EEMUA PUB NO 222-2009 Guide to the Application of IEC 61511 to safety instrumented systems in the UK process industries (Edition 1 NO CD INCLUDED-CD IS SAME AS DOCUMENT )《英国加工工业安全仪.pdf

1、 THE ENGINEERING EQUIPMENT AND MATERIALS USERS ASSOCIATION Guide to the Application of IEC 61511 to safety instrumented systems in the UK process industries PUBLICATION 222 Edition 1 Released by IHS Not for resale Copyright 2009 The Engineering Equipment and Materials Users Association. A company li

2、mited by guarantee. Registered in England. Company number 477838. ISBN 0 85931 168 6 Imprint reference 06-2009 Registered and Trading Address 10-12 Lovat Lane London EC3R 8DN Telephone: +44 (0)20 7621 0011 Fax: +44 (0)20 7621 0022 E-mail: saleseemua.org Website: www.eemua.org EEMUA 222 Guide to the

3、application of IEC 61511 EEMUA ii ABOUT THE PUBLISHERS The Engineering Equipment and Materials Users Association, more commonly known as EEMUA, is a European non-profit membership Association helping companies that own or operate industrial facilities - the users of engineering equipment and materia

4、ls. EEMUA aims to improve the safety, environmental and operating performance of industrial facilities in the most cost-effective way, thereby demonstrating and pursuing leadership in asset management. EEMUA Members pursue these aims through collaboration for mutual benefit, sharing engineering expe

5、riences and expertise and by promoting their distinct interests as the users of engineering products. Specifically, the aims of EEMUA Member companies are achieved by: providing the organisation within which networking, information sharing and collaboration on non-competitive technical matters can t

6、ake place; influencing the way written regulations are interpreted and applied in practice; presenting and promoting Members views, and encouraging the application of good, sound engineering practices; developing user guides, specifications, training and competency schemes; facilitating Members part

7、icipation in national and international standards making; influencing relevant national and European legislation and regulations. Formed in 1949 as the Engineering Equipment Users Association, and re-named in 1983 (as a result of taking over the materials association, OCMA), EEMUA has for more than

8、fifty years given companies that own and operate process plants, power stations and other significant industrial facilities, a collaborative voice in addressing technical and engineering related issues that impact on good integrity management and asset management practices. The Association is open t

9、o companies of all sizes that meet its engineering user criteria. Further details of current Members of EEMUA is available on the Associations website, www.eemua.org. EEMUA activities often lead to the production of publications. These are prepared for Members use and are often offered for sale as w

10、ell. A list of EEMUA publications for sale is given at the end of this Publication. The full list is also on the Associations website, including details of on-line shopping facilities. To enquire about corporate Membership, write to enquirieseemua.org or call +44 (0)20 7621 0011. EEMUA 222 Guide to

11、the application of IEC 61511 EEMUA iii ABOUT THIS PUBLICATION Each authorised copy of this Publication is supplied with an electronic version on CD-rom: attached in a wallet overleaf. Legal Aspects All rights, title and interest in this Publication shall belong to EEMUA. All rights are reserved. No

12、part of this Publication, including the CD-rom, may be reproduced, stored in a retrieval system, or transmitted in any form or by any means: electronic, mechanical, photocopying, recording or other, without the express prior written agreement of the EEMUA Executive Director. Infringement of copyrigh

13、t is illegal and also reduces the Associations income thereby jeopardising its ability to fund the production of future publications. It has been assumed in the preparation of this Publication that: the user ensures selection of those parts of its contents appropriate to the intended application; an

14、d that such selection and application is correctly carried out by appropriately qualified and competent persons for whose guidance this Publication has been prepared. EEMUA and the individual members of the Work Group that prepared this EEMUA Publication do not, and indeed cannot, make any represent

15、ation or give any warranty or guarantee in connection with material contained herein. EEMUA and the individual members of the Work Group that prepared this EEMUA Publication expressly disclaim any liability or responsibility for damage or loss resulting from the use or reliance on this Publication.

