PROTECTING YOUR PROCESS GLOSSARY...
1
SIS SAFETY LIFE-CYCLE PHASES PROTECTING YOUR PROCESS FUNCTIONAL SAFETY IN PROCESS ENGINEERING HAZOP (IEC 61882) GUIDE WORDS: ■ no / not ■ more / less ■ as well as ■ part of ■ early / late ■ before / after ■ other than ■ reverse Minimum hardware fault tolerance of PE logic solvers Minimum hardware fault tolerance of sensors and final elements and non-PE logic solvers www.pepperl-fuchs.com Stage 1 Probability of failure on demand Demand mode of operation SIL Target average probability of failure on demand Target risk reduction 4 ≥ 10 -5 to < 10 -4 > 10.000 to ≤ 100.000 3 ≥ 10 -4 to < 10 -3 > 1.000 to ≤ 10.000 2 ≥ 10 -3 to < 10 -2 > 100 to ≤ 1.000 1 ≥ 10 -2 to < 10 -1 > 10 to ≤ 100 SIL Minimum hardware fault tolerance SFF < 60 % 60 % ≤ SFF < 90 % SFF ≥ 90 % 1 1 0 0 2 2 1 0 3 3 2 1 4 Special requirements apply (see IEC 61508) SIL Minimum hardware fault tolerance prior use (acc. to 11.4.4) Standard requirement SFF < 60 % (acc. to 11.4.3) 1 0 0 1 2 0 1 2 3 1 2 3 4 Special requirements apply (see IEC 61508) RISK IDENTIFICATION Stage 2 Stage 3 Stage 4 Stage 5 C = Consequence parameter F = Exposure time parameter P = Probability of avoiding the hazardous event W = In the absence of the SIF under consideration – = No safety requirements a = No special safety requirements b = A single SIF is not sufficient 1, 2, 3, 4 = Safety integrity level See IEC 61511-3 table D.2 RISK QUANTIFICATION Starting point for risk reduction estimation C B C C C D C A W3 W2 W1 P A P A P B P B P A P A P B P B F A F A F A F B F B F B RISK REDUCTION RISK ANALYSIS IEC 61508 IEC 61511 VDI/VDE 2180 ≤ 0,05 (logic) , ≤ 0,1 (field devices) HFT Physical block diagram Plant Plant PFD safety availability (acc. to VDI/VDE 2180) 3 DU · T 1 3 + · DU · T 1 4 2 2 DU · T 1 2 + · DU · T 1 2 DU · T 1 DU · T 1 2 2 DU · T 1 2 + · DU · T 1 3 2 2 1 0 1 0 – + + ++ + – + – Risk reduction SIL1 Risk reduction SIL2 Risk reduction SIL3 Subject to modification without notice • Copyright PEPPERL+FUCHS • Printed in Germany • Part No. 228121 REALIZATION GLOSSARY FUNCTIONAL SAFETY: Part of the overall safety relating to the process and the BPCS which depends on the correct functioning of the SIS and other protection layers. SAFETY INTEGRITY LEVEL (SIL): Discrete level (one out of four) for specifying the safety integrity requirements of the safety instrumented functions to be allocated to the safety instrumented systems. Safety integrity level 4 has the highest level of safety integrity; safety integrity level 1 has the lowest. RISK: Combination of the frequency of occurrence of harm and the severity of that harm. PROCESS RISK: Risk arising from the process conditions caused by abnormal events (including BPCS malfunction). TOLERABLE RISK: Risk which is accepted in a given context based on the current values of society. NECESSARY RISK REDUCTION: Risk reduction required to ensure that the risk is reduced to a tolerable level. SAFETY INSTRUMENTED SYSTEM (SIS): Instrumented system used to implement one or more safety instrumented functions. An SIS is composed of any combination of sensor(s), logic solver(s), and final element(s). SAFETY INSTRUMENTED FUNCTION (SIF): Safety function with a specified safety integrity level which is necessary to achieve functional safety and which can be either a safety instrumented protection function or a safety instrumented control function. SAFETY LIFE CYCLE: Necessary activities involved in the implementation of safety instrumented function(s) occurring during a period of time that starts at the concept phase of a project and finishes when all of the safety instrumented functions are no longer available for use. SAFETY REQUIREMENTS SPECIFICATION: Specification that contains all the requirements of the safety instrumented functions that have to be performed by the safety instrumented systems. SAFETY MANUAL: Manual which defines how the device, subsystem or system can be safely applied. SAFE FAILURE: Failure which does not have the potential to put the safety instrumented system in a hazardous or fail-to-function state. SAFE FAILURE FRACTION: Fraction of the overall random hardware failure rate of a device that results in either a safe failure or a detected dangerous failure. DEMAND MODE SAFETY INSTRUMENTED FUNCTION: Where a specified action (for example, closing