-
idae
Certification Services
IEC 61508 Functional Safety Assessment
Project: QHP Bladder Accumulator
Customer: Quality Hydraulic Power Ltd.
Middleton, Manchester United Kingdom
Contract No.: Q12/07-034 Report No.: QHP 12/07-034 R002
Version V1, Revision R1, August 20, 2013 Gregory Sauk
The document was prepared using best effort. The authors make no
warranty of any kind and shall not be liable in any event for
incidental or consequential damages in connection with the
application of the document.
All rights reserved.
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc
Management Summary This report summarizes the results of the
functional safety assessment according to IEC 61508 carried out on
the:
QHP QB Series Bladder Accumulator
The functional safety assessment performed by exida consisted of
the following activities:
- exida assessed the development process used by Quality
Hydraulic Power Ltd. through an audit and creation of a detailed
safety case against the requirements of IEC 61508.
- exida reviewed and assessed a detailed Failure Modes, Effects,
and Diagnostic Analysis (FMEDA) of the devices to document the
hardware architecture and failure behavior.
The functional safety assessment was performed to the
requirements of IEC 61508, SIL 3. A full IEC 61508 Safety Case was
prepared, using the exida SafetyCaseDB tool, and used as the
primary audit tool. Hardware and software process requirements and
all associated documentation were reviewed. Environmental test
reports were reviewed. Also the user documentation (safety manual)
was reviewed. The results of the Functional Safety Assessment can
be summarized by the following statements:
The QHP 10 Litre Bladder Accumulator was found to meet the
Systematic Capability requirements of IEC 61508 for up to SC 3 (SIL
3 Capable). The PFDAVG and architectural constraint requirements of
the standard must be verified for each element of the safety
function when using Route 1H. The manufacturer will be entitled to
use the Functional Safety Logos.
exida T-023 V2R3 www.exida.com Page 2 of 17
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc exida T-023
V2R3 www.exida.com Page 3 of 17
Table of Contents Management Summary
...................................................................................................
2 1 Purpose and Scope
...................................................................................................
4 2 Project
Management..................................................................................................
5
2.1
exida...............................................................................................................................5
2.2 Roles of the parties
involved...........................................................................................5
2.3 Standards and Literature
used........................................................................................5
2.4 Reference
documents.....................................................................................................5
2.4.1 Documentation provided by Quality Hydraulic Power Ltd.
...................................5 2.4.2 Documentation generated
by
exida.....................................................................7
3 Product Description
...................................................................................................
8 4 IEC 61508 Functional Safety
Assessment...............................................................
10
4.1 Methodology
.................................................................................................................10
4.2 Assessment
Level.........................................................................................................10
4.3 Product
Modifications....................................................................................................11
5 Results of the IEC 61508 Functional Safety
Assessment........................................ 12 5.1 Lifecycle
Activities and Fault Avoidance Measures
......................................................12
5.1.1 Functional Safety Management
.........................................................................12
5.1.2 Safety Requirements Specification and Architecture
Design.............................13 5.1.3 Hardware Design
...............................................................................................13
5.1.4 Validation
...........................................................................................................13
5.1.5 Verification
.........................................................................................................13
5.1.6 Proven In Use
....................................................................................................14
5.1.7 Modifications
......................................................................................................14
5.1.8 User Documentation
..........................................................................................14
5.2 Hardware
Assessment..................................................................................................15
6 Terms and
Definitions..............................................................................................
16 7 Status of the Document
...........................................................................................
17
7.1 Liability
..........................................................................................................................17
7.2 Releases
.......................................................................................................................17
7.3 Future
Enhancements...................................................................................................17
7.4 Release
Signatures.......................................................................................................17
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc exida T-023
V2R3 www.exida.com Page 4 of 17
1 Purpose and Scope This document shall describe the results of
the IEC 61508 functional safety assessment of the QHP Bladder
Accumulator by exida according to the requirements of IEC 61508:
ed2, 2010.
The results of this provides the safety instrumentation engineer
with the required failure data as per IEC 61508 / IEC 61511 and
confidence that sufficient attention has been given to systematic
failures during the development process of the device.
