Problems in Safety Lifecycle Management

Accidents continue to occur in many manufacturing facilities, even those where safety systems and other safety protections have been installed. A study conducted by the Health and Safety Executive in the United Kingdom states that these failures are due largely to inadequate safety management.

Aw 703 Industry View10

To ensure safety, the standards specify safety lifecycle activities that need to be followed over the entire life of a production system. Safety lifecycle management provides a method or procedure that enables companies to specify, design, implement and maintain safety systems to achieve overall safety in a documented and verified manner.

The IEC 61511 standard promulgated by the International Electrotechnical Commission specifies twelve steps in the safety lifecycle. These are segmented into four phases: analysis, realization, maintenance and ongoing functions.

Safety Lifecycle I:  Analysis Phase

The analysis phase includes the initial planning, identification and specification of safety functions required for the safe operation of a manufacturing process.

Specific activities include:

• Perform Hazard and Risk Analysis: Determine hazards and hazardous events, the sequence of events leading to hazardous condition, the associated process risks, the requirements of risk reduction and the safety functions required.

• Allocate Safety Functions to Protection Layers: Check the available layers of protection. Allocate safety functions to protection layers and safety systems.

• Specify Requirements for Safety System: If tolerable risk is still out of limit, then specify the requirements for each safety system and their safety integrity levels.

Safety Lifecycle II:  Realization Phase

The realization phase not only includes design, installation and testing of safety systems, but also the design, development and installation of other effective risk reduction methods.  Specific activities include: 

• Design and Engineer Safety System: Design system to meet the safety requirements.

• Design and Develop Other Means of Risk Reduction:  Means of protection other than programmable safety systems include mechanical systems, process control systems and manual systems.

• Install Commission and Validate the Safety Protections: Install and validate that the safety system meets the all safety requirements to the required safety integrity levels.

Safety Lifecycle III:  Maintenance Phase

The maintenance phase begins at the start-up of a process and continues until the safety system is decommissioned or redeployed.  Specific activities include:

• Operate and Maintain: Ensure that the safety system functions are maintained during operation and maintenance.

• Modify and Update: Make corrections, enhancements and adaptations to the safety system to ensure that the safety requirements are maintained.

• Decommissioning: Conduct review and obtain required authorization before decommissioning a safety system.  Ensure that the required safety functions remain operational during decommissioning. 

Safety Lifecycle IV:  Ongoing Functions

Certain functions are ongoing.  Examples include managing functional safety, planning and structuring the safety lifecycle, and performing periodic safety system verification and safety audits over the whole lifecycle. Specific activities include: 

• Manage Functional Safety, Safety Assessment and Safety Audit: Identify the management activities that are required to ensure that the functional safety objectives are met.

• Plan and Structure Safety Lifecycle: Define safety lifecycle in terms of inputs, outputs and verification activities.

• Verify Safety System: Demonstrate by review, analysis and/or testing that the required outputs satisfy the defined requirements for each phase of the safety lifecycle.

Activities for Phases I to III are normally carried out consecutively, while Phase IV runs concurrently with the other phases. However, like all models, the safety lifecycle is an approximation.

Also note that the standards define requirements for safety management, rather than just system development. Not all safety lifecycle phases will be relevant to every application; management must define which requirements are applicable in each case. The standards do not prescribe exactly what should be done in any particular case, but guide management toward decisions and offer advice. Management continues to be responsible for taking and justifying appropriate actions.

Dave Woll, dwoll@arcweb.com, is Vice President at ARC Advisory Group Inc., in Dedham, Mass.

Subscribe to Automation World's RSS Feeds for Columns & Departments

More in Control