Fake Fact: Final Elements should not be included in SIF evaluation

Mar 15, 2018

[:en][vc_row][vc_column][vc_column_text]Ehh… If your safety action is stopping flow/closing a valve, how are you going to accomplish this if you consider that the remote actuated valve is not part of your SIF ?

So, what is this myth based on? The title of IEC 61508 reads “Functional safety of electrical/electronic/programmable electronic safety-related systems”. The argument typically made is that, a valve is purely mechanical and therefore falls outside the scope of the standard.

Wonderful …

It is important to keep in mind that the IEC 61508 standard is an umbrella standard that applies to all industries. Its original charter was to replace some of the prescriptive standards like the 1990 DIN VDE 0801, titled “Principles for computers in safety-related systems”. Well once you start to evaluate complete safety loops you realize that the field equipment is very important and that the traditional focus on logic solvers is not giving you the biggest bang for the buck. So as a result, the scope was extended to include all parts of a safety loop, the sensor, logic solver, and final element.

If we look at the title of IEC 61511, the process industry specific functional safety standard, it reads “Functional safety – Safety instrumented systems for the process industry”.

Then looking at the definition of a Safety Instrumented System (SIS):

  • instrumented system used to implement one or more SIFs (IEC 61511-1 3.2.67);

where a Safety Instrumented Function (SIF) is defined as:

  • safety function to be implemented by a safety instrumented system (SIS) (IEC 61511-1 3.2.66);

and a safety function is defined as:

  • function to be implemented by one or more protection layers, which is intended to achieve or maintain a safe state for the process, with respect to a specific hazardous event (IEC 61511-1 3.2.65);

Well, to achieve or maintain a safe state, I will need a final action. Clearly the final action is not excluded from the scope of the standard.[/vc_column_text][/vc_column][/vc_row][:zh][vc_row][vc_column][vc_column_text]No! They are not Inherently Safe!

A collaborative robot is intended to work “collaboratively” with a person. i.e. share a common workspace. It is force and speed limited by design to minimize any potential hazard. Collaborative robots fit the application where the task cannot be easily or cost effectively automated. They are easy to deploy, program and repurpose. Collaborative robots are new to everyone including the standards agencies.

A hazard and risk assessment is required that assesses the robot and the environment that it is deployed in. Just as any other robot, things such as collisions, speed, type of end effector and worksite need to be evaluated. Collaborative robots have their own sorts of collisions and hazards. They may not be as severe, but they still exist.

This all comes down to risk and the amount of risk that you are willing to accept! The diagram below shows the high-level steps for doing a Hazard and Risk Assessment. When following the steps, if you assess the risk and find it to be acceptable (your companies acceptable risk norms) then you are done. No need to add any risk reduction.

The next best approach is to determine if protective measures other than a Safety Function can reduce the risk to an acceptable level. If not, then you must assign a SIL and implement a safety function that will provide the required risk reduction.

exida can effectively train your team to perform machine hazard and risk assessments to identify all possible hazards and estimate the risk for each hazard. Specifically, exida coaches you through the process of evaluating the risk, developing and implementing risk reduction options. exida can also educate your team in multiple approaches to SIL target selection. These are just some of the things exida does to ensure you are on the right path![/vc_column_text][/vc_column][/vc_row] [:]

Submit a Comment

Your email address will not be published.

Keep Updated.