Functional Safety Training

Sella Controls and C&C Technical Support Services (C&C) have over 50 years of experience in the process sector specialising in the application of the IEC 61508 and IEC 61511 standards for Functional Safety. The company provides expert engineering training and consultancy support to global process industries including oil and gas, petrochemical, power generation (including nuclear) and water. The training provision benefits from blending a wide spectrum of practical experience into all courses. This is taken form the many years of extensive involvement in Process Hazard Analysis, SIL determination risk assessment methods, SIS design, SIS verification, SIS validation as well as operations and maintenance activities. The company also has a ‘proven-in-use’ methodology for undertaking Functional Safety Assessments for FS related projects and operations and maintenance.

Information on each course we provide, can be found in the table or alternatively, you can click the link to download our full training brochure below.

Functional Safety Engineer (TÜV Rheinland) SIS

Description

The FS Engineer (TUV Rheinland) SIS Course is a four day course and is run in accordance with the TUV Rheinland Functional Safety Training Program and comprises three days of tuition and practical guidance for understanding and mastering the application, principles and requirements of IEC 61508/ IEC 61511. There is a five hour competency assessment on the fourth day. Practicval exercises will be performed throughout the course and will be based largely on real life examples.

Objectives

Led by a TÜV Rheinland Functional Safety Expert, this course helps to equip participants with the knowledge for understanding and mastering the application, principles and requirements of IEC 61508 – Functional safety of electrical/electronic/programmable electronic safety systems and IEC 61511 – Functional Safety: Safety Instrumented Systems for the Process Sector.

Attendees

  • Instrument Engineers
  • Process Engineers
  • Process Safety Engineers
  • Senior Operating personnel
  • Maintenance personnel

Eligibility Requirements

The entry requirements for this course are:

  • A minimum of 3 to 5 years of experience in the field of functional safety and safety instrumented systems.
  • University degree or equivalent engineering experience and responsibilities as certified by employer or engineering institution.

Program

Session 1

Will cover process hazard analysis and associated risk management using the most popular and internationally adopted methods and tools. Such hazards can lead to loss of life, damage to the asset, loss of production and profitability, damage to the environment and company reputation. Participants will be introduced to the concepts of the main international standards that cover this area of risk assessment and risk reduction.

Content:

  • EC 61508 and IEC 61511 background
  • Hazards, Risk and ALARP principles
  • Risk Reduction and mitigation
  • Safety Instrumented System (SIS) and Safety Instrumented Functions (SIF)
  • Types of SIF
  • Primary and Secondary Functions
  • Integrity specification of a SIF
  • SIL Determination by risk graphs
  • Risk Graph Calibration
  • SIL Determination Exercises
  • Layer Of Protection Analysis (LOPA)
  • SIL determination using LOPA
  • LOPA Exercise
  • Fault Tree Analysis (FTA)
  • SIL Determination by (FTA)
  • Case Studies with typical findings and issues

Session 2

Delegates will be taken through the requirements for a Safety Requirements Specification (SRS) and shown how to undertake appropriate cost effective designs for Safety Instrumented Systems (SIS) and Safety Instrumented Functions (SIF). The importance of testing, test coverage and maintenance strategies will be demonstrated. Participants will be instructed in methods for calculating the probability of failure on demand (PFD), safe failure fraction and hardware fault tolerance and the probability of dangerous failure per hour (PFH). The concepts of failure modes, reliability and the influence of common cause failures will also be covered.

Content:

  • Integrity Specification of a SIF
  • SIS Safety Requirements Specification
  • Selection of Components and Subsystems
  • Proven in use
  • Field Devices used in SIS
  • Failures and failure modes
  • Failure and Reliability
  • Demand Modes
  • Probability of Failure on Demand (PFD)
  • PFD Exercises
  • SIF Implementation (Low demand mode)
  • Importance of Testing and Maintenance
  • Fractional Dead Times
  • Partial Closure Testing of Valves
  • The Impact of Common Cause and Common Mode Failures
  • Safe Failure Fraction and Hardware Fault Tolerance
  • SFF Exercises
  • Calculating PFD for Low Demand Systems with Diagnostics
  • Calculating PFH for High and Continuous Demand Systems with Diagnostics
  • Reliability Data

Session 3

Introduction into application software requirements for safety instrumented systems (SIS) and the relationships between hardware and software architecture. This will include the development of application software specification, module testing requirements and integration with other SIS subsystems. The remaining lifecycle phases will also be covered including factory acceptance testing (FAT), site acceptance testing (SAT) and installation and commissioning. Further information about maintenance management and change control will also be provided.

