Search
-
Recent Posts
Recent Comments
- Gabi Spencer on The importance of Process Hazard Analysis studies
- Ephraim Gasitene Phonela on The importance of Process Hazard Analysis studies
- Gabi Spencer on ESC’s TÜV Rheinland Cyber Security Training Program
- David Dewdney on ESC’s TÜV Rheinland Cyber Security Training Program
- David Balfour on Functional Safety (FS) for Technicians – Proposed CompEx modules
Archives
- May 2022
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- January 2020
- July 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- November 2018
- August 2018
- April 2018
- March 2018
- February 2018
- November 2017
- May 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- February 2016
- August 2015
- June 2015
- May 2015
- February 2015
- November 2014
- September 2014
- July 2014
- April 2014
Categories
Changes to IEC 61511 … The Second Edition (Part Two)

Changes to IEC 61511 – The Second Edition
Following my previous blog Changes to IEC 61511 … The Second Edition (Part One), here’s the final part of my summary of the key differences between edition one and the recently-released edition two of IEC 61511-1 (Functional safety – Safety instrumented systems for the process industry sector). As with any new revision, the first thing that pops to mind is What has changed and how does is affect me?
In Part One of this article we discussed clauses 1 to 5 or Part 1 of the standard and here I cover clauses 6 to 16.
Of course there are many minor changes to IEC 61511 (e.g. editorial changes) that have been made but which are not listed as such, so here’s a list of the major ones:
Clause 6: Safety Lifecycle
- The Application Program Safety Life Cycle is now included under this section
Clause 7: Verification
The Standard has added a few more items e.g. correctness of data that should be addressed when producing the Verification Plan.
- The Standard now includes a list of items that should be addressed as part of the test plan if testing is to be carried out in this phase.
- Where non-safety functions are integrated with safety functions, the Verification needs to give assurance and confidence that there is non-interference with the safety functions.
- Any modifications that will impact the SIS components will require re-verification.
Clause 8: Process Hazard and Risk Assessment
- With the ever growing global threat of hacking, the Standard now has a requirement to conduct a Security Risk Assessment. The assessment should be carried out to identify the security vulnerabilities associated with the SIS and measures to provide necessary resilience against the risks.
Clause 9: Allocation of Safety Functions to Protection Layers Process Hazard and Risk Assessment
- A great deal of caution is given in regards to the application of SIL 4 SIFs, the Standard strongly underlines the message to stay away and avoid SIL 4 SIFs if at all possible!
Clause 10: SIS Safety Requirements Specification (SRS)
- Further requirements have been added to the SRS, including proof test implementation and written procedures for the use of bypass systems.
- The SRS should now include the requirements for the Application Program.
Clause 11: SIS Design and engineering
- With regards to Cyber Security, there is a requirement for the design to provide resilience against any identified security risks.
- A requirement for a Safety Manual has now been formalised.
- The term Safe Failure Fraction (SFF) has been removed, so to address the Architectural Constraints of a device, the Standard adopts the approach of IEC 61508 Route 2H. Table 6 in this revision of the Standard provides the Hardware Fault Tolerance (HFT) requirements for each specific SIL. In addition, the Standard simply states that for any device which uses Fixed Programming Language (FPL) and Limited Variability Language (LVL), the diagnostic coverage must not be less than 60%.
- The use of credible, traceable, documented and justified reliability data when conducting reliability modelling is now heavily emphasised, furthermore the uncertainties associated with failure rate data should be accounted for when calculating the failure measure.
Clause 12: SIS Application Programme Development
- There has been major reorganisation of this clause to make it more streamlined and relevant for application programming (LVL and FPL), where Fully Variability Language (FVL) is used, the Standard refers to IEC 61508 for guidance.
Clause 16: SIS Operation and Maintenance
There is now a requirement to have suitable management procedures to review deferrals and prevent significant delay to proof testing.
- Operating procedures for bypass systems need to be in place which dictate when, how and the duration that the bypass is in operation.
Changes to IEC 61511 Parts 2 and 3
Parts 2 and 3 of the Standard which provide Guidance in the Application of IEC 61511 are generally more detailed and have more examples.

IEC61508 and IEC61511 compliance seminar.
Click image to view full invitation
What next?
Assuming you have read Part One of this article check out our complementary seminar How does IEC61508 and IEC61511 compliance affect you? One of the key topics is the changes to IEC 61511 and how it effects you, which is presented by Ron Bell. The seminar is an exchange of information and not a sales pitch for our consultancy services (except a small introduction to our awesome Functional Safety Software Tool – ProSET®). The next two dates are:
Warrington on 16th June 2016
London on 7th July 2016