Functional Safety Management (FSM)

Objectives of Functional Safety Management

At one level, the objectives of FSM are quite simple – they define what should be done and who can do it.

• The “what should be done” is a combination of the tasks defined in the lifecycle, together with some supporting activities to ensure that the work to complete the tasks is done in the right way.
• The “who can do it” is focused on competency and independence. Only those competent to perform the activities are allowed to carry them out. Some activities must be carried out by those who weren't involved in earlier activities.

The Lifecycle “Sidebars”

As well as the “phases” shown down the centre of the lifecycle diagram, there are 3 “sidebars” that run the length of the diagram. These are labelled as follows:

• Management of functional safety, functional safety assessments and auditing (Clause 5)
• Safety lifecycle structure and planning (Clause 6.2)
• Verification (Clauses 7 & 12.5)

You will note that these “sidebars” run the entire length of the lifecycle – the inference being that you should do what is described in the “sidebars” for each and every phase of the lifecycle – from H&RA to decommissioning. The “sidebars” together define and deliver FSM.

Safety Planning

The work done to deliver each lifecycle phase should be planned. The plan should describe how FSM and compliance to IEC 61511 will be achieved. The plan may be developed as a single document covering the entire project or plans may be developed phase-by-phase. =Method’s preference is for the latter.

A typical safety plan would include:

• Scope
• The members of the team, with consideration of each individual’s competence and independence
• Input Documents
• How the task is to be performed
• How the task is to be verified
• How actions will be tracked and Modifications controlled
• Output Documents
• (If appropriate) how functional safety assessments will be carried out

Verification

Verification is an independent check, focused on the technical excellence of a piece of work. Competence to carry out verification is normally the same as that required to do the work itself.

Independence is an essential requirement. The Verifier should be carrying out a “cold eyes” review on a document that is entirely new to them. While this ensures the verifier is not swayed by any earlier involvement in the work, it also ensures that the documentation is written in such a way that it is understandable to someone who did not have the benefit of being involved in the work to generate the document.

IEC 61511 doesn’t provide guidance on what should actually be done for verification, instead it focusses on ensuring that verification is planned and carried out. We are at liberty to carry out verification in any way we see fit – as long as competent people have planned it. Checklists can be very useful tools here.

Note – many people use the term “Verification and Validation Plan” (sometimes “V&V Plan”). This implies that these two activities (verification and validation) would be best described in the same document. =Method’s view is that this is not the best approach (perhaps this phrase is used by those who don’t properly understand the difference between verifying and validating). A verification plan needs to be written for each lifecycle task (e.g. the verification plan for the HazOp study worksheets). A validation plan is typically a Site Acceptance Test plan. The two documents are written at very different times in the project lifecycle. This may be a bit mind-bending, but there also needs to be a verification plan for the validation. We’ll just let you think about that for a bit.

Competency

Competency is made up of 3 basic elements:

• Formal Training – attending training courses that are relevant to the task to be performed.
• Practical Experience – number of years in a role that allows a broad understanding of how the task should be carried out, but also how each task relates to others.
• Demonstration of Knowledge – outside of day-to-day work this aspect could be satisfied by examination, interview or case study. While these can be effective ways of providing evidence that an individual has the required knowledge to carry out a task they are “off-line” in the sense that they are not part of the day-to-day work being done. If tasks are being formally verified (as they should be if they are part of the functional safety lifecycle) this verification can be used as ongoing “demonstration of knowledge”. And this can be counted for both the person doing the work AND the verifier of the work (as the verifier can confirm that an author of a document is competent AND the author can confirm that the verifier was competent).

What =Method can do for you

• =Method can author FSM procedures for clients – either based on =Method templates or working in the style of the clients existing procedures.
• We can also audit existing Functional Safety procedures – and provide feedback on how to improve them (either for efficiency or compliance).
• Our TUV certified IEC 61511 training courses provide industry recognised training in the fundamentals of functional safety in general and FSM in particular.
• =Method can also provide appropriate Functional Safety training for senior managers and project managers – in fact any group of people involved in the delivery of functional safety.
• We are often asked to support clients as they prepare for HSE Intervention visits or deal with the actions raised following such a visit.

• We can help you implement functional safety management on a project – helping to author safety plans, carrying out independent verification and helping you demonstrate competence.