Vous êtes sur la page 1sur 19

Engineering Standard

SAES-Z-010 10 September 2011


Process Automation Networks
Document Responsibility: Process Control Standards Committee

Saudi Aramco DeskTop Standards


Table of Contents

1 Scope............................................................ 2
2 Conflicts and Deviations................................ 4
3 References.................................................... 4
4 Definitions...................................................... 5
5 Management of Change................................ 7
6 Process Automation Network Design............ 8
7 Wiring System............................................. 12
8 Pan Router and Switch Access and
Monitoring Design Requirements........ 13
9 Operating System and
Network Device Hardening.................. 17
10 Centralized Patch Server............................ 17
11 Backup and Recovery................................. 18
12 System Testing............................................ 18
13 Documentation............................................ 18

Previous Issue: 1 November 2010 Next Planned Update: 1 November 2015


Revised paragraphs are indicated in the right margin Page 1 of 19
Primary contacts: Saeed, Mohammed Abdullah on 966-3-8801364 and Mevec, Paul Francis on 966-3-8809203

CopyrightSaudi Aramco 2011. All rights reserved.


Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

1 Scope

1.1 This standard establishes the requirements for design, installation, configuration
and commissioning of network connectivity between the Saudi Aramco Process
Automation Systems, the Saudi Aramco corporate network, third party external
networks, and the Process Automation Systems Engineering & Maintenance
networks (E&MN). Parties involved in the commissioning of PANs are
required to comply with this standard.

1.2 Specification of all systems installed on the Plant Automation Network layer
shall follow their respective standard and are excluded from this standard.

1.3 Geographically spread Remote Terminal Units (RTU's) are not covered in this
standard.

1.4 The following standards are excluded from this standard:

1.4.1 The requirements and guidelines governing the engineering, design


and installation of proprietary Process Control Systems is covered in
SAES-Z-001.

1.4.2 The requirements and guidelines governing the engineering, design and
installation of Supervisory Control and Data Acquisition (SCADA) is
covered in SAES-Z-004.

1.4.3 The requirement for engineering design, specification, installation,


configuration, commissioning and maintenance for FOUNDATION
Fieldbus based control systems are covered in SAES-J-904.

1.4.4 The procedural requirements and guidelines to govern minimum


mandatory Security for Process Control Systems (PCS) are covered in
SAEP-99 and excluded from this document.

Page 2 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

The standards correlation drawing below further illustrates what each standard's
responsibilities are.

Standards Coordination Drawing

Page 3 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

This entire standard may be attached to and made a part of purchase orders.

2 Conflicts and Deviations

2.1 Any conflicts between this standard and other applicable Saudi Aramco
Materials System Specifications (SAMSSs), Engineering Standards (SAESs),
Engineering Procedures (SAEPs), Standard Drawings (SASDs), or other
Mandatory Saudi Aramco Engineering Requirements (MSAERs) shall be
resolved in writing by the Company or Buyer Representative through the
Chairman, Process Control Standards Committee, Process & Control Systems
Department, Dhahran.

2.2 Direct all requests to deviate from this standard in writing to the Company or
Buyer Representative, who shall follow internal company procedure SAEP-302
and forward such requests to the Manager, Process & Control Systems
Department of Saudi Aramco, Dhahran.

3 References

The selection of material and equipment and the design, construction, maintenance, and
repair of equipment and facilities covered by this standard shall comply with the latest
edition of the references listed below, unless otherwise noted.

3.1 Saudi Aramco References

Saudi Aramco Engineering Procedure


SAEP-99 Process Automation Networks & Systems Security
SAEP-302 Instructions for Obtaining a Waiver of a
Mandatory Saudi Aramco Engineering
Requirement
SAEP-1630 Preparation of Integration Test Procedure
Document
SAEP-1634 Factory Acceptance Test Plan
SAEP-1638 Site Acceptance Test Plan

Saudi Aramco Engineering Standards


SAES-J-902 Electrical Systems for Instrumentation
SAES-J-904 FOUNDATION fieldbus (FF) Systems
SAES-P-103 UPS and DC Systems
SAES-Z-001 Process Control Systems

