Download presentation
Presentation is loading. Please wait.
Published byWilliam Hampton Modified over 9 years ago
1
VUT 6.4.2006 1 Funkční bezpečnost elektrických přístrojů souvisejících s bezpečností
2
VUT 6.4.2006 2 Funkční bezpečnost Část celkové bezpečnosti týkající se EUC a systému řízení EUC závislá na správném fungování E/E/EP systémů souvisejících s bezpečností, systémech souvisejících s bezpečností založených na jiných technických principech a vnějších prostředcích pro snížení rizika ČSN EN 61508-4
3
VUT 6.4.2006 3
4
4 Mechanical Safety Action (if available) Plant Shut-down Wild Process parameter High Control level High Alarm level Time If Operator takes action Certain Process parameter value Low Control level Normal behavior DCS Functionality Process.
5
VUT 6.4.2006 5 Mechanical Safety Action (if available) Plant Shut-down Wild Process parameter High Control level High Alarm level ESD controlled Trip level Time If Operator takes action Certain Process parameter value Safety Instrumented System Functionality Low Control level Normal behavior DCS Functionality Safety System.
6
VUT 6.4.2006 6 Have You Been Asked This? “How can you demonstrate that you are safe?” ‘Regulator’
7
VUT 6.4.2006 7 Safety Issues for End User / Operators How do you demonstrate that your operations are ‘safe’? How do you demonstrate that your equipment is ‘safe’? How do you demonstrate that your safety and protective systems protect against your hazards? You can answer these questions by demonstrating compliance with Industry Safety Standards IEC61508 - Functional safety of electrical/electronic/programmable electronic safety-related systems
8
VUT 6.4.2006 8 What is IEC61508? An international standard relating to the Functional Safety of electrical / electronic / programmable electronic safety related systems –Mainly concerned with E/E/PE safety-related systems whose failure could have an impact on the safety of persons and/or the environment –Could also be used to specify any E/E/PE system used for the protection of equipment or product It is an industry best practice standard to enable you to reduce the risk of a hazardous event to a tolerable level
9
VUT 6.4.2006 Technologies Concerned EElectrical electro-mechanical / relays / interlocks E Electronic solid state electronics PES Programmable Electronic Systems Programmable Logic Controllers (PLC’s); Microprocessor based systems Distributed Control Systems Other computer based devices (“smart” sensors / transmitters / actuators)
10
VUT 6.4.2006 Features Generic Standard Guidance on the use of E/E/PES Comprehensive approach involving concepts of Safety Lifecycle and includes all elements of the protective system Risk-based approach leading to determination of Safety Integrity Levels (S.I.Ls) Considers the entire Safety Critical Loop
11
VUT 6.4.2006 11 Generic and Application Sector Standards IEC61508 IEC61511 : Process Sector Medical Sector IEC61513 : Nuclear Sector IEC62061 : Machinery Sector
12
VUT 6.4.2006 IEC61511 Functional Safety Safety instrumented systems for the Process industry sector
13
VUT 6.4.2006 13 IEC 61511 “FUNCTIONAL SAFETY: SAFETY INSTRUMENTED SYSTEMS FOR THE PROCESS INDUSTRY SECTOR”
14
VUT 6.4.2006 14 Industries Applies to a wide variety of industries across the process sector Including: Chemicals Oil refining Oil and gas production Pulp and paper Non-nuclear power generation Pharmaceuticals / Fine Chemicals
15
VUT 6.4.2006 15 Scope Process (chemicals, oil & gas, paper, non- nuclear power generation) End-to-end safety instrumented system (SIS) - h/w, s/w, mgt. and human factors Full safety lifecycle - specification, design, integration, operation, maintenance Intended for integrators / users –not for equipment designers / vendors
16
VUT 6.4.2006 16 Structure IEC 61511 – Structure Part 1 – “Framework, definitions, system, hardware and software requirements”. Part 2 – “Guidelines for the application of IEC 61511-1”. Part 3 – “Guidance for the determination of safety integrity levels”. Normative Informative
17
VUT 6.4.2006 17 IEC 61511 TITLE - “Functional Safety – Safety Instrumented Systems for the Process Industry sector” This international Standard gives requirements for the specification, design, installation, operation and maintenance of a safety instrumented system, so that it can be confidently entrusted to place and/or maintain the process in a safe state. This standard has been developed as a process sector implementation of IEC 61508.
