Oxaide
Back to blog
Regulatory Compliance

BESS Safety Monitoring Under IM8What Singapore Grid Operators Must Now Prove

Following Singapore EMA technical updates, grid operators need a clearer record of how battery safety is monitored, reviewed, and documented beyond basic BMS alarms.

February 15, 2026
7 min read
Oxaide Team
BESS Safety Monitoring Under IM8: What Singapore Grid Operators Must Now Prove

BESS Safety Monitoring Under IM8: What Singapore Grid Operators Must Now Prove

The 2021 VivoCity carpark fire — in which a grid-tied solar BESS installation triggered a thermal runaway cascade — marked a regulatory inflection point for battery energy storage in Singapore. The Energy Market Authority (EMA) and Building and Construction Authority (BCA) have since updated technical reference standards, and procurement frameworks through GeBIZ now routinely ask for demonstrated battery safety monitoring capability as a pre-qualification requirement.

For operators, developers, and EPCCs managing BESS installations in Singapore, the question is no longer whether safety monitoring is required — it is what documentation standard constitutes a defensible safety record under current regulatory expectations.

The IM8 Context

The Instruction Manual 8 (IM8) framework governs critical infrastructure in Singapore across sectors including energy, water, and communications. For BESS assets connected to the national grid or co-located with critical facilities, IM8 Clause 6 (Operational and Security Monitoring) establishes requirements for:

  • Continuous monitoring of systems with potential for cascading failure
  • Audit trails demonstrating timely response to anomalous states
  • Documentation of monitoring methodology sufficient for independent review

IM8 does not specify BESS-specific sensors or software. It specifies an outcomes and documentation standard: operators must be able to demonstrate, to a competent independent reviewer, that their monitoring methodology would detect precursor states before they escalate.

This is where most current BESS safety monitoring falls short.

What BMS Safety Monitoring Cannot Prove

A standard BESS deployment with commercial BMS (BYD, CATL, Sungrow, or similar) provides:

  • Pack-level voltage and current monitoring
  • Module-level (sometimes cell-level) temperature sensors
  • Battery pack State-of-Charge and State-of-Health estimates
  • Basic alarm thresholds (over-voltage, over-temperature, under-voltage)

For routine operations, this is adequate. For regulatory compliance under a post-incident scrutiny lens, it has three critical gaps:

Gap 1: No Detection of Electrochemical Precursors

BMS alarms trigger on threshold exceedances — temperature above setpoint, voltage below cutoff. They do not detect the electrochemical states that precede threshold events by hours or days.

Lithium plating, the primary thermal runaway precursor mechanism in LFP cells, produces no voltage alarm and no temperature alarm during its progression. By the time a temperature alarm fires on a cell undergoing internal short from a mature lithium dendrite, propagation is potentially seconds away.

An IM8 auditor reviewing a post-incident record who finds only threshold alarms will ask: what was the monitoring regime designed to detect precursor states? If the answer is "nothing, only threshold alarms," that is a compliance gap.

Gap 2: No Independent Verification of BMS Health Claims

BESS vendors certify their own BMS. The BMS calculates its own SoH. When a safety incident occurs, the first question from EMA or BCA investigators will be: what independent verification did you have of the asset's actual degradation state?

Third-party forensic records from independent physics-based analysis — showing that the operator was monitoring degradation modes, not just trusting BMS outputs — constitute a defensible response. A BMS printout signed off by the same OEM who manufactured the asset does not.

Gap 3: Cycling History Is Not a Safety Record

SCADA historian logs showing voltage, current, temperature, and availability are operational records. They are not safety records. A safety record requires interpretation — analysis connecting the operational data to degradation and risk conclusions.

Without documented analysis methodology and findings, raw SCADA logs are discovery material in an incident investigation, not protection from liability.

What a Defensible Safety Record Requires

Under IM8 and EMA Technical Reference TR 56 (for BESS installations), a defensible safety record should include:

1. Independent Degradation State Assessment

A physics-informed analysis of battery health, performed by a party independent of the OEM and EPC, that classifies:

  • Dominant degradation mode (capacity fade, lithium plating, impedance rise)
  • Thermal runaway risk score at the rack/cluster level
  • Whether the cycling protocol used creates elevated lithium plating risk

This corresponds exactly to the Oxaide Verify forensic audit output.