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc exida T-023
V2R3 www.exida.com Page 5 of 17
2 Project Management
2.1 exida exida is one of the worlds leading accredited
Certification Bodies and knowledge companies specializing in
automation system safety and availability with over 300 years of
cumulative experience in functional safety. Founded by several of
the worlds top reliability and safety experts from assessment
organizations and manufacturers, exida is a global company with
offices around the world. exida offers training, coaching, project
oriented system consulting services, safety lifecycle engineering
tools, detailed product assurance, cyber-security and functional
safety certification and a collection of on-line safety and
reliability resources. exida maintains the largest process
equipment database of failure rates and failure modes with over 60
billion unit operating hours.
exida is the market leader for IEC 61508 certification for
currently active marketed products.
2.2 Roles of the parties involved Quality Hydraulic Power Ltd.
Manufacturer of the QB Series Bladder Accumulator
exida Performed the hardware assessment
exida Performed the IEC 61508 Functional Safety Assessment
FMC Technologies contracted exida in September of 2012 with the
IEC 61508 Functional Safety Assessment of the above mentioned
device.
2.3 Standards and Literature used The services delivered by
exida were performed based on the following standards /
literature.
[N1] IEC 61508 (Parts 1 - 7): ed2, 2010
Functional Safety of Electrical/Electronic/Programmable
Electronic Safety-Related Systems
2.4 Reference documents 2.4.1 Documentation provided by Quality
Hydraulic Power Ltd. [D1] 170-9066, Rev 1, 2/27/09
QB010-A06-F17-341 Assy Dwg [D2] 030-1011, Rev 4, 11/8/12 Gas Valve
Assembly Drawing [D3] BA 690Bar; V3-1; QHP Bladder Accumulators
690Bar Data Sheet [D4] IOM-QB; Iss 3; 2/1/09 IOM Manual - Bladder
Accumulators [D5] IOM-QP; Iss 2; 3/1/08 IOM Manual - Piston
Accumulators [D6] PCP567, Rev A, 7/30/13 QB Series Bladder
Accumulator Safety Manual [D7] P Test Plan; Rev C; 7/23/12 Piston
Accumulator Test Plan - Sample [D8] PCP 507; Rev A; 8/12/09
Assembly and Testing Procedure [D9] Test Certificate, 7/22/13 Test
Results - Sample
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc exida T-023
V2R3 www.exida.com Page 6 of 17
[D10] QM; Iss 3; Rev 4; 8/29/12 Quality System Manual [D11] Cert
ISO; 12/1/12 QHP ISO 9001:2008 Certificate [D12] QM 3.2; Iss 3; Rev
4; 8/1/12 Employee Job Description [D13] QM 8.2.2; Iss 3; Rev
5;
2/12/13 Internal Auditing Procedure
[D14] QP102; Iss 5; Rev 1; 8/1/12 Sub-Contractor QA Audit
Procedure [D15] QP102 App A-Sample; Iss 5;
Rev 1 (Form); QHP Vendor Evaluation /Audit Questionnaire -
Sample
[D16] QP102 App B-Sample; Iss 5; Rev 1 (Form);
QHP Vendor Rating Report - Sample
[D17] QP103; Iss 5; Rev 2; 8/1/12 Design Control, Development,
Validation & Review Procedure
[D18] QP106 App J -Sample; Iss 5; Rev 1 (Form); 11/21/11
Accumulator Design Requirements and Review - Sample
[D19] QP106 App K; Iss 5; Rev 1 (Form); 8/1/12
QHP Contract Review Checklist
[D20] QP107; Iss 5; Rev 1; 8/1/12 Control and Calibration of
Measuring and Inspection Equipment Procedure
[D21] QP108; Iss 5; Rev 2; 7/1/13 Document and Change Control
Procedure [D22] QP108 App A-Sample; Iss 5;
Rev 1 (form); 12/5/12 Design Change Sample
[D23] QP110; Iss 5; Rev 2; 7/1/13 Non-Conformance, Corrective
Action and Evaluation Procedure
[D24] QP111; Iss 5; Rev 2; 7/1/13 Purchasing Control Procedure
[D25] QP113; Iss 5; Rev 2; 8/1/12 Procedure for Inspection &
Testing [D26] QP116; Iss 5; Rev 1; 8/1/12 Procedure for Quality
