计算机系统验证方案.pdf

Computerised System Validation计算机系统验证Dept.部门：Effective Date生效日期：Year/Confidential Level机密等级：Top-secret 绝密 Confidential 机密 Cryptical 秘密Distribution List:分发清单：QA 部、QC 部、OSP 固体制剂部、Lo.物控部、EN 工程部、TD 技术部、EQ 设备部Month/月Date/日QA质量保证部1 1ObjectiveObjective 目的目的Test and assessment should be taken for URS,design,purchase,installation,function,as well as process adaptability of computerized andPLC control system related to GMP in compliance with this SOP so as toensure that computerized and PLC are fit for design requirement and statedtechnical criteria and are able to work stably for a long time.测试、评估采取的 URS、设计、采购、安装、功能以及计算机控制和 PLC 控制系统符合 GMP，以确保计算机和 PLC 符合设计要求和工艺要求并且能够稳定工作很长时间。2 2ScopeScope 范围范围This SOP is fit for the validation management of computerized and PLCcontrol system related to GMP,which apply to material control andmanagement,laboratory equipment control and communication management,manufacturing process control,and utilities control.本 SOP 适用于电脑,PLC 控制系统的管理是否符合 GMP,物料控制和管理,实验设备控制和通信管理、生产过程控制、公用设施的控制的验证。3 3ResponsibilitiesResponsibilities 职责职责RoleDraftReview责任人Dept.QA部门Name姓名Signature签名Date日期QC起草人审核人Review审核人OSPReviewReviewReview审核人Lo.审核人EN审核人TDReviewApprove审核人EQ批准人QDQA is responsible for drafting,revising,reviewing,training,implementingand supervising this SOP.QA 负责起草、修订、审核、培训、实施和监督本 SOP。The quality director is responsible for approving this SOP.质量副总负责批准本 SOP。Relevant departments are responsible for reviewing and implementing thisSOP。相关部门负责审核和实施本 SOP。4 4DefinitionsDefinitions 定义定义Computerized or PLC control system:It composed of hardware,systemsoftware,applications,and relevant peripheral devices is a system thatcan implement a function and a set of functions.无论是计算机化还是 PLC 控制系统:都是由硬件、系统软件、应用、及相关的周边设备组成的一个系统,可以实现某一功能和一套功能。Source code:It is source program of computer whose format(programlanguage)can be read by operator,before computer execution,it should betranslate to machine language whose format can be executed by computer.源代码:它是计算机的源程序(程序语言),可以在电脑执行前被计算机识别,它应该被翻译成可以被计算机识别的机器语言。5 5ProceduresProcedures 程序程序 of Validation team and responsibility验证机构及责任Validation team is composed of supplier,QA,Equipment Department,usedepartment.验证团队由供应商,QA、工程设备部和使用部门组成。Implementation department responsibility of system validation系统验证实施部门的职责Usedepartment:ResponsibleforprovidingwrittenURS,preparingvalidationprotocolandreport,implementingapprovedIQandOQprotocol,completingfinalreportandparticipatingvalidationdeviation investigation and alteration review.使用部门:负责提供书面的 URS,准备验证方案和报告、实施批准 IQ,OQ 协议,完成最终报告偏差并参与调查及变更验证审核。Equipment Department:Responsible for cooperating with use departmentto prepare URS and validation protocol,receivingsystem,installingsystem and implementing IQ,guiding use department on IQ and OQ processandparticipatingvalidationdeviationinvestigationandalterationreview.设备部门:负责准备使用部门的合作协议,并确认你接收系统,安装系统,实施 IQ,指导使用部门关于 IQ 和 OQ 的验证过程和参与验证偏差调查和变更回顾。QA:Responsibleforreviewingvalidationdraftandfinalreport,implementingvalidationprotocol,participatingvalidationdeviationinvestigation and alteration approval and archiving validation protocoland report.QA:负责审查验证,也是最后一项报告草案、实施验证方案,参与调查及变更验证偏差的批准验证方案和归档,并做好报告。System classification系统分级 validation,evaluation and classification should be carried out for systemso as to insure that different grade validation should be provided fordifferenttypecomputerizedandPLCcontrolsystem.Classificationasfollows:在验证之前,评估和分级应当进行系统分类,以确保不同等级验证需提供不同类型的计算机化的,PLC 控制系统,分类如下:Classification分类Description描述Validationmethod验证方法ValidateOperatingsystem,networkEstablishednetworkandoperatingsystemfor commerce.DOSWindows 95/98NT.