Common cause and common sense, designing failure out of your safety instrumented systems (SIS)

Abstract

The ANSI/ISA S84.01-1996 and IEC 61508 (draft) standards provide guidelines for the design, installation, operation, maintenance and testing of safety instrumented systems (SIS). As part of the SIS lifecycle design process, the SIS should be evaluated not only for its safety integrity level (SIL), but also for its potential for common cause failure (CCF). A CCF occurs when a single fault results in the corresponding failure of multiple components, such as a miscalibration error on a bank of redundant transmitters. The frequency of common cause faults is difficult to estimate. The modeling techniques and available failure rate data make the predictive calculations of these failures cumbersome and the results obtained questionable. Therefore, a more meaningful way for most SIS designers is to eliminate the potential source of CCF in the SIS design, installation, operation, and maintenance. This paper will focus on how to identify potential common cause events through the application of industry standards, internal design standards or through the use of qualitative assessment techniques. The identification of these events is extremely important, because it is only after identification that strategies can be developed for eliminating or reducing their likelihood. Fortunately, many of these strategies are as simple as applying a little common sense with some good engineering practice to the SIS design.