Safety meets the standard

Carrieann Davies takes a look at some of the issues behind the European safety standard IEC 61508, and discovers how companies can comply with its safety requirements

The main challenges faced by industry today are unremitting pressures to reduce costs coupled with shorter product life-cycles, a need for quicker time to market, and pressure to maximise the use of asset base. Industry continually strives to improve performance and profitability while maintaining and improving safety. In addition, there is regulatory and social requirement for safety and reliability.

Against this background, industry is experiencing a revolution in the safety technologies, which themselves continue to rapidly evolve. Increasing reliance is placed on smart equipment, integrated control and safety solutions.

While it is important to fully exploit this modern technology to improve afety and economic performance, it needs to be undertaken within an overall safety framework. An important part of this framework is the use of the safety standard IEC 61508.

Up to standard But what exactly is IEC 61508? In simple terms, it is an umbrella standard that can be applied to any industrial process that uses electrical, electronic or programmable electronic (E/E/PE) products and systems for safety. It is a standard that can be objectively and systematically applied by the industry, manufacturers of systems, industry regulators and approval agencies. The standard comprises of seven parts. The significant parts are the first three, which deal with the industrial process risk assessment, the E/E/PE product, system hardware and software reliability. The other four parts deal with definitions, applications and informative annexes to standard.

Part 1 defines the overall performance-based criteria for an industrial process. It mandates the use of an overall safety lifecycle. The standard employs qualitative or quantitative techniques to identify the process risk, allocate the risk to safety-related systems and external risk reduction facilities in order to achieve a desired process safety level. It is this part of the standard that focuses on the process risk and proposes alternative ways to reduce the risk to manageable levels. As a consequence of its focus on the industrial process, Part 1 specifically applies to the performance of the E/E/PE system in the field.

Part 2 defines the development of the safety specifications of an E/E/PE product used for safety and presents methods and techniques that can be used to evaluate and certify its hardware reliability and thus its contribution to the process risk reduction.

Part 3 develops the software requirements for all safety related software and provides information for the software/hardware integration.

The standard enables the development of industry specific standards under its guidance. For example, the Instrument Society of America, ISA, has developed S84.01 to be a performance-based standard for the use of these safety-related systems in the process industry. It provides a basis for the use of programmable electronic devices in safety applications and the implications of this will need to be considered by all those involved from concept through specification, design, operation and use to final decommissioning.

According to Ron Bell, head of Electrical & Control Systems Units, Technology Division at Health and Safety Executive: “The publication of IEC 61508 provides a real opportunity to put in place a rational framework for the safe application of safety-related systems employing E/E/PE technology, and it is an opportunity that should not be missed.” But how are companies dealing with the standard? Many are launching new products designed to meet the standard, such as Honeywell with the introduction of its new Quadruple Modular Redundant (QMR) Fail-Safe Controller, FSC 2oo4D.

Safety products The FSC 2oo4D safety system is designed to provide all-around improved functional safety performance for industrial customers. Its diagnostic-based QMR technology extends system reliability and offers improved lifetime system performance and its quadruple redundant CPU enhances system flexibility, increases diagnostic capabilities, and improves system fault tolerance for critical applications, says the company. FSC 2oo4d can be applied in high-integrity, process-critical applications and performs wide-ranging process control and safety functions. It is available in various system configurations and meets the most stringent process safety requirement of industrial customers.

FSC 2oo4d is approved by TUV for use in AK1 to AK6 applications in accordance with the German industrial standard DIN 19250, or its equivalents Safety Integrity Level (SIL) 1 to SIL 3 of IEC 61508. The Fail Safe Controller was the first industrial safety system to obtain certification in the United States for UL 1998 and ANSI/ISA S84.01 standards.

There is a range of other products available from numerous companies designed to meet with IEC 61508, from digital valve controllers through to burner management systems. These all aid in ensuring a safe environment.

However, for those companies unsure of the standard, there is help in the form of CASS (conformity Assessment of Safety-related systems). The CASS scheme has been developed by industry, with representatives from all interested sectors to provide a rigorous and internationally acceptable structure under which consistent certification of safety related systems can take place.

Meeet the requirements The purpose of CASS is to provide a structure so that third party accredited certification bodies can offer conformity assessment certification for safety related products that meet the requirements of IEC 61508. The scope of the scheme will cover all those involved in the design, development, manufacture, support and application of software components and complete systems.

The initiative for the development of the CASS scheme arose from a series of closely coupled programmes supported by both the DTI and the Health and Safety Executive and implemented over the last 20 years. Pressure increased for research into certification primarily of people, but also discussions centred on certification of products, processes and development organisations. The emphasis was on particular ways of developing software. Industry viewed this as constraining and not necessarily likely to lead to safer systems. An all sector working party (associated with a DTI sponsored IEE-BCS study) recommended deferring certification pending more research. It also recommended support for the development of IEC 61508 in order to establish and harmonise best practice across sectors.

During 1991 the potential for an R&D project specifically addressing conformity assessment and certification was discussed. This led to the approval of the Fresco (Framework for the Evaluation of Safety Critical Objects) project in 1993 which specifically addressed certification of safety related systems in IEC 61508. Fresco established an Interest Group for the process industries (Fresco Interest Group, FIG). This group consisted of end-users, suppliers, design contractors, systems integrators and regulators drawn from the UK chemical and pharmaceutical sectors. The group, augmented by representatives from other industry sectors, recommended development of a conformity assessment scheme-based on IEC 61508.

During 1992 the DTI sponsored a study conducted by Coopers and Lybrand, focused on the characteristics of the market for safety-related computer controlled systems. The purpose of the study was to describe how the market was operating, to provide quantification of its key features and to identify any impediments to the effective operation of the market. The study identified that competitive advantage may well accrue to those suppliers who were able to transcend application specific boundaries while maintaining the integrity of their systems. Following the success of Fresco, in 1996 a further study commissioned by the DTI confirmed the feasibility of developing an accreditable conformity assessment scheme based on 61508.

This led to the Cass Project which commenced in 1998 and was supported by the DTI under its sector challenge programme. It secured strong industry support from all the major UK supply chain trade associations and stakeholder groups, the professional institutions, the HSE and from organisations with strong capability in the design and assessment of safety systems. This wide support has provided sound strategic direction, technical input, witnessed dissemination and continuous feedback. The deliverable was the development and conformity assessment scheme for safety-related systems based on the international standard IEC 61508, thereby facilitating the opening of markets, improving UK competitiveness, reducing costs of compliance and improving safety.

On the web