Control Monthly report [D27] QP118; Iss 5; Rev 0; 10/1/09 Procedure
for Investigation and Analysis of Customer
Complaints [D28] QP119; Iss 5; Rev 1; 8/1/12 Learning, Training
and Development Procedure [D29] Shipments Qty; n/a; 3/8/13 Shipment
Totals Report [D30] Complaints; n/a; Complaint Analysis Summary
[D31] Customer Data; n/a; Serial Number and Customer Information
Records [D32] SIL Training; n/a; 12/16/12 Training Session Record -
61508 SIL Training [D33] Skills; n/a; Skills and Training Matrix
[D34] Management Review,
1/22/13 Management Review Meeting - Sample Meeting Minutes
[D35] Training-Sample; 5/22/12 Training and Performance Review -
Sample
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc exida T-023
V2R3 www.exida.com Page 7 of 17
2.4.2 Documentation generated by exida [R1] QHP Accumulator
FMEDA
R2.xls, 6/18/2013 Failure Modes, Effects and Diagnostic
Analysis,- QB Series Bladder Accumulator (internal document)
[R2] QHP Q12/07-034 R001 V1R2, 6/19/2013
FMEDA report - QB Series Bladder Accumulator
[R3] QHP Accumulators SafetyCaseDB IEC61508 R2.esc
QHP Bladder Accumulator IEC 61508 Compliance SafetyCaseDB
(internal database)
[R4] PIU QHP Accumulators R2.xls, 6/19/2013
Proven In Use analysis (internal document)
[R5] QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc,
8/20/2013
IEC 61508 Functional Safety Assessment for QHP Bladder
Accumulator (This document)
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc
3 Product Description The Quality Hydraulic Power Ltd. QB Series
Bladder Accumulator are a series of elastomeric bladder based
hydraulic accumulators used to store potential energy. These
hydraulic accumulators store energy using a compressible and inert
gas such as Nitrogen. The energy storage (compressed gas) is then
utilized to exert force against a non-compressible fluid upon entry
into the accumulator. The gas and fluid are separated by an
elastomeric bladder.
Typically these can be used to store or receive hydraulic energy
used in the activation of a final element subassembly for a Safety
Instrumented Function (SIF).
The safety function for the Accumulator is to allow the final
element subassembly to move to the safe position when the system is
de-energized / energized depending upon the system
configuration.
A second specialized application for a QB Series Bladder
Accumulator was also included in this evaluation. For this specific
application the Accumulator is used on a Low Pressure hydraulic
return line and has check valves to isolate the bladder from other
transient pressures on the main return line. The purpose is that
when a device needs to quickly dump its pressure, that this will
still happen quickly and at a low pressure even if there are other
conditions which are causing a higher pressure in the return line.
A typical application for this mode is shown in Figure 1 where item
BA2 is the Bladder Accumulator.
Figure 1 Specialized Low Pressure Return Line application
Table 1 gives an overview of the different versions that were
considered in the IEC 61508 assessment of the Series QB
Accumulator.
exida
T-023 V2R3 www.exida.com Page 8 of 17
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc exida T-023
V2R3 www.exida.com Page 9 of 17
Table 1 Version overview
Device Description / Application
QB Accumulator QB Series Bladder Accumulator 10 Litre size
QB Accumulator QB Series Bladder Accumulator 10 Litre size, Low
Pressure Return Line Application
The QB Series Bladder Accumulator is classified as a Type A1
device according to IEC 61508, having a hardware fault tolerance of
0.
1 Type A element: Non-Complex element (using discrete
components); for details see 7.4.4.1.2 of IEC 61508-2, ed2,
2010.
