exida

exida explains Blog

  • by John Yozallinas, CFSE
  • Wednesday, December 07, 2011
  • Certification

It Ought to be a Crime

There is no shortage of drivers who try to “beat the red light,” or roll through a stop sign.  I see it every day (luckily BEFORE they hit my side door).  Even though everyone knows, or should know the “rules of the road,” there are some folks who are…

Read More...

NEVER Use B10 Values for PFDavg Calculations

The machine safety community has defined a number called the “B10 number.”  It is a measure of time where 10% of a population of devices should have failed.  Generally it is a measure of expected end of life or “useful life” as defined by the reliability engineering community.

The…

Read More...

Field Failure Rate: 10 FITS or 1000 FITS?

After analyzing field failure data from hundreds of data sets from dozens of sources, it is becoming easy to see why results from different studies may vary by an order of magnitude or more. The data collection process itself varies by an order of magnitude or more!  A few…

Read More...

Do you believe the numbers?

In a couple of recent projects and discussions, I have come across something extremely concerning. Engineers are very good at performing accurate calculations, and the PFDavg and PFH computations for SIL performance verification are improving in precision all the time. Unfortunately, there is often such a focus…

Read More...

Two Billion Hours

When I studied Reliability Engineering in graduate school, I was taught that failure rate data came from field failure studies.  I assumed that operating companies always kept accurate records when a piece of equipment failed.  I also assumed that someone would investigate the failures and assign a root cause.…

Read More...

Don’t ignore the operator when searching for root cause

Something was wrong with our washing machine.  The wash cycle was longer than normal.  The problem seemed intermittent at first, but then it became persistent across all wash cycles.  Preliminary investigation revealed the cycle got stuck on spin.  Now, I am normally not allowed to operate the washer with…

Read More...

PHA to LOPA: Part II

In some cases the screening methods will indicate that a SIF is needed. These screening methods can be designed to determine how many orders of magnitude risk reduction is needed, allowing a required SIL to be documented for a particular SIF. The screening…

Read More...

PHA to LOPA: Part I

Parts I and II of this article provide a framework for when it is appropriate to make the transition from qualitative analysis to more quantitative during the hazard review work process. It further illustrates that LOPA can be used as part of what is considered more qualitative analysis…

Read More...

Keeping “Dancing Monkeys” out of your PLC

Last week a security researcher, Dillon Beresford of NSS Labs, presented at the Blackhat conference on the security vulnerabilities he found in Siemens PLC firmware.  One of many stories on Dillon’s findings can be found here.  Among other things, Dillon found “dancing monkeys” in the code!  Actually,…

Read More...

  • by Dr. William Goble, CFSE
  • Thursday, August 04, 2011
  • Certification

Not Perfect? Not Good

Over the years I have heard good ideas rejected. We have all done this and observed others doing the same. As far as safety equipment, I recall when the first safety certified pressure transmitter, the Moore 345, was released to the market.  Several potential customers said “it doesn’t…

Read More...

How does CMMI help my safety assessment?

We have CMMI processes at CL3; does that help us get IEC 61508 certification for SIL 3?

Companies that deliver a product or service do so by following a sequence of processes.  High quality deliverables are a result of high quality processes and continuous improvement in…

Read More...

  • by Dr. William Goble, CFSE
  • Tuesday, June 07, 2011
  • Certification

The Weakest Link

One of the objectives of new performance based standards like IEC 61508 is to allow performance metrics (like PFDavg for low demand systems) to identify the weak links in any proposed design.  Obviously, it is not necessary to put effort into design and spend money on areas…

Read More...

Industrial automation is in the cross hairs of the hacker

As the details of STUXNET’s design unfolded last fall, like many, I was truly impressed by the pin-point precision that the malware authors used to ensure that their target, and only their target, was impacted by the virus.  In this regard, STUXNET may be one of the…

Read More...

Keep Risk Personal

We are fortunate that Risk Analysts have developed a logical framework of quantitative and semi-quantitative analysis techniques that allow us to assess and optimally mediate risk. And we all know that this is part of the Safety Lifecycle, a series of engineering steps/procedures that represent best safety practices. These…

Read More...

When is a Variable Frequency Drive a SIS?

It used to be that a pump would operate at a single speed dictated by a motor, thus fixing the pump curve. As the discharge flow decreased due to a restriction downstream, the pump outlet pressure would increase reaching its deadhead pressure. If the downstream piping and vessels were…

Read More...

exida explains

The exida explains blog has been around for over five years and gives expert and sometimes candid insight into the world functional safety, alarm management, and industrial cybersecurity.

Categories

Tag Cloud

Alarm Management Cybersecurity cybersecurity Dr. William Goble exida exSILentia Failure Rates FMEDA functional safety Functional Safety IEC 61508 IEC 61511 IEC 62443 IEC61511 ISA-18.2 Iwan van Beurden John Yozallinas Loren Stewart Patrick O'Brien PFDavg PLC safety lifecycle SIF SIL silsafe SIS Steve Gandy Ted Stewart Todd Stauffer william goble