IEC_61508_PepperlFuchs.pdf

?PROZESSAUTOMATIONWith regard to the supply of products,the current issue of the following document is applicable:The General Terms of Delivery for Products and Services of the Electrical Industry,published bythe Central Association of the Elektrotechnik und Elektroindustrie(ZVEI)e.V.,including the supplementary clause:Extended reservation of title.Date of issue10/04/071806631SIL manualStructureStructureThis manual contains the manuscripts of various contributors,each one complete in itself.The first part presents an overview of the IEC/EN 61508.The second part is based on presentations that were given as part of a series of seminars by the author.It is therefore possible that some passages in the text are repeated.It is not the goal of the authors to reproduce excerpts from standards in their entirety,but rather to give the general meaning.If further clarification is needed,the applicable standard should be consulted.Authors:Andy Ingrey(part 1,section 2 to section 5)Patrick Lervrend(part 2,section 6 to section 9)Dr.Andreas Hildebrandt(part 2,section 10 and section 11)SIL manualTable of contentsDate of issue10/04/0718066321Introduction.41.1Safety related systems in accordance with IEC/EN 61508.41.2Introduction of safety related systems .41.3Symbols used.51.4Definition of terms and abbreviations.52Safety life cycle.72.1Safety life cycle concept.72.2Risks and their reduction.113Safety integrity level(SIL).133.1Probability of failure .133.2The system structure.144Probability of failure.174.1Overview.174.2Safety loop example .185Summary of the first part of the SIL manual.216Verification of the safety integrity level of a safety instrumented function .226.1What is SIL?.226.2Example input subsystem with 2 components.236.3Hardware fault tolerance(IEC/EN 61508,part 2).266.4SIL limitation due to architectural constraints(IEC/EN 61508,part 2).277Other structures.287.1MooN system(IEC/EN 61508,part 6).287.2Two sensor subsystems from our example configured as a two channel input subsystem.287.3Common cause failures.308Proven in use(IEC/EN 61508,part 2).32SIL manualTable of contentsDate of issue10/04/0718066339How to read a SIL product report?.3310Glossary/formulae.3410.1Failure rate(t).3410.2Constant failure rate.3510.3Failure probability F(t).3510.4Probability density function f(t).3610.5Reliability function R(t).3610.6Mean life MTTF.3710.7Mean failure probability of the function in the demand case PFD(Probability of Failure on Demand).3710.8PFD calculation for multi-channel MooN structures(M out of N).3811References and bibliography.39SIL manualIntroductionDate of issue10/04/0718066341Introduction1.1Safety related systems in accordance with IEC/EN 61508The international standard IEC/EN 61508 has been widely accepted as the basis for the specification,design and operation of safety instrumented systems(SIS).As the basic standard,IEC/EN 61508 uses a formulation based on risk assessment:An assessment of the risk is undertaken and on the basis of this the necessary Safety Integrity Level(SIL)is determined for components and systems with safety functions.SIL-evaluated components and systems are intended to reduce the risk associated with a device to a justifiable level or tolerable risk.1.2Introduction of safety related systemsThis document explores some of the issues arising from the recently published international standards for safety systems,particularly within the process industries,and their impact upon the specifications for signal interface equipment.When considering safety in the process industries,there are a number of relevant national,industry and company safety standardsIEC/EN 61511(user)ISA S84.01(USA)(user)IEC/EN 61508(product manufacturer)which need to be implemented by the process owners and operators,alongside all the relevant health,energy,waste,machinery and other directives that may apply.These standards,which include terms and concepts that are well known to the specialists in the safety industry,may be unfamiliar to the general user in the process industries.In order to interact with others involved in safety assessments and to implement safety systems within the plant it is necessary to grasp the terminology of these documents and become familiar with the concepts involved.Thus the safety life cycle,risk of accident,safe failure fraction,probability of failure on demand,safety integrity level and other terms need to be understood and used in their appropriate context.It is not the intention of this document to explain all the technicalities or implications of the standards but rather to provide an overview of the issues covered therein to assist the general understanding of those who may be:involved in the definition or design of equipment with safety implications,supplying equipment for use in a safety application,just wondering what IEC/EN 61508 is all about.For those people who are directly responsible for the specification,design,installation,operation and maintenance of electronic or programma