Safety lifecycle management
October 2011, Training & Education
Accidents continue to occur in many manufacturing facilities, even those in which safety systems and other safety protections have been installed. A study conducted by the Health and Safety Executive in the UK states that these failures are due largely to inadequate safety management. To ensure safety, the standards specify safety lifecycle activities that need to be followed over the entire life of a production system. Safety lifecycle management provides a method or procedure that enables companies to specify, design, implement and maintain safety systems to achieve overall safety in a documented and verifiable manner.
All major safety standards (ANSI/ISA-84-01-2004, IEC 61508, IEC 61511, etc,) specify similar safety lifecycles, differing only in the details. A safety lifecycle shows a systematic, phased approach to safety, from an initial hazard and risk analysis, to safety system implementation, and ultimately, through system decommissioning.
The IEC 61511 standard specifies 12 steps in the safety lifecycle. These are segmented into four phases: analysis, realisation, maintenance, and ongoing functions.
Safety lifecycle I: analysis phase
The analysis phase includes the initial planning, identification, and specification of safety functions required for the safe operation of a manufacturing process, including documentation of the safety requirements. Specific activities include:
* Perform hazard and risk analysis: determine hazards and hazardous events, the sequence of events leading to hazardous condition, the associated process risks, the requirements of risk reduction, and the safety functions required.
* Allocate safety functions to protection layers: check the available layers of protection. Allocate safety functions to protection layers and safety systems.
* Specify requirements for safety system: if tolerable risk is still out of limit, then specify the requirements for each safety system and their safety integrity levels.
Safety lifecycle II: realisation phase
The realisation phase includes not only design, installation, and testing of safety systems, but also the design, development, and installation of other effective risk reduction methods, such as mechanical trips and barriers. Specific activities include:
* Design and engineer safety system: design system to meet the safety requirements.
* Design and develop other means of risk reduction: means of protection other than programmable safety systems include mechanical systems, process control systems, and manual systems.
* Install commission and validate the safety protections: install and validate that the safety system meets all safety requirements to the required safety integrity levels.
Safety lifecycle III: maintenance phase
The maintenance phase begins at the startup of a process and continues until the safety system is decommissioned or redeployed. Specific activities include:
* Operate and maintain: ensure that the safety system functions are maintained during operation and maintenance.
* Modify and update: make corrections, enhancements, and adaptations to the safety system to ensure that the safety requirements are maintained.
* Decommissioning: conduct review and obtain required authorisation before decommissioning a safety system. Ensure that the required safety functions remain operational during decommissioning.
Safety lifecycle IV: ongoing functions
Certain functions are ongoing. Examples include managing functional safety, planning and structuring the safety lifecycle, and performing periodic safety system verification and safety audits over the whole lifecycle. Specific activities include:
* Manage functional safety, safety assessment and safety audit: identify the management activities that are required to ensure the functional safety objectives are met.
* Plan and structure safety lifecycle: define safety lifecycle in terms of inputs, outputs, and verification activities.
* Verify safety system: demonstrate by review, analysis or testing that the required outputs satisfy the defined requirements for each phase of the safety lifecycle.
Activities for phases I to III are normally carried out consecutively, while phase IV runs concurrently with the other phases. However, like all models the safety lifecycle is an approximation. In reality, there are significant iterations between phases.
The standards define requirements for safety management, rather than just system development. Not all safety lifecycle phases will be relevant to every application. Management must define which requirements are applicable in each case. The standards do not prescribe exactly what should be done in any particular case, but guide management towards decisions and offers advice. Management continues to be responsible for taking and justifying appropriate actions.
Management responsibilities include rigorous safety planning covering the choice of safety lifecycle phases to be used and the activities to be carried out within those phases. However, users should realise that safety systems by themselves do not achieve safety. People working together within a strong safety culture achieve safety. It is management’s responsibility to foster and maintain such a culture.
For more information contact Paul Miller, ARC Advisory Group, +1 781 471 1126, firstname.lastname@example.org, www.arcweb.com