FUNCTIONAL SAFETY

We put the focus on the Process Industry

and IEC61508/61511 / ISA84 Standards

From concept to commissioning — we align your systems with IEC 61508, IEC 61511, and ISA 84 functional safety requirements, ensuring compliance, reliability, and peace of mind throughout the entire lifecycle.

Training

Functional Safety Training & Certifications according to IEC-61511/61508, ISA-84

Training Info

Software

SILcet Tool for SIL Verification based on IEC-61511, IEC-61508 & ISA-84 (Low/High Demand)

Software Info

Services

Functional Safety Engineering & Consulting Services according to IEC61511/61508 & ISA-84

Services Info

Our Customers

QGE Group
Caloric
Heat and Control
Brinox
Veralia
TUV Rheinland
Sener
TUV SUD
Saipem
Moeve
Enagas
Chart
GNL Quintero

The objective of Functional Safety is to eliminate or minimize unacceptable risks to People, Equipment and the Environment. To achieve this objective, different types of measures can be combined and different layers of protection implemented, such as the Safety Instrumented System (SIS).
Standard IEC 61508 is used by manufacturers to certify their products (sensors, PLCs and final elements) and it is also the standard that serves as a basis for developing other specific standards for each sector, such as IEC 61511 for the process industry, IEC 62061 for machinery, EN 50126/128/129 for the railway sector and others.

SIS Life Cycle: Risk Analysis, Design & Implementation, O & M

RISK ANALYSIS

DESIGN & IMPLEMENTATION

  • Technology Selection

  • Design of SIFs

  • Proof Test definition

  • SIL Verification, Construction, FAT

  • SAT & Validation

OPERATION & MAINTENANCE

  • Maintenance Plan & Training

  • Use of bypass, proof tests, inspections

  • Repairing, spare parts, failure register
  • SIS modifications

  • Functional Safety Assessment (FSA)

During the O&M phase is crucial to maintain the integrity of the SIFs over time.

Safety Instrumented Function (SIF)

The Safety Instrumented Function is composed of three subsystems: SENSOR, LOGIC SOLVER and ACTUATOR. Its objective is the safety of People, Equipment and the Environment. During the Process Hazard Analysis (PHA) the SIF is defined and the required SIL is determined, as well as other values such as the RRF (Risk Reduction Factor), the MTTFS (average time in years between two spurious process trips) and other parameters used in the calculation of the Probability of Failure (PFDavg / PFH).

Industrial automation system featuring a transmitter, safety PLC, actuator, and valve for efficient process control.

Sensor Subsystem

It covers the connection to the process (seal, RTD, etc.), the instrument (transmitter or switch), wiring to the PLC cabinet, and input interface (isolator, barrier, etc.). The best practice is to use 4-20 mA transmitters to diagnose dangerous faults.

Sensor Subsystem

The most commonly used architectures for this subsystem are 1oo1, 1oo2, 2oo2, and 2oo3. These configurations help ensure reliability and availability depending on the required safety integrity level.

Logic Solver Subsystem

It is recommended to use a manufacturer-certified Safety PLC that meets the highest SIL requirement among all SIFs. These PLCs have a high self-diagnostic capability (>95%), significantly reducing the need for frequent “Proof Tests.”

Logic Solver Subsystem

The application program is the critical part of the Logic Solver and must be thoroughly tested. The most common architectures include 1oo1D, 1oo2D, 2oo4D, and 2oo3D, with the SIF logic residing in the PLC software.

Actuator Subsystem

It covers the output interface (relay, etc.), wiring to the field, and final element. This includes solenoid valve, actuator (electrical, pneumatic, etc.), valve (ball, butterfly, etc.), or other components such as horns, lamps, contactors, etc.

Actuator Subsystem

This subsystem is often the weak link of the Safety Function since mechanical elements, particularly valves, are in direct contact with the process. The most used architectures for this part are 1oo1, 1oo2, and 2oo2.