DOCSLIB.ORG

Understanding Functional Safety an Overview of the Iec 61508 Standard and Its Application and Benefits

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Understanding Functional Safety an Overview of the Iec 61508 Standard and Its Application and Benefits UNDERSTANDING FUNCTIONAL SAFETY AN OVERVIEW OF THE IEC 61508 STANDARD AND ITS APPLICATION AND BENEFITS As the integration of automated safety systems expands globally across diverse industries – including process, household and commercial products, medical, nuclear, automotive, railway and avionics – the importance of functional safety evaluation and certification has become recognized internationally. Today functional safety certification is widely considered to be an essential tool to control and mitigate risk, particularly in those cases where a failure could lead to serious injury or death. Those unfamiliar with the concept of functional safety may find the subject difficult to understand and place within the context of traditional safety and reliability assessments. However, designers who understand and embrace the concept of functional safety – and who demonstrate that products or systems conform to the requirements of recognized functional safety standards – are equipped to better manage risk while also capture increased share of market among the growing ranks of customers who also seek to meet the requirements of functional safety standards. This paper provides an overview of functional safety concepts, standards requirements and methods of compliance. It is intended to help readers understand the importance of functional safety and the advantages of obtaining formal evaluation and certification services performed by an independent third-party. Why Functional Safety? Evaluation and certification of systems involved in a safety related system and products to confirm that the functional application, with SIL4 used to protect IEC 61508 is the international standard for safety requirements of IEC 61508 have been against the highest risks. safety related systems associated with met is just one of the methods of dealing Safety function requirements are defined electrical, electronic and software-based with hazards control. An appropriate initial though a hazard analysis while safety technologies. The principles of the standard hazard analysis must be implemented to integrity requirements are derived from an can also be extended to assess mechanical define the level of risk and determine if assessment of acceptable risk. IEC 61508 elements if they are used in the safety function. functional safety is necessary to ensure may cover both determining the SIL level of adequate safety protection. IEC 61508 is an umbrella (generic) standard, a product and verifying the manufacturer intended to form a basis for sector-specific The IEC 61508 standard defines requirements specified safety integrity level (SIL) level. standards, including: for determining the level of risks and describes The higher the SIL assigned to the safety • IEC 61511 process industry the lifecycle process for ensuring that system or component, the lower the systems are designed, validated, verified, likelihood of dangerous failure. Instruments • IEC 61513 nuclear industry operated and maintained to perform a covered by these requirements might • IEC 62061 & ISO 13849 machinery industry specific function or functions to ensure include sensors, detectors, signal risk is kept at an acceptable level. IEC 61508 conditioners, logic controllers, monitors, • EN 50402 gas detector systems defines four SILs according to the risks alarms, actuators, valves and motors. • EN 50126 rail industry North America | Europe | Asia • www.csagroup.org UNDERSTANDING FUNCTIONAL SAFETY Demonstrating Functional Safety The Benefits of Functional Safety Organizations that provide a safety related service, or operation involving safety systems, In a highly complex, safety-related system Evaluation of systems and components, and can be approved for the technical and where functional safety is required, equipment certification that they meet the requirements management processes that govern their suppliers should identify an accredited of the applicable functional safety standards, functional safety activities (e.g., plant approval body (third body) that can evaluate provides designers, owners, operators and operators, systems integrators, contract and certify compliance with the IEC 61508 other stakeholders with increased confidence designers, product suppliers etc). This or applicable industry-specific standard. that processes operate safely, products meet type of approval covers the organization’s Accreditation means that the third-party regulations and industry requirements, risk generic processes as well as the competency agency has an internationally recognized has been appropriately managed, and the of its staff. This approval can be very useful in approval that qualifies it for functional potential for costly litigation has been earning new business, or in satisfying ongoing safety conformity assessment. minimized. contractual or regulatory requirements. The agency should demonstrate its Equipment suppliers can also leverage their experience and expertise in functional functional safety certifications to gain market Example of Functional Safety safety with a highly knowledgeable staff advantage, access new markets and achieve The following example explains the basic capable of carefully performing conformity sales growth among customers who require principles of functional safety. The diagram assessment requirements while providing products that meet a given SIL for use in below shows a relatively simple operation levels of service that help clients optimize their safety related applications or systems. from the process industry: filling a bulk their businesses. Agencies should be This “product-of-choice” status is reinforced storage