Todd Stauffer's photo
Todd Stauffer

Alarm Management Goes Global with the Release of IEC 62682!

Thursday, November 06, 2014 | Alarm Management | Feed


IEC 62682

The International Electrotechnical Commission (IEC) has just published the first edition of IEC 62682 “Management of alarm systems for the process industries,” a global standard on alarm management. This new global standard was developed based on the ANSI/ISA-18.2 standard of the same name, which was published in 2009. This means that a common document now exists for alarm management that can be used around the world.

ISA-18.2 vs. IEC 62682: Similarities and Differences

To solidify the importance of the guidelines defined in IEC 62682, many of the recommendations from ISA-18.2 were removed or changed to requirements. Therefore comparing the two documents, one will find more requirements in IEC 62682…

READ BLOG POST >>

John Yozallinas's photo
John Yozallinas, CFSE

Coming Apart at the Seams

Thursday, October 30, 2014 | Functional Safety Certification | Feed


Does your safety development process have a split personality?  Do you “talk-the-talk but not walk-the-walk?”  When crunch time comes for project completion, does the mantra “whatever it takes” matter more than following the process?  Does your process peel away at the seams?

Getting buy-in to a rigorous process for a new project is usually easy in the beginning.  Every team member knows (or believes they know) what processes to follow.  And they can think ahead to some degree to plot their tasks and their sequences.  But engineers are typically terrible at estimating time to complete a task.  So the typical project is late and over-budget.  (A good project manager may be able to interpret the engineers’ estimates to create…

READ BLOG POST >>

Dr. William Goble's photo
Dr. William Goble, CFSE

How to Calculate Proof Test Coverage

Thursday, October 16, 2014 | Functional Safety Certification | Feed


How to Calculate Proof Test Coverage

Most engineers who design and verify safety instrumented functions (SIFs) understand how hard it is to design a manual proof test with high effectiveness (also called high proof test coverage). Those folks who understand that a proof test is not likely to detect all failures never use simplified equations that assume perfect proof testing like those from IEC 61508 Part 6.  Those equations are there for information only.

Given that proof testing is not 100%, what percentage is detected during a proof test?  That is a number needed for realistic PFDavg verification calculations. At exida we use the FMEDA technique that we developed to determine failure rates,…

READ BLOG POST >>

John Yozallinas's photo
John Yozallinas, CFSE

Arrr You Safe?

Thursday, September 18, 2014 | Functional Safety Certification | Feed


Arrr you safe?

In honor of the upcoming “Talk Like a Pirate” Day on September 19, I offer this lighthearted look at PIU assessment.

Captain (C)

“Ahoy me bucko!  We be attemptin’ to get our transmitter design certified.  It’s been shippin’ fer a few years now.  We don’t got a lot of whatcha might call ‘formal documentation’ about how it be built, but aye, we musta done somethin’ right to keep ‘em workin’ this long… that’s gotta count fer somethin’, savvy?”

Assessor (A):

“You may qualify for a proven-in-use assessment.  How long has the transmitter been in service?  Do you have an operation history log?”


C:

“For sure we do,…

READ BLOG POST >>

Todd Stauffer's photo
Todd Stauffer

Should DCS Alarms be shown on P&IDs?

Monday, August 25, 2014 | Alarm Management | Feed


Should DCS Alarms be shown on P&IDs?

Alarms were originally shown on Piping and Instrumentation Diagrams / Drawings (P&IDs) to document hardware requirements for installation in a (panelboard) control room. This was important because there was limited real estate in the control room for the alarms (displayed on Panalarms and light boxes) and there was a real cost to wire them up (approximately $1000 / alarm). Alarms are often treated as if they are “free” in the modern distributed control system (DCS). They are configured in software and displayed on a PC monitor (HMI). This raises the question whether it is still necessary, or even beneficial, to document DCS alarms on P&IDs.

A…

READ BLOG POST >>

John Yozallinas's photo
John Yozallinas, CFSE

If There Was ONE THING You Need to Know About Using PIU

Tuesday, August 05, 2014 | Functional Safety Certification | Feed


If There Was ONE THING You Need to Know About Using PIU

Have a formal process for tracking, recording, and classifying field shipments and failure returns.

If your product was designed well in the first place, even if strict adherence to IEC 61508 was not followed, your field failure rate should be pretty low.

Using Proven-In-Use (PIU) methodology will allow an assessor to waive some requirements regarding systematic capability.  These are process related issues.  The theory goes that if the actual failure rate is below the predicted failure rate (determined with a detailed FMEDA), then sufficient measures were probably in place to meet the intention of IEC 61508 requirements.  But…

READ BLOG POST >>

Steve Gandy's photo
Steve Gandy, CFSP

How Does Culture Affect Safety?

Tuesday, July 29, 2014 | Functional Safety Certification | Feed


How Does Culture Affect Safety?

I was reading an incident report on the Chemical Safety Board (CSB) website the other day, where it was the conclusion of the reviewing team that the incident (which sadly resulted in a loss of life) was the direct result of a poor safety culture across the organization.  If you consider the term “culture” it actually refers to a set of beliefs, values, and norms that a company adopts in relation to its day-to-day business transactions.  Culture should be endemic in an organization and should exist at all levels, starting at the top.

For the hazardous process industries, it is imperative that a company has the right…

READ BLOG POST >>

Iwan van Beurden's photo
Iwan van Beurden, CFSE

The exida Certificate Explained

Monday, July 14, 2014 | Functional Safety Certification | Feed


The exida Certificate Explained

A manufacturer whose product passes the exida IEC 61508 Assessment Scheme will receive a certificate based on IEC 61508 and perhaps other functional safety standards. There is a significant amount of information on a certificate that may not be always trivial for a novice. This document explains how one should use and interpret an exida certificate.