Page 4 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

SAES-Z-004 Supervisory Control and Data Acquisition Systems

Saudi Aramco Materials System Specification


34-SAMSS-820 Instrument Control Cabinet Indoor

Saudi Aramco Engineering Report


SAER-6123 Process Automation Networks Firewall
Evaluation Criteria

Saudi Aramco General Instructions


GI-0710.002 Classification of Sensitive Information
GI-0299.120 Sanitization and Disposal of Saudi Aramco
Electronic Storage Devices and Industry Codes
and Standard

Corporate Policy
INT-7 Data Protection and Retention

Saudi Aramco Information Protection Manual (IPM)


IPSAG-007 Computer Accounts Security Standards &
Guidelines

3.2 Industry Codes and Standards

Institute of Electrical and Electronics Engineers, Inc.


IEEE 802.3 Carrier Sense Multiple Access with Collision
Detection (CSMA/CD) Access Method and
Physical Layer Specifications

4 Definitions

Backbone: A network configuration that connects various LANs together into an


integrated network. In a Plant-wide network, that part of the network whose primary
function is to forward data packets between the other smaller networks.

Bandwidth: In digital communications, describes the amount of data that can be


transmitted over a channel in bits-per-seconds.

CoGen: Supplementary Power generation facilities, normally operated by a third party.

Engineering and Maintenance Network (E&MN): is a network used to connect


engineering workstations to process control network to maintain and configure
controllers not part of the DCS.

Page 5 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

Ethernet: A local-area network architecture based on IEEE 802.3. It uses a bus or star
topology and supports data transfer rates of 10, 100, 1000, and 10,000 Mbps.

Firewall: A firewall is a set of related programs, located at a network gateway server


that protects the resources of a private network from users of other networks.

Gigabit Ethernet: Ethernet that operates at 1000 Megabits per second.

Human Machine Interface (HMI): The display, data entry devices and supporting
software to allow a user access to applications.

L3 Switch: A network device that joins multiple computers together at the network
protocol layer of the Open System Interconnection (OSI) model eliminating the need for
a router. L2 network switches operate at layer two (Data Link Layer) of the OSI model.

Local Area Network (LAN): A private data communications network, used for
transferring data among computers and peripherals devices; a data communications
network consisting of host computers or other equipment interconnected to terminal
devices, such as personal computers, often via twisted pair or coaxial cable.

Logical Separation: use of software running on common hardware to separate two or


more entities.

Logs: Files or prints of information in chronological order.

OPC Tunneling: An encrypted protocol used to communicate process data to external


networks.

Physical Separation: use of hardware to separate two or more entities.

Process Automation Network (PAN): is a plant wide network interconnecting


Process Control Networks (PCN) and provides an interface to the WAN. A PAN does
not include proprietary process control networks provided as part of a vendor's standard
process control system.

Process Control Network (PCN): A proprietary process control network provided as


part of a vendor's standard process control system.

Service Level Agreement (SLA): An agreement made between two parties in Saudi
Aramco outlining service support terms for an item released for use from one party to
another. Example: party A has spare fiber optic cables. Party B wants to use currently
installed fiber optic cables. An SLA is used to determine the conditions of use and
defines service requirements and responsibilities.

Virtual Private Network (VPN): A private communications network existing within a


shared or public network platform (i.e., the Internet).

Page 6 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

Wide Area Network (WAN): an extension of LAN technology to include more nodes
and greater distances between nodes; can be formed by interconnection of individual
LANs.

Server: A server is a dedicated data provider.

Abbreviations:
CCTV - Closed Circuit Television
DCS - Distributed Control Systems
IP - Information Protocol
LAN - Local Area Network
PAN - Process Automation Network
OSI - Open Systems Interconnection
SCADA - Supervisory Control & Data Acquisition
TCP - Transmission Control Protocol
UDP - User Datagram Protocol
UPS - Uninterruptable Power Supply
VLAN - Virtual LAN
VMS - Vibration Monitoring System
WAN - Wide Area Network

5 Management of Change

A written procedure should be in place at each operating facility detailing the


requirements for the review and approval of all changes made to PAN equipment.

