Safety Instrumented Systems – TÜV FS Eng – 4 Day Course Outline

Day 1

Fundamentals of functional safety #1:

  • Essentials of functional safety;
  • Safety function: Functionality & safety integrity
  • Hazard Analysis
  • Risk Assessment
  • Risk Target and Risk Reduction Models
  • IEC 61508 family of standards and the role of IEC 61511
  • Overall Safety Lifecycle, E/E/PE Safety Lifecycle & work Safety Life-cycle.

Fundamentals of functional safety #2:

  • Strategy to achieve functional safety
  • Failure modes & failure categories
  • Failure Mode & Effects Analysis (FMEA) incorporating FMECA & FMEDA in the context of IEC 61508
  • Safety Integrity & Safety Integrity Levels (SILs)
  • Overall design framework
  • Compliance model

Fundamentals of functional safety #3:

  • Modes of Operation (Low Demand/High Demand/continuous)
  • SIL Determination ((Low Demand/High Demand/continuous)
  • Example of overall approach
  • Allocation of safety functions

Design essentials to achieve a specified SIL (IEC 61508)

  • Framework for the Design RequirementsReliability modelling (achievement of Target Failure Measure (e.g. PFDavg)
  • Hardware Safety Integrity
  • Systematic Safety Integrity & Systematic Capability
  • Routes to compliance IEC 61508 (including Proven in Use)
  • Hardware Fault Tolerance (HFT) & Architectural Constraints

Day 2

Simplified example: SIL Achievement

  • Achievement of Safety Integrity comprising
  • Achievement of the Target Failure Measure (e.g. PFDavg) for dangerous Random Hardware failures
  • Hardware Safety Integrity (Architectural Constraints) including Hardware Fault Tolerance (HFT) and Safe Failure Fraction (SFF)
  • Systematic Safety Integrity

Assurance Measures

  • Functional Safety Audit
  • Functional Safety Assessment
  • Verification & Validation
  • Accreditation and Certification
  • Traceability

Workshop #1

Questions on topics covered so for (including multiple choice and multiple response)

Design essentials to achieve a specified SIL (IEC 61511)

  • Relationship between IEC 61508 and IEC 61511
  • SIF functionality and SIF safety integrity
  • SIF Loop
  • Safety Lifecycle
  • Design requirements to achieve a specified SIL (IEC 61508 & IEC 61511 design options)
  • BPCS control and protection functions
  • BPCS as a Protection Layer
  • Prior Use Concepts
  • Legacy Systems

Workshop #2

Questions on topics covered so for (including multiple choice and multiple response)

Day 3

Management of Functional Safety & Functional Safety Assessment (IEC 61511)

  • Organisation & resources
  • Lifecycle Management
  • Risk evaluation & risk management
  • Planning
  • Implementing & monitoring
  • Assessment, auditing & revisions
  • Competence (individual and Competence Management Systems)
  • Specifying competence & Assessing competence; Competence Management System

SIL determination (including Target Risk & Tolerable Risk concepts)

  • Legal Requirements (ALARP)
  • Corporate Risk Criteria
  • Cost Benefit Analysis
  • Quantitative & qualitative approaches
  • Risk Reduction concepts/Risk Parameters: (protection layers/conditional modifiers)
  • LOPA, Risk Graphs, Fault Tree Analysis
  • Sector approaches
  • Contribution of the EUC control system (Low Demand Mode)

Workshop #3

Questions on topics covered so for (including multiple choice and multiple response)

Operation & Maintenance

  • Modifications
  • Overrides
  • Functional Safety Audits
  • Functional Testing
  • Proof Testing
  • Proof Test Coverage
  • Perfect and imperfect proof testing
  • Proof Test Procedures

Workshop #4

Questions on topics covered so for (including multiple choice and multiple response)

Open Forum

Discussion & questions on any issues covered on the course

Day 4


A four-hour Two-Part examination where:

  • Part 1 of the examination comprises a number of Multiple-Choice questions (where only one answer is correct) and Multiple-Response questions (where, at most only two correct answers are possible). – The scoring for the Multiple Choice is one mark for a correct answer and no marks for an incorrect answer. – The scoring for the Multiple-Response questions is one mark for a correct answer and two marks are available for the two possible correct answers
  • Part 2 contains 10 multiple-part questions. Three marks per question are available for a correct answer