fuel tank. Questions that must be independent third parties subject to annual by subsequent positive assessment reports answered initially include: What hazards audits by the accrediting body. Qualifying from customers whose products and systems are associated with this application? What agencies must provide annual compliance are also certified, further demonstrating can go wrong in the process? What are the evidence to the accreditation agency as full compliance with functional safety risks? How safe is the application? How proof of full conformance with the requirements. safe does it need to be? Other questions requirements of IEC 61508. may also apply. In this illustration, tank overfill is clearly one of the main hazards that must be addressed. North America | Europe | Asia • www.csagroup.org UNDERSTANDING FUNCTIONAL SAFETY That might sound basic, but consider what supplier and one of the instrument SIS Implementation can happen if an overflow occurs… suppliers. The incident could have been prevented if the hazard and risk had been With the hazard and risks identified, safety correctly identified and an appropriate requirements can be assessed and an target SIL established, resulting in the acceptable target SIL established, resulting implementation of an appropriate overfill in the design of a safety related protection protection system and an operational system – an SIS loop – implemented as functional safety management system. shown below. In a scenario like this, specifying a “safety- The SIS (in red) in this example might be related system,” usually called a “Safety specified as follows: Instrumented System” (SIS) in the process Safety Function: To close the emergency industry, can reduce risk to a target SIL shut off valve and switch off the pump in deemed acceptable based on assessment the event that the high-high level switch Oil storage depot, Buncefield, UK, December 2005 of the hazard. Depending on the target SIL, contacts are opened risk level can be reduced by at least… Miraculously, no-one was killed in this Safety Integrity: To perform the safety incident (it was 6:00 am on a Sunday • SIL1 by ≥10 times function to SIL2 (that’s a probability of the morning), but dozens of surrounding • SIL2 by ≥100 times independent safety function failing to work businesses were devastated. Several of less than 1 in 100 trips) companies were prosecuted and found • SIL3 by ≥1,000 times guilty in criminal and civil courts – including • SIL4 by ≥10,000 times the owner/operator, the control system North America | Europe | Asia • www.csagroup.org UNDERSTANDING FUNCTIONAL SAFETY Basic Steps in Achieving prepared, as it is one of the most important Functional Safety phases in the lifecycle. Functional safety Common Functional Safety standards emphasize the importance of Terms and Concepts 1) SIL Determination capturing functional requirements, deriving Once the hazards and risks have been more detailed design requirements (right • Functional Safety is when safety identified, using “HAZOP” analysis, a SIL down to low level hardware and software) relies on: Determination study can be prepared and tracing these through the design and – Safety function(s) – what the (normally arranged by the plant/machine development stages, integration and testing equipment does, and operator) to establish the Safety Function(s) process, and through to final validation – Safety integrity – how reliably and the amount of risk reduction required (assessment to the product lifecycle). At the the equipment does it end of every stage of the product lifecycle, of the safety system, which then defines • It is aimed at systems, typically a verification process must be followed its SIL. The IEC 61508 standard shows the formed from discrete instruments to capture any details not fully addressed requirements for failure data which are such as: that can affect compliance. This supports
Load more

Recommended publications
  • IEC61508: Assessment, Certification and Other Assurance Measures
    IEC61508: Assessment, Certification and Other Assurance Measures Ron Bell Engineering Safety Consultants Ltd London, UK Abstract This paper focuses on the safety assurance measures within interna- tional standard IEC 61508, ‘Functional safety of electrical, electronic and pro- grammable electronic safety-related systems’. IEC 61508, and other sector and product standards developed from it, have had a major impact on the application of electrical, electronic and programmable electronic safety-related systems. In particular, the paper examines the safety assurance measures that are part of the compliance requirements within IEC 61508. The paper provides an overview of the key features of IEC 61508 which are relevant to effective assurance as well as covering the explicit assurance measures such as functional safety assessment, functional safety audit, verification and validation. The paper also covers various models for certification that have developed in relation to IEC 61508. 1 Background IEC 61508 applies to safety-related systems when one or more of such systems incorporate electrical, electronic or programmable electronic (E/E/PE) devices. E/E/PE safety-related systems are intended, with the other risk reduction measures and risk parameters, to prevent the specified hazardous event or to mitigate the consequences of the specified hazardous event. Parts 1 to 7 of IEC 61508 were published during the period 1998-2000. A re- view process to update and improve the standard was initiated in 2002 and was completed with the publication of IEC 61508 Edition 2 (IEC 2010a) in April 2010. The application of IEC 61508 and sector and product implementations are in- creasingly being recognised as ‘accepted good practice’ and have also influenced sectors which have developed their own standards and have incorporated some of the core concepts that exist within IEC 61508 into their own standards.
