Remote diagnostic systems have the potential to cause danger by initiating unexpected operations or by affecting safety functions by software/parameter modification or by diverting the control system processor from time critical functions.
The need for remote diagnosis should be justified, a risk assessment completed, and measures taken to ensure that safety is not affected by normal operation or malfunction of the diagnostic system, including the remote diagnostic terminal and software, communication link, and the control system diagnostic interface and software.
Consideration should be given to:
- Security and control of access;
- Communication between diagnostician and plant personnel;
- Restricted mode of operation; passive (monitoring only), active (control/operator functions), interactive (software change possible);
- Potential for operation outside restricted mode under fault conditions;
- Protection of safety functions from unauthorised modification;
- Change control;
- Competence of personnel.
Whilst beyond the scope of HS(G)87 ‘Safety in the remote diagnosis of manufacturing plant and equipment’, the publication provides a useful background to the subject.