This website uses cookies primarily for visitor analytics. Certain pages will ask you to fill in contact details to receive additional information. On these pages you have the option of having the site log your details for future visits. Indicating you want the site to remember your details will place a cookie on your device. To view our full cookie policy, please click here. You can also view it at any time by going to our Contact Us page.

The basis for development of safety concepts

Author : Prof. Dr. Thorsten Arnhold, IECEx Chairman 2014-2019

07 June 2024

Every two months, Prof. Dr. Thorsten Arnhold, IECEx Chairman 2014-2019, provides an update on developments within the organisation.

(Click here to view article in digital edition)

One of the most important objectives of conformity assessment is to ensure a high level of safety in the application under consideration. For example, the user of a technical system should be able to assume that the applied safety concept is effective and efficient and that potential risks to life and limb of the employees involved are reduced to a harmless level upon presentation of proof of compliance with defined requirements.

Proof of conformity therefore has a confidence-building effect. The general functionality and reliability of technical systems can also be assessed using conformity assessment procedures. This makes it possible, for example, to assess many of the financial risks associated with investments in industrial plants.

Three basic methods are known as the basis for development of safety concepts.

- Deterministic studies: These are concerned with uncovering cause-effect relationships. These can be of a physical, chemical or human nature, for example. Once these causal relationships have been uncovered, it is possible to prevent them or at least mitigate them in such a way that the necessary level of safety is achieved.

- Comparative studies: Here, the object of investigation is compared with a standard. As the creation and maintenance of standards is always based on the development and updating of deterministic studies, the comparative method can also be regarded as a subset of the deterministic method.

- Probabilistic method: The basis of this method is the risk formula, which is the combination of the probability of occurrence of an adverse event and the expected harm. For a specific hazard, the current risk level is determined using standardised determination methods (see IEC 31010:2009: Risk management - Risk assessment methods) and then compared with a scientifically and socially accepted threshold risk. Finally, the original risk value is brought below the limit value by means of suitable measures.

The first two methods have been established in safety technology for decades. Their major advantage is that they set clear requirements that must be met. This manifests itself in the clear specifications for the standardised type tests and the series tests and the associated acceptance criteria. In terms of test passed or failed, these methods can be described as digital. The major disadvantage, however, is the fact that the causal relationships can only be determined for simple processes under narrowly defined test and environmental conditions.

If the actually existing conditions deviate from these standard conditions, the user or the conformity assessment body must rely on their expertise and experience: to what extent do the deviations affect the safety level and how must the normative requirements be readjusted in order to sufficiently compensate for the effect of the deviations? An often-used method to avoid this inconvenience and to include ageing effects (which are ultimately only deviations from the standard state over time) is to use safety margins. In other words, safety margins are added to the deterministically determined necessary safety level. Unfortunately, these safety surcharges usually also mean surcharges on the manufacturing costs of the technical systems under consideration.

The dilemma becomes clear, for example, in connection with new hydrogen technologies: the atmospheric conditions defined for explosion protection specify temperature and pressure conditions that can only very rarely be met due to the specific properties of hydrogen. Hydrogen can only be utilised economically as a gas under very high pressure or in liquid form at extremely low temperatures (-253°C). Both are orders of magnitude away from atmospheric conditions!

Therefore, the probabilistic method is suitable for this case and other complex applications. Alone or in addition to the deterministic methods. However, it must be noted that very little data is available, especially for new technologies such as the highly scaled hydrogen technologies, due to the short history and therefore the statistical certainty of probability estimates is initially low. This can be remedied by cross-manufacturer and cross-national databases such as the HIAD 2.0 European Hydrogen Incident and Accident Database, which is maintained by the European Hydrogen Safety Panel (EHSP).

This leaves the question of conformity assessment. Up to now, this has been based almost exclusively on the two deterministic methods. Conformity assessment has so far also been a digital method: if the specific requirements of the standard are met, conformity exists, otherwise not. This cannot be applied to probability-based concepts. The probability is always somewhere between zero and one and not exactly zero or one. The standard ISO/IEC 17029: Conformity assessment - General principles and requirements for validation and verification bodies, which was published in 2019, is therefore a good approach to resolving this contradiction. For the first time, a distinction is made here between validation and verification in the context of conformity assessment. Validation refers to statements and data that relate to the future. As a rule, this involves predicted or simulated data relating to an intended application. These are assumptions that are checked for plausibility. This would be the appropriate approach for evaluating probabilistically based elements of safety concepts.

Results that have already been achieved are verified. These are real data that are checked for their veracity. This in turn is well suited for evaluating the deterministic elements of safety concepts. The first promising experiences with the application of this relatively new standard were gained at IECQ in connection with the carbon footprint verification statements in accordance with ISO 14067.


Print this page | E-mail this page