Jon Keswick, CFSE
Author Archives: Jon Keswick, CFSE

Safety Instrumented System PDF

Ultimate SIS safety life-cycle guide

This free eBook was written to provide an overview of key terminology and aspects of the safety life-cycle according to IEC 61511 edition 2, aimed at process industry functional safety applications of safety instrumented systems - SIS.

It takes many years to master the technical aspects of functional safety and SIS, and I believe that simplified guides can really help those who are on that journey.

When is training truly ONLINE?

Functional safety common terms - eFunctionalSafety online self-paced learning for the process industry sector

BUYER BEWARE! There are many types of course currently marketed as "ONLINE", that sadly do not make meet the simplest test of what this actually suggests. I have followed this carefully over the past 10 years, and the variability is still quite staggering. There are too many BAD and UGLY courses, and not so many GOOD or betteer.

If you are interested in online functional safety training for TEAMS, then read on.

Safety Instrumented System Functional Safety Assessment Experiences

Functional Safety Assessment may be a dry topic at the best of times, so much so that I took it as a personal challenge to try and write a paper about it!

The paper highlights experiences from several different projects and concludes with some simple recommendations to save time, money and mistakes.

The paper featured at the IChemE Hazards 29 conference, which took place in late May 2019.

Tracked E-Learning for Teams

eFunctionalSafety tracked eLearning provides user progress and completion metrics for functional safety training

Why do people attend training courses, and what can online Cloud based E-Learning provide for your competence management system that a traditional classroom course cannot?

Why does any employee attend a training course? Very often the main answer to the question is that the employer requires them to, usually to enable human resources to track progress in a competence management system (CMS).

Is 100% functional safety compliance possible?

Achieving complete compliance with "risk-based" functional safety standards like IEC 61511 is a great objective to have, but is it, in fact, possible?

Experience with process industry functional safety assessment and audit would suggest that 100% compliance is NOT realistic when there are approximately 593 clauses, sub-clauses and bullet-point requirements in IEC 61511 [1].

Safety instrumented systems and security standards

iacs cyber-security, sis cybersecurity, eFunctionalSafety, industry 4.0

If you're responsible for a Safety Instrumented System (SIS) with Safety Integrity Level (SIL) rated functions, then you might be wondering where to start with cybersecurity standards for industrial automation and control systems (IACS). Read this blog to find out my personal take.

The recently updated process sector safety instrumented system (SIS) standard IEC 61511 edition 2 now requires that a "security risk assessment is carried out to identify security vulnerabilities of the SIS" [1]. But how should cybersecurity for industrial automation and control systems (IACS) be approached? 

10 steps to duty holder SIL conformance

Safety Integrity Level target, SIL rating, SIL determination, SIL verification, SIL assessment, SIL study, eFunctionalSafety

Perhaps you have installed safety systems which date from the 1990's or early turn of this century. If so, you might be wondering whether you need to follow IEC 61511 edition 2 for Safety Integrity Level (SIL) conformance?

If your safety system installation pre-dates 2004 then you are highly unlikely to have experienced the full requirements of IEC 61511 edition 1, and even less likely still to have much idea of the edition 2 changes that were introduced in 2016 (late 2017 in UK).

However, if you are the duty holder you should certainly be aware that IEC 61511 edition 2 now requires functional safety assessment for existing installations. Specifically, a Functional Safety Assessment (FSA) is now required "periodically" during the operations and maintenance phase (see IEC 61511-1 edition 2 clause 5.2.6.1.10).

Get a step-change in safety culture from hybrid training

hybrid training concept by eFunctionalSafety - mix online e-Learning and traditional classroom training to achieve better all-round competence with functional safety

How do you get valued staff and contractors to engage with Process Safety, Functional Safety and similar "tricky" subjects? Send them on a training course or ask them to take some online training? How about both? An online plus classroom experience might just be the answer to getting a step-change in safety culture in your organisation. If that's of interest then read on.

How to assess IACS cyber vulnerability using a Security CHAZOP

iacs and sis cybersecurity by eFunctionalSafety

The recently updated process sector safety instrumented system (SIS) standard IEC 61511 now requires that a "security risk assessment is carried out to identify security vulnerabilities of the SIS" [1]. But how should such an assessment be approached*, and what can you do to prepare for it?

