No automation professional wants to see a production facility engulfed in flames or reduced to rubble. To avoid seeing such scenes on television, most take great care to ensure that their facilities remain safe. Even so, many confess that they are behind in implementing the latest safety standards. The profusion of these standards and their revisions over the last decade has left them a bit bewildered about where to start.

Perhaps the best place to embark upon this journey is IEC 61508 , a safety standard promulgated by the International Electrotechnical Commission in Geneva. When Automation World asked experts for help in making sense of the important safety standards, just about all of them started here. Their reasoning was that it is the generic functional safety standard that provides the framework for building the other industry-specific functional standards that have been proliferating.

IEC 61508 can seem confusing at first, because its underlying philosophy is new for safety standards. Older, more conventional safety standards were prescriptive, meaning that they stipulated specific rules and specifications for making processes safe. IEC 61508 and its derivative standards, however, departed from this prescriptive approach and are more functional, or performance-based.

The standard exploits two fundamental principles, safety lifecycles and probabilistic failure analysis. Unlike previous standards that purported to cover the entire lifecycle of a project, IEC 61508 actually does—from project conception to maintenance to decommissioning, according to Bill Goble, managing director of exida.com LLC, a safety-consulting firm based in Sellersville, Pa.

Even so, Goble thinks that the term “safety lifecycle” is a misnomer. “It’s really a detailed engineering process created to prevent mistakes in design,” he says. “It’s complex, but it provides the detail and flexibility that people really need.”

An example of this detail is the process for software engineering. “It describes conceptually the various steps and their requirements in terms of documentation, testing and reviews,” says Goble. Besides probably being the most detailed part of the standard, it represents another change in thinking from the days when safety meant hardwired systems.

This change in thinking reflects the realities of today’s processes. Industrial automation contains a level of embedded systems that was unexpected even a decade ago, adding complexity to the base of control code in today’s automation. “Systems developers needed more guidance on what measures and techniques are appropriate,” notes Tom Erkkinen, product manager for certification products at software supplier MathWorks, in Natick, Mass. For this reason, his company’s tools for designing embedded software support the process specified in IEC 61508.

May 2009 , Related Feature – Changing Safety Standards Complicate Life for Manufacturers
To read the feature article, visit http://www.automationworld.com/feature-5488

The other fundamental principle, probabilistic analysis, relies on the empirically predetermined chance that each component in a safety system either will or will not perform its function. Users then apply probabilistic models to these failure rates to generate a set of metrics for a system. These metrics focus the attention of safety engineers on the weak links to bring them to the appropriate safety integrity level (SIL).

Principles pay premiums

These principles offer a number of advantages. First is that users can design whatever safety systems they want, as long as they can prove that the design works. “The standard defines how to measure risk and determine the effectiveness of the particular risk-reduction scheme that you are choosing to use,” explains Luis Duran, business development manager for safety systems for automation supplier ABB Inc., in Houston. The approach is also independent of technology, and therefore does not become obsolete as technology evolves.

Another advantage of the approach is that it is not merely theoretical. “These standards have arisen from lessons learned from industrial incidents and accidents,” says Duran. “They are based in practice and should be recognized as best practices.” He also notes that this best practice includes promoting a lifecycle approach, and stressing that safety is not a one-time event. For these reasons, he advocates embedding the practices into the culture of a company by ensuring that qualified people are implementing the various predefined tasks that need to be done in a functional safety management system.

Building this culture and instituting the support mechanisms are crucial for making good decisions and managing risk. “Some organizations place too much importance on personal safety metrics that have very little to do with process safety,” says Mike Boudreaux, DeltaV SIS product manager at Emerson Process Management,  the Austin, Texas-based automation supplier. “A key lesson from recent process-industry incidents is the importance of monitoring process ...