Iec 61511 Pdf Free Download

[Catherine Nicolo]

IECstandard 61511 is a technical standard which sets out practices in the engineering of systems that ensure the safety of an industrial process through the use of instrumentation. Such systems are referred to as Safety Instrumented Systems. The title of the standard is "Functional safety - Safety instrumented systems for the process industry sector".

The process industry sector includes many types of manufacturing processes, such as refineries, petrochemical, chemical, pharmaceutical, pulp and paper, and power. The process sector standard does not cover nuclear power facilities or nuclear reactors. IEC 61511 covers the application of electrical, electronic and programmable electronic equipment. While IEC 61511 does apply to equipment using pneumatic or hydraulic systems to manipulate final elements, the standard does not cover the design and implementation of pneumatic or hydraulic logic solvers.

This standard defines the functional safety requirements established by IEC 61508 in process industry sector terminology. IEC 61511 focuses attention on one type of instrumented safety system used within the process sector, the Safety Instrumented System (SIS).

For existing safety instrumented systems (SIS) designed and constructed in accordance with codes, standards, or practices prior to the issuance of this standard (e.g. ANSI/ISA 84.01-1996), the owner/operator shall determine and document that the equipment is designed, maintained, inspected, tested, and operated in a safe manner.

The European standards body, CENELEC, has adopted the standard as EN 61511. This means that in each of the member states of the European Union, the standard is published as a national standard. For example, in Great Britain, it is published by the national standards body, BSI, as BS EN 61511. The content of these national publications is identical to that of IEC 61511. Note, however, that 61511 is not harmonized under any directive of the European Commission.

IEC 61511 covers the design and management requirements for SISs throughout the entire safety life cycle. Its scope includes: initial concept, design, implementation, operation, and maintenance through to decommissioning. It starts in the earliest phase of a project and continues through startup. It contains sections that cover modifications that come along later, along with maintenance activities and the eventual decommissioning activities.

ISA 84.01/IEC 61511 requires a management system for identified SIS. An SIS is composed of a separate and independent combination of sensors, logic solvers, final elements, and support systems that are designed and managed to achieve a specified safety integrity level (SIL). An SIS may implement one or more safety instrumented functions (SIFs), which are designed and implemented to address a specific process hazard or hazardous event. The SIS management system should define how an owner/operator intends to assess, design, engineer, verify, install, commission, validate, operate, maintain, and continuously improve their SIS. The essential roles of the various personnel assigned responsibility for the SIS should be defined and procedures developed, as necessary, to support the consistent execution of their responsibilities.

ISA 84.01/IEC 61511 uses an order of magnitude metric, the SIL, to establish the necessary performance. A hazard and risk analysis is used to identify the required safety functions and risk reduction for specified hazardous events. Safety functions allocated to the SIS are safety instrumented functions; the allocated risk reduction is related to the SIL. The design and operating basis is developed to ensure that the SIS meets the required SIL. Field data are collected through operational and mechanical integrity program activities to assess actual SIS performance. When the required performance is not met, action should be taken to close the gap, ensuring safe and reliable operation.

IEC 61511 references IEC 61508 (the master standard) for many items such as manufacturers of hardware and instruments and so IEC 61511 cannot be fully implemented without reference to IEC 61508. IEC 61511 is the process industry implementation of IEC 61508.[1]

ISA84, Instrumented Systems to Achieve Functional Safety in the Process Industries, has approved the newest edition of IEC 61511 as ISA and American National Standards Institute (ANSI) standards. The new standards will be designated in the U.S. as ANSI/ISA-61511, Functional Safety - Safety Instrumented Systems for the Process Industry Sector, Parts 1-3. The standards set forth requirements for the specification, design, installation, operation, and maintenance of a safety instrumented system (SIS) so that it can be entrusted to achieve or maintain a safe state of a process.

