1、BRITISH STANDARDBS EN 15233:2007Methodology for functional safety assessment of protective systems for potentially explosive atmospheresThe European Standard EN 15233:2007 has the status of a British StandardICS 13.230g49g50g3g38g50g51g60g44g49g42g3g58g44g55g43g50g56g55g3g37g54g44g3g51g40g53g48g44g5
2、4g54g44g50g49g3g40g59g38g40g51g55g3g36g54g3g51g40g53g48g44g55g55g40g39g3g37g60g3g38g50g51g60g53g44g42g43g55g3g47g36g58BS EN 15233:2007This British Standard was published under the authority of the Standards Policy and Strategy Committee on 31 October 2007 BSI 2007ISBN 978 0 580 55414 8National forew
3、ordThis British Standard is the UK implementation of EN 15233:2007.The UK participation in its preparation was entrusted to Technical Committee FSH/23, Fire precautions in industrial and chemical plant.A list of organizations represented on this committee can be obtained on request to its secretary.
4、This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application.Compliance with a British Standard cannot confer immunity from legal obligations.Amendments issued since publicationAmd. No. Date CommentsEUROPEAN STANDARDNORME
5、EUROPENNEEUROPISCHE NORMEN 15233August 2007ICS 13.230English VersionMethodology for functional safety assessment of protectivesystems for potentially explosive atmospheresMthodologie relative lvaluation de la scuritfonctionnelle des systmes de protection pour atmosphresexplosiblesMethodik zur Bewert
6、ung der funktionalen Sicherheit vonSchutzsystemen fr explosionsgefhrdete BereicheThis European Standard was approved by CEN on 13 July 2007.CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this EuropeanStandard the status of a nation
7、al standard without any alteration. Up-to-date lists and bibliographical references concerning such nationalstandards may be obtained on application to the CEN Management Centre or to any CEN member.This European Standard exists in three official versions (English, French, German). A version in any
8、other language made by translationunder the responsibility of a CEN member into its own language and notified to the CEN Management Centre has the same status as theofficial versions.CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia
9、, Finland,France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal,Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and United Kingdom.EUROPEAN COMMITTEE FOR STANDARDIZATIONCOMIT EUROPEN DE NORMALISATIONEUROPISCHES
10、KOMITEE FR NORMUNGManagement Centre: rue de Stassart, 36 B-1050 Brussels 2007 CEN All rights of exploitation in any form and by any means reservedworldwide for CEN national Members.Ref. No. EN 15233:2007: EEN 15233:2007 (E) 2 Contents Page Foreword3 Introduction .4 1 Scope 5 2 Normative references 6
11、 3 Terms and definitions .6 4 General requirements6 5 Functional safety assessment procedure.8 6 Documentation.13 Annex A (informative) Example of a functional safety assessment.15 Annex B (informative) Methods for failure identification and functional safety assessment .20 Annex ZA (informative) Re
12、lationship between this European Standard and the Essential Requirements of EU Directive 94/9/EC 23 Bibliography 24 EN 15233:2007 (E) 3 Foreword This document (EN 15233:2007) has been prepared by Technical Committee CEN/TC 305 “Potentially explosive atmospheres - Explosion prevention and protection”
13、, the secretariat of which is held by DIN. This European Standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by February 2008, and conflicting national standards shall be withdrawn at the latest by February 2008. Atte
14、ntion is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC shall not be held responsible for identifying any or all such patent rights. This document has been prepared under a mandate given to CEN by the European Commission an
15、d the European Free Trade Association, and supports essential requirements of EU Directive 94/9/EC. For relationship with EU Directive 94/9/EC, see informative Annex ZA, which is an integral part of this document. According to the CEN/CENELEC Internal Regulations, the national standards organization
16、s of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania,
17、Slovakia, Slovenia, Spain, Sweden, Switzerland and the United Kingdom. EN 15233:2007 (E) 4 Introduction The function of this type A standard is to describe principles for a consistent systematic procedure for functional safety assessment for the design and manufacture of protective systems. Annex A
18、is informative and contains methods for estimating and assessing functional safety and reliability. Annex B is informative and contains an example for functional safety assessment of a protective system. Performing functional safety assessment is referred to in written instructions for use and possi
19、ble additional precautions are introduced in the documentation. It is in both the manufacturers and users interest to establish a common methodology for achieving functional safety, reliability and effectiveness in the operation of protective systems. Thus, functional safety assessment is a tool whi
20、ch provides the essential link between manufacturers and users, however, only aspects which directly address manufacturers are incorporated in this standard. Integrated explosion safety is conceived to prevent the formation of explosive atmospheres as well as sources of ignition and, should an explo
21、sion nevertheless occur, to halt it immediately and/or to limit its effects. In this connection protective systems must be designed and constructed after due analysis of possible operating faults that limit or prevent the capacity of the system to stop an explosion. Therefore it is absolutely necess
22、ary to conduct a functional safety assessment process. EN 15233:2007 (E) 5 1 Scope This European Standard provides guidance on the procedure and information required to allow functional safety assessment to be carried out for the design of protective systems. The purpose of this European Standard is
23、 to assist technical standardization committees responsible for specific families of protective systems in preparing safety standards. Such standards should be as homogenous as possible and should have the basic structure of functional safety assessment as it is stated in this standard. If there are
24、 no specific standards for a particular protective system, the manufacturer should use this standard for functional safety assessment of this protective system. In this procedure the following information is to be taken into account to ensure a sufficient level of functional safety: a) intended use,
25、 b) possible operating faults, c) reliability of protective systems, d) misuse which can reasonably be anticipated. A sufficient level of functional safety is characterized by the following objectives: 1) System can stop an explosion at a very early stage or reduce the impact of an explosion to an a
26、cceptable level. 2) In the event of faults, failures and/or interference1)the capacity to function remains effective by use e.g. of fail safe techniques or redundancy. This European Standard does not cover identification of possible ignition sources. NOTE 1 The identification of possible ignition so
