Functional Safety Verification

Safety-critical systems are designed to prevent harm to people, the environment, and property by ensuring safe and reliable operation even in the presence of faults or failures.

These systems are used throughout industrial automation processes across a range of industries from nuclear power to food and drink. Functional safety verification is the process of testing, analysis, and review that provides assurance that a system’s safety functions meet defined requirements and operate correctly under all foreseeable conditions.

Functional safety verification is only as robust as the standards that define it, making frameworks like IEC 61511 and ISO 13849 essential pillars of modern safety engineering. These standards provide structured methodologies to assess, test, and validate safety functions, ensuring they perform reliably under real-world conditions. Without such rigorous guidelines, inconsistencies in safety-critical systems could lead to catastrophic failures, endangering lives, the environment, and business continuity. By adhering to these internationally recognized standards, industries can systematically eliminate risks, enhance system integrity, and achieve regulatory compliance, ultimately fostering a culture of safety and accountability.

Key Standards & Their Role

IEC 61508 is the foundational standard for functional safety, providing a framework for the design, implementation, and verification of safety-related systems across all industries. It establishes Safety Integrity Levels (SILs) and outlines best practices for hardware and software safety to minimize systematic and random failures.

In practice, the IEC 61511 applies IEC 61508 principles specifically to the process industry, ensuring that Safety Instrumented Systems (SIS) operate reliably in sectors like oil & gas and chemicals. It mandates lifecycle-based verification to confirm compliance with risk reduction targets.

Meanwhile, ISO 13849 focuses on the machinery safety, using Performance Levels (PL) instead of SILs to assess the reliability of safety-related control functions. It ensures that mechanical, electrical, and programmable systems effectively mitigate hazards.

In short, IEC 61508 serves as the umbrella standard, with IEC 61511 and ISO 13849 adapting its principles into industry-specific needs, ensuring robust functional safety criteria across different domains.

The Verification Process

Since founding 6 Engineering in 2011, Nick Howard FSEng has witnessed firs thand the inconsistencies - and at times, a fundamental lack of understanding - surrounding the functional safety verification process. In the following paragraphs, he shares key lessons learned, aiming to enhance industry knowledge of this critical discipline.

"A robust verification exercise, aligned with all relevant safety standards, must begin with clear evidence that the risk findings from the hazard and risk assessment have been accurately captured in the Safety Requirements Specification (SRS). During verification, we meticulously review the SRS, wiring diagrams, and reliable block diagrams to ensure consistency between the documentation and the intended safety function. However, experience tells us that alignment is often lacking. The next step involves reviewing equipment safety manuals to extract failure rate data for individual components. While seemingly straightforward, failure rate data is often presented in ways that require standardization before meaningful verification calculations can be performed. Correcting and aligning this data ensures accurate assessment of the system’s architecture and overall system reliability."

Once calculations are performed against Safety Integrity Level (SIL) for the process safety and Performance Level (PL) for machinery safet - they provide a binary conclusion of whether the function meets its safety integrity. However, verification does not stop there. If a function fails to meet the required integrity, our approach at 6 Engineering is to collaborate with the designers, exploring parameters such as test intervals, component quality, system architecture, and voting logic to suggest potential improvements. As verifiers, we do not design the system and cannot enforce changes, but we can re-run the verification calculations if adjustments are made.

A final key observation from experience is the importance of understanding the component selection process. Designers sometimes assume that incorporating high-integrity components automatically guarantees the required safety integrity leve - but this is a widely held misconception. Purchasing and installing SIL 2-rated sensors across the board does not meet all the safety functions without the intended architecture requirement. In holistic approach, considering system architecture, redundancy, and verification calculations, is essential to achieving genuine functional safety compliance.

To talk to Nick or another member of our team about machinery risk assessments, technical safety validation, or functional safety verification, please contact us.