Changes to IEC 61511 … The Second Edition (Part One)

Blog by Simon Burwood on Changes to IEC 61511 ... The Second Edition

Simon Burwood – Engineering Director at Engineering Safety Consultants

As a recent recruit to the IEC 61511 (Functional safety – Safety instrumented systems for the process industry sector) Maintenance committee (MT61511), I’m in a privileged position to be able to share with you a summary of the key changes to IEC 61511 between edition one and the recently-released edition two of IEC 61511-1.  As with any new revision, the first thing that pops to mind is What has changed and how does it affect me?

So before getting into the nitty gritty details of the main changes to IEC 61511, the general feeling is that a conscious effort has been made to make this Edition of the Standard more aligned to its parent standard IEC 61508 Revision 2.  The overall impression is that more detail has been added to make the clauses more precise and there is greater emphasis on having good quality documentation which can only be a good thing.

Changes to IEC 61511

Only the significant changes for Part 1 are listed below (clauses 1 to 5), of course there are many more changes (e.g. editorial changes) that have been made but which are not listed as such, so here’s a list of the major ones:

Clause 1: Scope

  • For those working in the pharmaceuticals, food and beverage industries – feeling confused as to whether the standard was applicable to you? Well, now you can be assured that it does!
    The applicability of the standard has now been extended to the pharmaceutical, food and beverage industries as well as the traditional oil and gas, chemical, pulp and paper and non-nuclear power generation.
  • As for the oil and gas industries, the Standard in now applicable to all of oil and gas instead of just ‘Oil Refining, Oil and Gas production’ which means it includes everything including upstream activities such as drilling.
  • The argument around classifying mitigating systems such as fire suppression systems as Safety Instrumented Functions (SIFs) has finally been addressed. Figure 4 in this latest edition only classifies ‘Preventive’ SISs as SIFs and removes the term ‘Mitigation SIF’. Although the term ‘mitigating safety functions’ still appears in the Standard it is encouraged that it be valued as a ‘protection layer/other instrumented means of risk reduction’ rather than classified as a SIF.

Clause 3: Definitions

  • When it comes to Standards, there’s no such thing as too many definitions, this revision includes a number of new terms, including: Bypass, Mean Repair Time, Process Safety Time and Mean Time to Restoration.
  • Further clarification has been provided for terms such as Common Cause Failures, Common Mode Failures and Safe Failures.
  • Mode of Operations are now clear cut in three distinguished modes; Low, High and Continuous as per IEC 61508.
  • The most notable change in the Section is the introduction of the concept of Systematic Capability. The Standard now emphasises the importance of assessing a SIF in terms of the Random Hardware and Systematic Capability, and requires that the SIF meets the SIL requirements in both respects.
  • Prior Use (replacing the term “Proven in Use”) has now been highlighted as a method (as per IEC 61508) of assessing the Systematic Capability of a device (hardware and/or software) based on previous operational experience.

Clause 5: Management of Functional Safety

  • Evidence of competencies for individuals involved in Safety Life Cycle activities now need to be documented, as well as having procedures in place to manage these competencies and conducting periodic assessments.
  • There is a now a requirement that a Functional Safety Assessment (FSA) should be carried out periodically throughout the Maintenance and Operation phase.
  • With regards to modifications, the Standard requires that the FSA considers the impact analysis on the proposed modifications and confirms that the modifications to be carried out are compliant with the Standard.
  • The Standard specifies that an Independent Person must perform a Functional Safety Audit, who cannot be undertaking any work on the SIS which is to be audited.
  • There must be configuration management and revision control for developing and executing the Application Program.
IEC61508 and IEC61511 compliance seminar

IEC61508 and IEC61511 compliance seminar.
Click image to view full invitation

What next?

Part two of this guide is now available.  You should also check out our free seminar How does IEC61508 and IEC61511 compliance affect you? One of the key topics is the changes to IEC 61511 and is presented by Ron Bell.  The seminar is an exchange of information and not a sales pitch for our consultancy services (except a small introduction to our awesome Functional Safety Software Tool – ProSET®).  The next seminar will be held in London on 7th July 2016.