Content:

  • Software requirements
  • Relationships between Hardware and Software Architecture
  • Application Software Requirements Specification
  • Application Software Validation Planning
  • Requirements for Application Software Architecture
  • Requirements for Support Tools, User Manuals and Application Language
  • Requirements for Application Software Development
  • Requirements for Application Module Testing
  • Integration of Application Software with SIS Subsystems
  • Requirements for Application Module Testing
  • Integration of Application Software with SIS Subsystems
  • FPL and LVL Software Modification procedures
  • Application Software Verification
  • Factory acceptance Testing
  • Installation and Commissioning
  • Site Acceptance Testing and SIS Validation
  • Fire and Gas Systems
  • SIS Overrides
  • Maintenance
  • Modifications and Change Control
  • Document Control
  • Exercises

Exam

Lasts for a duration of five hours and is split within two parts.

Part one consists of multiple choice questions and part 2 consists of multiple part questions, with the pass percentage set at 75%.

Those who do pass the exam will be added to the TUV Rheinland Functional Safety Engineers database.

Functional Safety Engineer (TÜV Rheinland) Process Hazard & Risk Analysis

Description

This 5 day FS Engineer (TÜV Rheinland) Process Hazard & Risk Analysis course is run in accordance with the TUV Rheinland Functional Safety Training Program and comprises four days of tuition and practical guidance, for understanding and mastering the application of process hazard analysis and associated risk assessment, as required for the early lifecycle phases of IEC 61508 and 61511. There is a five hour competency assessment on the fifth day. Practical exercises will be performed throughout the course which will be based on real life applications.

Objectives

The topics cover the concepts of identifying hazards, using tools such as What-If, HAZAN and HAZOP. This will be further developed into the assessment of risk and methods of risk reduction using preventative and mitigating layers of protection.

The use of Safety Integrity Levels (SIL) and SIL determination using internationally agreed methods of assessing and quantifying process risk and risk reduction requirements will be introduced. Attendees will be equipped with the knowledge and methods for undertaking various types of qualitative, semi-quantified and quantitative risk assessments.

Qualitative methods such as risk graphs and matrices will be introduced and used in practical exercises. The most popular semi-quantified method of layer protection analysis (LOPA) will be fully explored with supporting exercises.

In addition, delegates will be equipped with the knowledge and methods for undertaking various alternative methods of hazard analysis and risk assessment such as What-If Hazard Analysis, Failure Mode and Effect Analysis (FMEA), Event Tree Analysis, (ETA) and Fault Tree Analysis (FTA).

Participants will be taken through the requirements for safety management and the framework of a safety management system (SMS) for achieving effective process risk management for a green field site project lifecycle. Throughout the workshop, emphasis will be placed on experience and realistic practical exercises and case studies will be used to compliment the instruction.

Attendees

  • Process Engineers
  • Safety Engineers
  • Instrument Safety Engineers
  • Operations Personnel

Eligibility Requirements

In accordance with the TÜV Rheinland Functional Safety Program:

Participants should have a minimum of 3 years of experience in the field of functional safety and a University degree or equivalent engineering experience and responsibilities as certified by their employer or engineering institution.

Program

Session 1

To cover the concepts and principles of process related risk management and the frameworks of Major Accident Prevention Policies and Safety Management Systems.

To cover the concepts and procedures for hazard and operability studies (HAZOP) in line with the international IEC 61882 standard, by examination of system related hazards and potential operability related problems in process systems.

