Training Functional Safety 03 - IEC61508 61511 Standards Rev0.1

FUNCTIONAL SAFETY TRAINING

03 – IEC61508 / IEC61511 STANDARDS

1Dr. Ing. Carlo LebrunFunctional Safety Training

September 21, 1921: Oppau explosion in Germany. 4500 tonnes of a mixture of ammonium sulfate and ammonium nitrate fertilizer

SOME MAJOR DISASTERS IN CHEMICAL INDUSTRYp , pp p y

exploded at a BASF plant, killing 500–600 people and injuring about 2000 more.

1932-1968: Minamata Bay disaster, Japan, was caused by the dumping of mercury compounds. The Chisso Corporation, petrochemical company, was found responsible for polluting the bay for 37 years. Over 3,000 people suffered various deformities, severe mercury poisoning symptoms or deathpoisoning symptoms or death.

April 16, 1947: Texas City Disaster, Texas. explosion occurred aboard a docked ship. The explosion is referred to as the worst industrial disaster in America. 578 people lost their lives and another 3,500 were injured as the blast.

1948 Th l i f t k ithi BASF it l d d ith h i l i L d i h f G 207 f t liti1948: The explosion of a tank wagon within a BASF site loaded with chemicals, in Ludwigshafen, Germany, causes 207 fatalities.

June 1, 1974: Flixborough disaster, UK. An explosion at a chemical plant kills 28 people and seriously injures another 36.

July 10, 1976: Seveso disaster, in Seveso, Italy, in a chemical manufacturing plant of ICMESA. 193 people in the affected areas suffered y y gfrom chloracne and other symptoms.

December 3, 1984: The Bhopal disaster in India is the largest industrial disaster on record. A faulty tank containing poisonous methyl isocyanate leaked at a Union Carbide plant and left nearly 4,000 people dead on the first night of the gas leak and at least 15,000 later from related illnessesrelated illnesses.

June 28, 1988: Auburn, Indiana, US: improper mixing of chemicals kills four workers at a local metal-plating plant in the worst confined-space industrial accident in U.S. history; a fifth victim died two days later.

O t b 23 1989 Philli Di t E l i d fi kill d 23 d i j d 314 i P d T R i t d 3 5 th Ri ht l


October 23, 1989: Phillips Disaster. Explosion and fire killed 23 and injured 314 in Pasadena, Texas. Registered 3.5 on the Richter scale.

A CLOSER LOOK AT SEVESO ACCIDENT

July 10, 1976: in Seveso, Italy, in a chemical plant of ICMESA

D h l f di i i h h 3 000 dDue to the release of dioxins into the atmosphere 3,000 pets and farm animals died and, later, 70,000 animals were slaughtered to prevent dioxins from entering the food chainprevent dioxins from entering the food chain.

193 people suffered from chloracne and other symptoms.p p y p

The disaster lead to the Seveso Directive, which was issued by th E C it d i d h h h i d t i lthe European Community and imposed much harsher industrial regulations.


STANDARDS AS LEGAL REQUIREMENTS IN EU

These EC Directives are legal requirements for process plants in EU:process plants in EU:

Seveso Directive II- Seveso Directive II- ATEX: Appareils destinés à être utilisés en ATmosphères ExplosiblesExplosibles - Machinery Directive- PED: Pressure Equipment Directive- PED: Pressure Equipment Directive


The Seveso Directive II (9 December 1996) is aimed at the

SEVESO DIRECTIVE REQUIREMENTSThe Seveso Directive II (9 December 1996) is aimed at the prevention of accidents related to dangerous substances, and the limitation of their consequences. It applies to sites where dangerous substances stored or used.

The owner/operating company shall develop a safety report to show that:The owner/operating company shall develop a safety report to show that:- hazards have been identified and measures to prevent accidents and/or to limit the consequence have been set up

implementation construction installation and operation of the plant is- implementation, construction, installation and operation of the plant is adequately safe and reliable.

P bli th iti t t i ti t l l h k tiPublic authorities must set up inspections to regularly check operation, organization and management of the plant to confirm that the user can show: a) he has undertaken measures to prevent severe accidents


b) he has provided adequate measures to limit the results of any accident.

(INDIPENDENT) LAYERS OF PROTECTIONCommunity Emergency Response

Plant Emergency Response

Community Emergency Response

MITIGATION

Mechanical Protection (PSV)

Mechanical Segregation & ContainmentMITIGATION

C t l & M it i Al

Safety Instrumentation Systems

Process Design

Control & Monitoring, Alarms

PREVENTION


PROTECTIONS AGAINST RISK

Protections are implemented to reduce risk:

reducing frequency of exposure

and / or

reducing possible damage


PROTECTIONS AGAINST RISKFFrequency

Damage Remote Rare Unlikely Possible Likelyg

Catastrophe Many deads 5 6 6 6 6

Major Damage

Some deads 4 4 5 5 5

LocalDamage

Injury, 1 dead 2 4 4 5 5

MinorMi I j 1 1 2 3 3

Minor Damage

Minor Injury 1 1 2 3 3

Harmless No dead 0 0 0 0 0


WHAT SYSTEMS DOES IEC 61508 COVER?

