Functional Safety
Modern solutions for bringing process loops to a safe state, without compromise
IEC 61508 defines functional safety as freedom from unacceptable risk of physical injury or of damage to the health of people, either directly, or indirectly as a result of damage to property or equipment.
It is a part of the overall safety that depends on the system or equipment operating correctly in response to its inputs. Functional safety is the detection of a potentially dangerous condition resulting in the activation of protective or corrective device mechanism to prevent hazardous events arising or providing mitigation to reduce the consequences of a hazardous event.
A safety instrumented system (SIS) is considered separate than the basic process control system in that the SIS is dedicated to taking the process to a “safe state” should a critical situation occur.S
The SIS consists of several safety instrumented functions (SIF). Each safety instrumented function has a specified safety integrity level (SIL), which is necessary to achieve functional
safety. Each SIF is a separate or interlinked loop comprised of sensors, logic solver , and final control element .
In a process plant, there is no such thing as risk-free operation or 100% reliability. Therefore, one of the first tasks of the SIS designer is to perform a risk tolerance analysis to determine what level of safety is needed. IEC Standard 61508 (Functional Safety of Electric, Electronic and Programmable Electronic Systems) is a general standard that covers functional safety related to all kinds of processing and manufacturing plans. IEC Standard 61511 and ISA S84.01 (Replaced by ISA 84.00.01-2004) are standards specific to the process
industries. All three standards use a performance-based lifecycle model and specify precise levels of safety, best practices, and quantifiable proof of compliance.
The purpose of this component is to determine
what action is to be taken based on the information gathered. Highly reliable logic solvers are used which provide both fail-safe and fault-tolerant operation. It is typically a controller that reads signals from the sensors and executes pre-programmed actions to prevent a hazard by providing output to final control element(s).
Logic solvers are often programmable or non-programmable devices, but can also be mechanical in form of switched set to trip the safety function.
Final control elements implement the action —determined by the logic solver. This final control element is typically an automated on/off valve, with a valve fail-closed or fail-open function. Digital intelligence may be added to improve diagnostic coverage and support partial stroke testing.
It is imperative that all three elements of the SIS function as designed in order to safely isolate the process plant in the event of an emergency
Field sensors are used to collect information necessary to
determine if an emergency situation exists. The purpose of these sensors is to measure process parameters (i.e.
temperature, pressure, flow, density etc.) to determine if the equipment or process is in a safe state.
Sensor types range from simple pneumatic or electrical switches to smart transmitters with on-board diagnostics. These sensors are dedicated to SIS service and have process taps, which are separate and distinct from the process taps used by normal process information sensors.
Did you know that a final element accounts for 50% or more of reported failures in SIS infrastructure? In this video, Carsten Theogersen takes the time to remind manufactures the importance of proper valve assemblies and final element installation.