G ENERAL PHENOMENA IN THE S TANDARDS

The new standards, the generic IEC 61508, and the Process specific IEC 61511 changed basically the philosophy of the process safety. In the next Chapters I define and analyse these new approaches introduced by these standards.

1.11.1 Functional Safety

Functional safety means that our SIS works correctly and able to reduce the risk at the target level all over its safety life cycle.

That is why the SIS shall be validated and proof tested within the given period of time according to the Safety Requirement Specification. Proof test is performed periodically after SIS’s installation and commissioning. Details about the proof test one can be found in Chapter 6.

1.11.2 SIF and SIS

The definition of SIF (Safety Instrumented Function) is similar to that of control loops in the BPCS (Basic Process Control System) shown in Figure 9:

Figure 9 Comparison of BPCS and SIS structure

SIS consist of SIFs (Safety Instrumented Function) and one SIF composed of

ƒ Sensors (sampling valve, tubing, cabling, isolators etc.)

ƒ Safety Logic Solver (CPU, IO card, communication etc.)

ƒ Actuators (cabling, magnetic valves etc.) 1.11.3 Verification and validation

Both standards (IEC 61508 and IEC 61511) deal with verification and validation but in different ways. Now we focus on the objectives and requirement of IEC 61511 standard regarding the verification and validation.

First we are analysis what the difference between verification and validation is.

According to IEC 61511 (Clause 7, 12.3, 12.7; clauses 13 and 15, Part 1) and refer 1.4.6 respectively:

“Verification is an activity of demonstrating for each phase of the relevant safety life cycle by analysis and/or tests, that, for specific inputs, the outputs meet in all respects the objectives and requirements set for the specific phase”

The verification activities shall include:

ƒ Reviews on outputs (documents from all phases of the safety life cycle) to ensure compliance with the objectives and requirements of the phase taking into account the specific inputs to that phase;

ƒ Design reviews;

ƒ Tests performed on the designed products to ensure that they perform According to their specification;

BPCS S₁

S_n

A₁

A_n

SIS PLC S₁

S_k

A₁

A_k BPCS (DCS)

SIS

ƒ Integration tests performed where different parts of a system are put together in a step-by-step manner and by the performance of environmental tests to ensure that all the parts work together in the specified manner.”

Verification planning shall define all activities required for the appropriate phase of the safety life cycle. It shall conform to IEC 61511 standard by providing the following:

ƒ the verification activities;

ƒ the procedures, measures and techniques to be used for verification including implementation and resolution of resulting recommendations;

ƒ when these activities will take place;

ƒ the persons, departments and organizations responsible for these activities, including levels of independence taking into consideration the competence of the people involved in this activities;

ƒ identification of items to be verified;

ƒ identification of the information against which the verification is carried out;

ƒ how to handle non-conformances;

ƒ tools and supporting analysis;

ƒ verification documentation.

Verification is a difficult, well planned and documented procedure, confirming with reviewing, inspecting, testing, etc. to establish and document that a SIS system meets the regulatory, standards and specification requirements in all safety life cycle of the SIS system. Verification is usually an internal (within the company) process, ensuring "one built the product as intended and maintained as intended." Verification deals with all stage of a project under building up to match the original and planned intention.

According to IEC 61511 the validation is performed as the last activity when the Safety system is installed and commissioned, to match the Functional safety and reach the targeted Safety level and risk reduction. This activity is performed by the supplier perspectives controlled by the end-user, called sometime Site Acceptance Test. The more detailed the validation process is in written form as a procedure to be followed including the responsibility of the supplier and end-user the better result achieved is.

Validation ensures "you built the right product" from the end-user perspective.

According to the Management of Change phase of IEC 61511, in any case when the modification jeopardise the safety of the plant, after the modification is installed and commissioned, the validation procedure shall be repeated for the modification of SIS.

1.11.4 Summary and evaluation

In Chapter 1 I showed the difficulties of the Safety Science taking into consideration without completeness the measures which may influence the result of hazard and risk analysis.

I followed the structure of the standard but amended with my interpretation based on my practice and interpretation research in this field. This interpretation practice was introduced in our work when we I:

ƒ Built up safety instrumented systems

ƒ Holding training in the field of process safety

ƒ Preparing HAZOP templates for the firing furnace and burners

ƒ Preparing hazard and risk analysis

ƒ Preparing SIL calculations

These works gave feedback for me the correctness of my interpretation of the standards and the interpretation (like for the SIS design and engineering) see in Chapter 5, hazard and risk methods research and development (HAZOP template as cost effective method, see Chapter 3), cumulative LOPA as the only correct interpretation of the LOPA procedure in SIL calculation, see Chapter 4 and new probability model for the sensors and actuators see in Chapter 6.4.

2 Research objective, scope and methodology

Based on the recently observed type of problems with regard to safety in the process industries, as described in the previous chapter, it is expected that new enhancements of the management and control of the safety-related business processes are highly needed in all life cycle phase according to IEC 61511 [IEC_511].

The objective of this thesis in our case is to focus on a particular aspect of safety lifecycle models in standards [IEC_511], namely Hazard and Risk analysis (Phase 1), Allocation (Phase2), Safety Requirement Documentation (Phase3), SIS Design (Phase4) and Proof Test aspect of Operation and Maintenance (Phase5), being highly critical elements and activity of managing SIS. The question that arises is how these can contribute to a better control of safety-related business processes. With regard to this, the problem to be studied will be further specified and subsequently, the research questions, objective and scope will be defined.

Furthermore, this chapter will describe and discuss the characteristics and justification of the research methodology used in this thesis. Finally an overview of the research program and its main steps will be given.