors (e.g., design errors). As was stated in earlier chapters, most software errors can be traced back to the requirements specification. Therefore, testing software against the requirements specification may not reveal all errors. This chapter focuses on periodic manual testing of hardware.
It's not unheard of to encounter safety systems that have never been tested since the initial installation. When these systems were eventually tested, dangerous failures have been found, most of...
