sil for starters.pdf
TRANSCRIPT
-
8/12/2019 SIL for Starters.pdf
1/22
Functional Safety
Guide for Safety Instrumented Function Application
Title1
-
8/12/2019 SIL for Starters.pdf
2/22
Content
Why should you require a Safety Instrumented Function (SIF)?
Requirement when selecting the component according to IEC 61511 for a SIF
Assessment of component according to IEC 61508 to be implemented into a SIF
Advantages using fully assessed 9000 Series in SIF
-
8/12/2019 SIL for Starters.pdf
3/22
SIFWhy should you require a
Safety Instrumented Function
-
8/12/2019 SIL for Starters.pdf
4/22
Hazard and risk assessment
When going into functional Safety, the primary requirement of the IEC 61511 is to have
a Functional Safety Management Systemwith identification of the safety strategy to
reach safety and identification of the people involved.
People must be aware of their responsibility and be educate for it.
One of the first step of functional safety is to realize a risk assessment to identify,
analyze possible hazard events and define the risk reduction requirement when
necessary.
Main risk analysis technics are:
HAZOP (Hazard and Operability analysis), FMEA (Failure Modes and Effects
Analysis), Bow Tie, FTA (Fault Tree Analysis), ETA (Event Tree Analysis),
A tolerable risk must be defined
Risk related to the
potential hazard
Severity of the
potential armProbability of
occurence
-
8/12/2019 SIL for Starters.pdf
5/22
Hazard and risk assessment
Further the risk assessment, safety barrier willbe defined with an associated risk reduction
factor
Safety barriers can be mechanical or Safety
Instrumented Functions
Safety Barriers can be for prevention of the
hazard to occur or for mitigation after an hazard
occurs.
Safety Integrated Level
(SIL) is introduced here as a risk
risk reduction factor
Identification of thepotential hazards
Risk estimation
Risk evaluation
Risk reduction
Tolerable risk targeted
-
8/12/2019 SIL for Starters.pdf
6/22
COMMUNITY EMERGENCY RESPONSE
PLANT EMERGENCY RESPONSE
MITIGATION
Mechanical protection system
Safety Instrumented System
PREVENTION
Mechanical protection systemSafety Instrumented System
BPCS (SNCC)
Monitorins Systems
Operator supervision
PROCESS DESIGN
Allocation of the safety function
Protection Layer Model
-
8/12/2019 SIL for Starters.pdf
7/22
Safety Instrumented Functions
When requested SIL level is defined, the mode of operation of the safety
function shall be identified thus enable to implement component within an
instrumented safety function using corresponding figures.
DEMAND MODEOF OPERATION (Low demand)
SIL Target PFDavg Target risk reduction
4 10-5 to < 10-4 >10 000 to 100 000
3 10-4to < 10-3 >1 000 to 10 000
2 10-3 to < 10-2 >100 to 1 000
1 10-2 to < 10-1 >10 to 100
CONTINUOUS MODEOF OPERATION (High demand)
SIL Target PFH
4 10-9 to < 10-8
3 10-8 to < 10-7
2 10-7 to < 10-6
1 10-6to < 10-5
-
8/12/2019 SIL for Starters.pdf
8/22
Requirement when selecting
the component
according to IEC 61511
-
8/12/2019 SIL for Starters.pdf
9/22
Statement of the IEC 61511
-
8/12/2019 SIL for Starters.pdf
10/22
SIS Design and Engineering
SIS Design and Engineering
An end-user has two possibilities in selecting component or sub-systems to be
implemented in Safety Instrumented Functions.
Either the end-user can show that the device has a prior-use historyin accordance with
the requirements of IEC 61511 or
Either the device was developed and assessed according to IEC 61508
(this corresponds to an IEC 61508 full assessment)
It is very important to notice that the first requirement is to be fulfilled by the end-user only.
-
8/12/2019 SIL for Starters.pdf
11/22
Requirement for Prior use evidence
The Prior-Use clause of IEC 61511 states the following:
IEC 61511-1, Section 11.5.3.1: Appro pr iate evidence sh al l be avai lablethat the
components and sub-systems are suitable for use in the safety instrumented system.
IEC 61511 , Section 11.5.3.2 : The appropriate evidence for devices
must be a documented case that includes:
Consideration of the manufacturers quality, management and configuration
management systems
Adequate identification and specification of the components or subsystems
Demonstration of the performance of the components or sub-systems in similar operating
profiles and physical environments
The volume of operating experience
-
8/12/2019 SIL for Starters.pdf
12/22
Discussion on Prior use evidence
Consideration of the manufacturers quality, management and configuration
management systems?
Do you verify the ISO 9000, the documented design process,
the safety manual of your supplier ?
Adequate identification and specification of the components or subsystems?