There have been well publicized examples of cyber-security breaches in the public domain, including the 2017 National Health Service (NHS) "Wannacry" ransomware as an example. Perhaps less well known by the general public was the 2017 "Triton" attack on Schneider Electric's Tricon TMR safety systems on a Saudi Arabian Petrochemical plant. That led to an unplanned shutdown of the process rather than any major hazard, but it could easily have been a very different outcome.

Process SIS Operations Blog #3

eFunctionalSafety composite background image for process and functional safety - safety instrumented systems - sis proof testing

For the third blog of this series, the focus is on proof testing. This article will look at what proof testing is, why it's needed, and give some outline examples of proof test procedure requirements. It will also introduce some issues I've personally experienced during audits and assessments of proof test procedures in the process industry sector.

Key safety instrumented system operations advice

eFunctionalSafety composite background image for process and functional safety - safety instrumented systems - sis proof testing

Operation and maintenance procedures for Safety Instrumented Systems (SIS) will vary from company to company. However, there are some specific requirements that need to be covered for safe continued operation.

The first blog on this topic discussed general operation and maintenance (O&M) requirements for sustaining the integrity of a SIS. This second article discusses the requirements for developing and maintaining SIS O&M procedures.

10 things to know about SIS operations

eFunctionalSafety composite background image for process and functional safety - safety instrumented systems - sis proof testing

How do you ensure a Safety Instrumented System in operation will maintain its original design integrity for a lifetime of 15+ years?

The IEC 61511 (2016) safety life-cycle provides some brief guidance for operation and maintenance of a safety instrumented system (SIS) in clause 16. The stated objectives are to ensure that the validated system’s safety integrity is not compromised in any way, and that the SIL for each safety instrumented function (SIF) is sustained over the whole system lifetime.

Once an SIS reaches the operation stage, it's important that equipment is regularly inspected and maintained. Proof test procedures should have been developed for each safety function. The frequency of carrying out these inspections and tests should already have been determined by probability of failure calculations.

Process SIS standards are changing – learn more

An image showing fuel storage and IEC 61511 edition 2 process sector standard wording in the foreground - eFunctionalSafety news

The process sector standard IEC 61511 is aimed at applications where instrumented systems are used for risk reduction in the process industry sector - including applications in chemicals, oil and gas, pulp and paper, pharmaceutical manufacturing, food and beverage, and non-nuclear power generation. Reduction of risk can be applied in the context of people, the environment and asset loss.

The original standard was published in the early 2000's, so edition 2 is a planned update. The intent of re-publishing it is to amend things that were not clear or simply were not working so well.

5 reasons you should assess functional safety during operation

Safety Instrumented Systems Design - background process industry image - eFunctionalSafety

Hazardous process industry sites must carry out periodic functional safety assessment (FSA) of safety instrumented systems. But why?

Many hazardous process industry sites have viewed Functional Safety Assessment (FSA) as a project activity to be completed when a new safety instrumented system (SIS) gets installed, and of course, that is absolutely correct. Some have also registered that FSA is required for modifications, and a few have acknowledged that it must even be completed for minor changes to an SIS.

But what about existing, or "legacy" systems where apparently nothing is being changed and no SIS equipment is being modified? The system didn't fail last time it was needed, so surely it will be perfectly good next time?

The international reach of eFunctionalSafety E-Learning

Global reach of eFunctionalSafety online self-paced courses

Since launching SIS Foundation, our IChemE accredited online Safety Instrumented Systems (SIS) e-Learning course in 2016, we have now reached customers as far and wide as Australia, Canada, Malaysia, Oman, Qatar, Saudi Arabia, UAE, USA, and of course the UK where we're based.

Our SIS e-Learning topics include many popular process safety related modules, including the SIS safety lifecycle, functional safety management, functional safety assessment, HAZOP, LOPA, ALARP demonstration, Safety Requirements Specification, SIS design and safety engineering, verification and validation, SIS operation and maintenance and proof testing techniques.

No such thing as a free lunch?

e-Learning for process industry safety and functional safety by eFunctionalSafety

My Father used to say this a lot. "There's no such thing as a free lunch". I never got the meaning as a child...all my lunches seemed to be free? Sadly, he passed away when I was in my teens, so I guess I never really understood the real meaning until later on in life.

