Design and Engineering of the SIS involves both hardware and application software design, using only compliant components with the correct hardware fault tolerance.
Clause 14 of IEC 61511 – describing the approach to SIS Design and Engineering – makes up 11 of the 77 pages of Part 1 of the standard. There is much detail to absorb, but in summary the Clause describes:
IEC 61511 provides relatively little guidance on how the SIS Application Program should be developed – but this limited guidance is appropriate for programming with “Limited Variability Languages” (LVL). Examples of such languages would be ladder logic, function block diagram and structured text. These languages are very constrained (or “limited” - hence LVL). The logic solver will be programmed by way of the product suppliers programming tool / engineering workbench. This programming environment will usually be further constrained by preventing any “unsafe” programming actions within the programming tool.
More complex, powerful programming languages (such as “C”) are known as “Fully Variable Languages” (FVL). These could be used to develop the logic solver’s application program – but these powerful languages need a different level of control in order for them to be employed in safety applications. Since they are so flexible, it would be entirely possible to implement an “unsafe” approach. It follows that the rule set for programming in an environment such as this would need to be very robust and comprehensive. Such rules for programming are found in IEC 61508 Part 3 (“Software Requirements”). This document provides more than 100 pages of guidance and is supported by other informative parts of IEC 61508. Use of FVL languages is normally restricted to product suppliers developing the operating systems for logic solvers. It would be unusual for the Application Program to be developed in this way. It is allowed by IEC 61511 to develop Application Program using an FVL language – but this must be done to the ruleset in IEC 61508 Part 3 (>100 pages) rather than to the ruleset within IEC 61511 Clause 12 (5 pages).
An update to an earlier SIL verification and PFD calculation exercise.Industry: Oil and Gas Onshore
For an oil storage facility, carrying out an exercise to confirm that the SIL requirement was correct (under review changed from SIL 1 to SIL 2), identify a replacement for non-compliant contractor and confirm the compliance of a non-certified galvanic isolator by way of a prior use analysis.Industry: Oil and Gas Onshore
An Alarm review at a Scottish distillery. The scope covered all SCADA/HMI systems on the site, a total of 700 alarms were reviewed.Industry: Brewing and Distilling
A "SIL Verification" exercise to confirm the compliance of x6 Safety Instrumented Functions for a Boiler package vendor. Reviewing the design against the SRS, confirming compliance of the SIF components, checking that the correct hardware fault tolerance had been selected and that the PFD calculations were correct.Industry: Process - General
Confirming compliance with 61508/61511 for a number of devices intended for use on an offshore gas platform.Industry: Oil and Gas Offshore
E: firstname.lastname@example.org. T: 44 (0)1462 713313. W: www.methodfs.com