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc exida T-023
V2R3 www.exida.com Page 10 of 17
4 IEC 61508 Functional Safety Assessment The IEC 61508
Functional Safety Assessment was performed based on the information
received from Quality Hydraulic Power Ltd. and is documented in the
SafetyCase [R3].
4.1 Methodology The full functional safety assessment includes
an assessment of all fault avoidance and fault control measures
during hardware and software development (if applicable) and
demonstrates full compliance with IEC 61508 to the end-user. The
assessment considers all requirements of IEC 61508. Any
requirements that have been deemed not applicable have been marked
as such in the full Safety Case report, e.g. software development
requirements for a product with no software. The assessment also
includes a review of existing manufacturing quality procedures to
ensure compliance to the quality requirements of IEC 61508.
As part of the IEC 61508 functional safety assessment the
following aspects have been reviewed:
Development process, including: o Functional Safety Management,
including training and competence recording, FSM
planning, and configuration management
o Specification process, techniques and documentation o Design
process, techniques and documentation, including tools used o
Validation activities, including development test procedures, test
plans and reports,
production test procedures and documentation
o Verification activities and documentation o Modification
process and documentation o Installation, operation, and
maintenance requirements, including user documentation o
Manufacturing Quality System
Product design o Hardware architecture and failure behavior,
documented in a FMEDA
The review of the development procedures is described in section
5.1. The review of the product design is described in section
5.2.
4.2 Assessment Level The QB Series Bladder Accumulator has been
assessed per IEC 61508 to the following levels:
Systematic Capability SC 3 (SIL 3 capability) as the Proven In
Use analysis justified that this device is suitable for use in
applications with a maximum Safety Integrity Level of 3 (SIL 3)
according to IEC 61508.
Architecture Constraint limitations of SIL 2 for a single device
if the SFF for the complete final element is >60% when using
Route 1H.
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc exida T-023
V2R3 www.exida.com Page 11 of 17
4.3 Product Modifications Quality Hydraulic Power Ltd. may make
modifications to this product as needed. Modifications shall be
classified into two types:
Type 1 Modification: Changes requiring re-certification, which
includes the re-design of safety functions or safety integrity
functions and all other changes that do not fit into the Type 2
category.
Type 2 Modification: Changes allowed to be made by Quality
Hydraulic Power Ltd. without requiring re-certification provided
that:
o A competent person from QHP has evaluated and documented that
the change does not affect the Form, Fit or Function of the device.
(For example: the wording or location of the nameplate)
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc exida T-023
V2R3 www.exida.com Page 12 of 17
5 Results of the IEC 61508 Functional Safety Assessment exida
assessed the development process used by Quality Hydraulic Power
Ltd. for this development against the objectives of IEC 61508 parts
1 and 2. This assessment was performed on-site and is documented in
the SafetyCase [R3].
The current development process is fully compliant with IEC
61508. However, portions of the 10 Litre Bladder Accumulator were
developed prior to the establishment of this IEC 61508 SIL 3
compliant development process. Consequently for the evaluation of
systematic fault avoidance measures, proven in use claims were also
considered in addition to the existing design documentation and
additional documented safety analysis which showed the design
integrity. The SafetyCase was created with project specific design
documents.
5.1 Lifecycle Activities and Fault Avoidance Measures Quality
Hydraulic Power Ltd. has a defined product lifecycle process in
place. This is documented in QHPs Quality Management System which
is ISO 9001 approved. No software is part of the design and
therefore any requirements specific from IEC 61508 related to
software and software development do not apply.
The assessment investigated the compliance with IEC 61508 of the
processes, procedures and techniques as implemented for product
design and development. The investigation was executed using
subsets of the IEC 61508 requirements tailored to the SIL 3 work
scope of the development team. The defined product lifecycle
process was modified as a result of a previous audit which showed
some areas for improvement. However, given the simple nature of the
safety function and the extensive proven field experience for
existing products QHP was able to demonstrate that the objectives
of the standard have been met. The result of the assessment can be
summarized by the following observations: The audited Quality
Hydraulic Power Ltd. design and development process complies with
the relevant managerial requirements of IEC 61508 SIL 3.