Content:

  • Risk management principles
  • Hazards and associated risks
  • The ALARP concept
  • Outline of EU SEVESO 2 Directive
  • Safety Management Systems (SMS)
  • Major accident prevention policy (MAPP)
  • HAZOP Guide IEC 61882
    • Definition of scope and objectives of a HAZOP study
    • HAZOP Methodology
    • Preparatory work and documentation requirements
    • Choosing the team and understanding the roles
    • Team Leader Role
    • Choosing Nodes
    • Examination by guideworks, parameters and deviations
    • The HAZOP study procedure
    • Raising actions and management
    • Documentation and reporting of HAZOP study plus formulating the report
    • Estimating HAZOP study duration
    • Life Cycle Phases of HAZOP Study
  • HAZOP exercise

Sessions 2 & 3

To achieve an understanding of the concepts and objectives of Safety Integrity Levels (SIL) determination using both qualitative and quantitative methods of risk assessments, in line with the international IEC 61508 and IEC 61511 standards.

The methods used will include risk matrices, risk graphs and Layer Protection Analysis (LOPA).

Content:

  • Introduction to IEC 61508 and IEC 61511
  • SIL
  • Qualitative methods of risk analysis
  • Risk matrix
  • Risk graph
  • Risk Graph Calibration
  • Layer of Protection Analysis – Semi Quantified Analysis
  • Analysis of hazards by causes and event frequencies
  • Independent protection layers (IPL)
  • Layers of Protection
  • Mitigation layers
  • Conditional modifiers
  • Setting tolerable risks for safety, asset and environmental consequences
  • LOPA Analysis
  • How the HAZOP/ LOPA method fits within IEC 61511
  • Combining risk assessment methods

Session 4

A number of alternative and popular methods for hazard analysis and risk assessment techniques will be discussed as well as the relationships between different methods and where they can be utilised to the best effect.

Content:

  • Other hazard and risk analysis techniques
  • What-If Analysis
  • Developing What-If questions and answers
  • What-If recommendations
  • What-If reporting
  • Failure Mode and Effect Analysis (FMEA)
  • FMEA types
  • FMEA steps
  • FMEA scales
  • Event Tree Analysis (ETA)
  • ETA Consequence spectrum
  • ETA Barriers and protection layers
  • Qualitative ETA
  • Event Tree Construction
  • Quantified ETA
  • Fault Tree Analysis (FTA)
  • Functions of “AND” and “OR” Gates
  • Fault Tree Rules
  • FTA Construction
  • Recording and reporting risk assessment findings.

Exam

The exam lasts for five hours and is split into two different parts.

Part one consists of 70 multiple choice questions, part 2 consists of 10 open questions.

The pass percentage for this exam is set at 75%.

Functional Safety Technician (TÜV Rheinland) SIS

Description

This 4 day course for the FS Technician (TÜV Rheinland) certificate is run in accordance with the TÜV Rheinland Functional Safety Training Program and comprises of three days of tuition and guidance, for understanding and mastering lifecycle phases for installation, commissioning, testing and maintenance change control of safety instrumented systems in accordance with the requirements of IEC 61508/ IEC 61511. There’s a two part competency exam on the fourth day, with practical exercises performed throughout the course.

Objectives

The objectives of this course are to provide participants with the principles, techniques and guidance for achieving good practice testing of the most common types of SIS subsystems. They will learn how testing and maintenance should be recorded to enable better reliability analysis of hardware components used in SIS subsystems, and how an optimised testing  and maintenance regime improves plant safety and availability.

During the course, emphasis will be placed on experience and realistic practical exercises, and case studies will be used to compliment the instruction.

Attendees

Technicians involved in the installation, development and/or maintenance support of electrical, electronic and programmable electronic Safety Instrumented Systems (E/E/PES) for process plant applications.

Eligibility Requirements

In accordance with the TUV Rheinland Functional Safety Training Program:

  • Technicians working with Safety Instrumented Systems for a minimum of 2 years
  • Completed TUV Rheinland Eligibility form
  • Qualification with a National Certificate, or equivalent, in a relevant technician discipline or reference letter from employer.

Program

Session 1 – 2 (am)

These introductory sessions are intended to give participants an understanding of Functional Safety in line with the international IEC 61508 and 61511 standards, and the role of safety instrumented systems (SIS) in reducing process related risk. They will be given a basic introduction to risk assessment so that they understand how Safety Integrity Levels (SIL) are established for SIS and how SIL relates to risk reduction. The basic concepts of SIS subsystem design will be discussed to give an appreciation of how this is related to the SIL.

