1. Introduction
In Safety Instrumented Systems (SIS), two critical Human-Machine Interfaces (HMI) are involved:
Engineering Station (ES): Used for configuration, programming, diagnostics, and maintenance.
Operator Station (OS): Used for monitoring, process operation, and alarm handling.
A common industry question is whether these two stations can be shared to reduce cost and simplify system architecture. This article evaluates the issue from a safety, standard compliance, and practical application perspective.
2. Standards and Guidelines
2.1 GB/T 50770-2013
Requires dedicated engineering stations for SIS configuration, diagnostics, and maintenance.
Event Sequence Recorder (ESR) can share resources with the engineering station but not with operator stations.
2.2 HG/T 22820-2024
SIS with programmable electronics must have an engineering station for configuration and system updates.
ESR may be combined with the engineering station.
2.3 HG/T 20511-2014
SIS must be equipped with an engineering station.
Engineering stations require multi-level password protection.
ESR may be combined with the operator station if one exists; otherwise, with the engineering station.
2.4 HG/T 20573-2012 (BPCS Reference)
Engineering stations can also function as operator stations if software and permissions are adjusted.
However, guidelines recommend dedicated use for safety and data integrity.
2.5 SH/T 3092-2013
Field engineering stations may double as operator stations if user permissions are modified.
Strongly emphasizes “dedicated use” for system safety.
3. Comparison Table: SIS vs. BPCS Requirements
| System Type | Engineering Station (ES) | Operator Station (OS) | Event Sequence Recorder (ESR) | Sharing Policy |
|---|---|---|---|---|
| SIS | Mandatory, dedicated; used for configuration, diagnostics, maintenance | Separate from ES | Can share with ES | ES and OS should not be shared |
| BPCS | Can function as OS with software and permission changes | Mandatory for process operation | Often integrated with OS | ES may double as OS, but dedicated use recommended |
4. Safety Considerations
Risk of Misoperation: Operators may accidentally trigger engineering functions if stations are shared.
Cybersecurity & Access Control: Engineering stations require stricter permission and password protection than operator stations.
System Integrity: SIS must remain independent to ensure functional safety (IEC 61511 / IEC 61508).
5. Practical Engineering Insights
In real-world projects, BPCS engineering stations may sometimes double as operator stations, but SIS engineering stations are not recommended to share with operator stations due to safety-critical functions.
Cost-saving measures should not compromise system integrity; instead, ESR can be combined with ES to reduce hardware redundancy.
Best practice: dedicated SIS ES + shared ESR + separate OS, ensuring both safety and maintainability.
6. Conclusion and Recommendations
Answer: SIS operator stations and engineering stations must not be shared for safety reasons.
Compliance with GB/T, HG/T, and SH/T standards reinforces this principle.
Companies should adopt a dedicated-use policy for SIS engineering stations, while allowing limited sharing between ESR and ES.
During design and procurement, clearly specify SIS HMI requirements in the Instrumented Safety Lifecycle (IEC 61511) documentation.