16、Any recommendations contained herein are based on the most authoritative information available at the time of writing and on current good engineering practice, but it is essential for the user to take account of pertinent subsequent developments and/or legislation. Any person who encounters an inacc

17、uracy or ambiguity when making use of this Publication is asked to notify EEMUA without delay so that the matter may be investigated and appropriate action taken. Consultation and Feedback EEMUA encourages constructive comments on this Publication from both Members of the Association and others. Com

18、ments should be sent on the standard feedback form, a copy of which is provided towards the end of this Publication. An electronic version of the feedback form is available from EEMUA - e-mail your request for a copy to enquirieseemua.org, telephone your request to +44 (0)20 7621 0011, or download t

19、he form from the EEMUA website at www.eemua.org. Submit comments by e-mail (preferred) or post. Comments are considered by the relevant EEMUA Technical Committee and may be incorporated in future editions of this Publication. New editions are publicised on the EEMUA website. EEMUA 222 Guide to the a

20、pplication of IEC 61511 EEMUA iv EEMUA 222 Guide to the application of IEC 61511 EEMUA vContents Foreword . 1 1. Scope . 3 2. Terms, Definitions and Acronyms . 5 2.1 Terms and Definitions 5 2.2 Acronyms . 7 3. Overview of IEC 61511 . 9 3.1 Background 9 3.2 Scope and Application of IEC 61511 . 9 3.3

21、Relationship between IEC 61508 and IEC 61511 9 3.4 Parts of IEC 61511-1 10 3.5 Lifecycle Approach 11 4. Legal Aspects . 13 4.1 Health and Safety Legislation . 13 4.2 Health and Safety Legislation (Onshore Facilities) . 14 4.3 Health and Safety Legislation (Offshore Installations) 14 4.4 Application

22、to Existing Installations . 15 4.5 Civil Liabilities 15 5. Common Requirements for all Activities . 17 5.1 Responsibilities 17 5.2 Competency 17 5.3 Planning 18 5.4 Verification 18 5.5 Validation 19 5.6 Functional Safety Assessment 19 5.7 Conformity Assessment . 22 5.8 Management of Lifecycle Activi

23、ties 23 5.9 Documentation 23 6. Requirements for Specific Activities . 25 6.1 Front End Activities . 25 6.2 Application Design and Specification 26 6.3 Integration 34 6.4 Product Supply . 39 6.5 Installation 41 6.6 Commissioning . 44 6.7 Operation and Maintenance 47 6.8 Modification and Decommission

24、ing 50 Annex A SIL Determination Methods and Calibration 53 Annex B Technology Issues 60 Annex C Example of a Functional Safety Plan Overview 69 Annex D Example Competency Scheme 73 Annex E Example Supplier Safety Validation Plan . 82 Annex F Reliability Data and Calculations . 94 7. References . 99

25、 EEMUA 222 Guide to the application of IEC 61511 EEMUA vi Tables Table 1 Application of IEC 61508 and IEC 61511. 11 Table A.1 Risk graph parameter explanations. 55 Table A.2 Example consequence equivalence 57 Table A.3 Layer of protection analysis (LOPA). 58 Table D.1 Example generic competence stan

26、dard 75 Table E.1 Quality and functional safety control matrix 84 Table F.1 Failure rate data for typical SIS subsystems 96 Table F.2 PFD values. 97 Figures Figure 1 Safety lifecycle 12 Figure 2 Functional safety assessment 20 Figure A.1 Risk graph 54 Figure F.1 Reliability block diagram 96 EEMUA 22

27、2 Guide to the application of IEC 61511 EEMUA 1Foreword This Guide has been prepared by representatives of EEMUA, the Engineering Equipment and Materials Users Association; EIC (the Energy Industries Council); Oil includes general guidance on risk and safety integrity; describes the ALARP and tolera

28、ble risk concepts; and describes five different methods for determining safety integrity level requirements. It is important to recognise that these methods need to be calibrated and might need to be adapted for specific process applications. It is the responsibility of the end user to ensure that S

29、IL determination is carried out using a method that is suitable for the specific application. SIL determination methods and calibration are given in Annex A. An introduction to the range of technologies available for the implementation of safety functions is given in Annex B. EEMUA 222 Guide to the

30、application of IEC 61511 EEMUA 11Table 1 summarises the applicable standards for various activities. Table 1 Application of IEC 61508 and IEC 61511 Activity Applicable standard(s) Specification and design of a safety instrumented system for a specific process sector application IEC 61511-1 and IEC 6

31、1511-3 Selection of equipment for use in a safety-instrumented system on the basis of “prior use“ IEC 61511-1 Conformity assessment of equipment that may be used in a variety of safety-related applications IEC 61508-2 and IEC 61508-3 Design/development of embedded (system) or full variability softwa

32、re for equipment used in safety-related applications IEC 61508-3 Design/development of equipment that may be used in a variety of safety-related applications IEC 61508-2 and IEC 61508-3 Development of limited variability application software for a specific process sector application (e.g. PLC ladder

