Actuator
A device that sets the position of a final control element, such as a valve. It functions as a valve drive mechanism. Actuators can be powered electrically, pneumatically, or hydraulically. In safety automation, the most commonly used are single-acting pneumatic actuators, in which the valve’s operating state is achieved by air pressure acting on the actuator component (piston), while the safe state is enforced by a return spring.
ALARP (As Low As Reasonably Practicable)
A risk reduction philosophy referenced in IEC 61508. It means reducing risk to a level that is as low as is reasonably practicable. Related concepts include: acceptable risk, negligible risk, and residual risk.
Architecture
A specific configuration of hardware and software within a system.
BPCS
Basic process control system
C&E
Cause-effect matrix. This is a graphical and tabular form of assigning actions performed by automation as a result of specific initiator states.
CM
Conditional modifier. A term used in the risk analysis process using the layered protection method. A value in the range 0-1 that represents the reduction in the probability of a hazardous event, such as a person’s death, due to predictable conditions (e.g., sparse presence of people at the hazard site).
DCS
distributed control system
Availability
A reliability concept defined as the ratio of the time a system is available to perform a specific task to the system’s overall lifetime. The parameter can also be applied to a shorter time window.
Unfortunately, there is nothing here.
FS
Fail-safe. This is one of the fundamental features required of safety system components. It specifically addresses the setting of a fail-safe state, such as automatic valve closure in the event of a media outage or foreseeable damage.
HFT
Hardware fault tolerance. This parameter is defined as the number of spare channels in the event of a primary channel failure. HFT1 indicates a dual-channel architecture, while HFT0 indicates a single-channel architecture.
IPL
An independent security layer. According to IEC61511-3, this is a layer that protects a process against a defined event, capable of reducing risk by at least 10 times. Independent layers are assigned high requirements to qualify. These include specificity – unambiguity, independence from other layers, reliability, and auditability.
Like new
A renewable system state is achieved by conducting a perfect proof test. In real systems, this state is unattainable due to the inability to detect all errors during the proof test process.
Unfortunately, there is nothing here.
LOPA
Protection Layer Analysis. This method, described in IEC 61511-3, allows for a thorough process risk analysis and the assignment of SIL levels for protection functions, most often using failure scenarios defined in hazard analysis, such as Hazop. It is considered the most accurate risk analysis method in the process industry. It considers all scenarios leading to the same consequences and considers independent protection layers (IPLs). In addition to the required SIL levels for protection functions, it provides the required risk reduction factors (RRFs) for these functions. It is not optimal for the analysis of certain processes, such as energy and machinery.
MTTF
Mean time to failure. A mathematical quantity that describes the average time between the activation of a statistical component and its failure. This quantity is purely statistical and should not be overinterpreted, as it is derived from population studies (the total operating time of all components in a given population divided by the total operating time of all these components). The MTTF of a good component for safety applications reaches values
MTTR
Mean Time to Repair. A mathematical measure that describes the expected average time from the occurrence of a fault to the restoration of a component to working order. It consists of:
– fault detection
– repair preparation time, including waiting for spare parts
– effective repair time
– restart time
According to IEC61508-6, MTTR is involved in determining the PFDavg of a safety function. Its value should be determined at the SRS stage, and its assurance is the responsibility of the end user.
Unfortunately, there is nothing here.
Unfortunately, there is nothing here.
P&iD
Process and instrumentation diagram
PFDavg
Average probability of a safety function failing dangerously. A mathematical quantity representing the average value of unavailability of a safety function between successive proof tests. In the case of non-ideal proof tests, this is the average value of unavailability over the entire expected lifetime of the function.
PFH
Average dangerous failure rate per hour according to IEC61508. A mathematical quantity representing the average dangerous failure rate of a safety function. Unlike PFD, it is used for systems operating on frequent and continuous demand and has a unit of 1/h.
PFHd
Mean dangerous failure rate per hour according to ISO 13849. A mathematical quantity representing the average dangerous failure rate of a safety function. It is the reciprocal of the mean time to dangerous failure MTTFd. In the absence of data, PFHd = 0.5PFH can be assumed.
PL
Safety levels. According to the ISO 13849 standard, this is a measure of the reliability of safety-related control functions of machinery, which occurs on a scale from PLa (lowest) to PLe (highest). The PL verification process involves comparing the required level (PLr) with the level resulting from the device design and components used. The main elements required for a safety-related function to meet a given PL are:
– the mean time to dangerous failure (MTTFd) level of a single channel,
– the device category (B, 1, 2, 3, 4),
– the diagnostic coverage level DC.
PLr
Required safety level. According to the ISO 13849 standard, this level is derived from a risk analysis, including the consequences of the event on the person, the duration of time spent in the hazard zone, and the possibility of avoidance. Sometimes, subject standards for specific types of machinery define a required PLr for specific functions. In such cases, this level must be met regardless of the results of any risk analysis.
Unfortunately, there is nothing here.
RRF
Risk Reduction Factor. A quantity used in risk analysis methodology, defined as the inverse of PFDavg, indicating the fold risk reduction by a given security layer.
SC
Systematic integrity – in accordance with IEC61508. A value expressed on a scale from SC1 to SC4 defining the certainty that the systematic safety integrity of a component is met for a specific SIL value. For example, for a safety function with a required SIL level of SIL3, all components should have an SIL3 or higher, regardless of the assumed system redundancy. The required SIL value also applies to safety software.
SIF
Safety Instrumented Function (SIF). According to IEC61511, this is a function that protects against defined hazards using electrical/electronic or programmable electronic devices. The term SIF primarily refers to process installations, which are covered by the IEC61511 standard.
SIL
Safety Integrity Level. According to IEC 61508, this is a measure of the reliability of a safety function expressed on a scale from SIL1 to SIL4, to which the PFDavg or PFH levels described in the standard are assigned (depending on the frequency of function calls).
For a system to meet the required SIL level, it is required to:
– meet the specified reliability against random errors, as defined by PFDavg or PFH
– meet the specified AC architecture constraints, as defined by HFT and SFF
– meet the SC systematic capability requirements
– meet the system behavior requirements in the event of a fault
– meet the data transfer requirements.
SIS
A safety instrumented system (SIS). According to the IEC61511 standard, this is an instrumented system used to implement one or more safety instrumented functions (SIFs). A SIS typically consists of a sensor, a logic element, and an actuator. The logic element can be a simple device such as a relay or a programmable device. The design and operation of a SIS are subject to the conditions described in the IEC61511 standard, and the severity of these conditions depends on the maximum SIL level of the functions implemented by the SIS.
SRS
Safety requirements specification. According to the IEC 61508 and IEC61511 standards, this is a specification of the functional and safety conditions that govern the safety functions implemented in the SIS.
Unfortunately, there is nothing here.
Unfortunately, there is nothing here.