Changes in IEC Ed 2

Similar documents
PPA Michaël GROSSI - FSCE PR electronics

Technical Paper. Functional Safety Update IEC Edition 2 Standards Update

67 th Canadian Chemical Engineering Conference EDMONTON, AB OCTOBER 22-25, 2017

Functional Safety: the Next Edition of IEC 61511

INTERNATIONAL STANDARD

INTERNATIONAL STANDARD

Is your current safety system compliant to today's safety standard?

Topic MYTH FUNCTIONAL SAFETY IMPLIES HAVING A SIL RATED COMPONENT. Presented by : Arunkumar A

Australian Standard. Functional safety Safety instrumented systems for the process industry sector

IEC Functional Safety Assessment

INTERNATIONAL STANDARD

Session Four Functional safety: the next edition of IEC Mirek Generowicz Engineering Manager, I&E Systems Pty Ltd

Safety Integrity Verification and Validation of a High Integrity Pressure Protection System to IEC 61511

New requirements for IEC best practice compliance

This document is a preview generated by EVS

INTERNATIONAL STANDARD

ADIPEC 2013 Technical Conference Manuscript

IEC61511 Standard Overview

Process Safety - Market Requirements. V.P.Raman Mott MacDonald Pvt. Ltd.

INTERNATIONAL STANDARD

Siemens Process Automation End-user Summit- 2011

Session Ten: The importance of a clear Safety Requirements Specification as part of the overall Safety Lifecycle

Assessment of the Safety Integrity of Electrical Protection Systems in the Petrochemical Industry

InstrumentationTools.com

Certification Report of the ST3000 Pressure Transmitter

INTERNATIONAL STANDARD

Certification Report of the ST 3000 Pressure Transmitter with HART 6

Measurement of Safety Integrity of E/E/PES according to IEC61508

Digital EPIC 2 Safety manual

SIL Safety Guide Series MS Single-Acting Spring-Return Hydraulic Linear Actuators

This is a preview - click here to buy the full publication

IEC Functional Safety Assessment

New Developments in the IEC61511 Edition 2

User s Manual. YTA110, YTA310, YTA320, and YTA710 Temperature Transmitters. Manual Change No

AVOID CATASTROPHIC SITUATIONS: EXPERT FIRE AND GAS CONSULTANCY OPTIMIZES SAFETY

100 & 120 Series Pressure and Temperature Switches Safety Manual

NEW CENELEC STANDARDS & CSM-RA NEW CENELEC STANDARDS & CSM-RA 2017

AVOID CATASTROPHIC SITUATIONS: EXPERT FIRE AND GAS CONSULTANCY OPTIMIZES SAFETY

This document is a preview generated by EVS

Safety Instrumented Systems

TECHNICAL SPECIFICATION

United Electric Controls One Series Safety Transmitter Safety Manual

Addressing Challenges in HIPPS Design and Implementation

INTERNATIONAL STANDARD


Implementing Safety Instrumented Burner Management Systems: Challenges and Opportunities

Session Ten Achieving Compliance in Hardware Fault Tolerance

Options for Developing a Compliant PLC-based BMS

White Paper. Integrated Safety for a Single BMS Evaluation Based on Siemens Simatic PCS7 System

Overfill Prevention Control Unit with Ground Verification & Vehicle Identification Options. TÜVRheinland

SAFETY MANUAL. PointWatch Eclipse Infrared Hydrocarbon Gas Detector Safety Certified Model PIRECL

SITRANS. Temperature transmitter Functional safety for SITRANS TW. Introduction. General safety instructions 2. Device-specific safety instructions

PRIMATECH WHITE PAPER CHANGES IN THE SECOND EDITION OF IEC 61511: A PROCESS SAFETY PERSPECTIVE

FUNCTIONAL SAFETY IN FIRE PROTECTION SYSTEM E-BOOK

Failure Modes, Effects and Diagnostic Analysis

2015 Honeywell Users Group Europe, Middle East and Africa

Functional safety according to IEC / IEC Important user information. Major changes in IEC nd Edition

INTERNATIONAL STANDARD

Value Paper Authors: Stuart Nunns CEng, BSc, FIET, FInstMC. Compliance to IEC means more than just Pfd!

