Functional Safety is the part of the safety area of a system that depends on fail-safe apparatuses, devices and subsystems operating correctly in response to external inputs, including error handling by operators, breakdowns, malfunctions and changes in environmental conditions.
Functional safety in industrial process facilities differs from that performed on machinery from the point of view of risk analysis and design methods. In process facilities, in addition to instrumented protection using the concepts of SIS (Safety Instrumented System), SIF (Safety Instrumented Function) and SIL (Safety Integrity Level), the reliability, diagnosis and assessment of failures are based on statistical and probabilistic models, starting off by calculating the PFD (Probability of Failure on Demand) or PFH (Probability of Failure per Hour) i.e. the probability that a device or system will be unable to provide the required safety function.
Functional safety for process facilities also includes the development of reliability block diagrams, Markovian models and the use of redundancy techniques. In addition to these basic concepts, and to the European machinery safety directives, functional safety for machinery strongly emphasises the development of design in terms of reliability and availability, starting by calculating parameters such as PL (Performance Level) and DC (Diagnostic Coverage), as well as the probability of failure (MTBF, MTTF, MTTFD), and the implementation of SRCF (Safety-Related Control Functions) and SRECS (Safety-Related Electrical Control Systems).
Risk assessment process
A functional safety assessment usually involves identifying all of the risks found during risk analysis.
It needs to be established whether each risk identified needs to be reduced and whether the reduction needs to be quantified using the risk analysis methods that provide results in the form of a SIL requirement.
The Safety Integrity Level defines the degree of reliability required for a given product safety function. SIL is divided into four categories, from SIL 1 (lowest reliability) to SIL 4 (highest reliability). For a safety function with relatively low criticality, the most suitable level will probably be SIL 1, whereas safety functions with a higher degree of criticality may require SIL 3 or SIL 4. Although lower SIL levels allow a company to “self-assess”, this still requires action by a functional-safety qualified in-house expert. Higher SIL levels require the assessment to be carried out by independent bodies.
The risk identification process is often performed in conjunction with a Hazard and Operability Study (or HAZOP). The most common methods for quantifying risk reduction (SIL assessment) include a risk chart, a Layer of Protection Analysis (LOPA) and the risk matrix.
Table showing SIL probability of dangerous failure according to EN/IEC 61508 and EN/IEC 61511