Fault tolerance Functional Safety

Fault tolerance standards provide guidelines for implementing safety instrumented systems to prevent hazardous events. The main international fault tolerance standards include IEC 61508 and IEC 61511. IEC 61508 is a generic fault tolerance standard applicable to all industries. IEC 61511 specifically addresses fault tolerance for the process industry. These standards define safety lifecycles, safety integrity levels, and validation requirements.

Safety Lifecycles

Fault tolerance standards define a safety lifecycle approach to be followed when implementing Functional Safety instrumented systems. This includes planning, development, operation and maintenance phases. Within each phase are specific requirements for functional hazard and risk analysis, safety requirements specification, design implementation, verification and validation. Following a structured safety lifecycle helps ensure all fault tolerance aspects are properly addressed.

Safety Integrity Levels

Safety integrity levels (SIL) provide a relative measure of safety system performance. IEC standards define four SIL levels - SIL1 being the lowest level and SIL4 the highest. The appropriate SIL target for a safety instrumented function depends on the risk reduction needed and is determined via a functional hazard analysis. Higher SIL levels require more rigorous design practices, increased hardware fault tolerance and proof testing to achieve the required safety performance.

Systematic Capability

A key requirement of fault tolerance standards is that companies implementing safety systems must demonstrate a minimum 'systematic capability'. This refers to the organization's policies, processes, and competencies to carry out fault tolerance management. Achieving at least SIL2 requires demonstrating SIL1 systematic capability, SIL3 requires SIL2 and SIL4 needs SIL3. Third party audits help validate an organization's systematic capability claims.

Fault tolerance Validation

Once a safety instrumented system is designed and implemented, it must undergo rigorous validation testing to verify it meets the intended safety function and targeted SIL. This includes environment and parameter testing, fault tolerance testing using realistic test cases, proof tests to detect dangerous undetected faults and diagnostic coverage measurements. Achieving a high diagnostic coverage percentage provides assurance the safety logic will work as expected.
Get more insights on Functional Safety