Generic Standard IEC-61508

Presented By Mohammad Tarique AbdullahMS in High Integrity Systems

University of Applied Sciences,Frankfurt

Contents

IntroductionPurpose of IEC 61508Major Parts of IEC-61508Fundamental Concepts of IEC 61508Important DefinitionApplicationsStrength and Weakness of IEC 61508Conclusion

Introduction

IEC 61508 is an international standard of rules applied in industry.

It is titled as "Functional safety of electrical/electronic/programmable electronic safety-related systems“

IEC 61508 is intended to be a basic functional safety standard applicable to all kinds of industry

Introduction(Cont..)

It sets out the requirements for ensuring that systems are designed, implemented, operated and maintained to provide the required safety integrity level (SIL).

IEC 61508 is a basic safety publication of the International Electro technical Commission (IEC).

Risk and safety functions to protect against it

Purpose of IEC 61508

It releases the potential of E/E/PE technology to improve both safety and economic performance.

Provide a technically sound, system based approach, with sufficient flexibility for the future.

Provide a generically-based standard that can be used directly by industry

Purpose of IEC 61508(Cont..)

It can also help with developing sector standards (e.g. machinery, process chemical plants, medical or rail) or product standards (e.g. power drive systems).

Provide a means for users and regulators to gain confidence when using computer-based technology.

Major Parts of IEC-61508

It has 7 parts1. IEC 61508-1, General requirements.2. IEC 61508-2, Requirements for

electrical/electronic/programmable electronic safety-related systems.

3. IEC 61508-3, Software requirements4. IEC 61508-4, Definitions and abbreviations5. IEC 61508-5, Examples of methods for the

determination of safety integrity levels

Major Parts of IEC-61508(Cont..)

6. IEC 61508-6, Guidelines on the application of IEC 61508-2 and IEC 61508-3.

7. IEC 61508-7, Overview of measures and techniques .

Parts of IEC-61508

IEC-61508 safety life cycle

Software safety life cycle

Fundamental Concepts of IEC 61508

1. System Lifecycle2. Functional Safety3. Risk and Risk Reduction4. System Subdivision5. Safety Integrity Level (SIL)6. As Low As Reasonably Practicable (ALARP)

System Lifecycle

Fundamental Concepts of IEC 61508(Cont..)

A typical lifecycle consists of requirements, design specification, coding, Maintenance, implementation and decommissioning.

There are three requirements For IEC-61508 life cycle1. For final product (the SC system)2. For documentation (a) Specifications at the various levels (b)Analysis and reporting documents, e.g. the

Safety Case

Fundamental Concepts of IEC 61508(Cont..)

3.For resources Checks and sign-offs to be conducted by

qualified personnel

Functional Safety Fundamental Concepts of IEC 61508

(Cont..)• Safety- It is the freedom from unacceptable

risk of physical injury or of damage to the health of people, either directly or indirectly as a result of damage to property or to the environment.

Functional Safety Fundamental Concepts of IEC 61508

(Cont..)

• Functional safety-It is part of the overall safety that depends on a system or equipment operating correctly in response to its inputs.

Risk and Risk Reduction Fundamental Concepts of IEC 61508

(Cont..)

There is no such thing as zero risk. Safety functions are concerned with risk reduction.

Risk –It is the combination of the probability of occurrence of harm and the severity of that harm

There are three kinds of risk1. EUC RISK-It is a kind of risk which arising from EUC or

its interaction with EUC control system.2. Tolerable risk - risk which is accepted in a given context

based on the current values of society3. RESIDUAL RISK-It is a kind of risk which remaining after

protective measures have been taken.

System Subdivision Fundamental Concepts of IEC 61508

(Cont..)

Equipment under Control (EUC)- It is the subsystem consisting of the equipment that providing some or all of the functions for which the system was designed.

EUC Control System (EUCCS)- It is a “system which responds to input signals from the process and/or from an operator and generates output signals causing the EUC to operate in the desired manner.”

System Subdivision(Cont..) Fundamental Concepts of IEC 61508

(Cont..)

Safety-Related system (SRS)-It implements the required safety functions and is intended to achieve the necessary safety integrity for the required safety function.

Safety Integrity Level (SIL) Fundamental Concepts of IEC 61508

(Cont..)

It is a discrete level (one out of a possible four) for specifying the safety integrity requirements of the safety functions to be allocated to the E/E/PE safety-related systems.