SAFETY MANUAL. Electrochemical Gas Detector GT3000 Series Includes Transmitter (GTX) with H 2 S or O 2 Sensor Module (GTS)

Fire and gas safety systems:

Pressure Transmitter cerabar M PMC 41/45 cerabar M PMP 41/45/46/48 with Output Signal ma/hart

Pressure Transmitter cerabar S PMC 731/631 cerabar S PMP 731/635 with ma output signal

FMEDA and Proven-in-use Assessment. Pepperl+Fuchs GmbH Mannheim Germany

Integrated but separate

FUNCTIONAL SAFETY CERTIFICATE. BG Break Glass Unit

SAFETY MANUAL. Multispectrum IR Flame Detector X3301

INTERNATIONAL STANDARD

Functional Safety: What It Is, Why It s Important And How to Comply

Failure Modes, Effects and Diagnostic Analysis

FUNCTIONAL SAFETY OF ELECTRICAL INSTALLATIONS IN INDUSTRIAL PLANTS BY OTTO WALCH

Differential Pressure Transmitter deltabar S PMD 230/235 deltabar S FMD 230/630/633 with ma output signal

The Amazing Secret World of ISA Standards

Where Process Safety meets Machine Safety

Failure Modes, Effects and Diagnostic Analysis

Failure Modes, Effects and Diagnostic Analysis

FINAL DRAFT INTERNATIONAL STANDARD

SAFETY MANUAL. X2200 UV, X9800 IR, X5200 UVIR SIL 2 Certified Flame Detectors

Applying Buncefield Recommendations and IEC61508 and IEC Standards to Fuel Storage Sites

2015 Functional Safety Training & Workshops

excellence in Dependable Automation

FUNCTIONAL SAFETY CERTIFICATE

CO-ORDINATION OF NOTIFIED BODIES PPE Regulation 2016/425 RECOMMENDATION FOR USE

TECHNICAL SPECIFICATION

Safety Instrumented Systems Overview and Awareness. Workbook and Study Guide

English version. Railway applications Systematic allocation of safety integrity requirements

INTERNATIONAL STANDARD

Safety in the process industry

The SIL Concept in the process industry International standards IEC 61508/ 61511

9 Standards, Regulations and Authorities

This is a preview - click here to buy the full publication

SAFETY MANAGER SC Ensure safety, simplify operations and reduce lifecycle costs

Procedure for the Approval of New Fire Detection and Alarm Technologies

TECHNICAL SPECIFICATION

Mobrey Magnetic Level Switches

INTERNATIONAL STANDARD

This is a preview - click here to buy the full publication

The agri-motive safety performance integrity level Or how do you call it?

Protect your investment with Safety Manager

Guidelines. Safety Integrity Level - SIL - Valves and valve actuators. February Valves

Transcription:

1 Introduction As known IEC 61511 is the applicable standard for functional safety in the process industry. Defining the requirements for the specification, design, installation, operation and maintenance of a safety instrumented system (SIS), so that it can be confidently entrusted to achieve a safe state of the process. IEC 61511 is developed as a process sector implementation of IEC 61508, the so-called mother standard. IEC 61511 is the leading standard for our clients, the process plant owners / operators, and for suppliers of Safety Instrumented Systems like our company Yokogawa. In the beginning of 2016 a new version of the IEC 61511 standard was released. It is called Edition-2. Yokogawa is one of the voting members of the European IEC 61508 and IEC 61511 committees, represented by Ando Tadaaki, Elena Mauro and Arian Slagt. This new edition is in general more precise than the old one. It gives a better description of tasks that must be done, and the way they should be done. This will help to understand the intention of the standard much better. Many items are unchanged in the new version, like the relation with IEC 61508 and the safety lifecycle. Also many of the changes are editorial or giving more explanation, e.g. The new version is more consistent with IEC 61508-Ed.2 Safety Application Software is consistently renamed into Application Programming. When software is mentioned, internal software/firmware is meant. More emphasis is placed on functional safety assessments and audits But there are also important other changes. These can be found in the following sections. 2 Management of functional safety The requirements on competence are added. For Yokogawa this has no consequences as this subject is covered sufficiently by our internal procedures already. But end-users should carefully verify if they comply with this requirement. Each person must be proven competent for his function, and each function must be clearly specified. There is more emphasis on assessments and audits. But again this is covered already within Yokogawa regarding engineering. In the sections on Operation and Maintenance this results in more requirements on the end-user to organize regular assessments and audits. New is the requirement that vendors (also manufacturers of devices and/or sub-system) must have a Functional Safety Management system in place. Before only a quality system was required. The measurement of the achieved quality is referred to as Systematic Capability. This might imply that your vendor evaluation procedures must be re-checked. The so-called Grandfather clause is included in the standard. This effects only existing plants: it is now required that the end-user shows that his existing plant is safe. A. Slagt 01-02-2017 1

