About Us! Rob StockhamBA IEng MIEE General Manager Moore Industries-Europe, Inc MemberIEE Honorary Secretary ISA England Institute of Directors DirectorThe.

Slides:



Advertisements
Similar presentations
Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.
Advertisements

IEC – IEC Presentation G.M. International Safety Inc.
Effectively applying ISO9001:2000 clauses 6 and 7.
IEC – IEC Presentation G.M. International s.r.l
Richard Hibbert RSRL Quality, Assessment and Management Systems Manager Process management Requirements in IAEA Standards and Guides.
ISO 9001 : 2000.
Discussion on SA-500 – AUDIT EVIDENCE
The ISO 9002 Quality Assurance Management System
Off-The-Shelf Software Components in systems important to safety (EPR - European Pressurized water Reactor) Nguyen N.Q. THUY RESEARCH AND DEVELOPMENT DIVISION.
Functional Safety Overview
1 Certification Chapter 14, Storey. 2 Topics  What is certification?  Various forms of certification  The process of system certification (the planning.
DIRC Workshop on Software Quality and the legal system 13 February 2004 Functional safety of electrical, electronic and programmable electronic safety-related.
ISO 9001 Interpretation : Exclusions
Rm ppt Application of the Competence Guidelines to Software Engineering DIRC Workshop on Software Quality and the Legal System 13 February 2004 DIRC.
©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.
Prepared by Long Island Quality Associates, Inc. ISO 9001:2000 Documentation Requirements Based on ISO/TC 176/SC 2 March 2001.
ISO 9000 Certification ISO 9001 and ISO
BS EN ISO 14001:2004 Madlen King BSc MSc MIEMA EMS Lead Assessor Lloyd’s Register Quality Assurance Ltd BS EN ISO 14001:2004.
4. Quality Management System (QMS)
Protection Against Occupational Exposure
BRC Food Safety Quality Management System Training Guide
International Auditing and Assurance Standards Board The Clarified ISAs, Audit Documentation, and SME Audit Considerations ISA Implementation Support Module.
Approaches for forest certification System versus performance ? Presentation prepared by Pierre Hauselmann for the WWF / WB Alliance Capacity building.
Introduction to ISO New and modified requirements.
The Interface Solution Experts  1 Lloyds Court, Manor Royal, Crawley West Sussex, RH10 9QU, United Kingdom Tel: Fax:
1 Framework Programme 7 Guide for Applicants
Performance Measurement and Analysis for Health Organizations
What is an Inventory Program for? Dr. Emilio Moceo Ph.D Director of Studies Meet international obligations and expectations Inform international, national,
Safety-Critical Systems 6 Safety and Quality Management and Certification T
WHY CONFORMITY ASSESSMENT?. What is conformity assessment?  Conformity assessment is the name given to processes that are used to demonstrate that a.
ISO 9000 & TOTAL QUALITY ISO 9000 refers to a group of quality assurance standards established by the International Organization for Standardization.This.
IAEA International Atomic Energy Agency Reviewing Management System and the Interface with Nuclear Security (IRRS Modules 4 and 12) BASIC IRRS TRAINING.
S7: Audit Planning. Session Objectives To explain the need for planning To explain the need for planning To outline the essential elements of planning.
Health and Safety Policy
© 2011 Underwriters Laboratories Inc. All rights reserved. This document may not be reproduced or distributed without authorization. ASSET Safety Management.
Audit Planning. Session Objectives To explain the need for planning To outline the essential elements of planning process To finalise the audit approach.
Essentials of Machine Safety Standards in Perspective.
7/12/20051 Integrity Transparency Consistency. 7/12/20052 What is The Association? A cross-industry group of organizations with an interest in achieving.
ISO 9001:2008 to ISO 9001:2015 Summary of Changes
Safety-Critical Systems T Ilkka Herttua. Safety Context Diagram HUMANPROCESS SYSTEM - Hardware - Software - Operating Rules.
Competence management for functional safety - a certifier’s viewpoint Paul Reeve Sira Test & Certification 2nd November 2007.
Safety-Critical Systems 7 Summary T V - Lifecycle model System Acceptance System Integration & Test Module Integration & Test Requirements Analysis.
SAAMF Roadshow Durban CSIR NML Eddie Tarnow Metrologist: Torque & Automotive 14 June 2006 ISO/TS 16949:2002 certification – Meeting the requirements of.
Use of Fieldbus in safety related systems, an evaluation study of WorldFIP according to proven-in-use concept of IEC Jean Pierre Froidevaux WorldFIP.
Assurance service/engagement
Software Safety Case Why, what and how… Jon Arvid Børretzen.
Product & Technology Quality. Excellence. Support SIL Explanation 27.JAN 2006 Automation & Safety.
Over View of CENELC Standards for Signalling Applications
International Atomic Energy Agency Regulatory Review of Safety Cases for Radioactive Waste Disposal Facilities David G Bennett 7 April 2014.
The common structure and ISO 9001:2015 additions
How to develop E/E/PESs to IEC 61508?
Ensuring the Safety of Future Developments
Copyright © 2007 Pearson Education Canada 9-1 Chapter 9: Internal Controls and Control Risk.
ISO 9001:2015 Subject: Quality Management System Clause 8 - Operation
Improving performance, reducing risk Dr Apostolos Noulis, Lead Assessor, Business Development Mgr Thessaloniki, 02 June 2014 ISO Energy Management.
Workshop on Accreditation of Bodies Certifying Medical Devices Kiev, November 2014.
Toward a New ATM Software Safety Assessment Methodology dott. Francesca Matarese.
Organizations of all types and sizes face a range of risks that can affect the achievement of their objectives. Organization's activities Strategic initiatives.
LECTURE 5 Nangwonvuma M/ Byansi D. Components, interfaces and integration Infrastructure, Middleware and Platforms Techniques – Data warehouses, extending.
Failure Modes, Effects and Criticality Analysis
Standards Certification Education & Training Publishing Conferences & Exhibits Automation Connections ISA EXPO 2006.
AUDIT STAFF TRAINING WORKSHOP 13 TH – 14 TH NOVEMBER 2014, HILTON HOTEL NAIROBI AUDIT PLANNING 1.
Transitional ISO 9001:2015 Internal Audit
A view of APS ACIS from a Functional safety Assessors perspective
JSA Enhancements SIS competencies May, 2012.
Your Safety, Our Future.
BU IS GIG Chemical, Oil & Gas
Safety Instrumented Systems
Standards.
Presentation transcript:

