A Functional Safety Assessment (FSA) is defined by the IEC 61511 standard as an “investigation, based on evidence, to judge the functional safety achieved by one or more SIS and/or other protection layers.” The ultimate goal of an FSA is to make the team confident that their instrumented safety system will reliably achieve the risk reduction needed. While many organizations understand the importance of FSAs, not everyone realizes the significant advantages of conducting one, especially when initiated earlier in the design process. Starting the assessment early allows for more thorough safety considerations and ensures safety measures are ingrained in the project from the beginning.
Why Do You Conduct Functional Safety Assessments?
The primary motivation is to ensure the Safety Instrumented Functions being implemented actually address the hazards for which they are designed. It might seem routine, but a Functional Safety Assessment is not just a box to check in your development process; it's a powerful tool that can enhance your organization’s safety, compliance, and cost-efficiency. The benefits include:
Safety Assurance The primary and most critical reason for conducting FSAs is to ensure the safety of people, property, and the environment. By identifying and addressing potential hazards, we can prevent accidents and reduce the impact of failures.
Standard and Regulatory Compliance: Conducting FSAs helps organizations comply with these regulations, reducing the risk of legal and financial repercussions.
Cost Reduction: While implementing safety measures can require an initial investment, it often leads to long-term cost savings. Preventing accidents and failures can significantly reduce downtime, repair costs, and potential liability claims.
Innovation and Competitive Advantage: Functional safety assessments can drive innovation by pushing engineers and developers to create more robust and reliable systems.
The standard requires 5 stages of FSAs to be performed over the lifetime of a SIS at key phases of the project lifecycle.
Stage 1 – After the Hazard and Risk Assessment has been carried out, the required protection layers have been identified, and the SRS has been developed
Stage 2 – After the SIS has been designed (typically after Factory Acceptance Testing)
Stage 3 – After the installation, pre-commissioning, and final validation of the SIS have been completed, and operation and maintenance procedures have been developed (typically during the Pre-Startup Safety Review)
Stage 4 – After gaining experience with the operation and maintenance of the system
Stage 5 – After modification and prior to decommissioning of a SIS
These stages are sequentially depicted in Figure 7 from ANSI/ISA-61511-1-2018 - Safety Lifecycle Phases and FSA Stages: https://blog.isa.org/hs-fs/hubfs/Imported_Blog_Media/ANSI-ISA-84_00_0-1-2004-IES-61511-Mod-Safety-Life-Cycle.jpg
A typical Stage 1 FSA compares the content of the SRS to the hazardous scenario outlined in the risk assessment. For example, Stage 1 will review whether the IPLs are truly independent, whether the SIF will protect against the stated hazard, etc. A Stage 2 will be completed after the detailed engineering is complete and will review the detailed design against the SRS. Identifying and rectifying safety issues at the initial stages of development is significantly more cost-effective than addressing them later in the process or, worse, post-construction. In summary, it’s most cost effective to assess the design while it is still on paper. Late-stage changes can be expensive, lead to project delays, and sometimes even necessitate a complete redesign. In addition to the practical benefits, by addressing safety concerns from the outset, you foster a proactive approach to safety that can be carried forward into future projects, enhancing overall safety awareness and practices.
An FSA Stage 3 is done after installation, commissioning, and validation is complete, typically during the Pre-Startup Safety Review. Conducting a Stage 3 reviews work done during the installation and pre-commissioning phases. The Stage 3 FSA ensures the installed system matched the design package.
There is now a greater emphasis on FSAs in the standard than previously. IEC 61511 formerly only required the FSA Stage 3 before the introduction of hazards to the process. With the latest version of the standard, FSA Stages 1, 2, and 3 are now required. If the project has advanced beyond the design phase, Stage 1 and 2 can be done congruently along with the Stage 3. By performing FSAs early in your project's lifecycle, you reduce risks and demonstrate your commitment to safety and quality. While these stages of FSAs are a requirement of the 61511 standard, they deliver significant value beyond standard compliance as they provide meaningful advancements towards protecting people and assets.