    [Show full text]
  • Multi-Domain Comparison of Safety Standards Philippe Baufreton, Jean-Paul Blanquart, J
    Multi-domain comparison of safety standards Philippe Baufreton, Jean-Paul Blanquart, J. Boulanger, H Delseny, J. Derrien, J. Gassino, G Ladier, E Ledinot, M Leeman, P Quéré, et al. To cite this version: Philippe Baufreton, Jean-Paul Blanquart, J. Boulanger, H Delseny, J. Derrien, et al.. Multi-domain comparison of safety standards. ERTS2 2010, Embedded Real Time Software & Systems, May 2010, Toulouse, France. hal-02264379 HAL Id: hal-02264379 https://hal.archives-ouvertes.fr/hal-02264379 Submitted on 7 Aug 2019 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Multi-domain comparison of safety standards P. Baufreton1, JP. Blanquart2, JL. Boulanger3, H. Delseny4, JC. Derrien1, J. Gassino5, G. Ladier4, E. Ledinot6, M. Leeman7, P. Quéré8, B. Ricque1 1: Sagem Défense Sécurité, 180 Avenue de Paris, 91300 Massy, France 2: Astrium Satellites, 31 rue des cosmonautes, 31402 Toulouse Cedex 04, France 3: CERTIFER, 1 place de Boussu, 59416 Anzin, France 4: Airbus, 316 route de Bayonne, 31060 Toulouse Cedex 09, France 5: Institut de Radioprotection et de Sûreté Nucléaire (IRSN), BP 17, 92262 Fontenay-Aux-Roses, France 6: Dassault Aviation, 78 quai Marcel Dassault, 92552 Saint-Cloud Cedex, France 7: Valeo, 2 Avenue Fernand Pouillon, 94042 Créteil, France 8: Renault, 1 avenue du Golf, 78288 Guyancourt, France Abstract: This paper presents an analysis of safety It elaborates proposals, recommendations, standards and their implementation in certification roadmaps etc.
    [Show full text]
  • CIP Safety Protocol Training Session 0: Overview of Functional Safety and Safety Networks
    CIP Safety Protocol Training Session 0: Overview of Functional Safety and Safety Networks Virtual Training Courses Before We Begin • Introductions • All attendees are automatically muted with no video connection as a default. • Please use the Q&A to ask questions, not the chat. We will address questions as they come in. • At the end if there is time, we will take questions verbally from the attendees. We will advise if and when there is time for you to “raise your hand” if you have a question. • Please complete the 4 question post session survey. The survey will launch when you close out of the webinar. PUB00303R6, CIP Safety Protocol Training, © 2021 ODVA 2 Overview of Functional Safety Standards Jim Grosskreuz Rockwell Automation Evolution of Factory Safety In early factories, workers were encouraged to act in unsafe ways to meet production goals. Industry 2.0 and 3.0 gave us increased focus improved safety by focusing on human factors and developing best practices. Industry 4.0 requires flexibility, ease of use, human-machine collaboration, and interoperability between vendors. PUB00303R6, CIP Safety Protocol Training, © 2021 ODVA 4 Machinery Builder & Operator Responsibilities • European Union – Machinery Directive • Prescriptive approach to machinery safety • Mandates risk assessments and safe machines • United States – OSHA • Less prescriptive approach to machinery safety • Introduces fines for violations – Litigious Culture • OEMs and System Integrators aren’t protected from litigation • Elsewhere – Mixed legal and cultural environments
    [Show full text]
  • Introduction and Terminology for Functional Safety of Machines and Systems Reference Manual
    Introduction 1 Regulations and standards 2 3 Safety Integrated Terms Attachment 4 Introduction and Terminology for Functional Safety of Machines and Systems Reference Manual 09/2020 E86060-T1813-A101-A6-7600 Legal information Warning notice system This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are graded according to the degree of danger. DANGER indicates that death or severe personal injury will result if proper precautions are not taken. WARNING indicates that death or severe personal injury may result if proper precautions are not taken. CAUTION indicates that minor personal injury can result if proper precautions are not taken. NOTICE indicates that property damage can result if proper precautions are not taken. If more than one degree of danger is present, the warning notice representing the highest degree of danger will be used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to property damage. Qualified Personnel The product/system described in this documentation may be operated only by personnel qualified for the specific task in accordance with the relevant documentation, in particular its warning notices and safety instructions. Qualified personnel are those who, based on their training and experience, are capable of identifying risks and avoiding potential hazards when working with these products/systems.