About Us! Rob StockhamBA IEng MIEE General Manager Moore Industries-Europe, Inc MemberIEE Honorary Secretary ISA England Institute of Directors DirectorThe CASS Scheme Ltd TreasurerThe IEC Association

About Us! Bob SmithCEng FInstMC MIEE BA Functional Safety SpecialistMoore Industries-Europe, Inc MemberIEE ISA Fellow Institute of Measurement and Control

We must be ‘sold’ on the commitment to undertake safety-critical and safety-related requirements fully and properly BUT! We must be careful that we are not ‘sold’ a safety answer that is non-compliant with IEC61508! Functional Safety is a culture and not a widget you can buy SOLD on Safety

Sensor Logic SolverActuator Selection and Justification of Instruments ??? Safety Integrity Level (SIL) Requirement Defined for Loop Component Safety Data PFD, SFF,etc PIU and Software Component Safety Data PFD, SFF,etc PIU and Software Component Safety Data PFD, SFF,etc PIU and Software PIU Proven in Use PFD Probability Failure on Demand SFF Safety Failure Fraction Typical Safety Related Loop Environment Calibration and Maintenance Procedures Application - Duty

How could a loop component be selected Certification ‘Suitable for SIL 3’ Alternatively a. ‘Proven in Use Claim’ OR b. ‘Manufacturer Claim’ OR c. ‘Third Party EXPERT Opinion’ Basis for selection Component selected having an appropriate Safety Integrity Level (SIL) capability Selection follows a comprehensive Risk Assessment and Assignment of Safety Integrity Level (SIL) for the whole safety instrumented loop Typically SIL 1, 2, 3 and 4 (SIL4 being the highest) Can this be justified But what does this mean?

a.Justification as PROVEN IN USE? By Whom?

What do the IEC themselves say about ‘proven in use’ ?

This is a question raised on the IEC website: “D11) Can an E/E/PE safety-related system contain hardware and/or software that was not produced according to IEC 61508, and still comply with the standard (proven in use)?” “It may be possible to use a proven in use argument as an alternative to meeting the design requirements for dealing with systematic failure causes in IEC 61508, including hardware and software. But it is essential to note that proven in use cannot be used as an alternative to meeting the requirements for: and the answer: architectural constraints on hardware safety integrity (see of IEC ); the quantification of dangerous failures of the safety function due to random hardware faults (see of IEC ); and system behaviour on detection of faults (see of IEC ). See of IEC for a summary of design requirements, including references to more detailed systematic hardware requirements in the standard.”