3 Safety lifecycle The overall safety life cycle figure is moved into section 6: Safety life-cycle requirements. Also the life cycle figure for the application program is now moved into this section. It makes the definition of the safety life-cycle more logical and consistent. 4 Process Hazard and Risk assessment During the Hazard and Risk Assessment now there is the requirement that cyber security risks must be included. It is end-user responsibility. In the Yokogawa Safety Validation Plan already a section is dedicated to this subject. 5 Safety Requirement Specification In the section on the Safety Requirement Specification (SRS) a new section is added addressing the application program safety requirements. It states that depending on the SRS and the SIS architecture the requirements for the application program must be specified. It is not completely clear who must write these application requirements and when to do so, because these requirements might depend on the logic solver to be selected and also on the definition fo the safety functions. 6 SIS Design and Engineering The most visible change in the Edition-2 is the table on the Hardware Fault Tolerance. The previous system using the Safe Failure Fraction for the logic solver is abandoned. Also the difference between prior-use and non-prior-use is removed. For all sub-systems there is only one table left, which is now the same as IEC 6108-Ed2 route 2H. Alternatively compliance with IEC 61508-Ed 2 route 1H can be used. For all used devices prior-use must be shown, or compliance with IEC 61508. Note that the requirements for prior-use still are not very precise. Note also that a logic solver for SIL3 cannot be claimed based on prior-use, it must be in accordance with IEC 61508 route 1H. 7 SIS Application program development The section on application program development has been re-written completely. A significant change is the use of the wording application program instead of software. At Yokogawa, like all SIS suppliers, we do not design software for safety systems (although this word is often miss-used) but we design, test and deliver the safety application program. Resulting in either a source code list to be downloaded to the ProSafe-RS or a wiring list to wire the application logic of our ProSafe-SLS. So it s good that the IEC 61511 standard now is using this wording consistently. Also the way the application program has to be designed and tested is completely rewritten, and is much better described now. All previous requirements for verification and validation are moved to another section. FAT is no longer an option but a requirement. There are some changes in the text. When no integrated FAT in the office is conducted special care must be taken to comply with the requirements of the standard. A. Slagt 01-02-2017 2

8 Operation and Maintenance The standard pays much more attention to the operation and maintenance of the safety system during the normal use of the plant. It puts many requirements on the end-user regarding the way he operates his facilities, the procedures that must be in place, training of operators and maintenance engineers, testing that must be performed and many more issues. The end-user must have a well-organized Functional Safety Management system in place. Many, if not all, end-users will have to check if they are in compliance with this new standard. Of course Yokogawa can advise and assist them in this area for lifetime safety assurance, consultancy and education. 9 Conclusion In practice the Yokogawa way of executing safety projects is well in line with the new IEC 61511 - Ed2 (2016) standard. The end-user however should carefully check if his current way of operating and maintaining his plant is in compliance with the new standard. When you have any question about the safety standards or functional safety in general, please contact one of the members of the safety assurance group via safety.assessments@nl.yokogawa.com or contact your local Yokogawa office. A. Slagt 01-02-2017 3

Overview of changes in IEC 61511 - Ed2 Part 1 General Many figures have a different number SIS life cycle is now Fig 7 Chapter 3 Abbreviations and Definitions -- More definitions 3.2.42 Continuous mode better defined Chapter 4 Conformance -- Almost unchanged Chapter 5 Management of functional Safety -- Some changes 5.2.2.3 Procedure for competency required 5.2.5.2 Suppliers of devices must have FSM Chapter 6 Safety lifecycle requirements 6.2.4 Modification of earlier stage 6.3 New: Application program SIS safety lifecycle Chapter 7 Verification 7.2.2 New: requirements on testing 7.2.5 New: impact analysis on modifications needed Chapter 8 Process Hazard and Risk assessment 8.2.4 New: security risk Chapter 9 Allocation of safety functions 9.2.5/6 More restrictions on SIL4 Chapter 10 SIS safety requirement specification 10.3.2 New: section on application program requirements Chapter 11 SIS Design and Engineering 11.3 Major changes 11.4 HFT has only 1 table for logic solver and devices. 11.5 Devices must be IEC 61508 or prior-use 11.9 Calculation is required, nothing very special Chapter 12 SIS Application program development -- Completely redesigned -- Much smaller (and better) now 12.2 General requirements 12.3 Application program design 12.4 Application program implementation 12.5 Application program verification 12.6 Methodology and tools A. Slagt 01-02-2017 4

Chapter 13 FAT -- FAT is also called Integration test 13.2 The need for FAT shall be specified Chapter 14 SIS installation and commissioning -- Expanded a little Chapter 15 Safety validation -- Expanded a little Chapter 16 SIS operation and maintenance -- More requirements (on the end-user) Chapter 17 SIS modification -- More requirements (on the end-user) Chapter 18 SIS decommissioning -- No major changes Chapter 19 Information and documentation -- No major changes A. Slagt 01-02-2017 5

2024 © homedocbox.com Privacy Policy | Terms of Service | Feedback