GT Engineering is member of the Technical Committees of the following Standards: IEC 61508 series, IEC 61511-1, IEC 62061 and ISO 13849-1.
We support users in the reliability assessment of Safety and Production Systems. From a Hazard and Operability (HAZOP) study, we move to a Layer of Protection Analysis (LOPA) to a SIL allocation.
We can than help designing each Safety Instrumented System and calculate the Sil level reached.
We organise training on all the aspects of Functional Safety and we are lecturers on Functional Safety at Brescia University and at the Milan Polytechnic (School of industrial and Information Engineering).
Physical and Logical representation of the Architectures
The Categories are therefore important to achieve a specific PL for a subsystem. However, the standard clarifies that they show a logical representation of the subsystem structure, which may differ from its physical one.
[ISO 13849-1] 6.1.3.2 Design...
Route 1H
Historically, this was the only way to determine the maximum SIL that can be claimed by a Safety Function. Here are the steps to be followed: IEC 61508-2, § 7.4.4.2
Divide the Safety-related system in subsystems.
For each subsystem calculate the Sa...
The steps to be followed
The performance level shall be determined for each subsystem and/or each combination of subsystems that provide a safety function. The PL of the subsystem shall be determined by going through the following aspects:
the architecture
Decompose the Sa...
Equipment Protection Level
In an explosive atmosphere, only suitable equipment must be installed: suitable means that they cannot ignite the explosive atmosphere.
Failure Rate for Electromechanical Components
This is an important aspect highlighted in the 2021 edition of IEC 62061.
Reliability Functions in Low and High Demand mode
Functional safety was born having in mind the Reliability aspects of Safety-related Control Systems, designed to be activated upon hazardous process deviations; the latter is a process demand generating a Demand Rate of the safety system that protect...
Category 2
It is a single channel architecture with the monitoring of each subsystem done, in its most general form, by an external unit called Test Equipment. In case a fault is detected, the TE signals it to the “outside world” thanks to an output: the OT...
Conclusions
In this article we explained the methodology used for components in Low Demand mode Safety Instrumented Systems.
SIL 2 Power Contactors
Some manufacturers have power contactors in their range that contain a bit of electronics. That allows the component to be defined as type B. Moreover, an SFF > 90 % is attributer to the contactor, both in High and in Low demand mode of operation...
The PFD
The PFD(t) is the unreliability function F(t) used in low demand mode. Hereafter its definition, supposing a constant failure rate λ:
The Protection Layers
A Safety Instrumented System (SIS) may fail while in passive state and the failure may remain hidden until a demand occurs from the process or until the system is tested.
The value of Diagnostic
There is another important aspect to be taken into consideration and it is the fact that, in a component we can define dangerous detectable failure only if, in case of such a failure, it is possible to bring the subsystem to a safe state.
