One of the goals of an end user is to have infrequent downtime so as to maximize production and ensure minimal maintenance costs. But is this possible when it comes to safety functions?
How can one minimize the frequency of downtime?
The answer to this question is not so straightforward, but IEC 61511 provides us with support in order to give an answer.
First, it is necessary to define what a proof test is. Downtime is necessary to conduct tests so that latent failures within the process can be detected.
Latent failures could be uncovered in two situations:
- When the safety function is required
- When proof tests are carried out during maintenance.
It is easy to understand that proof tests are used to prevent a failure from being detected when the safety function is needed. This is the condition when a dangerous event can occur.
To minimize the frequency of downtime, first of all it is necessary to have the target SIL, which is determined by a risk analysis carried out on the process.
Tips for maximizing the Proof Test Interval
Depending on the target SIL, and thus the probability of failure on demand (PFDavg), it is possible to figure out which parameters to adjust to maximize the Proof Test Interval. Here’s how:
- Choose devices with better failure rates.
- Use redundant architecture.
- Increase the effectiveness (Diagnostic Coverage) and frequency (Diagnostic Test Interval) of diagnostics. Diagnostics allows for online tests; while running they enable the partial verification of latent failures.
- Minimize common cause failures (CCFs) among redundant architectures.
- Provide properly managed bypasses under predetermined conditions to do online maintenance.
- Increase the effectiveness of proof tests (Proof Test Coverage)