• Journal of the Korean Society of Safety
• /
• v.27 no.5
• /
• pp.64-69
• /
• 2012

The concept of SIL is applied in the most of all standards relating to functional system safety. However there are problems for the people to apply SIL to their plants. as these standards don't include sufficient informations. In this regards, this paper will suggest the direction of SIL application and concept based on IEC 61508 and IEC 61511. A Safety Integrity Level(SIL) is the discrete level(one out of possible fours), corresponding to a range of the probability of an E/E/PE (Electric/Electrical/Programmable Electrical) safety-related system satisfactorily performing the specific safety functions under all the stated conditions within a stated period of time. SIL can be divided into the target SIL(or required SIL) and the result SIL. The target SIL is determined by the risk analysis at the analysis phase of safety lifecycle and the result SIL is calculated during SIL verification at the realization phase of safety lifecycle. The target SIL is determined by the risk analysis like LOPA(Layer Of Protection Analysis), Risk Graph, Risk Matrix and the result SIL is calculated by HFT(Hardware Fault Tolerance), SFF(Safe Failure Fraction) and PFDavg(average Probability of dangerous Failure on Demand). SIL is applied to various areas such as process safety, machinery(road vehicles, railway application, rotating equipment, etc), nuclear sector which functional safety is applied. The functional safety is the part of the overall safety relating to the EUC and the EUC control system that depends on the correct functioning of the E/E/PE safety-related systems and other risk reduction measures. SIL is applied only to the functional safety of SIS(Safety Instrumented System) in safety. EUC is the abbreviation of Equipment Under Control and is the equipment, machinery, apparatus or plant used for manufacturing, process, transportation, medical or other activities.

• Journal of the Korean Society of Safety
• /
• v.32 no.4
• /
• pp.7-15
• /
• 2017

International standards such as IEC-61508 and IEC-61511 require Safety Integrity Levels (SILs) for Safety Instrumented Functions (SIFs) in process industries. SIL verification is one of the methods for process safety description. Results of the SIL verification in some cases indicated that several Safety Instrumented Functions (SIFs) do not satisfy the required SIL. This results in some problems in terms of cost and risks to the industries. This study has been performed to improve the reliability of a safety instrumented function (SIF) installed in hydrodesulfurization reactor heater using Partial Stroke Testing (PST). Emergency shutdown system was chosen as an SIF in this study. SIL verification has been performed for cases chosen through the layer of protection analysis method. The probability of failure on demands (PFDs) for SIFs in fault tree analysis was $4.82{\times}10^{-3}$. As a result, the SIFs were unsuitable for the needed RRF, although they were capable of satisfying their target SIL 2. So, different PST intervals from 1 to 4 years were applied to the SIFs. It was found that the PFD of SIFs was $2.13{\times}10^{-3}$ and the RRF was 469 at the PST interval of one year, and this satisfies the RRF requirements in this case. It was also found that shorter interval of PST caused higher reliability of the SIF.

• Proceedings of the KSR Conference
• /
• 2011.05a
• /
• pp.1195-1201
• /
• 2011

Since the release of safety standard IEC 61508 which defines functional safety of electronic safety-related systems, SIL(Safety Integrity Level) certification for railway systems has gained lots of attention lately. In this paper, we propose a new design technique of the computer board for train control systems with high reliability and safety. The board is designed with TMR(Triple Modular Redundancy) using a certified SIL3 Texas Instrument(TI)'s TMS570 MCU(Micro-Controller Unit) to guarantee safety and reliability. TMR for the control device is implemented on FPGA(Field Programmable Gate Array) which integrates a comparator, a CAN(Controller Area Network) communication module, built-in self-error checking, error discriminant function to improve the reliability of the board. Even if a malfunction of a processing module occurs, the safety control function based on the proposed technique lets the system operate properly by detecting and masking the malfunction. An RTOS (Real Time Operation System) called FreeRTOS is ported on the board so that reliable and stable operation and convenient software development can be provided.

• IE interfaces
• /
• v.25 no.4
• /
• pp.393-404
• /
• 2012

Increasing safety requirements of automobile are asking companies to find out solutions, based on the ISO 26262 which is a functional safety standard. ISO 26262 is an adaptation of the IEC 61508 for automotive electric/electronic systems. ISO 26262 provides a V model for ECU (Electronic Control Unit) development process to secure safety against vehicle. It well describes the requirements, necessary works and their resulting products for each development phase. However, it is difficult to apply to product development for achieving functional safety in the electric/electronic systems of an automobile because it lacks explanation on the working steps to follow and the methodologies and tools to be used in each step. In this paper, we introduce the outline of the ISO 26262 product development process and present a DFSS (Design For Six Sigma) road-map based on the ISO 26262 product development process as a way to operate efficiently the ISO 26262 product development process. The DFSS road-map consists of five phases: Define, Measure, Analyze, Design, and Verify. The detailed activities, tools, inputs, and work products are given for each phase.

• Journal of Applied Reliability
• /
• v.10 no.2
• /
• pp.107-122
• /
• 2010

Functional safety is the part of the overall safety of a system that depends on the system or equipment operating correctly in response to its inputs, including the safe management of likely operator errors, hardware failures, systematic failures, and environmental changes. One of the essential concepts of functional safety is Safety Integrity Level(SIL). It is defined as a relative level of risk-reduction provided by a safety function, or to specify a target level of risk reduction. In this paper, each element of SIL assessment will be defined. Based on each element, specific process of SIL selection will be established by using flowchart. The flowchart provides a SIL assessment guideline for functional safety engineers. The proposed theory will be verified by applying to a oil refining plant for SIL assessment.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.3
• /
• pp.169-177
• /
• 2021

Recently, the use of electric and electronic control systems is increasing in the automobile industry. This increase in the electric and electronic control system greatly increases the complexity of designing a vehicle, which leads to an increase in the malfunction of the system, and a safety problem due to the malfunction is becoming an issue. Based on IEC 61508 relating to the functional safety of electrical/electronic/programmable electronics, the ISO 26262 standard specific to the automotive sector was first established in 2011, and a revision was published in 2018. Malfunctions due to system failure are covered by ISO 26262, but ISO/PAS 21448 is proposed to deal with unintended malfunctions caused by changes in the surrounding environment. ISO 26262 sets out safety-related requirements for the entire life cycle. Functional safety analysis includes FTA (Fault Tree Analysis), FMEA (Failure Mode and Effect Analysis), and HAZOP (Hazard and Operability). These analysis have limitations in dealing with failures or errors caused by complex interrelationships because it is assumed that a failure or error affecting the risk occurs by a specific component. In order to overcome this limitation, it is necessary to apply the STPA (System Theoretic Process Analysis) technique.