    [Show full text]
  • Functional Safety Compliance Throughout the Vehicle with Safeassure Solutions FTF-AUT-F0009 Richard Soja | Automotive MCU Systems Engineer
    Functional Safety Compliance Throughout the Vehicle with SafeAssure Solutions FTF-AUT-F0009 Richard Soja | Automotive MCU Systems Engineer A P R . 2 0 1 4 TM External Use Agenda • Functional Safety at Freescale • Functional Safety and Microcontrollers • MCU Safety Context and Safety Concepts • Dynamic FMEDA • Safety Manual TM External Use 1 Microcontrollers and Digital Networking Processors Five Core Product Four Primary Groups Markets Microcontrollers Automotive Digital Networking Networking Automotive MCU >50 Year Legacy Industrial >5,500 Engineers Analog >6,100 Patent Families RF Consumer TM External Use 2 Several Platforms Key to Making the World a Healthier, Safer Place • Active Safety Systems • Connected Home • Advanced Driver • Portable Medical Assistance • Factory Automation • Radar, Vision Systems Systems • Functional Safety We See a Healthier, Safer Population TM External Use 3 Functional Safety. Simplified. • Simplifies the process of system compliance, with solutions designed to address the requirements of automotive and industrial functional safety standards • Reduces the time and complexity required to develop safety systems that comply with ISO 26262 and IEC 61508 standards • Supports the most stringent Safety Integrity Levels (SILs),enabling designers to build with confidence • Zero defect methodology from design to manufacturing to help ensure our products meet the stringent demands of safety applications TM External Use 4 The Right Technology Partner TM External Use 5 SafeAssure - Simplification • SafeAssure products
    [Show full text]
  • IEC 61784-3-3 ® Edition 2.0 2010-06 INTERNATIONAL STANDARD
    This is a preview - click here to buy the full publication IEC 61784-3-3 ® Edition 2.0 2010-06 INTERNATIONAL STANDARD colour inside Industrial communication networks – Profiles – Part 3-3: Functional safety fieldbuses – Additional specifications for CPF 3 INTERNATIONAL ELECTROTECHNICAL COMMISSION PRICE CODE XF ICS 25.040.40; 35.100.05 ISBN 978-2-88910-978-4 ® Registered trademark of the International Electrotechnical Commission This is a preview - click here to buy the full publication – 2 – 61784-3-3 © IEC:2010(E) CONTENTS FOREWORD...........................................................................................................................8 0 Introduction .................................................................................................................... 10 0.1 General .................................................................................................................10 0.2 Patent declaration .................................................................................................12 1 Scope.............................................................................................................................13 2 Normative references .....................................................................................................13 3 Terms, definitions, symbols, abbreviated terms and conventions ....................................15 3.1 Terms and definitions ............................................................................................15 3.1.1 Common terms and definitions
    [Show full text]
  • FUNCTIONAL SAFETY ASSESSMENTS Guidance on FSA Stages 1, 2 and 3
    FUNCTIONAL SAFETY Version 1.0 - 01.03.2019 ASSESSMENTS Page 1 of 31 FUNCTIONAL SAFETY ASSESSMENTS Guidance on FSA Stages 1, 2 and 3 The 61508 Association,15 Hillside Road, Knutsford, Cheshire, WA16 6TH, UK Tel: 07977 441 552 E-mail: [email protected] Web: www.61508.org FUNCTIONAL SAFETY Version 1.0 - 01.03.2019 ASSESSMENTS Page 2 of 31 Contents Contents .................................................................................................................................................. 2 Revision History ...................................................................................................................................... 4 1 Introduction...................................................................................................................................... 5 1.1 Aim of this guidance ................................................................................................................ 5 1.2 Intended audience for this guidance ....................................................................................... 5 1.3 Background – The Requirement for Functional Safety Assessments .................................... 5 1.4 The purpose / approach of this guidance ................................................................................ 7 2 Definitions and Abbreviations.......................................................................................................... 8 2.1 Functional Safety Assessment ...............................................................................................