of a valve) is taken in response to process conditions or other demands. In the event of a dangerous failure of the safety instrumented function a potential hazard only occurs in the event of a failure in the process or the BPCS. CONTINUOUS MODE SAFETY INSTRUMENTED FUNCTION: Where in the event of a dangerous failure of the safety instrumented function a potential hazard will occur without further failure unless action is taken to prevent it. RANDOM HARDWARE FAILURE: Failure, occurring at a random time, which results from a variety of degradation mechanisms in the hardware. SYSTEMATIC FAILURE: Failure related in a deterministic way to a certain cause, which can only be eliminated by a modification of the design or of the manufacturing process, operational procedures, documentation or other relevant factors. COMMON CAUSE FAILURE: Failure, which is the result of one or more events, causing failures of two or more separate channels in a multiple channel system, leading to system failure. DANGEROUS FAILURE: Failure which has the potential to put the safety instrumented system in a hazardous or fail-to-function state. FAULT TOLERANCE: Ability of a functional unit to continue to perform a required function in the presence of faults or errors. MooN: Safety instrumented system, or part thereof, made up of “N” independent channels, which are so connected, that “M” channels are sufficient to perform the safety instrumented function. PROVEN-IN-USE: When a documented assessment has shown that there is appropriate evidence, based on the previous use of the component, that the component is suitable for use in a safety instrumented system. PROBABILITY OF FAILURE ON DEMAND (PFD): Average probability of failure on demand for the group of voted channels. PROBABILITY OF FAILURE PER HOUR (PFH): Probability of failure per hour for the group of voted channels. DU : Undetected dangerous failure rate (per hour) of a channel in a subsystem. PROOF TEST (T 1 ): Test performed to reveal undetected faults in a safety instrumented system so that, if necessary, the system can be restored to its designed functionality.
Transcript of PROTECTING YOUR PROCESS GLOSSARY...
SIS SAFETY LIFE-CYCLE PHASES
PROTECTING YOUR PROCESSFUNCTIONAL SAFETYIN PROCESS ENGINEERING
HAZOP (IEC 61882)
GUIDE WORDS:■ no / not■ more / less■ as well as■ part of
■ early / late■ before / after■ other than■ reverse
Minimum hardware fault tolerance of PE logic solvers
Minimum hardware fault tolerance of sensors and fi nal elements and non-PE logic solvers
www.pepperl-fuchs.com
Stage 1
Probability of failure on demandDemand mode of operation
SIL Target average probability of failure on demand
Target risk reduction
4 ≥ 10-5 to < 10-4 > 10.000 to ≤ 100.0003 ≥ 10-4 to < 10-3 > 1.000 to ≤ 10.0002 ≥ 10-3 to < 10-2 > 100 to ≤ 1.0001 ≥ 10-2 to < 10-1 > 10 to ≤ 100
SIL Minimum hardware fault toleranceSFF < 60 % 60 % ≤ SFF < 90 % SFF ≥ 90 %
1 1 0 02 2 1 03 3 2 14 Special requirements apply (see IEC 61508)
SIL Minimum hardware fault toleranceprior use
(acc. to 11.4.4)Standard
requirementSFF < 60 %
(acc. to 11.4.3)1 0 0 12 0 1 23 1 2 34 Special requirements apply (see IEC 61508)
RISK IDENTIFICATION
Stage 2
Stage 3
Stage 4
Stage 5
C = Consequence parameterF = Exposure time parameterP = Probability of
avoiding the hazardous event
W = In the absence of the SIF under consideration
– = No safety requirementsa = No special safety requirementsb = A single SIF is not suffi cient1, 2, 3, 4 = Safety integrity level
See IEC 61511-3table D.2
RISK QUANTIFICATION
Starting point for risk reductionestimation
CB
CC
CD
CA
W3 W2 W1
PA
PA
PB
PB
PA
PA
PB
PB
FA
FA
FA
FB
FB
FB
RISK
RED
UCTI
ONRI
SK A
NALY
SIS
IEC 61508 IEC 61511 VDI/VDE 2180
� ≤
0,0
5 (lo
gic)
, �
≤ 0
,1 (fi
eld
dev
ices
)
HFT Physical block diagram Plant Plant PFD safety availability (acc. to VDI/VDE 2180)
�3DU · T1
3
+ �· �DU ·T1
4 2
�2DU · T1
2 + �· �DU ·T1
2
�DU · T1
�DU ·T1
2
�2DU · T1
2
+ �· �DU ·T1
3 2
2
1
0
1
0
–
+
+
++
+
–
+
–
Risk reduction SIL1
Risk reduction SIL2
Risk reduction SIL3
Subj
ect t
o m
odifi
catio
n wi
thou
t not
ice
• C
opyr
ight
PEP
PERL
+FUC
HS •
Prin
ted
in G
erm
any
• P
art N
o. 2
2812
1
REALIZATION
GLOSSARY
FUNCTIONAL SAFETY:Part of the overall safety relating to the process and the BPCS which depends on the correct functioning of the SIS and other protection layers.
