Functional Safety Assessment & Audit
Functional safety assessment - FSA, is an independent verification by a competent, senior person, not involved with the stages of the system or facility being assessed.
eFunctionalSafety has track history of assessing functional safety projects that need to conform to IEC 61511 / IEC 61508 for process safety, and IEC 62061 / ISO 13849 for machinery safety applications.
FSA should be conducted as early as the safety requirements specification stage (FSA 1), and is required at least once prior to start up (FSA 3).
If you need an independent assessor, eFunctionalSafety provides the planning and FSA protocol that can help you through the process of closing key gaps to conformance.
Our functional safety assessment checklist includes several hundred questions which relate to each IEC 61511 edition 2 and IEC 61508 edition 2 requirement, as applicable to the project scope.
Functional Safety Assessment Procedure
A functional safety assessment (FSA) must only commence with a sound procedure and plan in place. The eFunctionalSafety typical methodology includes a series of "swim-lane" work processes which show the required steps and responsibilities of each party.
For a new-build or major modification project, our planning will include scoping all the proposed stages of FSA, the required inputs at each stage, and the expected results.
For a functional safety assessment of an existing SIS in operation, our plan will show the extent and scope of the assessment to be conducted on the existing system. Any exclusions will be fully clarified at the outset.
Where are you in the lifecycle - new or old?
For a new-build project we recommend that FSA is started as soon as the first SIL assessment has been completed. This may be before the safety requirements are fully developed, but from experience it is not wise to wait that long.
We use a combination of offline document review and site-based project team interviews to conduct our assessment
When the safety requirements specification is fully available, the FSA 1 activity can be finalised and formal reports can be produced.
A Stage 5 Functional Safety Assessment (FSA) was required for a safety instrumented system (SIS) undergoing upgrade on a Top Tier COMAH* chemical plant. We provided the lead assessor to scope, plan and deliver an independent assessment report.
We reviewed the safety instrumented system modification scope, including a revised hazard study, layer of protection analysis, safety requirements and the design changes to hardware and software of the system. The FSA stage 4 concluded with witnessed validation of the entire SIS prior to start-up.
eFunctionalSafety also completed a Stage 4 FSA by reviewing operations and maintenance procedures and proof test records for the existing system.
*COMAH - Control of Major Accident Hazards - UK legislation.
Assessment & Audit
Functional safety assessment FAQ's
What is a Functional Safety Assessment?
Functional safety assessment is an important review activity which is required in IEC 61511 and IEC 61508 to be carried out at least once prior to start-up of a new or modified automated safety system.
The activity must be led by a senior, competent person, who is not involved with the step or steps being assessed.
The end expectation of a functional safety assessment is that a judgement is made about the functional safety conformance and safety integrity achieved by every safety instrumented function within the system(s) being assessed.
The hope is that duty holders will implement functional safety assessment planning at the outset of a new project or modification process. Every organisation involved in delivering functional safety equipment or services must be aware of their responsibilities.
What is a Functional Safety Audit?
Functional safety audit is intentionally separated from functional safety assessment in the IEC series of functional safety standards.
The goal is for an audit of procedures and records to determine whether an appropriate functional safety management system is in place, and it is being followed.
Somewhat like a Quality or Gap audit, a functional safety audit cannot be conducted until functional safety procedures are in place. The assessor is looking for sufficient evidence that procedures are being followed.
An audit alongside a functional safety assessment activity is an entirely valid prospect for an existing installation.
When is the best time to do a Functional Safety Assessment?
The timing of a functional safety assessment depends largely on what type of project or installation is being assessed, and to which standard.
IEC 61511 process industry Safety Instrumented System (SIS) existing installations (not being modified)
- Also known as an FSA stage 4 - since IEC 61511 edition 2 was published, it has been a requirement to conduct functional safety assessment of existing systems after some time in operation and maintenance.
- There is no specific minimum or maximum frequency required by IEC 61511, but our suggestion is to conduct audits at least once every two (2) years.
IEC 61511 process industry Safety Instrumented System (SIS) Upgrade or Modification Projects
- Also known as an FSA stage 5 - any modification project may include elements of stages one, two and three shown below for New-Build Projects.
- Plan functional safety assessment stages as soon as the scope of the modification or upgrade is known.
- An optimum time to start the functional safety assessment activity is after hazard and risk assessment has been completed, and target Safety Integrity Level (SIL) has been identified for Safety Instrumented Functions.
- If no SIL targets are identified, then it is still important to have an independent to ensure the hazard and risk assessments are valid.
- For all SIL rated safety instrumented functions, be aware that a Safety Requirements Specification will be needed for these and the safety instrumented system, even if one was not provided for the original installation of the system before modification or upgrade.
IEC 61511 process industry Safety Instrumented System (SIS) New-Build Projects
- Plan functional safety assessment as soon as the project kicks off, and include its key stages in overall project planning.
- Stage 1 FSA - When the hazard and risk assessment is complete, and SIL target has been selected. Technically, it is possible to wait until the safety requirements are completed before starting functional safety assessment stage one, but only if this is available immediately following the SIL target allocation or SIL determination stage.
DO NOT WAIT FOR REQUIREMENTS TO FULLY STABILIZE BEFORE STARTING FUNCTIONAL SAFETY ASSESSMENT.
- Stage 2 FSA - This is best completed alongside Factory Acceptance Testing, although it is advisable to start the stage two functional safety assessment activity when the instrumentation and logic solver selection has been made. Logic solver software review should commence when the software detailed design specification is available.
- Stage 3 FSA - This must be complete before the safety instrumented system enters into service. To achieve this in practice, it is crucial that FSA 1 and FSA 2 stage actions been closed out. Key documents for this stage include the installation, commissioning and validation planning, and subsequent records that validation is complete.
Who needs to be involved with Functional Safety Assessment?
Who needs to be involved in a Functional Safety Audit?
Contact us for detail of our FSA Workflows and Checklists or to request a quotation
Just fill out your name and company email address below and we'll make contact soon.