It is important that a user understands that a certificate does not stand by itself. The certificate is supported by a detailed assessment report. For each product that is certified by exida (and for which the certification is still valid), exida posts both the certificate and the assessment report on the Safety Automation Element…

READ BLOG POST >>

Steve Gandy's photo
Steve Gandy, CFSP

How Good Is Your Functional Safety Management?

Wednesday, July 02, 2014 | Functional Safety Certification | Feed


Functional Safety Management

Those operating in the process world should be familiar with the concept of Functional Safety Management (FSM) and the need to have well defined processes and procedures in place.  Otherwise, how else will they be able to ensure that their Safety Instrumented System (SIS) and plant are operating safely?

Functional Safety Management is really no different from normal management, which is to assess, plan, execute, monitor, and/or revise.  Or is it?  The key difference is that in the world of safety, getting something wrong can have disastrous consequences, in terms of the potential for loss of life, destruction of assets/property, environmental impacts, financial loss, and detrimental company image.

READ BLOG POST >>

Griff Francis's photo
Griff Francis

Functional Safety And Electromagnetic Interference: What’s the Connection?

Thursday, June 26, 2014 | Functional Safety Certification | Feed


Functional Safety And Electromagnetic Interference: What's the Connection?

Functional Safety and Electromagnetic Interference (EMI) may not often be used in the same sentence. But EMI is just one of the environmental stresses that can stop a system from performing its safety function. It is important for a functional safety system to be immune from the EMI levels that are likely to present.

Unlike other environmental stresses like temperature and vibration, EMI is more difficult to sense and it more likely to be transitory. Still the effects can be catastrophic.

EMI can take many forms: motor switching, lightning strikes and use of handheld radios. The standards for EMI use terms like surge, transient, and…

READ BLOG POST >>

John Yozallinas's photo
John Yozallinas, CFSE

Stress vs. Strength… In My Process?

Thursday, June 19, 2014 | Functional Safety Certification | Feed


Stress vs. Strength… In My Process?


I consistently find that with companies who are new to functional safety development, the SW process is not as structured or mature as the HW process.  SW development is often more informal, and subject to the interpretation of one or more SW developers.  But when project delays occur, it’s usually due to SW and chaos can result without a well-defined SW process.  One key is to adopt and follow an overall lifecycle process that outlines the development phases and expected deliverables of each phase.  However, even then it can be difficult to get the entire team on board. There’s a principle in reliability engineering called…

READ BLOG POST >>

Iwan van Beurden's photo
Iwan van Beurden, CFSE

World Cup Fever & Failure Rates

Monday, June 16, 2014 | Functional Safety Certification | Feed


World Cup Fever & Failure Rates

Do you have World Cup Fever? Well I do. Especially after the Netherlands (Holland) beat Spain 5-1 on Friday. I wished that was the score last time they played. So what does this have to do with failure rates? Sometimes my mind works in odd ways. While driving home from work Friday afternoon I was listening to an interview with the Dutch coach on Dutch radio (where would we be without internet radio?). The first thing being discussed was the penalty that was awarded to Spain. The Dutch opinion was very clear: that was a gift, there was no foul. I bet that the Spanish opinion was that…

READ BLOG POST >>

Steve Gandy's photo
Steve Gandy, CFSP

How Secure Are Your SIS, BPCS, and/or SCADA Systems?

Thursday, June 05, 2014 | Cybersecurity | Feed


How Secure Are Your SIS, BPCS, and/or SCADA Systems?

As an end-user, do you know how reliable and safe your Safety Instrumented Systems (SIS) and Basic Process Control Systems (BPCS) are from potential cyber issues?  Do you rely on your vendor statements regarding the robustness of their products?  If the answer to these questions is “don’t know” or “yes” then maybe you should be considering using an independent 3rd party to perform a cybersecurity vulnerability assessment (for existing installations) and/or performing a cyber-risk assessment (as part of a HAZOP) for new installations.  This is especially true for legacy systems that are still in operation using products from the mid-1990s.  Although most software…

READ BLOG POST >>

John Yozallinas's photo
John Yozallinas, CFSE

You Need a Checklist!

Tuesday, May 20, 2014 | Functional Safety Certification | Feed


You Need a Checklist

At least I do.  Sometimes I wonder how I could forget certain things.  Maybe it’s age? Maybe it’s information overload?  It’s always apparent when I get ready to go on vacation.  You’ve probably been in the same situation… arriving at your destination only to find that the one thing you really meant to bring with you is nowhere to be found, and then you remember exactly where you left it.  Most times, you can find a suitable replacement and it’s only a slight, although possibly costly, inconvenience.  At other times, not so easy.

Now, what was I talking about?  Oh yeah… checklists.

I’ve made and used vacation checklists for a…

READ BLOG POST >>

Dr. William Goble's photo
Dr. William Goble, CFSE

Random vs. Systematic?

Wednesday, May 07, 2014 | Functional Safety Certification | Feed


Random vs. Systematic

Most of you know that exida gathers field failure data from many sources including manufacturers’ warranty return data and end user maintenance/failure records.  At this point we have nearly 100 billion unit operating hours of data.  This is probably the largest process industry data set in the world.  And we use this data to calibrate the exida Failure Modes Effects and Diagnostic Analysis (FMEDA) component database which predicts future failure rates of new instruments.  We also use the data in combination with a collection of FMEDA data sets to establish exida’s Predictive Analytic Benchmarks which we use to establish generic instrument failure rates for our exSILentia toolset. The…

READ BLOG POST >>