18
VUT 6.4.2006 Relationship IEC 61511 & IEC 61508
19
VUT 6.4.2006 Relationship IEC 61511 & IEC 61508
20
VUT 6.4.2006 20 Similarities (IEC 61508 - IEC 61511) Whole safety lifecycle –Concept, Hazard & Risk Analysis and Design –through operation & maintenance to eventual decommissioning Safety requirements specification Safety integrity levels (SIL 1 to 4) End-to-end system –(Sensor via Logic to Actuator) Hardware reliability analysis (PFD) Management of functional safety Architectural constraints (fault tolerance)
21
VUT 6.4.2006 21 Key Differences IEC 61511 (IEC 61508) Terminology –Process (EUC) –Basic Process Control System (EUC Control system) –Safety Instrumented System (E/E/PE S-R-S) –Safety Instrumented Function (Safety function) Presentation –less rigorous than IEC 61508 –more guidance (especially in Parts 2 & 3)
22
VUT 6.4.2006 22 Overall Installation & Commissioning 11 2 External Risk Reduction Facilities Overall Scope Definition Realisation 1 Concept 3Hazard Risk Analysis 4Overall Safety Requirements Safety Related Systems: E / E / PES 12 Realisation Overall Planning Safety Related Systems: Other Technology Realisation 10 Overall Installation & Commissioning Planning Overall Validation Planning Overall Operation & Maintenance Planning 8 9 76 Safety Requirements Allocation5 Back to appropriate Overall Safety Lifecycle Phase 15 16 Decommissioning 13Overall Safety Validation Overall Operation & Maintenance14 Overall Modification & Retrofit Overall Safety Lifecycle in IEC 61508
23
VUT 6.4.2006 23 IEC 61508 - ownership of phases PRE-DESIGN (Phases 1 to 5) OPERATION (Phases 14 to 16) DESIGN AND INSTALLATION (Phases 6 to 13) End user / operator Engineering Contractors / Equipment Supplier
24
VUT 6.4.2006 24 Pre-Design : Phases 1 - 5 1 : Concept 2 : Overall Scope Definition 3 : Hazard Risk Analysis 4 : Overall Safety Requirements 5 : Safety Requirements Allocation Can you demonstrate that you have identified all your hazards? Can you demonstrate that you are using adequate and correct methods of hazard protection?
25
VUT 6.4.2006 25 Design & Implementation : Phases 6 - 13 Overall Planning 6 : Overall Operations and Maintenance Planning 7: Overall Validation Planning 8: Overall Installation & Commissioning Planning 9 : Safety Related Systems : E/E/PES 12 : Overall Installation & Commissioning 13 : Overall Safety Validation 10 : Safety Related Systems : Other Technology 11 : External Risk Reduction Facilities How do you ensure competencies for all these activities? Can you demonstrate that you pass the necessary information into these activities? Can you demonstrate that all necessary information has been passed to you from these activities?
26
VUT 6.4.2006 26 Operation : Phases 14 - 16 14 : Overall Operations and Maintenance 15 : Overall Modification and Retrofit 16 : Decommissioning Can you demonstrate that you maintain / test / analyse your protective systems correctly? Can you demonstrate that you are in control of your modification process?
