BS EN 61511-2:2017
$215.11
Functional safety. Safety instrumented systems for the process industry sector – Guidelines for the application of IEC 61511-1
| Published By | Publication Date | Number of Pages |
| BSI | 2017 | 210 |
IEC 61511-2:2016 is available as /2 which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition. IEC 61511-2:2016 provides guidance on the specification, design, installation, operation and maintenance of SIFs and related SIS as defined in IEC 61511-1:2016. This second edition cancels and replaces the first edition published in 2003. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: – guidance examples based on all phases of the safety life cycle provided based on usage experience with IEC 61511 1st edition; – annexes replaced to address transition from software to application programming.
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 2 | National foreword |
| 7 | English CONTENTS |
| 14 | FOREWORD |
| 16 | INTRODUCTION |
| 17 | Figures Figure 1 – Overall framework of IEC 61511 series |
| 18 | 1 Scope 2 Normative references 3 Terms, definitions, and abbreviations |
| 19 | Annexes Annex A (informative) Guidance for IEC 61511-1 A.1 Scope A.2 Normative references A.3 Terms, definitions and abbreviations A.4 Conformance to the IEC 61511-1:– A.5 Management of functional safety A.5.1 Objective A.5.2 Guidance to "Requirements" |
| 28 | A.6 Safety life-cycle requirements A.6.1 Objectives A.6.2 Guidance to "Requirements" |
| 29 | A.6.3 Guidance to "Application program SIS safety life-cycle requirements" |
| 30 | A.7 Verification A.7.1 Objective A.7.2 Guidance to "Requirements" Figure A.1 – Application program V-Model |
| 32 | A.8 Process hazard and risk assessment (H&RA) A.8.1 Objectives A.8.2 Guidance to “Requirements" |
| 35 | A.9 Allocation of safety functions to protection layers A.9.1 Objective A.9.2 Guidance to "Requirements of the allocation process" |
| 37 | A.9.3 Guidance to "Requirements on the basic process control system as a protection layer" |
| 39 | Figure A.2 – Independence of a BPCS protection layer and an initiating source in the BPCS |
| 40 | A.9.4 Guidance to "Requirements for preventing common cause, common mode and dependent failures" Figure A.3 – Independence of two protection layers allocated to the BPCS |
| 41 | A.10 SIS safety requirements specification A.10.1 Objective A.10.2 Guidance to "General requirements" A.10.3 Guidance to "SIS safety requirements" |
| 44 | Figure A.4 – Relationship of system, SIS hardware, and SIS application program |
| 45 | A.11 SIS design and engineering A.11.1 Objective A.11.2 Guidance to "General requirements" |
| 52 | A.11.3 Guidance to "Requirements for system behaviour on detection of a fault" A.11.4 Guidance to “Hardware fault tolerance" |
| 55 | A.11.5 Guidance to "Requirements for selection of devices" |
| 58 | A.11.6 Field devices A.11.7 Interfaces |
| 60 | A.11.8 Guidance to "Maintenance or testing design requirements" |
| 61 | A.11.9 Guidance to "Quantification of random failure" |
| 65 | Figure A.5 – Illustration of uncertainties on a reliability parameter |
| 66 | Figure A.6 – Illustration of the 70 % confidence upper bound |
| 67 | A.12 SIS application program development A.12.1 Objective A.12.2 Guidance to "General requirements" Figure A.7 – Typical probabilistic distribution of target results from Monte Carlo simulation |
| 69 | A.12.3 Guidance to "Application program design" |
| 71 | A.12.4 Guidance to "Application program implementation" |
| 72 | A.12.5 Guidance to "Requirements for application program verification (review and testing)" |
| 75 | A.12.6 Guidance to "Requirements for application program methodology and tools" |
| 78 | A.13 Factory acceptance testing (FAT) A.13.1 Objectives A.13.2 Guidance to "Recommendations" A.14 SIS installation and commissioning A.14.1 Objectives A.14.2 Guidance to "Requirements" |
| 79 | A.15 SIS safety validation A.15.1 Objective A.15.2 Guidance to "Requirements" A.16 SIS operation and maintenance A.16.1 Objectives |
| 80 | A.16.2 Guidance to "Requirements" |
| 81 | A.16.3 Proof testing and inspection |
| 83 | A.17 SIS modification A.17.1 Objective |
| 84 | A.17.2 Guidance to "Requirements" A.18 SIS decommissioning A.18.1 Objectives A.18.2 Guidance to "Requirements" |
