How to define the frequency of downtime

Reading time: 3 minutes - Difficulty: medium
One of the goals of an end user is to have infrequent downtime so as to maximize production and ensure minimal maintenance costs. But is this possible when it comes to safety functions?

How can one minimize the frequency of downtime?

The answer to this question is not so straightforward, but IEC 61511 provides us with support in order to give an answer.

First, it is necessary to define what a proof test is. Downtime is necessary to conduct tests so that latent failures within the process can be detected.


More information:


Latent failures could be uncovered in two situations:

  • When the safety function is required
  • When proof tests are carried out during maintenance.


It is easy to understand that proof tests are used to prevent a failure from being detected when the safety function is needed. This is the condition when a dangerous event can occur.

To minimize the frequency of downtime, first of all it is necessary to have the target SIL, which is determined by a risk analysis carried out on the process.


Tips for maximizing the Proof Test Interval

Depending on the target SIL, and thus the probability of failure on demand (PFDavg), it is possible to figure out which parameters to adjust to maximize the Proof Test Interval. Here’s how:

  • Choose devices with better failure rates.
  • Use redundant architecture.
  • Increase the effectiveness (Diagnostic Coverage) and frequency (Diagnostic Test Interval) of diagnostics. Diagnostics allows for online tests; while running they enable the partial verification of latent failures.
  • Minimize common cause failures (CCFs) among redundant architectures.
  • Provide properly managed bypasses under predetermined conditions to do online maintenance.
  • Increase the effectiveness of proof tests (Proof Test Coverage)


Do you want to learn more about IEC 61511?

The brand new ICSA Certification by ISASecure for IIoT devices

What is the ICSA Certificate The IIoT Component Security Assurance (ICSA) certification was inspired by recommendations published in the joint ISA Global Security Alliance (ISAGCA) and ISA Security Compliance Institute (ISCI) study. The ISASecure IIoT Component Security Assurance (ICSA) is a security certification program for IIoT devices and IIoT gateways. ICSA certification applies to IACS (Industrial Automation […]

Read more

Field returns for IEC 61511

Difference between Prior Use, Proven in Use and Route 2H Here are the differences between the three types of field returns: Proven in Use (“PIU”) is a way to demonstrate a device’s ability to avoid systematic failures. This concerns IEC 61508 and so this mode of analysis is used by manufacturers Route 2H is used […]

Read more
Byhon Logo bianco

Subscribe to our newsletter to stay up to date on Functional Safety and Industrial Cyber Security news and events

Send this to a friend