STANDARDIZING FUNCTIONAL SAFETY ASSESSMENTS FOR OFF-THE-SHELF INSTRUMENTATION AND CONTROLS

It is typical for digital instrumentation and controls, used to manage significant risk, to undergo substantial amounts of scrutiny. The equipment must be proven to have the necessary level of design integrity. The details of the scrutiny vary based on the particular industry, but the ultimate goal is to provide sufficient evidence that the equipment will operate successfully when performing their required functions.

To be able to stand up to the scrutiny and more importantly, successfully perform the required safety functions, the equipment must be designed to defend against random hardware failures and also to prevent systematic faults. These design activities must also have been documented in a manner that sufficiently proves their adequacy.

The variability in the requirements of the different industries makes this task difficult for instrumentation and controls equipment manufacturers. To assist the manufacturers in dealing with these differences, a standardization of requirements is needed to facilitate clear communication of expectations. The IEC 61508 set of standards exists to fulfill this role, but it is not yet universally embraced. After that occurs, various industries, from nuclear power generation to oil & gas production, will benefit from the existence of a wider range of equipment that has been designed to perform in these critical roles and that also includes the evidence necessary to prove its integrity. The manufacturers will then be able to enjoy the benefit of having a larger customer base interested in their products.

The use of IEC 61508 will also help industries avoid significant amounts of uncertainty when selecting commercial off-the-shelf equipment. It is currently understood that it cannot be assumed that a typical commercial manufacturer’s equipment designs and associated design activities will be adequate to allow for success in these high risk applications. In contrast, a manufacturer that seeks to comply with IEC 61508 and seeks to achieve certification by an independent third party can be assumed to be better suited for meeting the needs of these demanding situations. Use of these manufacturers help to avoid substantial uncertainty and risk.