SAFETY INTEGRITY LEVEL (SIL): Discrete level (one out of four) for specifying the safety integrity requirements of the safety instrumented functions to be allocated to the safety instrumented systems. Safety integrity level 4 has the highest level of safety integrity; safety integrity level 1 has the lowest.
RISK: Combination of the frequency of occurrence of harm and the severity of that harm.
PROCESS RISK:Risk arising from the process conditions caused by abnormal events (including BPCS malfunction).
TOLERABLE RISK: Risk which is accepted in a given context based on the current values of society.
NECESSARY RISK REDUCTION: Risk reduction required to ensure that the risk is reduced to a tolerable level.
SAFETY INSTRUMENTED SYSTEM (SIS): Instrumented system used to implement one or more safety instrumented functions. An SIS is composed of any combination of sensor(s), logic solver(s), and fi nal element(s).
SAFETY INSTRUMENTED FUNCTION (SIF): Safety function with a specifi ed safety integrity level which is necessary to achieve functional safety and which can be either a safety instrumented protection function or a safety instrumented control function.
SAFETY LIFE CYCLE: Necessary activities involved in the implementation of safety instrumented function(s) occurring during a period of time that starts at the concept phase of a project and fi nishes when all of the safety instrumented functions are no longer available for use.
SAFETY REQUIREMENTS SPECIFICATION: Specifi cation that contains all the requirements of the safety instrumented functions that have to be performed by the safety instrumented systems.
SAFETY MANUAL: Manual which defi nes how the device, subsystem or system can be safely applied.
SAFE FAILURE: Failure which does not have the potential to put the safety instrumented system in a hazardous or fail-to-function state.
SAFE FAILURE FRACTION: Fraction of the overall random hardware failure rate of a device that results in either a safe failure or a detected dangerous failure.
DEMAND MODE SAFETY INSTRUMENTED FUNCTION: Where a specifi ed action (for example, closing of a valve) is taken in response to process conditions or other demands. In the event of a dangerous failure of the safety instrumented function a potential hazard only occurs in the event of a failure in the process or the BPCS.
CONTINUOUS MODE SAFETY INSTRUMENTED FUNCTION: Where in the event of a dangerous failure of the safety instrumented function a potential hazard will occur without further failure unless action is taken to prevent it.
RANDOM HARDWARE FAILURE: Failure, occurring at a random time, which results from a variety of degradation mechanisms in the hardware.
SYSTEMATIC FAILURE: Failure related in a deterministic way to a certain cause, which can only be eliminated by a modifi cation of the design or of the manufacturing process, operational procedures, documentation or other relevant factors.
COMMON CAUSE FAILURE: Failure, which is the result of one or more events, causing failures of two or more separate channels in a multiple channel system, leading to system failure.
DANGEROUS FAILURE: Failure which has the potential to put the safety instrumented system in a hazardous or fail-to-function state.
FAULT TOLERANCE: Ability of a functional unit to continue to perform a required function in the presenceof faults or errors.
MooN: Safety instrumented system, or part thereof, made up of “N” independent channels, which are so connected, that “M” channels are suffi cient to perform the safety instrumented function.
PROVEN-IN-USE: When a documented assessment has shown that there is appropriate evidence, based on the previous use of the component, that the component is suitable for use in a safety instrumented system.
PROBABILITY OF FAILURE ON DEMAND (PFD): Average probability of failure on demand for the group of voted channels.
PROBABILITY OF FAILURE PER HOUR (PFH):Probability of failure per hour for the group of voted channels.� DU:Undetected dangerous failure rate (per hour) of a channel in a subsystem.
PROOF TEST (T1): Test performed to reveal undetected faults in a safety instrumented system so that, if necessary, the system can be restored to its designed functionality.