(Description of the components including design revision information?)
Do you verify your supplier version control of hardware, software?
Do you review the return data and field failure feedback system ?
Demonstration of the performance of the components or sub-systems in similar operating profiles and
physical environments on the plant, within the company?
Do you manage all operating profiles at your plant?
Type of device, environment condition,
The volume of operating experience?
Do you have a necessary recorded experience?
Prior use justification for component selection require high resources and cost
-
8/12/2019 SIL for Starters.pdf
13/22
Assessment of component
according to IEC 61508
-
8/12/2019 SIL for Starters.pdf
14/22
Component certification to IEC 61508
For a manufacturer, being IEC 61508 compliant means being fully compliant
to the standard not just a part of it.
Part 1: General requirements (required for compliance)
Part 2: Requirements for electrical/electronic/programmable electronic safety-related systems
(required for compliance)
Part 3: Software requirements
(required for compliance)
Part 4 to 7 are supporting information
Type A component shall be Part 1-2 compliant
Type B component shall be Part 1-2-3 compliant
At PR, we apply all requested parts for each Type A/B device of the 9000 Series
Technical
requirements
-
8/12/2019 SIL for Starters.pdf
15/22
Component certification to IEC 61508
A Safety Management System (SMS) has been created and assessed at PR
Competent and trained person, independency, Safety management plan,
A hardware assessment is performed for each model of the 9000 Series
Safety life cycle, Failure rates (FMEDA , Failure rates , SFF, HFT,)
A Software assessment is performed for each type B devices of the 9000 Series
Software Functional Safety plan, SW Safety Cycle, Validation planning,
SW Safety validation, operation and modification Verification,
Assessment by third party EXIDA
-
8/12/2019 SIL for Starters.pdf
16/22
FUNCTIONAL ASSESSMENT
Being IEC 61508 means being fully compliant to the standard, not only part of it.
At PR, we provide you:
Functional Safety Management System certificate
Software and/or Hardware Assessment Report
FMEDA report
Safety Manual
SIL Capable Certificate
Nothings missing We are full compliant!
Covering all 61508 requirement, our product can thus be selected
according to the IEC 61511, the end user standard.
-
8/12/2019 SIL for Starters.pdf
17/22
Advantages using the fully assessed
9000 Series
-
8/12/2019 SIL for Starters.pdf
18/22
Example : SIL2 achievement
Sensor Isolator SCS Isolator Actuator
Simple device PR electronics
9113BA
Invensys
Triconex
PR electronics
9107BA
Foxboro SRI990
Type B
HFT=0
SFF > 90%
Type B
HFT=1
SFF > 99%
Type A
HFT=0
SFF > 90%
Type A
HFT=0
SFF > 90%
SIL 2 SystematicCapability SystematicCapability SystematicCapability SystematicCapability
PFD or PFH calculation to check if it achieves the SIL level requirement with
corresponding Ti ( of all PFD SIF components)
The requirements for the SIF for a SIL 2 is achieved
-
8/12/2019 SIL for Starters.pdf
19/22
Example : SIL2 achievement
Sensor Isolator SCS Isolator Actuator
Simple device Manufacturer Invensys
Triconex
Manufacturer Foxboro SRI990
Type B
HFT=0
SFF 99%
Type A
HFT=0
SFF 90%
SIL1 only
No Systematic
Capability
Systematic
Capability
No Systematic
Capability
Systematic
Capability
PFD or PFH calculation to check if it achieves the SIL level requirement with
corresponding Ti ( of all PFD SIF components)
The requirements for the SIF for a SIL 2 is not achieved
-
8/12/2019 SIL for Starters.pdf
20/22
Example : SIL2 achievement
Sensor Isolator SCS Isolator Actuator
Simple device Manufacturer Invensys
Triconex
Manufacturer Foxboro SRI990
Type B
HFT=1
SFF 99%
Type A
HFT=0
SFF 90%
No Systematic
Capability
Systematic
Capability
No Systematic
Capability
Systematic
CapabilityPFD or PFH calculation to check if it achieves the SIL level requirement with
corresponding Ti ( of all PFD SIF components)
The requirements for the SIF for a SIL 2 is only partially achieved
It MUST be completed by an END USER proven in use
-
8/12/2019 SIL for Starters.pdf
21/22
Assessment according to IEC 61508 at PR
21
PR electronics innovate with full assessment by
means of :
Functional Safety Management System assessment
Hardware and Software assessment report on
individual products
SIL Capability Certificate on individual products
By selecting the PR system 9000 devices for
Safety Instrumented Function, you ensure that
the IEC 61511 requirements for component
selection are always fulfilled!
Both SIL2 & SIL3 level can be achieved with
the 9000 Series.
-
8/12/2019 SIL for Starters.pdf
22/22
Title22