All companies involved in the safety lifecycle are required to have a safety management system, according to IEC 61508. What the safety management process entails for a specific project is relatively clear from the standard, and is typicaly described in an overall functional safety management plan. It is, however, much less clear from the standard what is expected for a vendor producing a component that is used in a SIS, but that is a generic product rather than a specifically designed system for one particular situation.
For vendors, the safety management system should be extensive enough to support fulfillment of all four aspects of the SIL requirement the component is targeting:
- Quantitative requirements (PFD/PFH)
- Semi-quantitative and architectural requirements (HWFT, SFF, etc.)
- Software requirements
- Qualitative requirements (quality system, avoidance of systematic failures)
Quite often, system integrators and system owners experience challenges working with vendors. We’ve discussed this in previous posts, e.g. follow-up of vendors. Based on experience from several sides of the table, the following parts of a safety management system are found to be essential:
- A good system for receiving feedback and using experience data to improve the product
- Clear role descriptions, competence requirements and a training system to make sure all employees are qualified for their roles
- A good change management system, ensuring impact of changes is looked at from several angles
- A quality system that ensures continuous imrovement can occur, and that such processes are documented
- A documentation system that ensures the capabilities of the product can be documented in a trusted way, taking all changes into account in a transparent manner
A vendor that has such systems in place will have a much greater chance of delivering top quality products – than a vendor that only focuses on the technology itself. Ultra-reliable products require great organizations to stay ultra-reliable throughout the entire lifecycle.