• IEC 61508 applies to safety-related systems when one orIEC 61508 applies to safety related systems when one or more of such systems incorporate electrical and/or electronic and/or programmable electronic (E/E/PE) devices.

• It covers possible hazards caused by failures.p y


IEC61508 MAY APPLY TO:

• Emergency Shut-Down Systems, Fire and Gas Systems, Burner Management System

• Crane safe-load indicators• Emergency systems for machinery• Medical Devices• Dynamic Positioning (control of a ship's movement),• Railway Signalling• Variable Speed Motor Drives• Automobile Indicator Lights


IEC 61508 SCOPE IS:

• To improve in safety requirements definition• To improve both safety performance of electrical / electronic /

programmable electronic technology• To provide a risk-based approach for determining the required

performance of safety-related systems

FUNCTIONAL SAFETY IN SIMPLER WORDS:• Equipment failure must not become the cause of q p

a danger for persons or for the environment


THE CONCEPT OF LIFECYCLE

IEC61508 applies the concept of lifecycle:

Equipment functional safety is not an intrinsic and static q p yfeature. It is variable depending on all phases of a system life: design, inspection, installation, operation, maintenance, etc.


IEC61508 SAFETY LIFECYCLE: ANALYSIS

1 - CONCEPT

2 SCOPE2 – SCOPE DEFINITION

3 – HAZARD & RISK3 HAZARD & RISK ANALYSIS

4 – SAFETY REQUIREMENTS

5 – SAFETY REQUIREMENTS OC OALLOCATION

TO REALIZATION PHASE


IEC61508 SAFETY LIFECYCLE: IMPLEMENTATIONFROM ANALYSIS PHASE

9 – E/E/PES 10 – REALIZATION OF SAFETY 11 – EXTERNAL RISK6 – OPERATION & 8 –7 – 9 – E/E/PES SYSTEM

REALIZATION

10 – REALIZATION OF SAFETY RELATED SYSTEMS WITH OTHER

TECHNOLOGIES

11 – EXTERNAL RISK REDUCTION FACILITIES

6 – OPERATION & MAINTENANCE

PLANNING

8 –INSTALLATION

PLANNING

7 –VALIDATION PLANNING

12 – INSTALLATION & COMMISSIONING

13 – SAFETY VALIDATION

TO OPERATION PHASE


IEC61508 SAFETY LIFECYCLE: OPERATION

FROM IMPLEMENTATION PHASE

14 –OPERATION & MAINTENANCE

15 –MODIFICATIONS AND

UPGRADESMAINTENANCE UPGRADES

16 –DECOMMISSIONING


IEC61508 AND OTHER SAFETY STANDARDS

IEC 61508IEC 61800-5-2Variable Speed

Electrical Drives

EN/IEC 13849-1Machinery

IEC 61513Nuclear Industry

EN/IEC 62061Machinery

EN 60601Medical Devices

EN 50156Fired Heaters

IEC 61511Process

EN 50128Railway


Industry

IEC61511

This standard has been developed as a process sector implementation of IEC 61508. It applies to a wide variety of industries including chemicals, oilrefining oil and gas production pulp and paper non nuclear powerrefining, oil and gas production, pulp and paper, non-nuclear power generation, etc.

IEC61511 i i t f th ifi ti d i i t ll tiIEC61511 gives requirements for the specification, design, installation,operation and maintenance of a safety instrumented system.


IEC61508 AND IEC61511

IEC61508 commonly applies to Manufacturers

IEC61511IEC61511 commonly applies to Designers, Integrators, Users, Owners


USE OF IEC61508 AND IEC61511

HARDWAREDevelopment of new hardware IEC61508Development of new hardware IEC61508Integration of IEC61508 validated hardware IEC61511Integration of proven in use hardware IEC61511g

SOFTWARED l t f b dd d ft IEC61508Development of embedded software IEC61508Development of application software by full variability languages IEC61508by full variability languages IEC61508Development of application software by limited variability languages IEC61511


ACTIVITIES OF NOTIFIED BODIES

- Certification of Functional Safety Management implementation, by manufacturers designers integrators end-users etcmanufacturers, designers, integrators, end users, etc.

- Certification of Functional Safety Expertsy

- Support concerning understanding and interpretation of Functional S f t R i tSafety Requirements

- Certification of Safety Instrumented Systems (or Review /Certification of Safety Instrumented Systems (or Review / Validation of certification by others)


IEC61508 CERTIFICATE:SENSORSENSOR


IEC61508 CERTIFICATE:ACTUATORACTUATOR


IEC61511 CERTIFICATE:DEVELOPMENT, DESIGNDEVELOPMENT, DESIGN

AND ENGINEERING


http://www.ecisgroup.it/

END OF PRESENTATION


Training Functional Safety 03 - IEC61508 61511 Standards Rev0.1

Documents

Transcript of Training Functional Safety 03 - IEC61508 61511 Standards Rev0.1