5.1 This procedure shall be part of the plant operation instruction manuals.

5.2 This procedure shall be followed for new implementations, expansions and
upgrades of the PAN.

6 Process Automation Network Design

6.1 The PAN shall be based on IEEE 802.3 CSMA/CD (Ethernet) standard.
The backbone shall be based on Layer 3 multi-protocol switches utilizing
1 Gigabits per second (Gbps) backplane throughput as minimum. Nodes, such
as servers/ workstations, shall be connected to 10/100 Mbps ports.

Page 7 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

6.2 Physical and Logical Separation

6.2.1 The network design shall provide physical and logical separation
between PAN and all other networks such as the Saudi Aramco
Corporate Network.

6.2.2 Logical separation, at minimum, is mandatory for network connections


above firewall.

6.2.3 Logical separation is mandatory for subsystems such as CCTV,


telephone network connections below firewall.

6.2.4 Physical separation utilizing dedicated fiber strands of an existing fiber


optics cable is permitted and shall include a service level agreement
defining area of responsibility for support and maintenance, including
agreed response time.
Commentary Note:

Growth and future expansions shall be considered.

6.2.5 A minimum bandwidth of 5 Megabits/s requirements shall always be


made available for any given WAN connection.

6.3 PAN equipment shall be deployed with the latest stable vendor supported
operating systems.

6.4 Network traffic through the firewall should be limited to server-to-server


connections and through selected source/destination IP addresses and TCP/UDP
ports and services.

6.5 Engineering and Maintenance Network (E&MN)

6.5.1 The E&MN shall be connected to the PAN.

6.5.2 The E&MN network shall be used to integrate auxiliary systems on a


single network such as Emergency shutdown systems, compressor
control systems, vibration monitoring systems, etc., for the purpose of
centralizing the engineering and maintenance activities for the plant.

6.6 Remote Access

6.6.1 Remote access through the plant firewall, for control purposes, is not
permitted.

6.6.2 Remote engineering by Saudi Aramco personnel through the firewall is


permitted. The following conditions shall apply:

Page 8 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

6.6.2.1 The Engineering station must be in a room with controlled


physical access.

6.6.2.2 Remote access nodes shall be placed on the corporate network


for server to server communication.

6.6.2.3 A Virtual Private Network shall be used for vendor remote


troubleshooting for communication between remote access
nodes.

6.6.3 For remote vendor troubleshooting, the following shall be followed:

6.6.3.1 Manager approval is required prior to the establishment of the


connection.

6.6.3.2 User ID authentication shall be performed by Saudi Aramco IT


active directory services.

6.6.3.3 Two factor authentication shall be used to verify vendor


identity.

6.6.3.4 Data encryption shall be used to protect transferred data using


encryption keys.

6.6.3.5 A Virtual Private Network shall be used for vendor remote


troubleshooting for communication between remote access
nodes.

6.6.3.6 A secondary tunneling solution shall be implemented with the


VPN such as Secure Socket Layer (SSL).

6.6.3.7 Remote access nodes shall be placed on the corporate network


for server to server communication.

6.6.3.8 User ID authentication shall adhere to IT corporate policy.

6.6.4 Users on the corporate WAN can access plant data through a terminal
server located on the corporate network.

6.7 Firewalls Filtering, Blocking, and Access Control

This section applies to Firewalls protecting the PAN from the corporate data
network, and any firewall protecting the PAN from third-party networks
(e.g., CoGen).

6.7.1 Control and regulate access into/out of the PAN.

Page 9 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

6.7.2 Enable information logging for traffic monitoring and intrusion


detection.

6.7.3 The fundamental policy for configuring firewalls in plant automation


networks shall be "DENY UNLESS SPECIFICALLY PERMITTED".

6.7.4 Antivirus and Intrusion Prevention functionalities shall be installed on


firewall to the PAN network.

6.7.5 Network traffic through the firewall shall be limited to server-to-server


communications and filtered based on source/destination IP addresses
and TCP/UDP ports. Blocking shall be enabled for both inbound and
outbound communications. Any Corporate Network's user requiring
access to Plant's Systems shall use Proxy Servers.

