Certified or Prior Use ?
Although certification is not required by the safety standards, it can eliminate any doubt against the reliability of a supplier’s claim for SIL capability. The IEC 61511 pays attention to the prior use issue. Suppliers are rarely able to provide prior use evidence of their products.
It is not too difficult to provide figures of installed base; most well-known suppliers can tell exactly how many products of which type and with what revision number have been supplied over the years. But who of them can tell how many of the delivered products have failed, and subsequently how they failed – dangerously or safely? It would seem that they are dependent on information from end-users. A substantial part of their products is delivered via distributors and agencies without knowing who the end-user will be, and the circumstances of the use were probably not comparable for the whole installed base. End-users who are using an asset management system and who analyse the cause of failed elements and the effect of the failures can provide explanations for these uncertainties. If they can provide evidence of prior use in terms as described in the safety standard, they are allowed to reduce the requirement from the fault tolerance tables by one, resulting in a simpler and less costly architecture of the SIS.
Certainly, it is an advantage when suppliers can provide installed base figures of their products. The TÜV report of Yokogawa’s EJX transmitter also mentions these data (installed base >780,000pcs). Nevertheless, the SIL claim is based on the theoretical failure rate figures since TÜV has been able to confirm only those figures.
The advantage of failure rate figures obtained from installed base equipment (experienced failure data) is that they would also cover the systematic safety integrity issue. The safety architecture together with the PFDAVG calculations based on those figures would be good enough to prove the SIL capability. In a safety-critical environment there is no substitute for proven excellence.
Conclusion
Reliable hardware is not sufficient. A lot of attention is paid to the design, production and test processes during the realisation of both safety-related products and complete safety systems. Avoiding errors in those processes will substantially increase the integrity of safety instrumented systems. And the ultimate aim of that is to reduce the risk for damaging people, environment or process installation and, as such, contributing to a safer world.
Category:
Health & Safety
| 
Download PDF