    [Show full text]
  • Introduction to Functional Safety
    Functional Safety for Programmable Electronics Used in PPE: Best Practice Recommendations (In Nine Parts) Part 1: Introduction to Functional Safety Prepared by Safety Requirements, Inc. NIOSH Contract 200-2003-02355 September 2007 Part 1 - Introduction to Functional Safety TABLE OF CONTENTS TABLE OF CONTENTS .........................................................................................i LIST OF FIGURES................................................................................................ii LIST OF TABLES..................................................................................................ii FOREWORD........................................................................................................ 1 Background ....................................................................................................... 1 The Report Series ............................................................................................. 1 Report Scopes................................................................................................... 2 Intended Users .................................................................................................. 7 Relevance of the Guidelines.............................................................................. 7 Reference Guidelines and Standards................................................................ 7 ACKNOWLEDGEMENT..................................................................................... 10 ABSTRACT .......................................................................................................
    [Show full text]
  • Functional Safety in the Process Industry You Want That Feeling of Security
    Functional safety in the process industry You want that feeling of security. You require uninterrupted production. We bring you safety and reliability. Page 3 Page 4 SIL – Safety Integrity Level SIL in concrete terms Our expertise Your advantage 2 SIL – Safety Integrity Level Safety equipment in process plants aims to reduce the hazards presented by processes for people, the environment and property to the lowest possible, acceptable level. Depending on the potential hazards, plants are assigned a Safety Integrity Level (SIL1 to SIL4). SIL1 represents the lowest risk and SIL4 the highest acceptable risk with catastrophic consequences. As a general principle, the more hazardous the plant, the more reliably its safety equipment must operate in case of an emergency. Once a plant is assigned a SIL level, specific installation principles must be observed, e.g. redundant design. This enables the risk to be reduced to the greatest possible extent in the event of a malfunction. SIL (Safety Integrity Level) S Extent of damage W1 W2 W3 S1 Minor injury to a person S1 S2 Severe injury to several persons – – – or death of a person P1 S3 Deaths of several persons F1 SIL1 – – P2 S4 Catastrophic consequences with multiple deaths S2 SIL1 SIL1 – P1 F2 SIL2 SIL1 SIL1 F Frequency and exposure time P2 F1 Seldom to relatively frequent SIL3 SIL2 SIL1 F2 Frequent to continuous F1 S3 SIL3 SIL3 SIL2 F2 P Avoiding/mitigating the danger SIL4 SIL3 SIL3 S4 P1 Possible under certain conditions SIL4 SIL4 SIL3 P2 Hardly ever possible W Probability of occurrence W1 Relatively high Four discrete levels (SIL1 to SIL4).