6.7.6 A PAN comprising of multiple scattered (PANs), should interface with


the Corporate Network via a centralized firewall. The consolidated
PANs shall be connected together in order to establish one PAN utilizing
the corporate transmission infrastructure.

6.7.7 The firewall filter rules shall not allow insecure services such as Telnet
and FTP to traverse he firewall.

6.7.8 SAER-6123, Process Automation Networks Firewall Evaluation


Criteria provides additional guidelines for firewall configuration and
hardware selection.

6.7.9 To minimize the number of open ports on the firewall, it is


recommended to install an application proxy inside the plant.

The PAN backbone switches shall assume the routing functionality internally for
the PAN and interface with Saudi Aramco wide area network WAN router
through a dedicated firewall hardware. The firewall shall be configured to limit
Internet Protocol (IP) routes advertisement to the WAN router to those servers
requiring access by other servers on the WAN. Other subnets assigned to PAN
systems shall not be advertised to the WAN router.

6.8 External Connection to Third Party Systems (non-Saudi Aramco facilities such
as CoGen)

6.8.1 A risk assessment shall be performed by the proponent Plant prior to


connecting to a third party facility.

The risk assessment and third party connections shall be approved by the
Plant Manager.

Page 10 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

6.8.2 Third party interface require a dedicated firewall on the third party plant
site and the Saudi Aramco plant site.

6.8.2.1 The third party firewall shall be managed by the third party
firewall administrator.

6.8.2.2 It is highly recommended that interface(s) to third party


networks, such as co-generation (CoGen) utilize the existing
PAN to Corporate network firewall.

6.8.2.3 Firewall design shall follow the Firewalls Filtering, Blocking,


and Access Control section of this document.

6.8.3 Communications cables between third party firewalls and Saudi Aramco
plant firewall shall be physically and logically separated.

6.8.4 Communication between third party plant sites and Saudi Aramco plant
sites shall be server to server communication.

6.8.5 A logically separated connection such as VPN shall be used to secure


communication between the offsite third party network and the Saudi
Aramco network.

6.9 PAN shall not be permitted to access the internet.

6.10 All TCP/IP addressing shall be obtained from Saudi Aramco Information
Technology Organization.

6.11 All nodes on the PAN shall be assigned static IP addresses.

6.12 Dynamic Host Configuration Protocol (DHCP) shall not be used on the PAN.

6.13 Below is a sample architecture diagram.

Page 11 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

Aramco IT WAN
Network

Plant IT Backbone Proxy IT Backbone WEB


Hist. Switch (A) Server Switch (B) server
Server (B)

Firewall Firewall
Firewalls
( Active) ( Hot Standby)

Backbone Switch Backbone Switch


(Hot Standby) PAN
( Active)

PCS

10/100 MBPS
SAME FOR
ALL Nodes

Switch Switch Switch Switch Switch Switch Switch

Plant
Hist. ... DCS SCADA CCTV VMS ...
ESD Controller
Server (A)

Process Automation
Network

7 Wiring System

7.1 Cabinets

7.1.1 Fiber Optic patch panels shall be installed in a cabinet.

7.1.2 PAN routers and switches shall be installed in a cabinet.

7.2 Fiber Optic Cables

7.2.1 Fiber Optic Cable routed to another cabinet shall be run in Polyethylene
Corrugated Loom Tubing or flexible conduit at a minimum.

7.2.2 Corrugated Loom Tubing or flexible conduit is not required inside


cabinets.

7.3 PAN cabling shall conform to "The Data Link" requirements in SAES-J-902
(Electrical Systems for Instrumentation).

Page 12 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

7.4 PAN cabinets shall be designed in accordance with Saudi Aramco Materials
System Specification 34-SAMSS-820.

7.5 UPS/Battery capability and software implemented to provide for a controlled


shutdown of services in PAN components shall be configured according to
SAES-P-103, "UPS and DC Systems".

8 Pan Router and Switch Access and Monitoring Design Requirements

8.1 The PAN administrator shall be responsible for performing any configuration,
modification to the plant information network in accordance with rules and
responsibility in Saudi Aramco Engineering Procedure SAEP-99.