5.1.1 Functional Safety Management FSM Planning Quality
Hydraulic Power Ltd. has a defined process in place for product
design and development. Required activities are specified along
with review and approval requirements. This is primarily documented
in QP103 [D17]. Templates, forms and sample documents are provided.
The same process is used for modifications. This process and
procedures referenced herein fulfill the requirements of IEC 61508
with respect to functional safety management for a product with
simple complexity and well defined safety functionality.
Version Control Quality Hydraulic Power Ltd. Procedure QP108
[D21] requires that all documents be version controlled. Document
revisions were evident during the audit.
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc exida T-023
V2R3 www.exida.com Page 13 of 17
Training, Competency recording QP119 requires the Human Resource
department to maintain training records of education, experience,
training and qualifications for all personnel. Department heads are
responsible for identifying and providing the training needs for
their department as well as proficiency evaluations. The procedures
and records were examined and found up-to-date and sufficient.
Quality Hydraulic Power Ltd. hired exida to be the independent
assessor per IEC 61508 and to provide specific IEC 61508
knowledge.
5.1.2 Safety Requirements Specification and Architecture Design
For the Series QB Accumulator, the simple safety functionality is
the primary functionality of the product (supply / store hydraulic
energy). Therefore no special Safety Requirements Specification was
needed. The normal functional requirements were sufficient. As the
Accumulators are relatively simple and are based upon standard
designs with extensive field history, no semi-formal methods are
needed. General design and testing methodology is documented and
required as part of the design process. This meets SIL 3.
5.1.3 Hardware Design The design process is documented in QP103
[D17]. Items from IEC 61508-2, Table B.2 include observance of
guidelines and standards (PED, API NACE, ATEX), project management,
documentation (design outputs are documented per quality
procedures), structured design, modularization, use of well-tried
components, and computer-aided design tools. This meets SIL 3.
5.1.4 Validation Validation Testing is done via a documented
plan created that links to the products requirements specifications
and also includes compliance testing per application and agency
standards. QHP also maintains a set of standard tests that are used
to validate their designs and production units. As the QHP Bladder
Accumulator is a purely mechanical device with a simple safety
function, there is no separate integration testing necessary. The
10 Litre Bladder Accumulator performs only one Safety Function,
which is extensively tested under various conditions during
validation testing.
Items from IEC 61508-2, Table B.3 include functional testing,
project management, documentation, and black-box testing (for the
considered devices this is similar to functional testing). Field
experience and statistical testing via regression testing are not
applicable. This meets SIL 3.
Items from IEC 61508-2, Table B.5 included functional testing
and functional testing under environmental conditions, project
management, documentation, failure analysis (analysis on products
that failed), expanded functional testing, black-box testing, and
fault insertion testing. This meets SIL 3.
5.1.5 Verification The development and verification activities
are also defined in QP103 [D17]. For each design phase the
objectives are stated, the required input and output documents are
specified and necessary review activities are determined.
Verification activities also included a design FMEA and review, a
third party FMEDA, and other reviews of the tests and test results.
The results of these activities were documented and reviewed. This
meets SIL 3.
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc exida T-023
V2R3 www.exida.com Page 14 of 17
5.1.6 Proven In Use In addition to the Design Fault avoidance
techniques listed above, a Proven in Use evaluation was carried out
on the QB Series Bladder Accumulator during the certification
activity. Shipment records from 2008 to 2012 were used to determine
that the Series QB Accumulators have >300 million operating
hours and that they have demonstrated a field failure rate in line
with the failure rates indicated in the FMEDA reports. This meets
the requirements for Proven In Use for SIL 3.
5.1.7 Modifications Modifications are initiated per QP108 Change
Control procedure. All changes are first reviewed and analyzed for
impact before being approved. This certification only allows QHP to
make Type 2 changes that have no effect on the Form, Fit or
Function of the Accumulator without having to be re-certified.
5.1.8 User Documentation Quality Hydraulic Power Ltd. has
created a Safety Manual for the 10 Litre Bladder Accumulator, see
[D6]. This safety manual was assessed by exida. It contained all
required information given the simplicity of the products. The
FMEDA reports are available and they contain failure rate, failure
mode, useful life and suggested proof test information. The
combination of the Safety Manual and the FMEDAs are considered to
be in compliance with the requirements of IEC 61508.
