Ehh… If your safety action is stopping flow/closing a valve, how are you going to accomplish this if you consider that the remote actuated valve is not part of your SIF ?
So, what is this myth based on? The title of IEC 61508 reads “Functional safety of electrical/electronic/programmable electronic safety-related systems”. The argument typically made is that, a valve is purely mechanical and therefore falls outside the scope of the standard.
It is important to keep in mind that the IEC 61508 standard is an umbrella standard that applies to all industries. Its original charter was to replace some of the prescriptive standards like the 1990 DIN VDE 0801, titled “Principles for computers in safety-related systems”. Well once you start to evaluate complete safety loops you realize that the field equipment is very important and that the traditional focus on logic solvers is not giving you the biggest bang for the buck. So as a result, the scope was extended to include all parts of a safety loop, the sensor, logic solver, and final element.
If we look at the title of IEC 61511, the process industry specific functional safety standard, it reads “Functional safety – Safety instrumented systems for the process industry”.
Then looking at the definition of a Safety Instrumented System (SIS):
- instrumented system used to implement one or more SIFs (IEC 61511-1 3.2.67);
where a Safety Instrumented Function (SIF) is defined as:
- safety function to be implemented by a safety instrumented system (SIS) (IEC 61511-1 3.2.66);
and a safety function is defined as:
- function to be implemented by one or more protection layers, which is intended to achieve or maintain a safe state for the process, with respect to a specific hazardous event (IEC 61511-1 3.2.65);
Well, to achieve or maintain a safe state, I will need a final action. Clearly the final action is not excluded from the scope of the standard.