已 做 好 网 络 和 操 作 系 统 例 如:DOS Windowsname andeditionnumber确认名称及版本号Thesesystemisdesignedbynon-consumerfordrivingfirmwarewhichcanbeStandarddevice,microcontroller,sensitiveequipment标准配置,微控制器,灵敏的电气设备installed in special integrate circuit(IC)forapplication,readonlymemory(ROM),suchasbarcodemodem,single-cycletemperature controller etc.(IC)的驱动固件,只读存储器(ROM)、随机存取存储器(RAM)、PLC,例如条形码调制解调器,single-cycle 控制器、灌装设备,重量控制、温度控制器等来设计的。Ready-madepackageforcommerce,suchasStandardpackage标准程序包multiplansoftware,standardchemicalanalysis software etc.现成的软件包,例如多计划软件,标准化学分析软件等。Configurablepackage可配置的程序包Users develop their own application throughpre-definite software modules anddeveloping application modules can becarried out in this system,such as man-Validateapplicationprocess验证应用过程Auditsupplier andvalidateapplicationValidateandn置random access memory(RAM),PLC sometimes,constructioncontroller,fillingdevice,Checkweigher,configuratio这些系统是根据用户可以安装在特殊的集成电路确认构造及配网络操作系统,95/98NT.machine dialogue port,management control,data acquisition system,adaptive controlsystem for laboratory,informationmanagement system for laboratory,materialrequirement planning system,dataprocessing system for system/applicationand product,part PLC etc.用户自己开发应用可通过 pre-definite 软件模块和发展应用模块都可以在这个系统中运行,采用人机对话端口,管理控制,数据采集系统,自适应控制系统,信息管理系统,原材料需求计划系统、数据处理系统和产品、系统应用部分可编程序控制器(PLC)等。process andsome pre-establishedcodeImplementallvalidationSystemdevelopedwithin firm公司内部系统开发Modifying or developing system incompliance with requirement of himself修改或开发符合自己要求的系统processes ofcomputerizedand PLCcontrolsystem实施计算机及PLC 控制系统验证的全过程 computerized and PLC control system with complex construction should beclassified in accordance with developing degree of each module.一些计算机化的和 PLC 控制系统复杂程度应当跟各分类模块的开发程度相一致。of computerized and PLC control system should be carried out not only foruse process of system,.validation of new system should be carried out notonly for initial definition and designing phase but also whole life cycleof system development.计算机验证,PLC 控制系统不仅体现在系统使用过程,如新系统的验证不仅在初始定义和设计阶段进行,而且贯穿于全部生命周期体系的发展。Validation implementation验证实施5.3.1URSURS should be prepared by system user and project expert detailed withfundamental requirement,expectation and performance index of new/changedcomputerized and PLC control system,which will be use to determine systemdesigning criteria.Content as follow:URS 应该为系统用户和项目专家准备基本要求详细的,预期和新的性能指标、改计算机化和 PLC 控制系统,可以用来决定系统设计标准。内容如下:description:whattodoaboutsystem,howconnectionandinteractionbetween different module,control methods.logic control,separationcontrol,interlock control,alarm control,location control,temperaturecontrol,pressurecontrol,timecontrol,countingandothermultipolarcontrol),implementing process,ports and safety requirement for operator.系统描述:系统做到什么程度,如何关联不同模块、控制方法(例如:逻辑控制、分离控制,连锁控制、报警控制、位置控制,温度控制,压力控制、时间控制、计数和其他多级控制)、实施流程、操作员的端口和安全标准。5.3.1.2Physicalrequirement:includesufficientspace,location,peripheralenvironment,etc.物理要求:包括有足够的空间,位置,周边环境等。5.3.1.3Document criteria for hardware:include chart paper,schematic chart,handbook,spare parts list etc.硬件的文件标准:包括:图纸,原理图,操作指南,备件清单等。5.3.1.Document criteria for software:include program number and revising number,4output program and detailed explanation,reproduction of software provisionand retention condition,system block drawing and configuration list.软件的文件标准:包括程序编号和修改编号,输出接口程序和详细说明、软件的追加和保留条件、系统分程序图纸和配置清单。5.3.1.5Test requirement:test items and record required to be carried out onsystem developing process,including module separated test and integratedtest.测试要求:测试项目和记录必须在系统的发展过程中进行,包括模块测试和集成分离测试。5.3.1.6 Other requirement to supplier:such as finished system validation,qualitycontrol and change control on developing process,etc.对供应商的其他要求:如在发展进程中完成系统验证、质量控制和变更控制等。5.3.2System design系统设计5.3.2.1System design should compose of system configurable chart design,hardwaredesign,and software design.After document of system design reviewed andapprovedbyconsumerwhichshouldbepreparedbysupplier,systemconfigurablechartdesignshouldbecarriedout,includingsystemPID(process and instrument),I/O(input/output)connection diagram,controlelement pareto diagram.