27
VUT 6.4.2006 27 Supply Chain IEC 61511 IEC 61508 Requirement Specification Commissioning and Use End User System Designer – Integrator Sub-system Designer Component Manufacturer
28
VUT 6.4.2006 Risk
29
VUT 6.4.2006 29 What is Risk? The probable rate of occurrence of a hazard causing harm AND the degree of severity of the harm – Qualitatively - Words – Quantitatively - Figures
30
VUT 6.4.2006 Risk cannot be justified except in extraordinary circumstances Tolerable only if risk reduction is impracticable or if its cost is grossly disproportionate to the improvement gained Necessary to maintain assurance that risk remains at this level Unacceptable region Broadly acceptable region Negligible risk (No need for detailed working to demonstrate ALARP) The ALARP or Tolerability region As the risk is reduced the less, proportionately, it is necessary to spend to reduce it further. The concept of diminishing proportion is shown by the triangle. (Risk is undertaken only if a benefit is desired) Levels of Risk and ALARP (As Low As Reasonably Practicable)
31
VUT 6.4.2006 31
32
VUT 6.4.2006 32 Risk reduction: General concepts Increasing risk Risk to meet Level of Safety Plant Under Control risk Necessary minimum risk reduction Actual risk reduction Risk reduction achieved by all protective systems & External Risk Reduction Facilities Actual risk remaining Partial risk covered by E/E/PES protective systems Partial risk covered by Other Technology safety-related systems Partial risk covered by External Risk Reduction Facilities
33
VUT 6.4.2006 33 SENSORACTUATORPROGRAMMABLE ELECTRONICS Equipment (plant) Under Control (EUC) PE SRS Extent of Safety Related System
34
VUT 6.4.2006 What is a Safety Related System (SRS) ? Any system that implements safety functions necessary to achieve a safe state for the “Equipment Under Control”, or to maintain it in a safe state. Examples
35
VUT 6.4.2006 Hazard Identification and Risk Analysis A typical Methodology for Hazard Identification and Risk Analysis (by the end user) Hazard studies and HAZOPs Evaluate possible consequences Establish tolerable frequencies vs ALARP Build event chain Estimate demand rates Define protection required Specify required SIL
36
VUT 6.4.2006 “ Failure categories” in IEC 61508 A = Random Hardware Failures OR B = Systematic Failures specification; systematic hardware; software; maintenance; all failures that are not random A B
37
VUT 6.4.2006 Safety Integrity Level SIL
38
VUT 6.4.2006 38 Risk and Determination of Safety Integrity Levels Basic Design Unacceptable No Protection SIL 4 SIL 3 SIL 2 SIL 1 Increasing Severity Increasing Likelihood
39
VUT 6.4.2006 39 Risk Reduction Requirements Safety Integrity Level Risk Reduction 1 10-100 2 100 – 1,000 3 1,000 – 10,000 4 10,000 – 100,000
40
VUT 6.4.2006 40 Reliability, Failure Rate and Availability at each level SIL 1 SIL 2 SIL 3 SIL 4 ReliabilityProbability of failure on demand Trip Unavailable (per year) 90% - 99%0.1 to 0.01876 to 87.6hrs 99% - 99.9%0.01 to 0.00187.6 to 8.76hrs 99.9% - 99.99% 0.001 to 0.00018.76hrs to 52.6 mins 99.99% - 99.999 % 0.0001 to 0.0000152.6 mins to 5.3 mins
41
VUT 6.4.2006 41 Protective System Technology Standard components, single channel or twin non-diverse channels SIL 1 Standard components, 1 out of 2 or 2 out of 3, possible need for some diversity. Allowance for common-cause failures needed SIL 2 Multiple channel with diversity on sensing and actuation. Common-cause failures a major consideration. Should rarely be required in Process Industry SIL 3 Specialist design. Should never be required in the Process Industry SIL 4
42
VUT 6.4.2006 Determined to achieve the correct SIL level...
43
VUT 6.4.2006 Various methods available: Qualitative risk graph Calibrated risk graph (methodology only – not definitive) Layer Of Protection Analysis (LOPA) Hazardous event severity Matrix Quantified Risk Analysis (QRA) Which one to use? Develop your own? SIL assessment
44
VUT 6.4.2006 Calculation of PFD AVG 35% of PFD Avg SE 15% of PFD Avg LS 50% of PFD Avg FE Distribution of the Failure Measures 35 %Sensors + 15 %Logic solver + 50 % Final elements
45
VUT 6.4.2006 35 % 15% 50% PFD-figures for a HIMA system, example
46
VUT 6.4.2006 RC/AK according DIN V VDE 19250 SIL according IEC 61508 Risk Graph acc. DIN V VDE 19250
47
VUT 6.4.2006 Concept of layers of protection acc. IEC 61511 LOPA
48
VUT 6.4.2006 Hazardous event severity Matrix
49
VUT 6.4.2006 49 Funkční bezpečnost Část celkové bezpečnosti týkající se EUC a systému řízení EUC závislá na správném fungování E/E/EP systémů souvisejících s bezpečností, systémech souvisejících s bezpečností založených na jiných technických principech a vnějších prostředcích pro snížení rizika
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.