8.2 PAN Router and Switch Administration

8.2.1 Management of passwords, User IDs and User Role privileges of servers
and workstations shall be done via a central server connected to the PCS
system.

8.2.2 User Accounts

8.2.2.1 Each User should be assigned a unique User ID.

8.2.2.2 All GUEST user accounts shall be disabled on the system.

8.2.2.3 Where applicable, all individual User IDs formats should


conform to corporate guidelines as highlighted in Section
11.1.1.3.6 USER ID CONSTRUCTION in IPSAG-007.

8.2.3 User Account Passwords

8.2.3.1 Every User ID shall have an individual password.

8.2.3.2 The system shall be configured to require a minimum password


length of eight characters.

8.2.3.3 Passwords shall be transmitted and stored in encrypted format.

8.2.3.4 The system shall be configured to enforce password


uniqueness. A minimum of three unique passwords must be
entered before a password can be re-used.

8.2.3.5 Password Construction

The system shall be configured to enforce password complexity


rules.

Page 13 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

a) Easy guessable passwords must be avoided at all times.


As a minimum a password must be constructed as
follows:
b) A password must contain at least two of the following
four characteristics:
Lower case characters a-x
Upper case characters A-Z
Digits 0-9
Punctuation characters e.g., ! @ # $ % ^ & *, etc.

8.2.4 The system should be configured to require passwords to be reset for


all User IDs every six months.

8.2.5 The system should issue a password expiration notification to the user
at least 10 days prior to password expiry date.

8.2.6 Passwords shall be masked on the screen while being entered.

8.2.7 In order to change user account passwords, users should always be


required to provide both their old and new passwords, if supported by
the system.

8.2.8 PAN router and switch passwords shall be changed prior to


commissioning.

8.2.9 PAN routers and switches should monitor and record all failed login
attempts.

8.3 Delegation and Support

8.3.1 A risk assessment, with participation from P&CSD, IT and the Plant
shall precede the official delegation of support responsibilities of PAN
components to IT or other support entities.

8.3.2 Any Delegation of support and management responsibility must be


approved by the plant Manager through a Service Level Agreement
(SLA).

8.4 System Access

8.4.1 System Login scripts, if any, shall be configured to prevent a user


bypassing them.

Page 14 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

8.4.2 Repeated login failures shall be logged with the location, date, time and
user account used.

8.4.3 At login time, every user should be given information reflecting the last
login time and date, if supported by the system or application. This will
allow unauthorized system usage to be detected.

8.5 Extension of the PAN using wireless technology is not permitted.


Commentary Note:

For SCADA applications, wireless extension of the PAN can be used with prior
approval from P&CSD Manager.

8.6 PAN equipment that contains data storage shall be sanitized in compliance with
GI-0299.120, when disposed of.

8.7 Monitoring and Review

8.7.1 The PAN shall be configured for the monitoring of:


Unexpected users logged on the system.
Users from unexpected hosts logged on.
Users logged on at unexpected times.
Login failures.
Logins from unknown hosts.
Failed access to system files.
Changes to the system date and/or time.
System reboots and shutdowns.
Use of remote console facility.
Integrity of system security files.
Users without passwords.
Users with passwords similar to their login names.
Users with passwords of fewer than six characters.
Users who are not required to change their passwords every 120 days.
Users who are not required to use unique passwords.
Inappropriate accesses to system files.

Page 15 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

8.7.2 PAN switches and routers shall be configured to capture all related
events to detect performance and availability related problems.
This must be a vendor approved solution.

8.7.2.1 The events below should be captured:


System alarms and failures
CPU utilization
Memory utilization
IO rates (i.e., physical and buffer) and device utilization
Network utilization (e.g., transaction rates, error and retry
rates)

8.7.2.2 Vendor approved 3rd party computer hardware monitoring


software or appliance may be used to manage hardware
performance monitoring parameters.

