exida explains Blog

How should you react to news of PLC security vulnerabilities? 

Project Basecamp was an exercise conducted at the S4 Security Conference that was held last month in Miami, Florida.  At the event, six security researchers reported their findings on the…

Read More...

Many will agree that exida's Safety Equipment Reliability Handbook (SERH) and the Safety Automation Equipment List (SAEL) are very useful tools for choosing products to use in safety instrumented systems. The SAEL shows a product’s IEC 61508 and cyber security…

Read More...

2011 was a good year in many ways for Functional Safety and Cyber Security. Several instrumentation products achieved IEC 61508 certification. exida Certification alone issued 64 product certifications (http://www.sael-onine.com).  With most certification projects, improvements to the design and quality are made.  Some manufacturers…

Read More...

Let me start by wishing everybody a Happy Holidays and Love, Health, Peace, and Safety for 2012. My 5-year old son is very excited about all the holiday decorations. As we celebrate Christmas in my family, we emphasize the birth of baby Jesus as the reason for Christmas, but,…

Read More...

There is no shortage of drivers who try to “beat the red light,” or roll through a stop sign.  I see it every day (luckily BEFORE they hit my side door).  Even though everyone knows, or should know the “rules of the road,” there are some folks who are…

Read More...

The machine safety community has defined a number called the “B10 number.”  It is a measure of time where 10% of a population of devices should have failed.  Generally it is a measure of expected end of life or “useful life” as defined by the reliability engineering community.

The…

Read More...

After analyzing field failure data from hundreds of data sets from dozens of sources, it is becoming easy to see why results from different studies may vary by an order of magnitude or more. The data collection process itself varies by an order of magnitude or more!  A few…

Read More...

In a couple of recent projects and discussions, I have come across something extremely concerning. Engineers are very good at performing accurate calculations, and the PFDavg and PFH computations for SIL performance verification are improving in precision all the time. Unfortunately, there is often such a focus…

Read More...

When I studied Reliability Engineering in graduate school, I was taught that failure rate data came from field failure studies.  I assumed that operating companies always kept accurate records when a piece of equipment failed.  I also assumed that someone would investigate the failures and assign a root cause.…

Read More...

Something was wrong with our washing machine.  The wash cycle was longer than normal.  The problem seemed intermittent at first, but then it became persistent across all wash cycles.  Preliminary investigation revealed the cycle got stuck on spin.  Now, I am normally not allowed to operate the washer with…

Read More...

In some cases the screening methods will indicate that a SIF is needed. These screening methods can be designed to determine how many orders of magnitude risk reduction is needed, allowing a required SIL to be documented for a particular SIF. The screening…

Read More...

Parts I and II of this article provide a framework for when it is appropriate to make the transition from qualitative analysis to more quantitative during the hazard review work process. It further illustrates that LOPA can be used as part of what is considered more qualitative analysis…

Read More...

Last week a security researcher, Dillon Beresford of NSS Labs, presented at the Blackhat conference on the security vulnerabilities he found in Siemens PLC firmware.  One of many stories on Dillon’s findings can be found here.  Among other things, Dillon found “dancing monkeys” in the code!  Actually,…

Read More...

Over the years I have heard good ideas rejected. We have all done this and observed others doing the same. As far as safety equipment, I recall when the first safety certified pressure transmitter, the Moore 345, was released to the market.  Several potential customers said “it doesn’t…

Read More...

We have CMMI processes at CL3; does that help us get IEC 61508 certification for SIL 3?

Companies that deliver a product or service do so by following a sequence of processes.  High quality deliverables are a result of high quality processes and continuous improvement in…

Read More...