BOILER PLANT
CONTROL SYSTEM

Dual Boiler
Monitoring &
Failover		 Standards Compliance Register
Document No. BLR-STD-009 Revision A
Date 2026-04-08 Status Draft
Prepared By Scott (KHouse Holdings) Approved By _pending_

1. Purpose

This document is the master standards compliance register for the Boiler PLC project. It serves three functions:

  1. Inventory — every standard the project touches, organized by tier (directly applicable, supplementary, informational).
  2. Evidence map — for each applicable standard, where in the project (which document, which file, which clause) the project demonstrates conformance or partial conformance.
  3. Audit trail — the document an internal or external reviewer reads first to understand the project's standards posture. Every other engineering document references this one.

This is a living document. Updates to any project artifact that bear on standards conformance must be reflected here within the same change record (per BLR-MOC-015 Management of Change).

2. Compliance posture

The project is positioned as compliance-ready, not certified. This means:

3. Standards inventory

Standards are organized in three tiers:

3.1 Tier A — Directly applicable

ID Standard Title Adherence Evidence Gaps
A1 NFPA 85 Boiler and Combustion Systems Hazards Code Indirect via BMS. Project does not implement NFPA 85 functions; the Autoflame MMM8002 does. Project documents the boundary. BLR-FDS-001 §10.1; BLR-CEM-002; BLR-OAM-005 §1; BLR-HZA-016 §SIS Boundary None directly. Project must not interfere with BMS NFPA 85 compliance — verified in BLR-HZA-016.
A2 ASME CSD-1 Controls and Safety Devices for Automatically Fired Boilers Indirect via BMS. Same framing as A1. The 350 HP boiler is at the CSD-1 threshold (≈11.7 MMBTU/hr); the 500 HP is above (≈16.7 MMBTU/hr) and falls under NFPA 85. BLR-FDS-001 §1.1; BLR-OAM-005 §1; BLR-NAD-008 footer None.
A3 ANSI/ISA-18.2-2016 Management of Alarm Systems for the Process Industries Partial direct conformance. Philosophy exists; lifecycle implemented in notifier.py (rate limiting, escalation, flood detection). Alarm rationalization step is performed in BLR-AAR-017. BLR-ALP-004; BLR-AAR-017; backend/notifier.py; backend/config.py (alarm code dictionaries) Closing items: KPI targets, suppression/shelving rules in code, per-category operator response procedures (all addressed by BLR-AAR-017 + BLR-ALP-004 §12 + the shelving API in notifier.py).
A4 ANSI/ISA-5.1 Instrumentation Symbols and Identification Partial. Used as notation reference for state machine diagrams. Project does not contain a P&ID — the system is single-line and well-described in BLR-NAD-008. BLR-LGD-007 footer; BLR-NAD-008 No P&ID is currently planned. If a customer requires one, generate per ISA-5.1 from BLR-IOL-003.
A5 ANSI/ISA-5.2 Binary Logic Diagrams for Process Operations Conformant. Cause & Effect Matrix follows ISA-5.2 binary logic format. BLR-CEM-002 None.
A6 ANSI/ISA-88.01 Batch Control — State Machine Models Notation only. State machine notation used for failover logic in BLR-LGD-007. The broader ISA-88 batch model does not apply (boilers are continuous). BLR-LGD-007 (failover state machine) None — explicit note in BLR-LGD-007 that only the notation is used.
A7 IEC 61131-3 Programmable Controllers — Programming Languages Conformant. PLC program uses Ladder Diagram (LD) per §6 and Structured Text (ST) per §3 as implemented by Studio 5000 Logix Designer. Explicit per-routine conformance statements added on 2026-04-09. plc_program/Modbus_Comm.txt, Alarm_Processing.txt, Data_Scaling.txt, Failover_Logic.txt (each has an IEC 61131-3 CONFORMANCE block at the top) None.
A8 TIA/EIA-485 Electrical Characteristics of Generators and Receivers for Use in Balanced Multipoint Systems Conformant via component selection. Belden 9501 STP cable, terminal pinouts, 120Ω termination at both ends, point-to-point topology per the standard. BLR-NAD-008 §RS-485 Bus Layout None.
A9 IEEE 802.3 Ethernet Conformant via component selection. EtherNet/IP runs on standard 10/100/1000 Ethernet via Cat6. BLR-NAD-008 §Ethernet Network Topology None.
A10 ODVA CIP / EtherNet/IP Common Industrial Protocol over Ethernet Conformant via Rockwell certified hardware. PLC ↔ HMI communication uses Logix tag access via pycomm3. BLR-NAD-008; backend/plc_comm.py None.

