One of the objectives of new performance based standards like IEC 61508 is to allow performance metrics (like PFDavg for low demand systems) to identify the weak links in any proposed design.  Obviously, it is not necessary to put effort into design and spend money on areas of the design that already work because the benefit of doing this is limited by the “weak link.” 

One of the best examples of this is the logic solver hysteria of the 1980s. Much attention was focused on buying a Safety Certified logic solver.  Some thought that such a purchase was all that was required to achieve high levels of safety.  Safety functions were often implemented with single switch sensors and single solenoid valve assemblies.  A PFDavg analysis of such a design showed that the field instruments contributed 98% of the PFDavg. Substituting a cheaper PLC as the logic solver would add only an insignificant amount to the PFDavg metric. 

Another example is the opposite.  A BMS prescriptive standard requires that a safety function be implemented with triplicated sensors voted 2 out of 3, a standard PLC, and double block and bleed valve assembly.  A PFDavg analysis of this design would show that the PLC is the weak link.  In this case, an IEC 61508 certified logic solver with its diagnostics and redundancy would substantially improve the design. Also in both cases the weak link concept applies.  Capital and operational expenses cannot be optimized for a particular SIL level without performance analysis.

This weak link concept also applies to IEC 61508 certifications. If one agency interprets the standard in a way that makes it easier for a manufacturer to pass, they represent the weak link in the whole certification process.  The word gets out and manufacturers who are not focused on quality and safety quickly choose the easy path.  exida’s functional safety / security certification program has been accused of being much harder than other programs.  In the end this is a good thing.  I just need to come up with a performance metric for these programs to numerically show the differences.  Any ideas on how to do this?

Tagged as:     SIL     safety certified     PFDavg     iec 61508 certified     IEC 61508     Dr. William Goble     bms  

Other Blog Posts By Dr. William Goble