8.7.3 Retention and archival of security audit logs shall be developed in


accordance with Corporate Data Protection and Retention INT-7 policy.
The following requirement should be considered:

8.7.3.1 The retention period for audit logs shall be set for 3 months as
a minimum.

8.7.3.2 Minimum storage capacity for logs shall be 500 Gb.

8.7.3.3 Logging levels should be set to a minimum of 5 (notification).

8.7.4 Network Analyzers

The use of active Testing Tools such as network sniffers and analyzers
shall adhere to the following guidelines:

8.7.4.1 The use of network protocol analyzers shall be always


authorized by Plant Management.

8.7.4.2 Vendor approved network analyzers shall be used.

8.7.4.3 Network analyzers shall be installed on dedicated machines on


the PAN.

8.7.4.4 The use of network protocol analyzers shall be restricted to


PAN administrators.

Page 16 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

Commentary Note:

Network protocol analyzers are recommended for detailed


network maintenance and troubleshooting. The protocol
analyzer shall have the capability to be able to decode all PAN
protocols. In a switched environment, a network analyzer can
only see a single segment at a time; therefore, a mechanism to
overcome this obstacle shall be made available.

8.7.5 Captured information classified as Sensitive, as defined in GI-0710.002,


shall be adequately safeguarded.

8.8 Physical Access

8.8.1 The PAN hardware components such as cables, switches, routers and
modems are vulnerable to vandalism and electronic eavesdropping and
shall be physically secured.

8.8.2 Physical access to these components shall be restricted to those persons


authorized for administrative access. Unused offices/partitions shall not
have live network ports.

9 Operating System and Network Device Hardening

9.1 PAN equipment shall be deployed with vender supported security hardened
operating system.

9.2 The secure configuration baselines shall be thoroughly tested by the vendor and
after be provided to the PAN administrators to enable them to support and
administrator the PAN equipment after deployment.

9.3 PAN equipment with unused physical ports/interfaces shall be disabled prior to
commissioning.

10 Centralized Patch Server

A centralized patch server shall be located on the PAN. This server shall be capable of
deploying patches for;

10.1 OS upgrade

10.2 Anti-Virus

10.3 Vendor Application software

Page 17 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

11 Backup and Recovery

A complete backup of PAN switch and router configuration shall be performed on new
installations or upgrades of PAN equipment. This includes:

11.1 All necessary operating system and configuration files.

11.2 The backup is tested and verified.

11.3 Multiple copies of the backup are made.

11.4 One copy shall be stored in a secure onsite location and the other copy shall be
maintained at a secure off-site location.

12 System Testing

12.1 Testing shall address all Plant components, networking and interfaces to
external systems and to legacy applications/system. Formal testing shall
minimally comprise Factory Acceptance Test (FAT) per SAEP-1634, Site
Acceptance Tests (SAT) per SAEP-1638, Performance Acceptance Tests (PAT),
and Preparation of Integration Test Procedure Document SAEP-1630.

12.2 Comprehensive test plans and test specifications shall be followed for all plant
platforms, networking, applications, integration components, interfaces to
external systems and legacy applications/systems, and any additional technology
content of the project.

13 Documentation

Comprehensive documentation shall be provided to ensure that the PAN is installed and
configured in a consistent manner. It shall include detailed layouts of TCP/IP
addressing schemes and all other network protocols used in the system mapped to
individual Medium Access Control (MAC) addresses. The documentation shall also
include physical locations of systems components like routers, and switches. The
following shall be made available:

13.1 Standard vendor manuals and catalogs shall be provided in CD-ROM or other
electronic media. Formats to be in PDF or HTML.

13.2 Equipment configuration data bases in Microsoft Excel, Access or Intools.

13.3 Final project specific documents in two signed hard copies plus two (2) sets of
CD-ROM in Microsoft Word.

13.4 A plant network drawings layout showing the PAN logical and physical design
and its interconnection to the WAN.

Page 18 of 19
Document Responsibility: Process Control Standards Committee SAES-Z-010
Issue Date: 10 September 2011
Next Planned Update: 1 November 2015 Process Automation Networks

Revision Summary
1 November 2010 Major revision to include IS2009-418 Audit items.
10 September 2011 Editorial revision to add another contact person for the document.

Page 19 of 19