Recommended frequency: At commissioning, at 24 months, and before any significant cycling protocol change (SoC window expansion, C-rate increase, switch to more aggressive ancillary services schedule).

2. Documented Monitoring Methodology

A written methodology document specifying:

  • What parameters are monitored and at what resolution
  • What analytical methods are applied to detect precursor states (not just thresholds)
  • Who reviews findings and on what schedule
  • What triggers an operational restriction or shutdown

This document becomes the standard against which post-incident compliance is evaluated.

3. Incident-Ready Data Architecture

All monitoring data — BMS logs, SCADA historian, third-party forensic reports — must be:

  • Retained for a minimum period consistent with IM8 audit requirements
  • Reproducible (queryable by date and asset ID without manual assembly)
  • Accessible to authorized investigators

For operators using on-premise BESS management systems, this typically requires verifying that BMS raw logs (not just SCADA aggregates) are retained and exportable.

The GeBIZ Opportunity

Government procurement through GeBIZ — including EMA technical service frameworks, BCA building safety assessments, and statutory board BESS installations — has increasingly included BESS safety monitoring capability as a selection criterion.

Consultancies and EPCCs that can demonstrate a documented forensic audit methodology, with third-party independent analysis, are in a differentiated position for:

  • EMA-related BESS deployment and monitoring contracts
  • BCA building safety for BESS co-located with public buildings (hospitals, schools, HDB)
  • MOD and public infrastructure resilience projects

Oxaide Verify forensic reports are formatted with chain-of-custody documentation and independent analysis certification — designed to be submitted as part of a GeBIZ pre-qualification package or as an appendix to a safety case submission.

Practical Steps for Operators

If you currently operate a grid-tied BESS in Singapore:

  1. Commission a Verify forensic audit for all assets commissioned more than 18 months ago — this establishes your independent safety baseline
  2. Request your BMS raw log export format and confirm your data retention architecture covers IM8 periods
  3. Draft a monitoring methodology document using the forensic audit findings as the technical foundation — the Verify report provides the specific language a methodology document requires
  4. Establish re-audit schedule at 24-month intervals or following significant cycling protocol changes

If you are tendering for GeBIZ BESS-related work:

Review the BESS safety monitoring requirements in the ITT carefully. Third-party independent forensic analysis (rather than OEM self-certification) is increasingly the standard of proof that evaluators expect.

Regulatory expectations for BESS safety documentation have permanently shifted post-VivoCity. Operators who waited until their next scheduled maintenance cycle to establish independent safety records are operating in a compliance gap — one that creates both financial liability and reputational risk in Singapore's tightly networked energy market.

Commission an IM8-Ready Safety Audit → | Contact for GeBIZ Pre-Qualification Support

Oxaide Verify

Scoped forensic review

Establish the asset baseline clearly

We review telemetry, operating history, and the physical signals standard reporting tends to miss.

Root cause, not just symptoms
Yield and safety blind spots surfaced
Decision-ready report for operators and investors

Trusted by BESS & solar operators

Continue Reading

View all posts
Asset Management

Why Asset Owners Switch from Reactive Maintenance to Annual BESS Monitoring

Reactive BESS maintenance means catching degradation after it costs you. Annual physics-informed monitoring helps teams spot yield gaps, resistance drift, and warranty issues before they become expensive surprises.

Mar 1, 20266 min read
Grid Analytics

Degradation-Aware BESS Dispatch: How State-of-Health Accuracy Changes Your Revenue Stack

For IPPs operating utility-scale BESS in Singapore's frequency regulation and energy arbitrage markets, BMS State-of-Health errors directly translate to dispatch errors. Operators with inaccurate SoH bid capacity they don't have, cycle at rates that accelerate degradation, and leave frequency regulation income on the table. Physics-informed SoH corrects all three.

Feb 16, 20268 min read
BESS Safety

BESS Thermal Runaway Prevention: How dQ/dV Analysis Catches What SCADA Misses

Why SCADA alarms arrive late for LFP battery risk, what dQ/dV analysis can reveal from exported telemetry, and how Verify and Horizon split the job between diagnosis and continuous monitoring.

Feb 10, 20268 min read
Scoped data handling
Encrypted managed workflows
On-premise deployment available
Founder-led technical review