3.2 Tier B — Supplementary applicable

ID Standard Title Adherence Evidence Gaps
B1 ANSI/ISA-101.01-2015 Human Machine Interfaces for Process Automation Systems Partial. HMI Style Guide is in BLR-HMI-011 with a §9 deviation register documenting 7 departures from full ISA-101 (simplified 2-of-4 display hierarchy, font CDN dependency, etc.). Frontend CSS applies ISA-101 color discipline — saturated color reserved for abnormal conditions; buttons use neutral charcoal not alarm red. Full high-performance HMI re-skin (gray-scale background, 4-level hierarchy with separate Level 1 overview) remains documented as deviation D1. BLR-HMI-011; frontend/css/boiler-hmi.css Full ISA-101 re-skin recorded as a documented deviation rather than a gap.
B2 ANSI/ISA/IEC 62443-3-2 Security risk assessment for system design Conformant. Zone/conduit definition and risk assessment performed in BLR-SEC-010. Five zones (Field, Control, HMI Server, Operator, External), six conduits with required controls, SL-T targets per zone, risk assessment mapped to BLR-HZA-016 §H9 cyber intrusion scenario. BLR-SEC-010 §4–§6 None.
B3 ANSI/ISA/IEC 62443-3-3 System security requirements and security levels Partial. SL-T targets per zone established in BLR-SEC-010 §5. HMI authentication implemented in backend/auth.py + backend/main.py with environment-controlled HTTP Basic auth on all /api/* endpoints and the WebSocket. HTTPS deployment recommendation documented with full Nginx reverse proxy configuration template. BLR-SEC-010; backend/auth.py; backend/main.py (auth middleware) HMI server OS hardening checklist requires operator action at deployment time per BLR-SEC-010 §10.
B4 ANSI/ISA/IEC 62443-4-2 Component requirements for IACS components Partial. PLC and 5069-SERIAL are Rockwell-certified components. HMI server hardening is operator's responsibility — guidance in BLR-SEC-010. BLR-SEC-010; vendor datasheets Custom Python HMI is not a 62443-4-2 certified component; documented as a known deviation.
B5 ISA-TR84.00.05 Guidance on the Identification of SIFs in Burner Management Systems Used as reference. This technical report is the canonical source for the boundary between supervisory monitoring and BMS. Project explicitly cites it to bound the system OUT of IEC 61511 scope. BLR-HZA-016 §SIS Boundary None — TR84.00.05 is informational and the citation is sufficient.
B6 ISA-105 Engineering Documentation for Process Automation Systems Conformant. All 10 new and all 8 original engineering documents now carry an ISA-105 §7 Document Control block with Owner, Document Class, Supersedes, Reviewer, Approver, Next Review, and cross-references to BLR-STD-009 + BLR-MOC-015. Completed 2026-04-09. This document; BLR-HZA-016; BLR-SEC-010; BLR-HMI-011; BLR-AAR-017; all 8 original HTML docs (FDS, CEM, IOL, ALP, OAM, SAT, LGD, NAD) None.
B7 OSHA 29 CFR 1910.119 (PSM) Process Safety Management of Highly Hazardous Chemicals PSM-compatible framing. Project does not claim PSM compliance (boilers per se are not PSM-listed) but applies the relevant PSM 14 elements: Management of Change (BLR-MOC-015), Operating Procedures (BLR-OAM-005), Training (BLR-TRN-014), Mechanical Integrity (BLR-DRP-013 + BLR-OAM-005), Pre-Startup Safety Review (BLR-SAT-006). BLR-MOC-015 (planned); BLR-OAM-005; BLR-TRN-014 (planned); BLR-DRP-013 (planned) MOC, Training, DRP procedures not yet authored (Sessions G).
B8 EEMUA 191 Alarm Systems: A Guide to Design, Management and Procurement Supplementary reference. Used alongside ISA-18.2 in alarm philosophy. BLR-ALP-004 footer None — EEMUA 191 is supplementary.