27、urces is covered by EN 15198. This European Standard only deals with the functional behaviour of the protective system i.e. hazards caused by malfunctions, e.g. false activations are excluded. This European Standard specifies neither specific methods to analyse fault conditions, nor specific require
28、ments for a given type of protective system (see EN 1127-1). It specifies the methodology of functional safety assessment. This European Standard provides advice for decisions to be made for all types of protective systems referred to in EU Directive 94/9/EC, but does not provide means to prove the
29、conformity of a given type of protective systems. NOTE 2 Equipment is dealt with in EN 15198 owing to the fact that the procedure and information required to allow ignition hazard assessment is different from the procedure above. 1) Interference is everything in normal operation that can disturb the
30、 normal operation of the system e.g. electromagnetic waves, heat, flames and pressure waves. EN 15233:2007 (E) 6 2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated referen
31、ces, the latest edition of the referenced document (including any amendments) applies. EN 13237:2003, Potentially explosive atmospheres Terms and definitions for equipment and protective systems intended for use in potentially explosive atmospheres 3 Terms and definitions For the purposes of this do
32、cument, the terms and definitions given in EN 13237:2003 and the following apply. 3.1 failure event, or inoperable state, in which any system item or part of an item or any management function task or process does not, or would not, perform as previously specified ISO/IEC Guide 73:2002 3.2 functiona
33、l safety part of the overall safety relating to the intended use in terms of the function and integrity of the protective system including any safety related devices that are part of the protective system performance NOTE 1 Functional safety covers all aspects where safety depends on the correct fun
34、ctioning of the protective system and other technology safety-related systems. NOTE 2 This definition deviates from the definition in EN 61508-4 to reflect differences in explosion safety terminology. 3.3 protective system device other than components of the equipment, which is intended to halt inci
35、pient explosions immediately and/or to limit the effective range of an explosion and which is placed separately on the market as autonomous system EN 13237:2003, A.5 3.4 functional safety estimation determination of the probability of occurrence of the failures violating the functional safety of the
36、 protective system 3.5 functional safety evaluation procedure to determine whether the functional safety of the protective system meets the predefined acceptance criteria 4 General requirements 4.1 Basic concept Functional safety assessment is a series of logical steps (see Figure 1) that enable des
37、igners and safety engineers to examine in a systematic way, the function of a protective system or a part of it. The objective shall be to achieve an adequate level of functionality and reliability according to the state of the art and technical and economic requirements at the time of construction.
38、 EN 15233:2007 (E) 7 This assessment includes the following four steps: a) description of the protective system (5.2); b) identification of failures (5.3); c) functional safety estimation (5.4); 1) functionality; 2) reliability; d) functional safety evaluation (5.5). These four steps are the basis f
39、or the decision whether the intended level of functional safety necessary for the intended use is achieved. The result of the assessment shall be detailed in the technical documentation (see Clause 6). If the required function and level of reliability is not achieved, it shall be necessary to improv
40、e the protective system or to define an appropriate intended use. NOTE The choice of the suitable measures is not part of the standard. If the assessment is done by the manufacturer the result of the assessment shall be detailed in the technical documentation (see Clause 6). Decisions in functional
41、safety assessment shall be supported by qualitative methods complemented, where appropriate, by quantitative methods. 4.2 Extent of functional safety assessment The protective system shall be assessed on the basis of the information specified in 4.3. The functional safety assessment shall be limited
42、 to the intended use and the misuse, which can reasonably be anticipated for a particular protective system. NOTE Misuse which can reasonably be anticipated means an incorrect use and/or operation of the protective system by the operator due to negligence or misunderstanding. Misuse is not part of t
43、he normal operation. Intent is not included in foreseeable misuse. 4.3 Information needed The information needed to perform the functional safety assessment shall include the following where appropriate: a) intended use; b) safety characteristics used for the design of protective systems; c) require
44、ments for maintenance; d) actual and foreseeable surrounding area conditions; e) relevant design drawings; f) results of design calculations made, examinations carried out; if available: EN 15233:2007 (E) 8 g) test reports; h) accident history; i) publications on relevant safety aspects. If an accid
45、ent history is not available for the protective system, available information for similar protective systems shall be used; it is unlikely that the protective system is so unique that similar protective systems cannot be found. The absence of an accident history, a small number of accidents or low s
46、everities of accidents shall not be taken as an automatic presumption of a low risk. Possible additional precautions shall be documented. The information shall be updated as the design develops and modifications are required. For quantitative assessment, data from data bases, handbooks, laboratories
47、 and manufacturer specifications shall be used provided there is confidence in its suitability. Any uncertainty associated with the data shall be documented. NOTE The data is used to define foreseeable operation requirements related to reliability, serviceability, durability, disposability, benign f
48、ailure and failsafe characteristics and labelling, warnings, identification, traceability requirements and instructions. Data based on the consensus of expert opinion derived indirectly from experience as opposed to measured data, may be used to supplement qualitative assessment. 5 Functional safety
49、 assessment procedure 5.1 Principle The principal steps for the functional safety assessment procedure are shown in Figure 1. It is comprised of four steps taking into consideration the information in the oval blocks. Maintenance requirements shall also be considered in the assessment. The manufacturer shall consider all necessary maintenance requirements in the instruction manual and shall also consider lack of maintenance relevant for the intended use. EN 15233:2007 (E) 9 Key aConformity is not part of functional safety assessment. NOTE Dotted lines are not part
