Inspired by “Conducting an Effective Functional Safety Assessment” presented at the ISA Process Industry Conference.
by Greg Hardin
Much has been written about the functional safety assessment (FSA) stages, the makeup of the team, and the types of documents that should be reviewed. Yet what might go wrong with an FSA, and what might you do to ensure that an FSA runs smoothly?
Would you rather learn from the mistakes of others, or make them all yourself? It’s easier and less painful learning from the mistakes of others. Here are just a few of the things that can go wrong.
A consultant was criticized for not identifying a problem on a wiring diagram while performing a stage 1 FSA that was restricted to software. This indicates two misunderstandings of the scope of the FSA: 1) it was limited to software, not hardware; 2) it was a stage 1 FSA – hardwire design would normally not be considered until stage 2. When reviewing the results of a FSA make sure everyone involved understands the scope of the FSA.
If certain documents are not available (e.g., hazard analysis, layer of protection analysis, safety requirements specification, etc.) do not get pressured into doing an FSA anyway. After all, you can’t review the completeness of documents that don’t even exist. The fact that anyone would even request such an analysis implies a significant misunderstanding of the overall process.
Clause 5.2.6.1.4 of ISA/IEC 61511 now states, “A FSA team shall review the work carried out on all phases of the safety life cycle prior to the stage covered by the assessment that have not been already covered by previous FSAs.” Read that sentence again, and slowly. This is a new requirement and the interpretation and implication may not be clear to some. For example, if you’re asked to perform a stage 3 assessment, but stage 1 and 2 assessments have not been performed, you will essentially still need to complete those earlier assessments! That may catch many off guard and have a significant impact on the budget and schedule.
Here are some suggestions for conducting an effective assessment:
Make a plan for the FSA — the standard requires it — and stick to it.
If you absolutely must deviate from the plan, make sure you identify the consequences and communicate them to all interested parties.
Don’t be afraid to “kick over some rocks” during the FSA meeting(s). It’s an opportunity to generate useful discussion.
Have a scribe for FSA meetings. If that’s not possible, make sure you take very good notes.
Be on the lookout for scope creep. Do not agree to do work that isn’t budgeted.