| 85 | A.19 Information and documentation requirements A.19.1 Objectives A.19.2 Guidance to "Requirements" |
| 86 | Annex B (informative) Example of SIS logic solver application program development using function block diagram B.1 General B.2 Application program development and validation philosophy |
| 87 | B.3 Application description B.3.1 General B.3.2 Process description |
| 88 | B.3.3 Safety instrumented functions Figure B.1 – Process flow diagram for SIF 02.01 |
| 89 | B.3.4 Risk reduction and domino effects B.4 Application program safety life-cycle execution B.4.1 General B.4.2 Inputs to application program SRS development Figure B.2 – Process flow diagram for SIF 06.02 |
| 90 | Figure B.3 – Functional specification of SIF02.01 and SIF 06.02 Figure B.4 – SIF 02.01 hardware functional architecture |
| 91 | Figure B.5 – SIF 06.02 hardware functional architecture Figure B.6 – Hardware specification for SOV extracted from piping and instrumentation diagram |
| 92 | B.4.3 Application program design and development Figure B.7 – SIF 02.01 hardware physical architecture Figure B.8 – SIF 06.02 hardware physical architecture |
| 93 | Tables Table B.1 – Modes of operation specification |
| 96 | Figure B.9 – Hierarchical structure of model integration |
| 98 | Figure B.10 – Hierarchical structure of model integration including models of safety properties and of BPCS logic Table B.2 – State transition table |
| 99 | Figure B.11 – State transition diagram |
| 100 | Figure B.12 – SOV typical block diagram |
| 101 | Figure B.13 – SOV typical model block diagram |
| 103 | Figure B.14 – Typical model block diagram implementation – BPCS part |
| 104 | Figure B.15 – SOV application program typical model implementation – SIS part |
| 106 | B.4.4 Application program production B.4.5 Application program verification and testing B.4.6 Validation Figure B.16 – Complete model for final implementation model checking |
| 107 | Annex C (informative) Considerations when converting from NP technologies to PE technologies |
| 109 | Annex D (informative) Example of how to get from a piping and instrumentation diagram (P&ID) to application program Figure D.1 – Example of P&ID for an oil and gas separator |
| 110 | Figure D.2 – Example of (part of) an ESD cause & effect diagram (C&E) |
| 111 | Figure D.3 – Example of (part of) an application program in a safety PLC function block programming |
| 112 | Annex E (informative) Methods and tools for application programming E.1 Typical toolset for application programming |
| 113 | E.2 Rules and constraints for application program design E.3 Rules and constraints for application programming |
| 115 | Annex F (informative) Example SIS project illustrating each phase of the safety life cycle with application program development using relay ladder language F.1 Overview F.2 Project definition F.2.1 General |
| 116 | F.2.2 Conceptual planning F.2.3 Process hazards analysis F.3 Simplified process description |
| 117 | Figure F.1 – Simplified flow diagram: the PVC process |
| 118 | F.4 Preliminary design F.5 IEC 61511 application F.5.1 General |
| 119 | Figure F.2 – SIS safety life-cycle phases and FSA stages |
| 120 | Table F.1 – SIS safety life-cycle overview |
| 122 | F.5.2 Step F.1: Hazard & risk assessment F.5.3 Hazard identification F.5.4 Preliminary hazard evaluation F.5.5 Accident history Table F.2 – SIS safety life-cycle – Box 1 |
| 124 | Table F.3 – Some physical properties of vinyl chloride |
| 125 | F.6 Preliminary process design safety considerations F.7 Recognized process hazards |
| 126 | F.8 Process design definitions strategy |
| 128 | Figure F.3 – Example of the preliminary P&ID for PVC reactor unit |
| 129 | F.9 Preliminary hazard assessment F.9.1 General |
| 130 | Table F.4 – What-If/Checklist |
| 131 | Table F.5 – HAZOP |
| 132 | Table F.6 – Partial summary of hazard assessment for SIF strategy development |
| 133 | F.9.2 Step F.2: Allocation of safety functions |
| 134 | F.10 SIF safety integrity level determination F.11 Layer of protection analysis (LOPA) applied to example Table F.7 – SIS safety life-cycle – Box 2 |
| 135 | F.12 Tolerable risk criteria |
| 136 | Table F.8 – Tolerable risk ranking |
| 137 | Table F.9 – VCM reactor example: LOPA based integrity level |
