Did you know, if you own/operate ANY form of electrical / electronic or programmable system that has one or more safety functions with a potential SIL (safety integrity level) rating, then you need to conduct periodic functional safety assessment during operations...known as FSA 4?
I often get asked how to become a certified functional safety professional or certified functional safety expert (CFSP or CFSE). Well, here's a blog which explains some of the background, what your options are, and how much preparation time you'll need to put in.
Functional Safety Assessment may be a dry topic at the best of times, so much so that I took it as a personal challenge to try and write a paper about it!
The paper highlights experiences from several different projects and concludes with some simple recommendations to save time, money and mistakes.
The paper featured at the IChemE Hazards 29 conference, which took place in late May 2019.
What happens when a project is not well planned, plans are not properly communicated or accountabilities are unclear? Safety-related projects are essentially no different to any other project in terms of management, but the issue of accountability is a clear differentiator. When it goes wrong, people, the environment and finances can get hurt.
When it comes to deciding on using hard-wired logic or a Programmable Logic Controller (PLC) for a safety instrumented system logic solver design, there are some clear positive and negatives to each approach. So, how do you decide whether a programmable system is advisable or necessary given the possibility for cyber attack* in the internet-of-things era?
Why do people attend training courses, and what can online Cloud based E-Learning provide for your competence management system that a traditional classroom course cannot?
Why does any employee attend a training course? Very often the main answer to the question is that the employer requires them to, usually to enable human resources to track progress in a competence management system (CMS).
Achieving complete compliance with "risk-based" functional safety standards like IEC 61511 is a great objective to have, but is it, in fact, possible?
Experience with process industry functional safety assessment and audit would suggest that 100% compliance is NOT realistic when there are approximately 593 clauses, sub-clauses and bullet-point requirements in IEC 61511 .
If you are responsible for a Safety Instrumented System (SIS) with Safety Integrity Level (SIL) rated functions, then you might be wondering where to start with cybersecurity standards for industrial automation and control systems (IACS). Read this blog to find out my personal take.
The recently updated process sector safety instrumented system (SIS) standard IEC 61511 edition 2 now requires that a "security risk assessment is carried out to identify security vulnerabilities of the SIS" . But how should cybersecurity for industrial automation and control systems (IACS) be approached?
Perhaps you have installed safety systems which date from the 1990's or early turn of this century. If so, you might be wondering whether you need to follow IEC 61511 edition 2 for Safety Integrity Level (SIL) conformance?
If your safety system installation pre-dates 2004 then you are highly unlikely to have experienced the full requirements of IEC 61511 edition 1, and even less likely still to have much idea of the edition 2 changes that were introduced in 2016 (late 2017 in UK).
However, if you are the duty holder you should certainly be aware that IEC 61511 edition 2 now requires functional safety assessment for existing installations. Specifically, a Functional Safety Assessment (FSA) is now required "periodically" during the operations and maintenance phase (see IEC 61511-1 edition 2 clause 188.8.131.52.10).
How do you get valued staff and contractors to engage with Process Safety, Functional Safety and similar "tricky" subjects? Send them on a training course or ask them to take some online training? How about both? An online plus classroom experience might just be the answer to getting a step-change in safety culture in your organisation. If that's of interest then read on.
The headline, extracted from a popular song lyric*, uses the double-negative "don't need no", quite intentionally - to help emphasize a point. Whatever the song writer meant I'll leave to others to decipher, but for my purposes hopefully it will get attention.
The recently updated process sector safety instrumented system (SIS) standard IEC 61511 now requires that a "security risk assessment is carried out to identify security vulnerabilities of the SIS" . But how should such an assessment be approached*, and what can you do to prepare for it?
There have been well publicized examples of cyber-security breaches in the public domain, including the 2017 National Health Service (NHS) "Wannacry" ransomware as an example. Perhaps less well known by the general public was the 2017 "Triton" attack on Schneider Electric's Tricon TMR safety systems on a Saudi Arabian Petrochemical plant. That led to an unplanned shutdown of the process rather than any major hazard, but it could easily have been a very different outcome.
Read on to see the software buyer's guide table...a comparison of 4 cloud-based software solutions. This blog will will look at the main reasons why using such software is better than many traditional approaches, which companies are working in the domain, and the questions you should ask before you choose a solution.
For the third blog of this series, the focus is on proof testing. This article will look at what proof testing is, why it's needed, and give some outline examples of proof test procedure requirements. It will also introduce some issues I've personally experienced during audits and assessments of proof test procedures in the process industry sector.
Operation and maintenance procedures for Safety Instrumented Systems (SIS) will vary from company to company. However, there are some specific requirements that need to be covered for safe continued operation.
The first blog on this topic discussed general operation and maintenance (O&M) requirements for sustaining the integrity of a SIS. This second article discusses the requirements for developing and maintaining SIS O&M procedures.
How do you ensure a Safety Instrumented System in operation will maintain its original design integrity for a lifetime of 15+ years?
The IEC 61511 (2016) safety life-cycle provides some brief guidance for operation and maintenance of a safety instrumented system (SIS) in clause 16. The stated objectives are to ensure that the validated system’s safety integrity is not compromised in any way, and that the SIL for each safety instrumented function (SIF) is sustained over the whole system lifetime.
Once an SIS reaches the operation stage, it's important that equipment is regularly inspected and maintained. Proof test procedures should have been developed for each safety function. The frequency of carrying out these inspections and tests should already have been determined by probability of failure calculations.
The process sector standard IEC 61511 is aimed at applications where instrumented systems are used for risk reduction in the process industry sector - including applications in chemicals, oil and gas, pulp and paper, pharmaceutical manufacturing, food and beverage, and non-nuclear power generation. Reduction of risk can be applied in the context of people, the environment and asset loss.
The original standard was published in the early 2000's, so edition 2 is a planned update. The intent of re-publishing it is to amend things that were not clear or simply were not working so well.
Hazardous process industry sites must carry out periodic functional safety assessment (FSA) of safety instrumented systems. But why?
Many hazardous process industry sites have viewed Functional Safety Assessment (FSA) as a project activity to be completed when a new safety instrumented system (SIS) gets installed, and of course, that is absolutely correct. Some have also registered that FSA is required for modifications, and a few have acknowledged that it must even be completed for minor changes to an SIS.
But what about existing, or "legacy" systems where apparently nothing is being changed and no SIS equipment is being modified? The system didn't fail last time it was needed, so surely it will be perfectly good next time?
Process accident history is awash with many examples of apparent incompetence involving safety instrumented systems (and other protection layers), some of them resulting in literally billions of dollars of losses, not to mention large environmental impact and loss of human life.
So, developing and maintaining competence in the area of important protection layers such a Safety Instrumented Systems (SIS) would seem to be a "no-brainer".
Functional Safety Assessment (FSA) has been a requirement in IEC 61511 - Safety Instrumented Systems for the process industry sector, since the first edition published back in 2003. An FSA is one of the clear activities required to claim compliance with the IEC 61511 standard. The stated objective is to ensure that functional safety and safety integrity are achieved.
The safety life-cycle, sometimes spelled lifecycle, was conceived after the Health and Safety Executive (HSE - a UK government agency) found that accidents involving control systems could be attributed to various different root causes.
The highest root cause of accidents was found to be poor specification of the system (44% of cases), followed by modification after commissioning (20%), and then poor operation or maintenance (15%).