SIL-1 Lowest LevelSIL-4 Highest Level

Safety Integrity Level (Low demand mode)

Safety Integrity Level (Continuous demand mode)

ALARP Fundamental Concepts of IEC 61508

(Cont..)

There is a level of risk which is considered negligible and another which is intolerable under any circumstances. Between these two extremes, a risk would be accepted or not depending on the value of the benefit to be gained and the cost of risk reduction

a risk in this region of undefined tolerance should be made 'as low as reasonably practicable‘.

ALARP Fundamental Concepts of IEC 61508

(Cont..)

The ALARP region: the region between acceptable and intolerable

in which the system developer is required to reduce the risk to be

as low as reasonably practicable.

Important Definition

Harm - physical injury or damage to the health of people either directly or indirectly as a result of damage to property or to the environment.

Hazard - potential source of harm.Safety – It is the freedom from unacceptable

risk.

Important Definition(Cont..)

Safety Function – It is a function to be implemented by an E/E/PE safety-related system, other technology safety-related system, or external risk reduction facilities which is intended to achieve or maintain a safe state for the EUC, with respect to a specific hazardous event.

Safety Integrity –It is the probability of a safety-related system satisfactorily performing the required safety functions

Important Definition(Cont..)

Accident-an undesired and unplanned (but not necessarily unexpected) event that results in (at least) a specified level of loss.

safety life cycle - necessary activities involved in the implementation of safety-related systems, occurring during a period of time that starts at the concept phase of a project and finishes when all of the E/E/PE safety-related systems, other technology safety-related systems, and external risk reduction facilities are no longer available for use.

Important Definition(Cont..)

Hazardous event: a hazardous situation which results in harm.

Hazardous situation: a circumstance in which a person is exposed to hazard.

Severity: Level of loss.

Applications

Crane safe load indicators.Variable speed motor drives used to restrict speed for

protection.System for interlocking and controlling the dose of

medical radio therapy machines.Anti lock braking.Engine management systems on automobiles.Emergency shutdown systems in hazardous chemical

plants.Railway signalling system.

Applications(Cont..)

the oil and gas industry, nuclear plant, medical devices manufactures and the machinery sector need to achieve safety for the equipment giving rise to hazard.

Strength

Make easier for vendors to understand the problem and propose adequate and cost-effective solutions.

IEC 61508 puts balance with other factors as the common cause failure by introducing probabilistic evaluation.

The standard is important and should be employed, but managers must be

prepared to create an infrastructure to support its use

Weakness

The probabilistic approach of the standard leads to a huge difference in requirements is on pre-existing software and products in low demand mode versus high demand mode application.

It does not cover safety issues like electric shock, hazardous falls, long term exposure to a toxic substance etc.

It also does not cover low safety E/E/PE systems its volume and the lack of widespread

understanding of its principles, IEC 61508 will be, for many, difficult to use directly.

Conclusion

IEC 61508 is here and it has a huge success. All the peoplewho are involved with programmable electronics systems orare interested in it, buyers, authorities see it as a majorreference to reduce their uncertainty on complex systems. Itcan be applied to any safety-related system that contains anE/E/PE Device. It ensures us safety critical system as if itfails has a great impact on human life environment .Althoughit has some limitations , but still now it is the basic referenceto reduce risk, failure.

REFERENCES1. A Summary of the IEC 61508 Standard for Functional safety of Electrical /

Electronic / Programmable Electronic Safety-Related Systemsexida Sellersville, PA 18960, USA

2. An Overview of IEC 61508 on E/E/PE Functional Safety Peter B.Ladkin Causalis Limited and University of Bielefeld.

3. The Concepts of IEC 61508 An Overview and Analysis Sommer semester 2001 Prof. Peter B. Ladkin PhD. 4. Functional Safety:Assessment and Certification Joachim IdenTÜVRheinland Japan Ltd.Business UnitAutomation, Software and InformationTechnology (ASI), 5. Functional safety and IEC 61508, September 2005, produced

byIEC/SC65A/WG14, http://www.iec.ch/functionalsafety 6. Project Experience with IEC 61508 and its Consequences, Rainer Faller–

exida.com, safecomp faller r6.doc, April 27, 2003 7. Functional safety and IEC 61508, A basic guide, May 2004, copyright of IEC 2004, Geneva Switzerland

Thank You For Your KindAttention