系统设计应该由系统配置图、硬件设计和软件设计组成。在供应商准备的系统设计被用户评估和检验后，可配置的系统图纸设计应该完成,包括系统 PID,I/O(输入/输出)连接图、连接原理帕累托图。5.3.2.2Hardware design:include all I/O(input/output)connection template andtype,CPUselection,communicationtemplate,man-machineInterfacecontroller,screenviewerselection,mediumrelay,memory,printer,auxiliary power unit,electronic element/wire/cable,other elements etc.硬件设计:包括所有 I/O(输入/输出)连接模板和类型,CPU 选型,通信模板、人机界面控制器,屏幕查看选择、中继电器、记忆存储器、打印机、辅助动力装置,电子部件/电线/电缆、其他元件等。5.3.2.3.3Software:include system software,application,and data.软件:包括系统软件、应用和数据。IQIQ should be carried out to ensure that system installation is fit fordesign criteria and needed technical data should be completely provided.Special content as follow:IQ 应该确保该系统安装符合设计标准和工艺需求，数据完全提供。特殊内容如下:5.3.3.1Document qualification should consist of consumer technical guide,SOP,training plan,post-sale service agreement,equipment inventory,securityprogram,hardwarequalification,softwarequalification,sourcecode,instrumentlist,instrumentcalibrationprocedure,PID,controlloopdiagram,I/O(input/output)device list and connection diagram,spare partslist,and maintenance procedure.文件确认应该由用户工艺要求、SOP,培训计划,售后服务协议、设备库存,安全程序、硬件说明,软件说明,源代码、仪器清单、仪器校准程序、PID、控制回路图,I/O(输入/输出设备清单和连接图,备件清单和维护规程。5.3.3.2Installation process qualification:qualify that installation is fit forrequirement PID and operating manual.安装过程说明:安装符合 PID 和操作手册的要求。5.3.3.3Circumstance and utilities qualification事件和实用程序说明(1)Qualify and record circumstance of system installation,such as cleanlevel,radiofrequency/electromagnetic interference,physical protection,temperature,humility,sound,lighting,etc.系统安装环境的检验和记录:例如洁净水平、射频/电磁干扰、物理保护、温度、湿度、声音、照明等。(2)Record condition of critical utilities and qualify that critical natureofutilitiesshouldbefitforinstructionincludingfirealarmannouncement/prevention,coolingsystem,electricpoweranditsadjustment,continuous power supply,wide area network connection,localarea network connection,disaster recovery,telephone figure/analog,etc.记录关键设施以及条件,鉴定的公共设施应该跟说明一致:包括消防报警公告/预防系统、冷却系统、电力及调整,持续供电、大面积网络连接,本地区域网络连接,灾难恢复、电话图形/模拟等(3)Qualifythatrecordsystemisfitforrequirementofman-machineengineer.条件和记录系统符合人控机工程师的要求。5.3.3.4System test and qualification系统测试、条件(1)The first step to do is to qualify that report items of FAT(factoryacceptance test)should be completely supplied by supplier and fit fordesign criteria.第一步要做的是,报告项目 FAT 的验收测试应该完全由供应商提供,适用于设计标准。(2)Necessarytestshouldbecarriedoutforsystemonoperationalcircumstance.Essential content as follow:应该对系统运行情况开展必要的测试。基本内容如下:instrumentsandmetersshouldbecalibratedandonexpiredayofcalibration.Calibrationshouldbefitfordefinitecriteriaandcorresponding certification should be provided.所有仪器仪表应该被校准和标注过期日，校准应该有明确的标准及应提供相应的检查证件。I/O(input/output)signal test should be carried out so as to ensurethat single can transmit from control system to device and return.I/O(输入/输出)信号试验应确保信号可以在控制系统设备间进行传输和反馈。Data acquisition and transmission and signal memory test数据采集,传送和信号记忆测试Other tests其他测试OQ(operation qualification)运行确认The purpose of OQ is that all function tests should be carried out onoperational circumstance so as to ensure that system and operation shouldbe fit for design criteria.Content as follow;OQ 的目的是进行所有功能运行情况方面的测试以确保系统和运行符合设计标准，内容如下：5.3.4.1Test for system security:“worst case”of all logic systems should betested,.use authority of different persons should be tested so as toidentify that operation unauthorized should be forbidden.测试系统安全:“最坏情况”的系统逻辑应该进行测试,如使用不同权限以便确认未经授权运行是否被禁止。