The Background.

Functional Safety Assessments have a critical role in ensuring the safe design and operation of a process plant. As a result of this they are a mandatory requirement of the process sector Functional Safety standard IEC / BS EN 61511.When designing and implementing a Safety Instrumented System a lot of work takes place to define the required Safety Integrity Level using techniques such as LOPA, Risk Graph, or fault tree. Then we prepare a Safety Requirements Specification which in turn leads to the design team selecting equipment and designing and verifying a Safety Instrumented System against the requirements of the Safety Requirements Specification.

So where does the Functional Safety Assessment fit into this and what is its purpose? IEC 61511 lists 5 suggested stages of Functional Safety Assessment:

  • Stage 1 – After the Hazard and Risk Assessment has been completed and the Safety Requirements Specification has been written.
  • Stage 2 – After the Safety Instrumented System design is completed
  • Stage 3 – After the installation, pre-commissioning and validation of the Safety Instrumented System has been completed.
  • Stage 4- After the plant has been operating for a period
  • Stage 5 – When modifying or decommissioning a Safety Instrumented System.
The purpose of the assessment is for someone with a suitable level of independence from the project to review the documentation and make a judgement on whether we have achieved the level of functional safety we set out to. The assessment helps to minimise the risk of systematic faults and is a useful feedback tool on the effectiveness of our procedures and processes.

The Solution.

Booth Welsh can provide Functional Safety Assessments services to support your Safety System projects or to support your ongoing operations and maintenance. Below we take a closer look at the activities undertaken at each FSA stage. 

Stage 1During FSA stage 1 we are examining the project evidence to ensure the project has a solid foundation to move forward from. Typically, we would be looking at evidence under the following headings:

  • Hazard and risk assessment – Review of HAZOP / HAZID
  • Safety Function allocation – LOPA, Fault Tree
  • Safety Requirements specification – Software and Hardware
  • Management of Functional Safety and Lifecycle planning.
Stage 2During FSA stage 2 we are reviewing the evidence of the SIS Design to ensure compliance with the Safety Requirements Specification and IEC 61511. Topics that will be covered in the FSA2 include:
  • SIS Design Specification
  • Application Software Specifications
  • Application Software development
  • Fat / Integration test planning
  • Evidence of verification
  • Installation, testing and commissioning planning
Stage 3At Stage 3 we are assessing f the installation, commissioning and validation has taken place as planned. We are assessing if the project s ready to proceed with introducing the hazards to the pant. Topics covered include:
  • Review of installation and pre-commissioning records
  • Review of completed validation records including proof test procedures
  • Review of operations and maintenance procedures

Stage 4The stage 4 assessment will take place after the plant has been operating for a period and then again at regular intervals. We are looking for evidence of the successful operation of the SIS and attempting to determine if there are any issues. Topics covered include:

  • The operations and maintenance have proceeded as planned
  • Periodic inspections and proof tests were completed as planned and demonstrate that safety integrity has been maintained.
  • System and equipment performance and incident statistics have been collected and analysed
  • Modifications have been completed under a management of change.
  • Maintenance records are complete.
  • Hazard and risk assessments have been reviewed and maintained
Stage 5During FSA 5 we are assessing that any planned modification or assessment are completed in a way that does not compromise the functional safety of the system. The FSA 5 typically is done in two parts. Firstly, before the modification the proposed change is assessed for its impact on the functional safety of the system. Secondly after the modification is installed, the change is assessed in a very similar way to FSA3.

The Benefits.

The FSA process builds confidence that our functional safety system will achieve the risk reduction required.

Completing the process shows to your regulator that you are complying with the requirements of IEC 61511.

Committing to the process shows due diligence to your staff.