| 138 | F.13 Step F.3: SIS safety requirements specifications F.13.1 Overview F.13.2 Input requirements Table F.10 – SIS safety life-cycle – Box 3 Table F.11 – Safety instrumented functions and SILs |
| 139 | F.13.3 Safety functional requirements Table F.12 – Functional relationship of I/O for the SIF(s) Table F.13 – SIS sensors, normal operating range & trip points |
| 140 | F.13.4 Safety integrity requirements |
| 141 | F.14 Functional description and conceptual design F.14.1 Narrative for example reactor system logic |
| 142 | F.15 SIL verification calculations Table F.14 – Cause and effect diagram |
| 143 | Table F.15 – MTTFd figures of SIS F.1 devices |
| 144 | Figure F.4 – SIF S-1 Bubble diagram showing the PFDavg of each SIS device |
| 145 | Figure F.5 – S-1 Fault tree |
| 146 | Figure F.6 – SIF S-2 Bubble diagram showing the PFDavg of each SIS device |
| 147 | Figure F.7 – SIF S-2 fault tree |
| 148 | Figure F.8 – SIF S-3 Bubble diagram showing the PFDavg of each SIS device |
| 149 | F.16 Application program requirements Figure F.9 – SIF S-3 fault tree |
| 150 | Figure F.10 – P&ID for PVC reactor unit SIF |
| 151 | Figure F.11 – Legend (1 of 5) |
| 156 | F.17 Step F.4: SIS safety life-cycle F.18 Technology and device selection F.18.1 General F.18.2 Logic solver Table F.16 – SIS safety life-cycle – Box 4 |
| 157 | F.18.3 Sensors F.18.4 Final elements F.18.5 Solenoid valves |
| 158 | F.18.6 Emergency vent valves F.18.7 Modulating valves F.18.8 Bypass valves F.18.9 Human-machine interfaces (HMIs) |
| 159 | F.18.10 Separation |
| 160 | F.19 Common cause and systematic failures F.19.1 General F.19.2 Diversity F.19.3 Specification errors F.19.4 Hardware design errors |
| 161 | F.19.5 Software design errors F.19.6 Environmental overstress F.19.7 Temperature F.19.8 Humidity |
| 162 | F.19.9 Contaminants F.19.10 Vibration F.19.11 Grounding F.19.12 Power line conditioning F.19.13 Electro-magnetic compatibility (EMC) |
| 163 | F.19.14 Utility sources |
| 164 | F.19.15 Sensors F.19.16 Process corrosion or fouling F.19.17 Maintenance F.19.18 Susceptibility to mis-operation F.19.19 SIS architecture |
| 165 | F.20 SIS application program design features Figure F.12 – SIS for the VCM reactor |
| 166 | F.21 Wiring practices F.22 Security |
| 167 | F.23 Step F.5: SIS installation, commissioning, validation F.24 Installation Table F.17 – SIS safety life-cycle – Box 5 |
| 168 | F.25 Commissioning |
| 169 | F.26 Documentation F.27 Validation |
| 170 | F.28 Testing |
| 171 | Table F.18 – List of instrument types and testing procedures used |
| 183 | F.29 Step F.6: SIS operation and maintenance Table F.19 – Interlock check procedure bypass/simulation check sheet Table F.20 – SIS safety life-cycle – Box 6 |
| 184 | Table F.21 – SIS trip log Table F.22 – SIS device failure log |
| 186 | F.30 Step F.7: SIS Modification F.31 Step F.8: SIS decommissioning F.32 Step F.9: SIS verification Table F.23 – SIS safety life-cycle – Box 7 Table F.24 – SIS safety life-cycle – Box 8 |
| 187 | F.33 Step F.10: Management of functional safety and SIS FSA Table F.25 – SIS safety life-cycle – Box 9 Table F.26 – SIS safety life-cycle – Box 10 |
| 188 | F.34 Management of functional safety F.34.1 General F.34.2 Competence of personnel F.35 Functional safety assessment |
| 189 | Annex G (informative) Guidance on developing application programming practices G.1 Purpose of this guidance G.2 Generic safe application programming attributes G.3 Reliability G.3.1 General |
| 190 | G.3.2 Predictability of memory utilisation |
| 191 | G.3.3 Predictability of control flow |
| 193 | G.3.4 Accounting for precision and accuracy |
| 195 | G.3.5 Predictability of timing G.4 Predictability of mathematical or logical result |
| 196 | G.5 Robustness G.5.1 General G.5.2 Controlling use of diversity |
| 197 | G.5.3 Controlling use of exception handling |
| 198 | G.5.4 Checking input and output |
| 199 | G.6 Traceability G.6.1 General G.6.2 Controlling use of built-in functions G.6.3 Controlling use of compiled libraries G.7 Maintainability G.7.1 General |
| 200 | G.7.2 Readability |
| 203 | G.7.3 Data abstraction |
| 204 | G.7.4 Functional cohesiveness G.7.5 Malleability G.7.6 Portability |
| 206 | Bibliography |
Related products
-
BS EN 61511-2:2017 – TC:2020 Edition
Tracked Changes. Functional safety. Safety instrumented systems for the process industry sector – Guidelines for…