processes controlfunction tests required by system request:“worstcase“(.maximumcommunicationload,processofconsiderabledatadocument,etc.)testforallfunctionofsystemanddecisionroutinesshould be carried out in accordance with various requirements and criteriasupplied by system definition.(It is important that a functional diagramincluding all branch routines should be provided.)根据系统要求进行的各种各样的过程控制功能的测试:“最坏情况”(例如最大通信承载、过程相当大的数据文件等)试验检查系统和决策程序的功能,应根据系统不同的要求和标准提供的定义。(提供功能图表包括所有出现的偏差是非常重要的。)foralarmandinterlock:efficacyofcorrespondingprogramshouldbetested on the condition of alarm and interlock for system in accordancewith system operation manual.检测报警及连锁:程序连锁应根据报警条件及系统连锁操作手册进行测试。for timer and sequencer:establish time and program of system generatingcorrespondingfunctionaccordingtosystemoperationmanualsoastovalidate efficacy of system timing or ordering program.定时器和定序器测试:根据系统的操作手册设置时间和系统产生相应的功能以确认系统有效时间或程序命令 for data disposal and memory测试数据处理和记忆(1)Qualify correct data memory,collection and search of systems own.正确的数据记忆,准确的数据采集和系统的自我搜索的确认。(2)Qualify disposal of data output length,carry and empty数据处理的输出长度、承载和空载的确认(3)Qualify the function of saving data to corresponding folder.数据保存到相应文件夹的功能确认。Test for shutdown/recovery关机/恢复测试5.3.4.6(1)Check condition of the data acquisition before and after shutdown so asto ensure that data have not been damaged or lost.在系统关闭之前和之后检查数据采集的情况,确保数据没有损坏或丢失。(2)Check the function of backup power supply,uninterruptible power supply,power adjuster and power generator.检查备用电源的供应、不间断电源供应器、电力调节器和电力发电机。(3)System breakdowns or failures should be made in accordance with systemoperation manual so as to ensure that back-up system should be provided.系统故障和失败的时候,能够根据系统的操作手册提供系统备份。Other function test其他功能测试5.3.4.7Performance qualification(PQ)性能确认5.3.5The purpose of PQ is that qualify the efficacy and stability of runningprocess on operational circumstance.Test items should be established inaccordance with achieving desired result and duplicate qualification shouldbe also carried out.PQ 的目的是确认系统运行过程中的有效性和稳定性方面的情况。测试项目应确定跟期望达到的结果相一致、二次确认也应该执行。If system is part of production,laboratory or utilities,PQ of systemshould be completed conformity with PQ of equipment(utilities).如果系统是生产,实验室或公共设施系统的一部分,系统的 PQ 必须根据设备的 PQ 进行完整性测试。5.3.5.1IfamanualsystemisbeingreplacedbycomputerizedandPLCcontrolsystem,the two should be run in parallel.当一个人工系统被电脑,PLC 控制系统取代时,两者需要平行运行。5.3.5.2Regarding to production equipment,the test for product specification,suchas assay,test for packaging specification,etc,should be carried out soas to ensure that the all process control functions are effective.Testsshould be carriedout for at least 3consecutive batches on the someproduction condition.对于生产设备,要进行产品规格测试,如化验、包装规格测试等等,确保所有的过程控制功能都是有效的，应当在相同的生产的条件下进行至少 3 个连续批次的测试。for equipment of consecutive process disposal should be carried out,.indexofclean-airsystem,suchasdustparticle,microorganism,temperature,humidity,airflow,pressuredifference,airexchangefrequency,etc,should be monitored during a period.对设备的连续过程进行监控应当进行,如空气净化体系的指标,例如尘埃粒子、微生物、温度、湿度、风量、压差、换气频率等,应在一个周期内被监控。deviation偏差验证 disposalofsystemvalidationdeviationcanreferto.处置系统偏差验证可参阅。Change control变更控制 classification:change is composed of hardware change,software change andchange of critical parameters in database.变更的分类:变更是由硬件变更、软件变更，和数据库的临界参数变更组成。change occurring,change control should be carried out so as to ensurethat system should be on validated status.若发生改变,变更控制应确保系统处在已验证状态 Written application should be prepared by use department,including changereason,evidence,and content and implementation protocol.使用部门应该准备好书面申请,包括变更原因,证据,内容和实施方案。(2)Professional technologist,the head of relevant department and QA areresponsible for assessing,reviewing and approving.工艺主管,相关部门经理和 QA 负责评估、审查和批准。(3)Whether revalidation should be taken or not should be on the basis ofimpacting range.validation should be car