功能安全在所有製程工廠中都起著關鍵作用,化工產業在對人和環境的保護方面有著特別高的要求。如何設計一個符合標準的安全迴路極為重要。要實現這一點,最佳的方法是採用謹慎的設計原則和可用於計算的可靠 SIL 資料。我們很樂意為您提供風險評估所需的數據,並透過我們歷經長久考驗的元件和備援系統來支援您實施安全方案。
The SIL classification is based on two international standards: IEC 61508 and IEC 61511.
IEC 61508 ("Functional safety of electrical/electronic/programmable electronic safety-related systems") is the basic standard. It describes how to assess risks and the measures required to design suitable safety functions. It therefore also includes the requirements for the individual components of the safety circuit. These include sensors such as pressure sensors, temperature sensors and level gauges, the evaluation and output unit as well as automated process valves.
IEC 61511 ("Functional safety – safety instrumented systems for the process industry sector") applies specifically to process automation. This mainly focuses on low-demand applications with lower requirements, which are the most common in practice. It contains, among other things, the selection criteria for sensors and actuators, for example in terms of operational reliability.
As the installer or operator of a system that could endanger employees, residents or the environment, you must keep the risk as low as possible. The IEC standards 61508 and 61511 prescribe four key steps to do this:
1. Risk definition and assessment: You start by determining the failure probabilities for all components, from the sensor to the controller and the actuator, for the entire service life of the system.
2. Determination and implementation of measures: You define and implement suitable measures to minimise the residual risk.
3. Use of appropriate devices: For a successful SIL circuit inspection of your system, you must have components and component groups that are suitable for a particular level and that are certified, if necessary.
4. Recurring tests and inspections: The operator monitors correct compliance with the safety functions at specific intervals.
What potential hazard does my system pose? Every engineer of a process plant in the chemical industry must ask this question. A risk graph that combines four defined parameters into a decision tree in accordance with IEC 61508 and 61511 can help to find the answer:
1. Severity of damage (S): How serious are the foreseeable consequences?
2. Frequency of exposure (F): How often and how long are people in the danger zone?
3. Avoiding/mitigating the danger (P): Can I prevent or contain the event?
4. Probability of occurrence (W): How often do I have to expect an incident?
Practical experience shows that safety-relevant risks are mostly about the details and often only come to light during operation. Such weaknesses can be identified using a systematic analysis as early as the planning stage. At Festo, we support you with risk assessments that are compliant with the standards and functional safety solutions that are tailored to your needs, whether through complete system solutions, carefully thought-out automation concepts or individual components. Please feel free to ask us for advice during this phase.
The systematic risk assessment of your system also reveals which factors drive up SIL requirements. Some of these are fixed, for example the production location. Others are factors that you can alter.
The first thing to look at is the probability of failure. You can significantly increase availability and reliability by focusing first and foremost on fault-tolerant components and redundant systems. Depending on the process, even solutions that enable individual components to be tested and replaced during operation can be useful.
The structural safety measures, for example pressure relief systems, always depend on the individual, specific production scenario. In general, you should consider how the processes can be made as low risk as possible. Your considerations should include structural measures and precautions, for example exhaust, overfill protection (for instance for acid tanks) or concrete casing (in the case of an explosion hazard).
Choosing devices and components with a proven performance which will guarantee a long and reliable service life for the system is also recommended. This includes temperature-resistant, acid-resistant and corrosion-protected materials. In addition, we have developed standard-compliant solutions for almost all individual processes which have proven their worth in the chemical and electrochemical industries, from valve terminals with integrated switch-off to the highly reliable 2oo3 control.
When determining the safety integrity level, the design of the SIL circuit in all individual parts must also reach this level. This means that, as an engineer, you need devices and components with a suitable SIL level. You need to be able to prove this using:
You can find all SIL certificates and manufacturer’s declarations for our products by entering the product type or part number in the search box at the top of the page and on the product detail page in the ‘Product Support' section.
The safety functions of your system must be checked at regular intervals. This is required by the statutory provisions of the German Ordinance on Industrial Health and Safety or accident prevention regulations. Under certain circumstances, local legal requirements also apply. The primary purpose of the recurring SIL tests is to prevent personal injury, damage to property and the environment, but it is also intended to ensure system reliability by preventing unplanned downtime and, last but not least, to ensure that the engineers have legal security. In the event of damage, these tests can prove that the malfunction was not caused by device or design defects.
The test intervals are set by the operator. The risk assessment is based on the safety characteristics of the individual SIL components, as well as other factors. From a design perspective, it can be very beneficial to have durable solutions that, if necessary, can be exchanged without interrupting operations. We would be happy to provide you with recommendations for our products.