Requirements from IEC 61508-2, Table B.4 that have been met by
Quality Hydraulic Power Ltd. include operation and maintenance
instructions, user friendliness, maintenance friendliness, project
management, documentation, limited operation possibilities (the
products perform well-defined actions) and operation only by
skilled operators (operators familiar with this type of equipment,
although this is partly the responsibility of the end-user). This
meets the requirements for SIL 3.
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc exida T-023
V2R3 www.exida.com Page 15 of 17
5.2 Hardware Assessment To evaluate the hardware design of the
10 Litre Bladder Accumulator, a Failure Modes, Effects, and
Diagnostic Analysis was performed by exida for each component in
the system. This is documented in [R1] and [R2].
A Failure Modes and Effects Analysis (FMEA) is a systematic way
to identify and evaluate the effects of different component failure
modes, to determine what could eliminate or reduce the chance of
failure, and to document the system in consideration. An FMEDA
(Failure Mode Effect and Diagnostic Analysis) is an FMEA extension.
It combines standard FMEA techniques with extension to identify
online diagnostics techniques and the failure modes relevant to
safety instrumented system design.
From the FMEDA failure rates are derived for each important
failure category. All failure rate analysis results and useful life
limitations are listed in the FMEDA report [R2].
Note, as the Series QB Accumulator is only one component of a
final element, the SFF must be calculated for the entire final
element combination if following the Route 1H hardware
architectural constraints. It is the end users responsibility to
confirm this for each particular application and to include all
components of the final element in the calculations.
The analysis shows that the design of the Series QB Accumulator
can meet the hardware requirements of IEC 61508, SIL 3 and SIL 2
depending on the complete final element design. The Hardware Fault
Tolerance, PFDAVG, and Safe Failure Fraction (when not following
Route 2H) requirements of the IEC 61508 must be verified for each
specific design.
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc exida T-023
V2R3 www.exida.com Page 16 of 17
6 Terms and Definitions Automatic Diagnostics Tests performed on
line internally by the device or, if specified, externally
by another device without manual intervention.
exida criteria A conservative approach to arriving at failure
rates suitable for use in hardware evaluations utilizing the 2H
Route in IEC 61508-2.
Fault tolerance Ability of a functional unit to continue to
perform a required function in the presence of faults or errors
(IEC 61508-4, 3.6.3)
FIT Failure In Time (1x10-9 failures per hour)
FMEDA Failure Mode Effect and Diagnostic Analysis
HFT Hardware Fault Tolerance
Low demand mode Mode, where the demand interval for operation
made on a safety-related system is greater than twice the proof
test interval.
PFDAVG Average Probability of Failure on Demand
PVST Partial Valve Stroke Test
It is assumed that the Partial Stroke Testing, when performed,
is automatically performed at least an order of magnitude more
frequent than the proof test, therefore the test can be assumed an
automatic diagnostic. Because of the automatic diagnostic
assumption the Partial Valve Stroke Testing also has an impact on
the Safe Failure Fraction.
Random Capability The SIL limit imposed by the Architectural
Constraints for each element.
SFF Safe Failure Fraction summarizes the fraction of failures,
which lead to a safe state and the fraction of failures which will
be detected by diagnostic measures and lead to a defined safety
action.
SIF Safety Instrumented Function
SIL Safety Integrity Level
SIS Safety Instrumented System Implementation of one or more
Safety Instrumented Functions. A SIS is composed of any combination
of sensor(s), logic solver(s), and final element(s).
Type A element Non-Complex element (using discrete components);
for details see 7.4.4.1.2 of IEC 61508-2
-
QHP 12-07-034 R002 V1R1 IEC 61508 Assessment.doc
7 Status of the Document
7.1 Liability exida prepares reports based on methods advocated
in International standards. exida accepts no liability whatsoever
for the use of this report or for the correctness of the standards
on which the general calculation methods are based.
