TUNE YOUR LOOP: Advanced Design and Safety Instrumented Level (SIL) Verification

TUNE YOUR LOOP:  Questions to keep you sharp.

Tune Your Loop is a series of posts consisting of questions from ISA Training Courses.

1. How should a redundant system respond upon detection of a dangerous fault?

  1. Fail dangerously
  2. Shut down safely
  3. Continue operating with no time limit
  4. Continue operating as long as the fault is repaired within a specified time

2. The standard allows testing of systems either end-to-end or in parts. What are the pros and cons of testing in parts?

What are your answers before you read ahead?

1. How should a redundant system respond upon detection of a dangerous fault?

d. Continue operating as long as the fault is repaired within a specified time

 2. The standard allows testing of systems either end-to-end or in parts. What are the pros and cons of testing in parts?

Testing in parts is acceptable because different devices have different failure rates, failure modes and levels of diagnostics, therefore their performance varies widely. Less reliable and safe devices need to be tested more often. More reliable devices do not need to be tested as often (as long as the target performance is maintained), thereby saving money.

The drawback of testing in parts is that some interfaces might not get tested. There have been cases of individual devices all working when tested, but not working as a complete system.

From the ISA course EC54 Advanced Design and SIL Verification pre-instructional survey.

Print Friendly

, , ,

Pin It on Pinterest

Shares
Share This

Share This

Share this ISA post with your friends!