    [Show full text]
  • IEC 61784-3-12 ® Edition 1.0 2010-06 INTERNATIONAL STANDARD
    This is a preview - click here to buy the full publication IEC 61784-3-12 ® Edition 1.0 2010-06 INTERNATIONAL STANDARD colour inside Industrial communication networks – Profiles – Part 3-12: Functional safety fieldbuses – Additional specifications for CPF 12 INTERNATIONAL ELECTROTECHNICAL COMMISSION PRICE CODE XD ICS 25.040.40; 35.100.05 ISBN 978-2-88910-981-4 ® Registered trademark of the International Electrotechnical Commission This is a preview - click here to buy the full publication – 2 – 61784-3-12 © IEC:2010(E) CONTENTS FOREWORD...........................................................................................................................6 0 Introduction ......................................................................................................................8 0.1 General ...................................................................................................................8 0.2 Patent declaration .................................................................................................10 1 Scope.............................................................................................................................11 2 Normative references .....................................................................................................11 3 Terms, definitions, symbols, abbreviated terms and conventions ....................................12 3.1 Terms and definitions ............................................................................................12 3.1.1 Common terms
    [Show full text]
  • Functional Safety Concept to Support Hazard Assessment and Risk Management in Water-Supply Systems
    energies Article Functional Safety Concept to Support Hazard Assessment and Risk Management in Water-Supply Systems Barbara Tchórzewska-Cie´slak 1 , Katarzyna Pietrucha-Urbanik 1,* and Mohamed Eid 2 1 Department of Water Supply and Sewerage Systems, Faculty of Civil, Environmental Engineering and Architecture, Rzeszow University of Technology, Al. Powstancow Warszawy 6, 35-959 Rzeszow, Poland; [email protected] 2 National Institute of Applied Sciences of Rouen-LMN, INSA-Rouen, 685 Avenue de l’Université-BP 08, 76801 St. Etienne du Rouvray, France; [email protected] * Correspondence: [email protected]; Tel.: +48-17-865-1703 Abstract: Within the frame of upgrading and modernisation of the Water Supply System (WSS), our work is focussing on the safety systems/devices implemented or that should be implemented in the WSS. The implementation of safety systems is supposed to reduce hazard occurrence and hazardous consequences in case of a WSS unsafe disruption. To assess this reduction, we preconise the use of the safety integrity levels standards. The implementation of the safety systems/devices is undertaken on the ground of the multi-barriers safeguard approach. The “Water Contamination Hazard” is considered in the paper. A case study is presented, assessed and conclusions are drawn. The methodology presented in the paper and the results of the case study assessment will contribute to the decision-making regarding the upgrading of the safety and the performance of the WSS. Keywords: functional safety; risk; failure analysis Citation: Tchórzewska-Cie´slak,B.; Pietrucha-Urbanik, K.; Eid, M. Functional Safety Concept to Support Hazard Assessment and Risk 1.
    [Show full text]
  • AS 62061-2006 Safety of Machinery
    AS 62061—2006 IEC 62061, Ed. 1.0 (2005) AS 62061—2006 Australian Standard™ Safety of machinery—Functional safety of safety-related electrical, electronic and programmable electronic control systems This is a free 11 page sample. Access the full version online. This Australian Standard was prepared by Committee EL-017, Electrical Equipment of Industrial Machinery. It was approved on behalf of the Council of Standards Australia on 19 April 2006. This Standard was published on 10 May 2006. The following are represented on Committee EL-017: Australian Electrical and Electronic Manufacturers Association Department of Consumer and Employment Protection, WorkSafe Division (WA) Department of Industrial Relations (QLD) Department of Primary Industries, Mine Safety (NSW) Electrical Regulatory Authorities Council Federal Chamber of Automotive Industries Victorian WorkCover Authority Keeping Standards up-to-date Standards are living documents which reflect progress in science, technology and systems. To maintain their currency, all Standards are periodically reviewed, and new editions are published. Between editions, amendments may be issued. Standards may also be withdrawn. It is important that readers assure themselves they are using a current Standard, which should include any amendments which may have been published since the Standard was purchased. Detailed information about Standards can be found by visiting the Standards Web Shop at www.standards.com.au and looking up the relevant Standard in the on-line catalogue. Alternatively, the printed Catalogue provides information current at 1 January each year, and the monthly magazine, The Global Standard, has a full listing of revisions and amendments published each month. Australian StandardsTM and other products and services developed by Standards Australia are published and distributed under contract by SAI Global, which operates the Standards Web Shop.
    [Show full text]