7.2 Releases Version: V1 Revision: R1 Version History: V1, R1:
Released; August 20, 2013 V0, R1: Draft; August 15, 2013 Authors:
Gregory Sauk Review: Steven Close; August 20, 2013 Release status:
Released
7.3 Future Enhancements At request of client.
7.4 Release Signatures
Gregory Sauk, CFSE, Senior Safety Engineer
Steven Close, Senior Safety Engineer
exida T-023 V2R3 www.exida.com Page 17 of 17
Management SummaryTable of Contents1 Purpose and Scope2 Project
Management2.1 exida2.2 Roles of the parties involved2.3 Standards
and Literature used2.4 Reference documents2.4.1 Documentation
provided by Quality Hydraulic Power Ltd.2.4.2 Documentation
generated by exida
3 Product Description4 IEC 61508 Functional Safety Assessment4.1
Methodology4.2 Assessment Level4.3 Product Modifications
5 Results of the IEC 61508 Functional Safety Assessment5.1
Lifecycle Activities and Fault Avoidance Measures5.1.1 Functional
Safety Management5.1.2 Safety Requirements Specification and
Architecture Design5.1.3 Hardware Design5.1.4 Validation5.1.5
Verification5.1.6 Proven In Use5.1.7 Modifications5.1.8 User
Documentation
5.2 Hardware Assessment
6 Terms and Definitions7 Status of the Document7.1 Liability7.2
Releases7.3 Future Enhancements7.4 Release Signatures
/ColorImageDict > /JPEG2000ColorACSImageDict >
/JPEG2000ColorImageDict > /AntiAliasGrayImages false
/CropGrayImages true /GrayImageMinResolution 300
/GrayImageMinResolutionPolicy /OK /DownsampleGrayImages true
/GrayImageDownsampleType /Bicubic /GrayImageResolution 300
/GrayImageDepth -1 /GrayImageMinDownsampleDepth 2
/GrayImageDownsampleThreshold 1.50000 /EncodeGrayImages true
/GrayImageFilter /DCTEncode /AutoFilterGrayImages true
/GrayImageAutoFilterStrategy /JPEG /GrayACSImageDict >
/GrayImageDict > /JPEG2000GrayACSImageDict >
/JPEG2000GrayImageDict > /AntiAliasMonoImages false
/CropMonoImages true /MonoImageMinResolution 1200
/MonoImageMinResolutionPolicy /OK /DownsampleMonoImages true
/MonoImageDownsampleType /Bicubic /MonoImageResolution 1200
/MonoImageDepth -1 /MonoImageDownsampleThreshold 1.50000
/EncodeMonoImages true /MonoImageFilter /CCITTFaxEncode
/MonoImageDict > /AllowPSXObjects false /CheckCompliance [ /None
] /PDFX1aCheck false /PDFX3Check false /PDFXCompliantPDFOnly false
/PDFXNoTrimBoxError true /PDFXTrimBoxToMediaBoxOffset [ 0.00000
0.00000 0.00000 0.00000 ] /PDFXSetBleedBoxToMediaBox true
/PDFXBleedBoxToTrimBoxOffset [ 0.00000 0.00000 0.00000 0.00000 ]
/PDFXOutputIntentProfile () /PDFXOutputConditionIdentifier ()
/PDFXOutputCondition () /PDFXRegistryName () /PDFXTrapped
/False
/CreateJDFFile false /Description > /Namespace [ (Adobe)
(Common) (1.0) ] /OtherNamespaces [ > /FormElements false
/GenerateStructure false /IncludeBookmarks false /IncludeHyperlinks
false /IncludeInteractive false /IncludeLayers false
/IncludeProfiles false /MultimediaHandling /UseObjectSettings
/Namespace [ (Adobe) (CreativeSuite) (2.0) ]
/PDFXOutputIntentProfileSelector /DocumentCMYK /PreserveEditing
true /UntaggedCMYKHandling /LeaveUntagged /UntaggedRGBHandling
/UseDocumentProfile /UseDocumentBleed false >> ]>>
setdistillerparams> setpagedevice