“A proven in use claim relies on the availability of historical data for both random hardware and systematic failures, and on analytical techniques and testing if the previous conditions of use of the subsystem differ in any way from those which will be experienced in the E/E/PE safety-related system of IEC requires that: and……. the previous conditions of use of the subsystem are the same as, or sufficiently close to, those which will be experienced in the E/E/PE safety-related system (see of IEC ); if the above conditions of use differ in any way, a demonstration is necessary (using a combination of appropriate analytical techniques and testing) that the likelihood of unrevealed systematic faults is low enough to achieve the required safety integrity level of the safety functions which use the subsystem (see of IEC ); the claimed failure rates have sufficient statistical basis (see of IEC ); failure data collection is adequate (see of IEC ); evidence is assessed taking into account the complexity of the subsystem, the contribution made by the subsystem to the risk reduction, the consequences associated with a failure of the subsystem, and the novelty of design (see of IEC ); and the application of the proven in use subsystem is restricted to those functions and interfaces of the subsystem that meet the relevant requirements (see of IEC ).”

“ of IEC allows the use of standard or previously developed software without the availability of historical data but with the emphasis on analysis and testing. This concept should be distinguished from the proven in use concept described above.” And finally,

In summary: The proven-in-use route is for the end-user and it requires the collection of comprehensive statistically significant data on failures experienced in the application, or a very similar application being considered. Testing may also be required to support a proven-in-use claim, particularly where the Instrument uses software/firmware. Diligence and weight of supporting evidence will increase in direct relation to the required Safety integrity level.

b.Justification using MANUFACTURERS CLAIM? Check the basis for the claim, to be compliant with IEC61508 the Supplier should be able to show: ISO 9000:2001 Certification of ALL design and manufacturing procedures. Key staff competency and responsibility. Functional Safety Management Capability in accordance with IEC The Supplier should be able to provide documented evidence of the following: A documented FMEDA providing, safe and dangerous failure rates, diagnostic coverage, Safe Failure Fraction and Hardware Fault Tolerance. That hardware design Techniques and Measures, taken against the possibility of systematic hardware failure, are consistent with the required SIL capability. That software design Techniques and Measures, taken against the possibility of systematic software faults, are consistent with the required SIL capability.

A good, competent manufacturer possessing Functional Safety Management certification should be perfectly capable of providing all the necessary supporting data for the instrument produced, without third party Certification.

Can the supplier claim a SIL capability in compliance with IEC61511 instead of IEC61508?

Reference IEC , Section 1, Scope, para b): “applies when equipment that meets the requirements of IEC61508, or of 11.5 of IEC , is integrated into an overall system that is to be used for a process sector application but does not apply to manufacturers wishing to claim that devices are suitable for use in safety instrumented systems for the process sector (see IEC and IEC ;”

c.Justification using THIRD PARTY CERTIFICATION? Does this relieve the end-user of any responsibility? NO! Compliance is always the responsibility of the end-user. Certification by a third party is a potentially useful contribution to a fitness for purpose argument but the same IEC65108 issues Must be covered and documented and visible!

c.Justification using THIRD PARTY CERTIFICATION? Check the basis for the claim, to be compliant with IEC61508 the Certifier should be able to show: ISO 9000:2001 Certification of ALL design and manufacturing procedures. Key staff competency and responsibility. Functional Safety Management Capability in accordance with IEC The Certifier should be able to provide documented evidence of the following: A documented FMEDA providing, safe and dangerous failure rates, diagnostic coverage, Safe Failure Fraction and Hardware Fault Tolerance. That hardware design Techniques and Measures, taken against the possibility of systematic hardware failure, are consistent with the required SIL capability. That software design Techniques and Measures, taken against the possibility of systematic software faults, are consistent with the required SIL capability.

Additionally:

The Association What is The Association? The Association is a cross-industry group of organizations with an interest in achieving a dependable and cost-effective method for demonstrating compliance with IEC and related standards. What is the Association for? The purpose of The Association is to promote the CASS method for providing the integrity, transparency and consistency of the conformity assessment process for all phases of the lifecycle of safety-related systems. We achieve our purpose by: Bringing together all parties with an interest in functional safety Identifying and removing obstacles to the profitable application of IEC and related standards Facilitating the improvement in the understanding of and competence in the use of IEC and related standards Working with CASS to ensure that the scheme meets the conformity assessment needs of the functional safety stakeholders Contact us with any questions go to

QUESTIONS?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.