How to develop E/E/PESs to IEC 61508?
-
Upload
willa-phelps -
Category
Documents
-
view
218 -
download
1
description
Transcript of How to develop E/E/PESs to IEC 61508?
![Page 1: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/1.jpg)
How to develop E/E/PESs to IEC 61508?
E/E/PES is:
electrical/electronic/programmable electronic system
IEC 61508-4 subclause 3.3.3
![Page 2: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/2.jpg)
What is the safety question?
How to make a product safe,
or
How to make a safe product?
![Page 3: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/3.jpg)
What is safety?
How do you measure it?
![Page 4: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/4.jpg)
safety
people
property
environment
people
property
environment
probability of
occurrence
severityof
occurrence
Safety: “freedom from unacceptable risk”
Harm to:
![Page 5: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/5.jpg)
What is a Risky System?
A system with an unacceptable combination of:
probability of occurrence of harm
and
the severity of that harm.
![Page 6: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/6.jpg)
IEC 61508 safety theory is - remove systematic defects
IEC 61508 implies:
ad hoc or non-safety processes non-safety products
non-safety processes – systematic defects safety processes
safety processes safety products
safety processes + functional safety assessment IEC 61508 compliance
![Page 7: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/7.jpg)
The Safety Equation
MTBF = MTBRF + MTBSF
PFD = PRFD + PSFD
safety integrity = hardware safety integrity + systematic safety integrity
MTBF - Mean Time Between Failure MTBRF - Mean Time Between Random Failure MTBSF - Mean Time Between Systematic Failure
PFD - Probability of Failure on Demand PRFD - Probability of Random Failure on Demand PSFD - Probability of Systematic Failure on Demand
![Page 8: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/8.jpg)
Safety Measurements
MTBF = 1/(failure rate)
failure rate = RHF + SHF + SSF
SIL 1/(failure rate)
SIL 1/(RHF + SHF + SSF)
RHF - Random Hardware Failure SHF - Systematic Hardware Failure SSF – Systematic Software Failure SIL - Safety Integrity Level
See IEC 61508-1, Tables 2 and 3
![Page 9: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/9.jpg)
Relationship of IEC 61508 to failure type
random hardware failure (RHF) see IEC 61508-2
systematic hardware failure (SHF) see IEC 61508-2
systematic software failure (SSF) see IEC 61508-3
![Page 10: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/10.jpg)
Systematic defects
Systematic defects are removed during the product development lifecycle
The product development lifecycle is depicted graphically with the V-model
The V-model for software development is shown in Figure 5 of IEC 61508-3
![Page 11: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/11.jpg)
The Parts of IEC 61508
IEC 61508-1 Part 1: General requirements
IEC 61508-2 Part 2: Requirements for electrical/electronic/programmable electronic safety-related systems
IEC 61508-3 Part 3: Software requirements
IEC 61508-4 Part 4: Definitions and abbreviations
IEC 61508-5 Part 5: Examples of methods for the determination of safety integrity levels
IEC 61508-6 Part 6: Guidelines on the application of IEC 61508-2 and IEC 61508-3
IEC 61508-7 Part 7: Overview of techniques and measures
![Page 12: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/12.jpg)
Non-complex or Complex system?
Non-complex deterministic system
A deterministic system has a unique output for each specific input
Complex non-deterministic system
A non-deterministic system means that the system output is a function of the current input and the previous output.
![Page 13: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/13.jpg)
IEC 61508-3 Software Requirements Example
From the E/E/PES hardware development processes, it has been determined that a microcontroller is required to implement the complex logic in software,
(See IEC 61508-3 Figure 1) and SIL 3 has been determined
IEC 61508-3, clause 7.2, Software safety requirements specification, points to IEC 61508-3, Table A.1
IEC 61508-3, Table A.1, Software safety requirements specification, points to IEC 61508-7, Technique/Measure B.2.4
IEC 61508-7, Technique/Measure B.2.4, describes Computer-aided specification tools
![Page 14: How to develop E/E/PESs to IEC 61508?](https://reader036.fdocuments.in/reader036/viewer/2022082510/5a4d1af57f8b9ab0599814f3/html5/thumbnails/14.jpg)
WHY NOT ENGINEERINGwww.whynotengineering.com