An Approach to Using Non Safety-Assured Programmable Components in Modest Integrity Systems
Programmable components (like personal computers or smart devices) can offer considerable benefits in terms of usability and functionality in a safety-related system. However there is a problem in justifying the use of programmable components if the components have not been safety justified to an appropriate integrity (e.g. to SIL 1 of IEC 61508). This paper outlines an approach (called LowSIL) developed in the UK CINIF nuclear industry research programme to justify the use of non safety-assured programmable components in modest integrity systems. This is a seven step approach that can be applied to new systems from an early design stage, or retrospectively to existing systems. The stages comprise: system characterisation, component suitability assessment, failure analysis, failure mitigation, identification of additional defences, identification of safety evidence requirements, and collation and evaluation of evidence. In the case of personal computers, there is supporting guidance on usage constraints, claim limits on reliability, and advice on “locking down” the component to maximise reliability. The approach is demonstrated for an example system. The approach has been applied successfully to a range of safety-related systems used in the nuclear industry.
KeywordsProgrammable components safety integrity safety assurance
Unable to display preview. Download preview PDF.
- 1.IEC 61882: Hazard and operability studies (HAZOP studies) – Application guide (2001)Google Scholar
- 2.IEC 60812: Analysis Techniques for System Reliability – Procedure for Failure Mode Effects Analysis (1985)Google Scholar
- 3.IEC 61508-3: Functional safety of electrical/electronic/programmable electronic safety-related systems – Part 3: Software requirements, 1st edn. (1998)Google Scholar
- 4.IEC 62138: Nuclear power plants – Instrumentation and control important for safety – Software aspects for computer-based systems performing category B or C functions, 1st edn. (2004)Google Scholar
- 5.Kletz, T.: HAZOP and HAZAN, Identifying and Assessing Process Industry Hazards, 4th edn. Institution of Chemical Engineers (2006)Google Scholar