At the 24th Annual ARC Industry Forum in Orlando, Florida, February 3 - 6, the HIMA Workshop presented the company’s strategic roadmap and new services complementing the HIMA Smart Safety Platform (SSP). In the workshop, Peter Sieber, Vice President Norms and Standards, HIMA, explained how optimizing safety compliance and safety costs requires consistent handling of information throughout the various plant lifecycle phases. He described HIMA’s optimization solution that connects with functional safety implementation throughout plant engineering-related phases. The solution also supports operational phases, enabling operators to maintain required safety reviews while supporting a structured process for managing change. The workshop video is available at: HIMA Workshop.
Reducing Risk and Optimizing Safety Expenditures
Two years ago at the Forum, Peter introduced what HIMA termed the Security Environment for Functional Safety. Subsequently, an official technical report was published by the IEC describing what is meant by the Security Environment for Functional Safety.
Last year Peter spoke about the possibility to utilize hard functionalities, actively accessed by the Safety Controller, to improve loop checks and commissioning activities. Today, the first project where this has been done extensively is being completed. At the workshop, he covered different aspects related to functional safety; adding that a lot of them are somehow related to security. In this context, he spoke about IoT/Industry 4.0 for functional safety and what needs to be done to implement IoT solutions to mitigate process risks.
According to the IEC regulations, process risk is defined as the product of consequences of a hazardous event and the frequency of the occurrence of such hazardous events.
Functional Safety Standards and Internet of Things (IoT)
Those engaged in deploying functional safety standards for the process industry in the IEC should provide different layers of application protection depending on time criticality and individual malfunction, said Peter. He explained how the three layers - process, basic process control systems, and safety instrumented systems - can be integrated to reduce risk. He went on to speak about “zero three” solutions. It is called zero three because, such a solution is able to maintain a risk reduction of at least 1,000. Although IoT/ Industry 4.0 increases the security hazards, the speed of change (for models and functionalities) accelerates. For the safety instrumented systems, the setup is rather static. “And if you're looking at the engineering processes, there is a lot of manual rework required in order to implement changes,” said Peter.
Key Question: How to Increase Flexibility?
One of the key questions is how to ensure that functional safety is more flexible and can adapt to changes with agility. The answer could be coupling and integration, so that a single layer is created. But in this one-layer situation, the common elements, such as operating systems, network protocols, dedicated micro electronic systems, etc., should be compliant with some of the risk reduction of the two layers that were existing before. This becomes a technical burden, which many are unaware of, explained Peter.
We need to be ready for the implementation of IoT solutions; and for this we need to be aware of what existing practices need to be changed and how to do it. Based on HIMA’s experiences at projects, they believe that to support IoT compliant flexibility and workflows, both what and how are important.
IoT/Industry 4.0 Address these Requirements
To optimize the overall cost of safety and achieve safety excellence, an integrated risk management system is required, said Peter. Demonstrating a process workflow, Peter said that first a process hazard and safety analysis needs to be done, followed by a layer of protection analysis. Next, the safety requirements need to be specified; then comes the design and bid phase; and test and maintain. Finally, the systems are operated and then a dedicated management of change needs to be implemented. All this has to be governed by dedicated safety planning and by the implementation of a dedicated assessment and audit trail. This is the theoretical angle; but practical implementation comes with many challenges at every phase. To do all this more efficiently, it would be better to have one platform oriented database system that has all the information in one homogeneous system (Safety Lifecycle Manager) with full control on the correlation between the hazards identified and the functionality; this will simplify effort and time (less iterations), while improving quality and reliability.
HIMA has a lot of functional safety management activities. In the past, this was done either manually or by multiple tools. What the company provides now is a safety lifecycle management platform using a database for all the information processing, having the safety related engineering tool in the middle. This is done for the safety related aspects, but the same platform can also be used for security aspects, for resources and other risk drivers, so that you can have one enterprise-wide system where you can do your entire risk management. This integrated tool can track the safety organization, the safety data required for running the application, the safety stipulations that need to be maintained, the safety background information, KPI monitoring etc.
He went on to speak about the “security zone” for functional safety. This covers the engineering stations for the controllers with bi-directional communication (internal and external).
This is the IoT workspace for functional safety as it uses open communication technology and this is HIMA’s concept of how to implement IoT technology for flexibility and adaptability. The workshop elicited interactive discussions on IoT technology.
Security for Functional Safety
HIMA does 99 percent of the software development inhouse, which is relatively stable and error-free. Their customers are running about 35,000 of their systems around the world, and not a single security relevant incident has been recorded. In the security environment for functional safety, there are interfaces to import and export data. Another important aspect is how to do the rollover from the information domain to the safety domain. Information is handed over to the engineering platform, which is TUV certified.
Practical implementations have shown that time saved for completion of the SRS (software requirement services), are in the range of 35 percent; and man hour savings for the overall maintenance of the safety lifecycle goes well beyond 70 percent. The future roadmap focuses on the secure connection of mobile workers, encrypted communication via the internet, interface control and internal network segmentation with firewalls, as well as the networking of highly critical systems and “data diodes.”