[SystemSafety] Third White Paper

Matt Squair mattsquair at gmail.com
Thu Mar 14 07:57:55 CET 2013


a slight correction, the discussion of SIL component rating is here: 

http://criticaluncertainties.com/2013/01/21/the-component-sil-rating-meme/ 

-- 
Matt Squair
Sent with Sparrow (http://www.sparrowmailapp.com/?sig)


On Thursday, 14 March 2013 at 5:41 PM, Matt Squair wrote:

> UK regulators adoption, if that's the right word, of 61508 has ended up with some interesting positions being taken.  
> 
> For example out of the Buncefield washup the UK Control of Major Hazards Competent (COMAH) Authority, as part of a post accident standards task group, recommended that companies purchase SIL qualified components. From which I deduce that COMAH at least really doesn't understand the standard...
> 
> If anyone's interested in my jaundiced view I sift through the ashes of Buncefield here. 
> 
> http://criticaluncertainties.com/2013/01/29/buncefield-the-alternate-view/
> 
> Regards-- 
> Matt Squair
> Sent with Sparrow (http://www.sparrowmailapp.com/?sig)
> 
> 
> On Thursday, 21 February 2013 at 12:47 AM, Peter Bernard Ladkin wrote:
> 
> > On 2/20/13 2:11 PM, Peter Bernard Ladkin wrote:
> > > Neither through the IEC nor through the German standardisation agencies (DIN, DKE, VDA, etc) is it
> > > possible for two versions of a standard to be in force at the same time. There comes with a standard
> > > version a Publication Date, and on this date the new version comes into force and the old version is
> > > retracted. This is automatic.
> > > 
> > 
> > 
> > Ingo Rolle, the permanent secretary of DKE GK914, just pointed out to me some complications to what 
> > I said, for example the WWW page (in German) 
> > http://www.dke.de/de/DKE-Arbeit/MitteilungenzurNormungsarbeit/2011/Seiten/DINEN61508Uebergangsfristen.aspx
> > 
> > This has to do with IEC 61508 version 2, in its German version designated VDE 0803.
> > 
> > [begin resume]
> > 
> > CENELEC, the European standardisation agency, recognised IEC 61508 V2 in May 2010, and set the 
> > following deadlines for national adoption by its member states: 1 February 2011 for national 
> > adoption and 1 May 2011 the retraction of contradictory national standards.
> > 
> > Germany published IEC 61508 V2 on 1 February 2011 and from that point on is to be taken as state of 
> > the art (one says "state of the practice" in German, Stand der Praxis). However, it is explicitly 
> > said in the German national foreword that previous versions (that is, Version 1) may be used up to 1 
> > May 2013.
> > 
> > The reasons given for this are that
> > * the IEC 61508 series is intended to operate mainly as guidance for other committees producing 
> > domain- or product-specific safety standards, and for this purpose specific deadlines are not decisive;
> > * The IEC 61508 series is not specifically associated with laws of the land, for which specific 
> > validity dates are necessary;
> > * Use of and conformance to standards is a voluntary activity and is a matter for individual 
> > responsibility; this is so also for use of new versions.
> > 
> > [end resume]
> > 
> > I find it a odd that the primary purpose of 61508 is considered to be the development of other 
> > domain-specific standards. If you read the new version of 61511, the domain-specific safety standard 
> > for the process industries, you'll read that for SW development it refers/defers to IEC 61508 Part 
> > 3. In this use, 61508 tells SW developers how to go about developing and qualifying their product. 
> > Indeed, this guidance is what SW developers in Germany ask for. I would have thought that was the 
> > primary purpose of 61508 Part 3.
> > 
> > That conformance to standards is voluntary is theoretically true but can be misleading. Laws of the 
> > land often require explicit conformance with specific standards. In the UK there is an agency, HSE, 
> > which amongst other things is tasked with evaluation of infrastructure accidents (where there is no 
> > other specialist body to do so) and prosecution of those who might have engaged in negligent 
> > behavior which led to the accident, including nowadays companies ("corporate manslaughter" is a 
> > criminal offence in GB). HSE has explicitly said it takes conformance with IEC 61508 in domains in 
> > which it primarily applies (e.g., not aerospace or medical) as the touchstone for whether to 
> > prosecute or not. That makes the "voluntary" part of conformance somewhat theoretical.
> > 
> > PBL
> > 
> > -- 
> > Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany
> > Tel+msg +49 (0)521 880 7319 www.rvs.uni-bielefeld.de
> > 
> > 
> > 
> > 
> > _______________________________________________
> > The System Safety Mailing List
> > systemsafety at TechFak.Uni-Bielefeld.DE
> > 
> > 
> > 
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20130314/29638cf0/attachment.htm>


More information about the systemsafety mailing list