What is Functional Safety?

Process plants, machinery and other equipment may, in the case of dangerous failures or malfunction, present risks to people, the environment and assets. Users have to evaluate these risks by means of a hazard and risk analysis. Depending on the resulting risk, measures for risk reduction by fault avoidance, fault detection and fault control have to be taken.

The overall goal is to ensure that plant and equipment can be safely operated. Therefore, the avoidance of both failures of equipment and process control, which could lead to hazardous events, and dangerous undetected failures of protection systems, is of basic importance.

Functional Safety is the part of the overall safety that depends on the correct function of safety-related systems for risk reduction. These systems have to carry out their intended functions (safety functions) under defined error conditions and with a defined high probability.

Wherever risk reduction is implemented by means of process control, the components used have to meet the requirements of the international standard IEC 61508 (also available as DIN EN 61508, VDE 0803). This standard provides general specifications for avoidance and control of failures in electrical, electronic or programmable electronic devices. It includes both organisational and technical requirements for development and operation of safety-related systems. Safety integrity for equipment and risk reducing measures is specified as one of four discrete levels. Safety integrity level SIL1 is the lowest and safety integrity level SIL4 the highest.

Increasing risk implies more reliable measures for risk reduction and, to the same degree, increased requirements for the components in use.

For the first time, a standard requires a quantitative verification of the residual risk for the complete safety loop, consisting of sensor, controller and actuator.

IEC 61508 also enables application sector specific international standards to be developed. For instance, IEC 61511 (also available as DIN EN 61511, VDE 0810) describes safety instrumented systems for the process industry. This standard is usually applied for SIL assessment of existing components by proven-in-use demonstration.

SIL by default

For a multitude of measuring tasks and measuring principles, Endress+Hauser presents evaluated or rather certified devices meeting these requirements, which can be used in safety-related applications. Here, the concepts and methods of IEC 61508 and IEC 61511 are applied to all relevant fields of process instrumentation. As a basic principle of Endress+Hauser, this is implemented with assistance and surveillance of third party consultants.

The devices comply with the international state-of-the-art in conformity with individual national regulations and offer traceably higher quality.


What is a Functional Safety System

At its simplest a functional safety system detects a potentially dangerous condition and causes corrective or preventative action to be taken.

Typically a system will comprise a sensor which provides information on the value of a variable, a processor which compares the value with a predetermined limit and initiates action and an actuator which either corrects the variable or performs an emergency function.

Apart from the reference to danger, this description could be applied equally to the process controls for the equipment performing its function. In the past it was regarded as essential that the safety function operated independently from the process function. The advent of microprocessors enabled vast amounts of data to be collected and analysed in real time thus providing the possibility of sophisticated safety systems including such features as self-diagnosis. With many different parties involved in the specification, design, manufacture, installation, operation and maintenance of safety systems, the need for a standardised approach was recognised and IEC 61508 is the result.