Costly competence

Competence is a critical part of functional safety management for conformance with IEC 61511 and IEC 61508 - by eFunctionalSafety

​Process accident history is awash with many examples of apparent incompetence involving safety instrumented systems (and other protection layers), some of them resulting in literally billions of dollars of losses, not to mention large environmental impact and loss of human life.

So, developing and maintaining competence in the area of important protection layers such a Safety Instrumented Systems (SIS) would seem to be a "no-brainer".

Is functional safety assessment required in operation?

eFunctionalSafety functional safety assessment, training, online courses and verification services for the process industry sector

Functional Safety Assessment (FSA) has been a requirement in IEC 61511 - Safety Instrumented Systems for the process industry sector, since the first edition published back in 2003. An FSA is one of the clear activities required to claim compliance with the IEC 61511 standard. The stated objective is to ensure that functional safety and safety integrity are achieved.

Safety Instrumented Systems online training receives IChemE accreditation

IChemE independently assessed the Safety Instrumented Systems (SIS) Foundation Online Training course and materials benchmarked against their internationally recognised professional standards.

The course is now part of an exclusive range of training programmes endorsed by IChemE to support the professional development of chemical, process and biochemical engineers.

Justin Blades, IChemE deputy chief executive, said: 

“As a professional body, one of IChemE’s main aims is to encourage a commitment to qualifications, standards and excellence in the chemical and process industries.
“Our accreditation service enables all organisations to demonstrate, independently, the high quality of their training programmes to advance the chemical engineering profession.
“FIABLE Limited (owner of eFunctionalSafety) have met our rigorous standards and we congratulate them on their achievement and contribution to improving skills and knowledge in the sector.”

Jon Keswick, Managing Director of FIABLE Limited stated, "this is the first of several online training modules we will be putting through the IChemE accreditation process. We're very happy to have achieved this first step along the road."

The IChemE certificate and accreditation provide 18 Continuing Professional Development (CPD) hours for those who complete the course.

About IChemE 

The Institution of Chemical Engineers (IChemE ) is the hub for chemical, biochemical and process engineering professionals worldwide. With a growing global membership of 42,000, the Institution is at the heart of the process community, promoting competence and a commitment to best practice, advancing the discipline for the benefit of society, encouraging young people in science and engineering and supporting the professional development of its members. Website: www.icheme.org.

About eFunctionalSafety

FIABLE Limited trades as eFunctionalSafety, which hosts technical eLearning material aimed at improving personnel competence in the field of Functional Safety for End Users, Original Equipment Manufacturers, Control and Safety System Integrators and Engineering Contractor companies.

Why do control systems go wrong?

The safety life-cycle, sometimes spelled lifecycle, was conceived after the Health and Safety Executive (HSE - a UK government agency) found that accidents involving control systems could be attributed to various different root causes.

The highest root cause of accidents was found to be poor specification of the system (44% of cases), followed by modification after commissioning (20%), and then poor operation or maintenance (15%). 

4 out of 5 of the root causes of accidents  involving control systems are typically under the full control of the hazard owner.

In practice, despite the hazard owner (end user) being responsible as duty holder, many control and safety system automation projects are sub-contracted to one or more third parties. Engineering contractors and system integrators are typically providing much of the input to detailed specifications, and they are often involved with almost every aspect up to final validation and hand-over of the system.

In the view of this author, this is one of the key challenges of applying the safety life-cycle approach in practice. The key to reducing risk in all parts of the life-cycle is effective management of the companies involved in delivering products and services. "Management" in this context means policies, planning, people, procedures and paperwork. If any of these elements is lacking, it can lead to project problems.

Unfortunately, many functional safety consulting companies have focused on providing technical calculations for probability of failure as being the main activity required for risk reduction during the safety life-cycle. The standards IEC 61508 (applicable to equipment vendors), IEC 61511 (process industry) and IEC 62061 (machinery safety) do require these calculations. However, the focus is somewhat over-emphasized. As ever, engineers tend to like technical calculations - but they often fail to tackle the huge issues of poor management!

If we're going to see reduced risk over the long term, then functional safety management must be improved.

More blogs like this
>