- 5 -
SAFETY PHILOSOPHY
The Safety 600T Pressure Transmitters are field devices
designed according the requirements of the standard IEC61508
for the Safety Related Systems. Standard currently used focus
on individual parts of all the safe instrumentation used to
implement a safety function. The IEC61508 defines
requirements related to all the system that normally comprises
initiating devices, logic solver and final elements. It also
introduces the concept of Safety lifecycle defining the sequence
of activities involved in the implementation of the safety
instrumented system from conception through
decommissioning. For a single component it is not correct to
define a SIL level. The term SIL (Safety Integrity Level) refers
to the complete safety loop therefore the single device shall be
designed in order to be suitable to achieve the desired SIL level
in the entire Safety Loop.
Application
The Safety 600T Pressure Transmitters are intended to be
applied for safety relevant application in the process industry.
They are suitable to be used in SIL2 applications. Special
attention has to be given to the separation of safety and non-
safety relevant use.
Physical Environment
The transmitter is designed for use in industrial field
environments and must be operated within the specified
environmental limits as indicated in the Transmitter Data
Sheet.
Role an Responsibilities
All the people, departments and organisations involved in the
life-cycle phases which are responsible for carrying out and
reviewing the applicable overall, E/E/PES (Electrical/Electronic/
Programmable Electronic System) or software safety lifecycle
phases of a Safety Instrumented System shall be identified. All
those specified as responsible for management of functional
safety activities shall be informed of the responsibilities assigned
to them. All persons involved in any overall, E/E/PES or
software safety lifecycle activity, including management
activities, should have the appropriate training, technical
knowledge, experience and qualifications relevant to the specific
duties they have to perform.
MANAGEMENT OF FUNCTIONAL
SAFETY
For each application the installer of the owner of a safety
system must prepare a Safety Planning which must be updated
throughout the Safety Life-cycle of the Safety Instrumented
System. The requirements for the management of functional
safety shall run in parallel with the overall safety lifecycle
phases.
Safety Planning
The Safety Planning shall consider:
• policies and strategies for achieving safety;
• safety life-cycle activities to be applied, including names of
responsible persons and departments;
• procedures relevant to the various life-cycle phases;
• audits and procedures for follow up.
INFORMATION REQUIREMENTS
The information shall comprehensively describe the system
installation and its use in order that all phases of the overall
safety lifecycles, the management of functional safety,
verification and the functional safety assessment can be
effectively performed.
Overall Safety Life-cycle Information
The overall safety lifecycle shall be used as the basis for
claiming conformance to the standard IEC61508. The lifecycle
phases consider all the activities related to the Safety
Instrumented System from the initial concept through design,
implementation, operation and maintenance to
decommissioning.
The relevant lifecycle phases for the 600T Safety Pressure
Transmitter used in a SIS are listed below:
Overall scope definition;
Hazard and risk analysis;
Overall safety requirements;
Safety requirement allocation;
Overall Operation and Maintenance planning;
Overall Installation and Commissioning planning;
Overall Installation and Commissioning;
Overall Safety Validation (SIS Start-up documentation);
Overall Operation (diagnostic messages documentation);
Overall maintenance and retrofit (critical system maintenance
tracking);
Overall modification (management of changes and
modifications);
Decommissioning (out of service notification).
Application Software Safety life-cycle information
Not defined.