3.3 Tier C — Adjacent / informational (no conformance claim)

ID Standard Why not directly applicable Where acknowledged
C1 IEC 61508 Functional safety for E/E/PE systems. The project is supervisory, not safety-instrumented. The Autoflame MMM8002 is the certified BMS. BLR-HZA-016 §SIS Boundary; this register §2
C2 IEC 61511 / ISA-84.00.01 Functional safety for SIS in process industries. Same reason as C1. BLR-HZA-016 §SIS Boundary; BLR-FDS-001 §10.1
C3 ISA-95 Enterprise-control system integration (ERP/MES). Out of scope for a single-plant boiler monitor. This register only
C4 ISA-88 (other than .01 notation) Batch control. Boilers are continuous. BLR-LGD-007 (notation use only)
C5 NIST SP 800-82 NIST guide to ICS security. Overlaps with ISA/IEC 62443 but is US-government-oriented. BLR-SEC-010 §Supplementary references
C6 NIST Cybersecurity Framework Governance framework. Project follows ISA/IEC 62443 instead, which is more domain-specific. BLR-SEC-010 §Supplementary references
C7 UL 508A Industrial control panel standard. Applies to the panel build, not to this software project. The PLC and 5069-SERIAL are UL-listed components. n/a
C8 IEC 62443-2-1 Establishing an IACS security program (organizational). Applies to the operator's organization, not to this product. KHouse will follow it for its own internal handling but cannot impose it on customer organizations. BLR-SEC-010 §Supplementary references

4. Document hierarchy

BLR-STD-009 (this document — master register)
   │
   ├── BLR-FDS-001  Functional Design Specification
   ├── BLR-HZA-016  Hazard Analysis (SIS boundary derivation)
   │      │
   │      └── BLR-SEC-010  Cybersecurity Specification (zones from HZA scenarios)
   │
   ├── BLR-CEM-002  Cause & Effect Matrix
   ├── BLR-IOL-003  Instrument & I/O List
   │
   ├── BLR-ALP-004  Alarm Philosophy
   │      │
   │      └── BLR-AAR-017  Alarm Rationalization Report (one row per alarm code)
   │
   ├── BLR-OAM-005  Operations & Maintenance Manual
   │      │
   │      ├── BLR-DRP-013  Disaster Recovery & Backup Plan
   │      └── BLR-TRN-014  Operator Training & Competency Plan
   │
   ├── BLR-SAT-006  Site Acceptance Test Procedure
   │      │
   │      └── BLR-VVP-012  Verification & Validation Plan (traceability matrix)
   │
   ├── BLR-LGD-007  Logic Diagrams
   ├── BLR-NAD-008  Network Architecture Diagrams (with ISA/IEC 62443 security overlay)
   │
   ├── BLR-HMI-011  HMI Style Guide & Design Philosophy
   ├── BLR-MOC-015  Management of Change Procedure
   │
   └── BLR-TS-001  Node-RED Trade Study (decided 2026-04-08: keep FastAPI)

5. Adherence summary

Tier Total standards Conformant Partial Pending No claim (Tier C)
A — Directly applicable 10 8 2 0
B — Supplementary 8 2 6 0
C — Adjacent 8 8

Tier A partial items: A3 (ISA-18.2 — rationalization complete in BLR-AAR-017; shelving implemented; remaining partial items are deployment-time KPI tracking). A4 (ISA-5.1 — no P&ID required by this project; notation-only usage in BLR-LGD-007 is complete). A7 is now Conformant — IEC 61131-3 conformance statements added to all 4 PLC routine .txt files on 2026-04-09. Tier B pending items: None as of 2026-04-09. B6 (ISA-105) was closed on 2026-04-09 by adding Document Control blocks to all 8 original HTML docs.

6. Review schedule

Trigger Action
Any new BLR-* document is created Update §3 with the new doc as evidence; update §4 hierarchy diagram
Any code change in backend/ or frontend/ that affects an evidence pointer Update the relevant row in §3.1 or §3.2
Annually (calendar review) Re-read every Tier A and Tier B row; verify evidence pointers still resolve; update Last Reviewed date
External audit or customer inquiry Use this document as the entry point; expand any partial row to full evidence detail as needed

7. References