Each month at exida, we strive to spotlight one of our products that makes the job easier for today's industry professional. In this blog, I wanted to talk about the PHAx module as part of our exSIlentia Safety Lifecycle Suite.
Process Hazards Analysis (PHA)
Process Hazards Analysis is the first step in the functional safety lifecycle with the objective to identify potential hazards posed by the process and associated equipment. The step is critical, as adequate risk reduction measures cannot be implemented for hazards that are not identified or not identified correctly.
The exSILentia® - PHAx™ tool is based on the Hazard and Operability (HAZOP) methodology, allowing users to identify cause-consequence pairs that lead to…
If you’re like me then you’ve been waiting for the new draft of IEC 61511 to be officially issued since its release has been delayed for some time. However, a draft has been released and can help in preparing end users for what’s to come. The question is “are you ready for what’s coming?”
There are several new requirements but one of the key changes from the 2003 standard is the mandatory compliance with the five (5) Functional Safety Assessments (FSAs). Currently, all five are recommended, but only FSA 3 is required and this is commonly referred to as the “Pre-Startup Safety Check.” The FSAs are defined as follows:
Many products have options and features that are valuable to users. But not all these features should be permitted while the product is performing a safety function. For example, HART communications should not be permitted to write data to a transmitter while it’s performing the safety function. If you are a vendor of safety related products, your users need to know what they can and cannot do with your product in safety applications. Users want and need one place to find this special information. A safety manual is a key requirement of IEC 61508 for any safety related system or product. Parts 2 and 3 of the standard even have annexes…
As the incidence of cybersecurity threats in industry continue to rise, the automation world continues to grapple with how to address these issues. There are many good practices available to end users such as creating demilitarized zones between the business network and the industrial network, banning the use of portable devices on the industrial network, ensuring that security patches are installed regularly, etc. While these solutions all make a lot of sense, I recommend an attack at the problem core. Patching, for example, is very important, but it is also very expensive and carries some extra risks in an industrial automation system such as impacting the performance of…
The new and updated version of the ISA-18.2 standard (ANSI/ISA-18.2-2016, Management of Alarm Systems for the Process Industries) has now been officially released. This supersedes the original edition (2009). The new version incorporates feedback from 6+ years in the "field" and includes some updates based on the IEC 62682 international standard.
Selected highlights include:
Updated definition of an alarm:
Alarm: audible and/or visible means of indicating to the operator an equipment malfunction, process deviation, or abnormal condition requiring a timely response.
Note that the word “timely” was added making it consistent with the IEC 62682 international Standard.
Each month at exida, we strive to spotlight one of our products that makes the job easier for today's industry professional. In this blog, I wanted to talk about our latest edtion of the SERH (Safety Equipment Realiability Handbook).
The Safety Equipment Reliability Handbook (SERH) book set is a hard copy of exida’s SERH database that contains a vast amount of equipment item reliability data.
The SERH provides a collection of failure rate data that is applicable for use in Safety Instrumented System (SIS) conceptual design verification in the process industry. It remains the ultimate reference source for any safety engineer involved in Conceptual…
In several of our technical papers over the years, we have noticed that failure rates for the manufacturer, model number are different at different sites, even when the processes were quite similar. When I have mentioned this to end users and manufacturers, often the response is “Yes, I have noticed. Why does this happen?” exida finally has enough field failure data to create a simple model for this based on concepts from IEC 61508. We call our model the Site Safety Index™ (SSI).
A wide range of factors seem to contribute to the SSI. After gathering lots of expert opinion on these factors, it became clear that they had everything to…
How does a team get to play in the NCAA tournament? They don’t just buy plane tickets and arrive at the arena ready to play whoever else shows up. In fact, there is a rather rigorous process to determine who gets to play and what seed they are, which then determines who plays who. But before all of that, the team coaches and school officials decide who will be on their team. They conduct training camps and drills and practices. And they compete with other schools to recruit players. Then they determine the best players that will start, and the backup players who reinforce them. (Kinda sounds like competency evaluation, or project feasibility…
The ISA-18.2 and IEC 62682 alarm management standards provide recommended targets for average alarm rate and for alarm floods - a condition during which the alarm rate is greater than the operator can effectively manage (e.g., more than 10 alarm per 10 mins) Ref ISA-18.2. During alarm floods the chance of an operator missing an alarm or making a mistake is increased. The following table taken from IEC 61511 shows how the reliability of humans is impacted by stress.
An interesting question arose recently when creating an FSM plan:
Does the ISA-18.2 standard on alarm management address the claiming of the operator’s response to alarms as a layer of protection?
Not specifically, however the ISA-18.2 standard does require that alarms are rationalized, and that alarm system performance is measured and judged against recommended metrics. Both activities in the alarm management lifecycle directly impact the dependability of the operator’s response to alarm as an IPL. Remember, an IPL must be:
• Specific • Auditable • Independent • Dependable
An unrationalized system is likely to have too many alarms, incorrect priorities, and alarms without an operator response. A…
Performing site audits for numerous customers can be very telling. All sites have their own unique layout, procedures, documentation, and people. Did you know that failure rates differ from site to site? Are you surprised? According to our recent webinar results, the majority of people aren’t, and in fact they expect it. If this is the case, then why isn’t anyone taking into account these factors?
This is how the Site Safety Index (SSI) started.
Over the last 30 years exida has accumulated over 200 billion operating hours of REAL failure data. From this data, exida was able to create the SSI. A number of field failure…
Good things happened in the fields of functional safety and control system cybersecurity in 2015. I am not going to include the exciting new Star Wars movie as an event in the list as it does not really fit into the topic. But keeping focused, my highlights is 2015 were:
The IEC 61511 Standard requires the user to create a Safety Requirements Specification (SRS) for a Safety Instrumented System (SIS) that incorporates all the analysis done during the Risk Assessment, HAZOP/PHA and LOPA reviews. The SRS falls into two types: an initial conceptual SRS, often referred to as the Process Safety SRS; a detailed Design SRS which contains all the detailed design information.
As in any requirements specification, how well and how concisely information is conveyed to the designer is essential to ensure that there is no ambiguity and potential for misinterpretation of the requirements. This is especially true for safety-related process applications using SIS, where it is critical to convey the requirements…
Site audits have shown many differences in how things are done from site to site. This impacts many variables in a safety instrumented system!
A key metric for process industry designs is called average Probability of Failure on Demand (PFDavg). After several studies of many field failure and proof test reports, several variables* have been identified as key to a realistic PFDavg calculation.
The adoption of the functional safety standards continues to gain momentum in turbine applications. Both industrial and power turbine sites are now requiring compliance to IEC 61511. This blog will review both technical requirements and market trends related to functional safety system design. Market trends will cover which standards are required by region, turbine, size, and industry.
In Part 1, we discussed the application of IEC 61511 to Turbine Applications and how we demonstrate compliance. In Part 2, we took a high-level look at the safety lifecycle, take a look at the IEC 61511 lifecycle, and discuss hazard matrixes, risk graphs, and LOPAs.
In this blog, we will look at implications of IEC 61511 and effective implementation.