ISA84 developed the original ISA-84.01 standard on which the first edition of IEC 61511 was based. This new edition of IEC 61511, developed under IEC SC65A/MT 61511, was approved by ISA84 without modification-but not without concerns from several ISA84 members about the guidance and interpretation of IEC 61511-2, Part 2: Guidelines for the Application of IEC 61511-1. For that reason, ISA84 prepared a special foreword to ANSI/ISA-61511-2 that refers users to several ISA84 technical reports for guidance on the same topics. Those technical reports include:

61508 deals with the entire safety lifecycle of safety systems, from cradle to grave. It targets suppliers of safety systems, but is also applicable to some degree to suppliers of equipment used in those safety systems.

Because the number of applications is so varied, such that many different applications could use the same equipment in different ways, only some parts of the Realization phase are applicable to equipment manufacturers.

61511 is user focused, but it does not assign responsibilities; that is a common issue that must be done for any given project. The same lifecycle and SIL concepts apply as in IEC 61508, but 61511 is in Process Industry language and context.

The IEC 61511 standard recommends the use of a functional safety lifecycle. Any safety lifecycle can be used, but the standard lays out a process which can be divided into three main classifications as an example.

Testing and documenting the performance of an SIS is an essential part of ensuring it can fulfill its designed functional safety requirements. This article comes from the May 2021 issue of Intech Focus: Process Control and Safety.

The purpose of lagging data is to assist in preventing future problems, developing training programs, and improving procedures. The purpose of leading indicators also is to help predict future events, which may include overdue inspections and late maintenance challenges. Through a clear understanding of the leading and lagging indicators, effectiveness and efficiency can be enhanced

Operations and maintenance plan The O&M plan is a working document tailored to ensure SIS maintenance meets its designed functional safety and entails:

Most basic process control systems (BPCS) need a historian logging trips, alarms, and diagnostic faults for archiving plant data. Normally, this type of data associated with the SIF also is recorded in a historian. Besides, the purpose of proof testing is to reveal undetected faults, and it must be undertaken pursuant to the written procedure. When proof test coverage is included, the frequency and thoroughness of manual proof testing will be assured.

IEC 61511-1 Clause 16.3.3 also demands records storage certifying that proof tests and inspections were completed and includes:

Technology can help Currently, handheld tablets are widely used in recording data in electronic format. However, having a dedicated tool specifically designed for this purpose remains a challenge. Consequently, O&M personnel rely on Excel spreadsheets to supplement paper-based systems.

O&M personnel would need a tool that can record functional safety-related statistics/performance metrics, as well as life events such as:

This article has outlined key issues involved in following the requirements of IEC 61511 Clause 16 for operation and maintenance of the SIS. As mentioned at the outset, the article highlights how testing and documenting the performance of an SIS is an essential part of ensuring it can fulfill its designed functional safety requirements, as defined in the SRS.

Key points include:

Dr. Steve Gandy CFSP, DPE, MBA, DipM is vice president of global business development at exida. Gandy has more than 42 years of experience in hardware and software engineering for industrial controls and safety systems, pharmaceutical, and power utility applications. He currently leads the end user functional safety business for exida and is the lead trainer for the Functional Safety Engineering (FSE100) Course. Gandy has global business development responsibilities and provides support primarily to process industry end users in the areas of safety and security.

I received a great question about the application of the IEC 61511 safety lifecycle. The person noted that a question was raised after the safety integrity level (SIL) study and safety requirements specification (SRS) had been performed. The question is about the verification of these and who would need to perform them.

Verification is the checking of each and every activity to see that the established objectives were met. It can be a review, test, inspection, checklist or any other type of check, which is appropriate to the activity. The theory is never to pass on the output of an activity to the next until you have verified its correctness.

This type of verification should be planned as part of functional safety planning. So, for every activity you know what you need to do and how to verify it. There is no requirement for a specific level of independency for a verification, it should be appropriate for the activity and complexity.

For the example of the SRS in this question, Russell sees only one answer. The process designer and operator must jointly agree that the safety requirements have been addressed correctly in the document and ultimately the Duty Holder, usually the operator, is responsible and must bear the risk. They are the final verifier.

3a8082e126