Previous chapters have discussed safety as an inherent part of the design process - AS IT MUST BE. These include elements such as making stops normally closed, starts normally open, systems return to safe inherently, programs that are predictable, etc. There are a variety of systems for evaluating and managing safety issues from a range of groups including NASA, DOD, and many more.
These standards cover electrical, electronic, and programmable electronic systems. Three categories of software languages covered by the standard
FPL (Fixed Programming Language) - a very limited approach to programming. For example the system is programmed by setting parameters.
LVL (Limited Variability Language) - a language with a strict programming model, such as ladder logic.
FVL (Full Variability Language) - a language that gives full access to a systems, such as C.
Dangers can be estimated using a Safety Integrity Level (SIL) - the safety requirements for a function in a system. These estimates of failure can be calculated using individual component reliability, historical data, and some careful consideration. Typical probabilities of failure by type of system are given below.
High Demand or continuous mode:
System safety levels are defined with one of the three categories below.
SIF (Safety Instrumented Function) - The SIL for each function is chosen to ensure an overall system functionality.
SIS (Safety Instrumented System) - A combined system with one or more logic processors.
SFF (Safe Failure Fraction) - the ratio of safe and dangerous detected failures to the total failures.
To calculate the SFF and/or overall system failure probability there is a need to refer to the relevant statistical theory. Some of the common approaches are listed.
- do an FMEA for each system component in the system
- classify failure modes as safe or dangerous
- calculate the probabilities of safe/dangerous failures (S/D [0, 1])
- estimate the fraction of the failures that can be detected (F [0, 1])