33、 logic) IEC 61511-1 Installation, commissioning, operation and maintenance of a safety instrumented system in a specific process sector application IEC 61511-1 3.5 Lifecycle Approach IEC 61511-1 sub-clauses 3.5.1 The lifecycle approach recognises that having effective safety instrumented systems req

34、uires much more than specifying, supplying and installing sensors, logic and final elements. The overall context of the processing facility needs to be understood, as does the role of other non-SIS means of protection. This is to enable a holistic picture of risks and how they are managed, from earl

35、y design activities through operations and maintenance until final decommissioning, to be understood. 3.5.2 The safety lifecycle phases are identified by numbers in Figure 1. IEC 61511-1 Figure 8 also identifies the clauses that detail the respective requirements for each lifecycle activity. Figure

36、8 3.5.3 Annex C provides an example of an overview of a functional safety plan detailing, for each lifecycle phase, the objectives, inputs, outputs, person or organisation responsible, tools and processes and target dates. Table 2 EEMUA 222 Guide to the application of IEC 61511 EEMUA 12SafetyLife Cy

37、cle Structure and PlanningVerificationInstallation, Commissioning carry out testing and examination as may be necessary to ensure the article is safe; provide adequate information about the use for which the article is designed and tested to ensure it shall be safe; take steps to ensure, so far as i

38、s reasonably practicable, that persons who have been supplied with the article are provided with any revisions of information that may be necessary to ensure safety. Regulations made under the Health technologies used; sensors and final elements; complexity; integrity levels involved; and management

39、 and other activities as applicable. 5.2.2.2 notes 5.2.3 The competence of persons, departments or organisations carrying out safety lifecycle activities should be assessed against the requirements of the respective roles, including evidence of familiarity with IEC 61508 and IEC 61511. These assessm

40、ents should be documented. An example personnel competency scheme is provided in Annex D. Ref 15has competence criteria for safety-related system practitioners supporting the competence management system in 2. 5.2.2.2 * 5.2.4 Any shortfalls in competence should be identified and compensating measure

41、s put in place. These may include restricting a persons responsibilities until he/she is deemed competent in a particular area and using an additional person who is competent in the particular area to check or supervise the work of the person concerned. * EEMUA 222 Guide to the application of IEC 61

42、511 EEMUA 18Activities Throughout the Lifecycle IEC 61511-1 sub-clauses 5.2.5 Ongoing training should be provided to ensure that personnel remain competent to perform their responsibilities. This is particularly important where personnel are rarely required to use related skills, e.g. maintenance of

43、 highly reliable SIS and operator action in a process upset situation when an automatic protection function has failed. 5.2.2.2 16.2.4 5.2.6 Organisations and departments should be able to demonstrate implementation of a functional safety management scheme covering the lifecycle activities within th

44、eir scope. * 5.2.7 Use of organisations with accredited competency schemes in the development and use of safety instrumented systems is encouraged. However, accountability for safe operations remains with the duty holder. CASS provides a methodology to allow an organisation to obtain accreditation o

45、f their functional safety capability. * 5.3 Planning 5.3.1 The safety planning required by the standard may be incorporated into a wider project or activity plan and should be updated with the lifecycle development. It should be noted that implementation of IEC 61511 may require more resources in ea

46、rly stages of the project compared with previous approaches. However experience has shown that this reduces the burden of demonstrating that an adequate level of safety has been achieved. 5.2.4 Note 5.3.2 The functional safety plan should identify the activities to be carried out and the persons, de

47、partment or organisation that would carry out these activities. 5.2.4 6.2 5.3.3 The functional safety plan should also identify, for each lifecycle activity, the criteria, techniques, measures and procedures to ensure the activity is correctly carried out and the verification required. 6.2.3 7 5.3.4

48、 Example summary tables listing lifecycle activities with their objectives, inputs and outputs are given in IEC 61511-1, Table 2. These need to be related to the responsible persons, department or organisation, and also tools and processes to be used. Target dates, document numbers and descriptors c

49、an be added, as shown in the overview example in Annex C. Table 2 5.4 Verification 5.4.1 Verification should be planned, carried out and documented for each lifecycle activity. Examples of verification activities are design reviews and audit of installation and commissioning procedures. The aim of verification is to ensure that the outputs from each phase of the lifecycle meet the objectives and requirements set for the lifecycle phase. 7 12.7 EEMUA 222 Guide to the application of IEC 61511 EEMUA 19Activities Throughout the