This website uses cookies primarily for visitor analytics. Certain pages will ask you to fill in contact details to receive additional information. On these pages you have the option of having the site log your details for future visits. Indicating you want the site to remember your details will place a cookie on your device. To view our full cookie policy, please click here. You can also view it at any time by going to our Contact Us page.

Safety standards deliver perception and reality

29 April 2009

No one in industry can afford to ignore safety. Manufacturers face significant liabilities if they act in a socially irresponsible manner, including direct financial costs arising from any incident, legal costs and fines if they are found guilty of breaking the law, damages paid to injured parties and a damaged reputation that can have long-term consequences.

Safety standards deliver both perception and reality
Safety standards deliver both perception and reality

The result is a growing dependence on safety-critical systems to achieve tolerable risk levels, with safety regulators increasingly relying on international standards to decide what is acceptable. A reputation for safety is also a key business driver, so it is little wonder that the safety culture is becoming increasingly formal in most businesses, demanding a higher level of safety competence from both organisations and individuals.

International standards IEC 61508 and IEC 61511 are increasingly being used as a benchmark of good practice to attain the required functional safety and meet any legal requirements. The adoption of these standards is not surprising given the increasing dependence on safety-instrumented systems to achieve the required risk targets. With heightened awareness of their potential liabilities should something go wrong, organisations need to demonstrate that their functional safety capability complies with accepted good practice.

The UK Health and Safety Executive (HSE) states explicitly that it uses IEC 61508 as a reference standard for determining whether a reasonably practicable level of will depend on individual circumstances. safety has been achieved when electrical, electronic and programmable electronic systems are used to carry out safety functions. The extent to which HSE will use IEC 61508.

Similarly in the US, the Occupational Safety and Health Administration (OSHA) recognises that IEC 61511 sets out good engineering practices for safety instrumented systems.

IEC 61508 and IEC 61511 are performance-based standards and promote the concept of a safety lifecycle. The supply chain, in respect of a safety instrumented system, covers the specification, design, implementation and operation phases and demands effective management throughout all these phases if functional safety is to be achieved.

The safety lifecycle of equipment or other assets can span many years. It will involve many different organisations and a variety of client-supplier contractual relationships requiring clearly specified responsibilities, activities and deliverables. It is therefore essential that all those organisations involved in implementing different phases of the safety lifecycle can demonstrate their competence and ability to implement the requirements of the relevant standards.

Achieving the necessary organisational capability to effectively implement the requirements of IEC 61508 and IEC 61511 is not easy. It requires all the organisations that have responsibilities for one or more phases of the safety lifecycle to become fully conversant with the standards and clarify which clauses apply to their areas of responsibility. As already mentioned, many of today’s regulatory authorities effectively require companies to show this level of familiarity with the standards when they are checking for acceptable good practice.

Safety standards deliver both perception and reality
Safety standards deliver both perception and reality

One particularly important area is the development of the Safety Requirements Specification, which includes the specification of the safety instrumented functions and the target SIL for each function. Co-operation between the end user and supplier is essential. Good co-operation delivers considerable benefits by helping to clarify project roles and responsibilities. It ensures that SIL achievement and verification activities are undertaken efficiently and effectively.

IEC 61508 is currently being revised with a planned publication date of 2010. The proposal concerning the “Safety Manual for Compliant Items” is especially important for product manufacturers. This manual would cover any component for which a supplier is making specific claims about the equipment’s compliance with IEC 61508. The purpose of the safety manual would be to enable the system integrator and end user to configure and integrate the item into a safety-related system in compliance with the requirements of IEC 61508. The supplier will need to document a justification for all the information in the safety manual.

If this proposal is adopted then it will provide a common set of data for each safety element, including information relating to its systematic capability. One positive outcome of this will be to limit, and hopefully curtail, the appearance of so-called “claims to fame” for elements that describe the element as “SIL rated” when in fact they achieve the SIL only in respect of the probability of failure on demand (PFD) for dangerous random hardware failures.

Product certification was the approach taken by historical standards such as DIN 19250 or VDE 0801 and more recently IEC 61508. However, an increased awareness of the need for functional safety management and competence, at both an individual and organisational level, has resulted in a change in direction to include the certification of an organisation as capable of undertaking specific functional safety activities. It includes the organisation’s functional safety management procedures and competence management systems. It also embraces personal competence in respect of the specific duties an individual has to perform.

Currently the development and implementation of functional safety management systems appears to be driven by safety system suppliers. However, it needs to be embraced by all the organisations in the safety lifecycle and, in particular, end users who need to provide evidence to their regulatory authorities as a result of regulatory inspections/audits or in support of safety cases.

Responsible suppliers such as ABB recognise that they demonstrate safety compliance and competence in an irrefutable way. More and more major clients are specifying the requirements of IEC 61508 and IEC 61511 standards as a functional safety benchmark and as a contractual requirement.

Safety standards deliver both perception and reality
Safety standards deliver both perception and reality

A complete life cycle safety model should be drawn up and mapped to the relevant sections of the IEC 61501 and IEC 61511 standards. The model should include all the supporting procedures and documentation needed to justify the title of a Functional Safety Management System (FSMS).

A true FSMS typically includes management systems, policy, competence, assessments and audits, modification and impact procedures, verification procedures and reporting. It may also include skeleton documents for all the main working documents, such as the functional design specification, system design specification and testing, factory acceptance tests, site acceptance tests and operational manuals. The development of this safety lifecycle model makes full use of existing quality management processes and procedures.

Users / purchasers should also look for independent certification through organisations such as TUV Rheinland, for example. This gives them the assurance that the supplier’s functional safety management systems have achieved accepted standards of good practice and helping support the case for due diligence throughout the supply chain.

Other advantages of working to such international standards include an easier procurement process and less protracted pre-contract discussions. This can make proposals more cost effective.

Even though the situation is changing slowly, many companies still labour under the misapprehension that in order to meet the target SIL for a safety instrumented function all that is required is the Pfd of the dangerous random hardware failures. This is a far cry from the truth and fails to take account of the other key parameters, namely architectural constraints and systematic safety integrity.

The international safety market is being driven by technology, standards, legislation and incidents, and many organisations see accredited certification of their operation as the way forward. Accredited certification for an organisation is a significant undertaking. It requires management commitment at the highest level in addition to a comprehensive work programme involving the entire organisation.


Contact Details and Archive...

Print this page | E-mail this page