Look at the photo. What do you see? I see a ball valve with:

• a valve body
• a ball
• a stem that can turn the ball

What are the high level potential failures for a ball valve?

• Stem stuck, can no longer turn (dangerous)
• Stem break, can no longer turn (dangerous)
• Ball stuck, can no longer turn (dangerous)
• Leakage/Housing fracture (dangerous or no effect based on the material going through the valve)

What is the rough definition of a safe failure? A failure that causes a spurious trip, i.e. a failure that initiates the safety function without a demand from the process. Can you see any potential safe failure for a ball valve? I can’t; not in close to trip or in open to trip applications.

Then why do end-users and engineering companies blindly accept a third party certificate from a German Certification Body where the ball valve is supposed to have safe failures? The information on the certificate does not make sense. If the analysis that resulted in the certificate does not make sense, why would you trust any data on the certificate itself? Is it because the claimed dangerous failure rate is an order of magnitude lower than the failure rate exida concluded for a similar device through its predictive analysis methodology?

In this particular case, reviewing the ball valve does not yield any indication why this specific device would be any better than other devices we have analyzed, definitely not an order of magnitude.

Before you use any information from a certificate, ask yourself if it makes sense. If it does not, don’t use the information, you are fooling yourself. You are calculating results based on bogus input. Garbage in is garbage out. Check out exida’s Safety Automation Element List for an overview of safety certified equipment with adequate failure information from exida as well as other 3rd party assessors.