Many will agree that exida's Safety Equipment Reliability Handbook (SERH) and the Safety Automation Equipment List (SAEL) are very useful tools for choosing products to use in safety instrumented systems. The SAEL shows a product’s IEC 61508 and cyber security compliance information. In addition, the SERH has a full set of failure rate and failure mode data for each product. However not every product on the market is included. So some may wonder why certain equipment, with published reliability data and/or IEC 61508 certification, is not listed in the SERH and/or SAEL. The reason is simple: the analysis and/or assessment done on the product does not meet exida’s reasonability checks for listing the specific product.
One could argue that it is probably not a coincidence that the products not listed were assessed by organizations other than exida and as such you could say that it is a bit arrogant of exida not to list these. Well on the surface this may be what it seems, however there are clear reasons why a product is not listed (which exida documents internally).Here are two examples:
- A manufacturer of sensors contracted exida in 2006 to perform an IEC 61508 certification of its products. An initial IEC 61508 gap analysis showed that the company had to significantly improve some of its procedures in order to meet the systematic failure protection measures required by the standard. Though the required effort may have seemed momentous to this company, the gaps were not as big as the Grand Canyon (and other companies have bridged those gaps). Instead of continuing the IEC 61508 certification, the company proceeded with self-certification. Their self generated certificate claimed they met SIL 3 requirements when the audit revealed they did not even meet SIL 1! Of course the products did not get listed in the SERH and SAEL. Recently the product received 3rd party certification, by a 3rd party that (to the best of my knowledge) only has done 2 other IEC 61508 certification projects. Unless exida is provided with clear indications that the manufacturer’s procedures have been updated, this particular product will not be listed.
- There have been several IEC 61508 certificates/assessment reports for solenoids where the dangerous undetected failure rate of the solenoid was stated to be less than the failure rate of a single resistor (see chapter 6 of the book "Final Elements and the IEC 61508 and IEC 61511 Functional Safety Standards"). These reports were published by assessment agencies that have significant experience with logic solvers, but apparently very little with field equipment. The solenoids were tested in laboratory environments using cycle testing. In the process industries we do not experience high frequency cycles, if we are lucky we see only one cycle per proof test interval. As such, the cycle test method of analysis is not applicable to low demand applications, and therefore the product is not listed.
Tagged as: serh safety instrumented systems safety equipment reliability handbook safety automation equipment list sael Iwan van Beurden IEC 61508 gap analysis functional safety final elements and the iec 61508 and iec 61511 functional safety standards