Content:

  • Introduction to Functional Safety and the Safety Lifecycle.
  • Brief Overview of the IEC 61508 and 61511 standards
  • The concept of process related hazards and associated risks
  • An overview of the approaches and objectives of risk assessment
  • Achieving risk reduction in line with ALARP principles
  • The role of Safety Instrumented Systems in risk reduction
  • The importance of testing and maintenance in Functional Safety Management
  • The basic concepts of SIS Subsystem Design
  • The relationships between SIS design and testing requirements
  • Human factors and common cause failure issues

To aid with understanding real life examples will be used in team exercises.

Session 2 (pm) and Session 3

To give participants a firm understanding of the good practice principles of testing techniques and procedures for the most common types of SIS subsystems in line with the international IEC 61508 and 61511 standards. To demonstrate how appropriate testing and maintenance is important to sustaining reliability. To learn how testing and maintenance should be recorded to enable better reliability analysis of hardware components used in SIS subsystems and how optimised testing and maintenance regimes improves plant safety and availability.

Content:

  • SIS Installation and commissioning
  • Overall SIS Validation
  • The relationship between SIS testing, failures and reliability
  • Safe failure modes and dangerous failure modes
  • To understand and evaluate the effects of testing and maintenance on SIFs
  • Proof testing techniques for SIS and associated operational constraints:
  • Proof testing practices for measurement subsystems
  • Proof testing practices for final elements
  • Content of proof testing procedures
  • Format of proof testing procedures
  • Planning and scheduling
  • Proof test records
  • Partial closure testing of valves
  • Overrides
  • Authorisation
  • Alarms and Diagnostics
  • Modifications and management of change

Exam

The exam will take place in this session and is split into a two part proficiency examination which consists of 60 multiple choice questions and 8 open questions.

The percentage to pass is set at 75% of correct answers.

Delegates that do pass the exam will be added to the TUV Rheinland Functional Safety Technician database.

Cyber Security Specialist for IACS (TÜV Rheinland) CySEC

Description

The CySec Specialist (TUV Rheinland) SRA course is a 4 day course run in accordance with the TUV Rheinland Cyber Security Training Programme and comprises three days of tuition and practical guidance for understanding of the principles of IACS Cyber Security Risk Assessment according to the IEC 62443 standard. There is a four hour exam on the fourth day, with successful completion resulting in the participant receiving the prestigious CySec Specialist (TUV Rheinland) certificate in Security Risk Assessment.

Objectives

The objective of the course is to provide participants with a fundamental understanding of the principles of IACS Cybersecurity Risk Assessment in the process industries according to IEC 62443 and to understand:

The role and the process of Security Risk Assessment (SRA) in gaining an understanding of the security risks on the facility and their potential consequences.

The concept of Security Level – Targets (SL-T) and the Cyber Security Requirements Specification (CSRS)

The relationship between SL-T and CSRS to the design and implementation of security countermeasures that are capable and able to achieve the security requirements needed of the determined security level

Successful participants, who have sufficient experience and pass both the fundamentals and Security Risk Assessment exam, will be eligible for the prestigious CySec Specialist (TÜV Rheinland) certificate in Security Risk Assessment.

The course is based around a practical case study that will be developed across the three days of the course taking the delegate through the SRA process. The course is a modular structure of classroom tuition followed by a case study practical, which will take the participant through the SRA process as identified in IEC 62443-3.2.

Day four consists of a four-hour two-part examination based on a multiple choice and an Open SRA examination.

Attendees

  • Functional Safety Engineers
  • Process Safety Engineers
  • Technical Safety Engineers
  • Control and Instrument Engineers
  • Process Engineers
  • Operations Personnel
  • Maintenance staff
  • Consultants

Eligibility Requirements

In accordance with the TÜV Rheinland Functional Safety and Cyber Security Program:

A minimum of 3 to 5 years’ experience in a related field (e.g. Control & Instrumentation, process engineering, IT/OT, functional safety or cyber security).

University degree or equivalent engineering experience and responsibilities as certified by employer or engineering institution.