A partner you can trust for the full safety lifecycle

NeoDyne has extensive experience and expertise in functional safety services for the full Safety lifecycle. We conduct Risk Assessments, HAZOP/ PHA and LOPA, and perform SIL Determination and Verification studies. We employ standardised statistical and analytical techniques for Safety Instrumented Systems design and complete our studies as per the relevant Process and Machine safety standards, including but not limited to IEC 61511, IEC 61508, ISO 13849 and IEC 62061. We have experience deploying Low Demand, High Demand and Continuous SIL1 to SIL3 Process and up to SIL3 / PLe machine safety systems in highly regulated industries. Our TÜV Nord, TÜV Rheinland and EXIDA certified engineers, have developed the skills to assess both standard and non-standard applications and advise where challenges arise in meeting requirements.

Risk Assessments

Risk assessments are the first and most important step on your functional safety journey. Risk assessments help you identify risks, determine if existing measures are adequate and identify risk reduction mechanisms. In Process Safety, the risk receptors are usually staff, the general public, business loss, reputation and the environment. Using international standards, including IEC 61511 and IEC 61508, NeoDyne’s team of functional safety engineers have the experience and expertise to help you identify gaps in your Safety Instrumented System (SIS) and make well-informed decisions on risk management strategies. We use both quantitative and semi-quantitative risk assessment techniques, including:

  • Hazard and Operability (HAZOP) study
  • Process Hazard Assessment (PHA)
  • Layer Of Protection Analysis (LOPA)
  • Bow Tie Analysis
  • Integrated Manufacturing System (IMS) Risk Assessment
  • Failure Modes and Effects Analysis (FMEA)
  • Quantitative Risk Assessment (QRA)

We employ cutting-edge methodologies, including Fault tree driven Markov models and RBD driven petri nets, and leverage our broad and deep industry knowledge to ensure all risks are appropriately identified and assessed.

The primary output of the Risk Assessment phase is the Safety Requirements Specification (SRS). The SRS incorporates all the necessary outputs from the HAZOP/ PHA and LOPA studies and defines the SIS requirements. Safety design is based on the SRS.

HAZOP Workshop

Hazard and Operability (HAZOP)/ Process Hazard Assessment (PHA)

A HAZOP study is a structured and systematic examination to identify potential hazards in industrial processes, including risk to personnel, equipment and the environment. HAZOP is a powerful communication tool, using a brainstorming approach to risk assessment with qualitative and inductive (bottom-up) assessment tools. A HAZOP is completed over four distinct phases, namely: Definition, Preparation, Examination and Documentation & Follow-up.

Definition

During the Definition Phase, we agree on the assessment scope, select the team and define the roles and responsibilities. A HAZOP study is a team effort requiring input from multiple disciplines across the organisation to ensure success.

Definition

  1. Define scope and objectives
  2. Define responsibilities
  3. Select Team

Preparation

During the Preparation Phase, we identify all supporting documentation, e.g. P&ID drawings; gain consensus on HAZOP guide words to be used throughout the study; and agree on the workshop frequency, schedule and attendees.

Preparation

  1. Plan the study and collect data
  2. Agree on guide words and style of recording
  3. Estimate the workshop effort and agree meeting schedule

Examination

The Examination phase involves robust, consensus-based meetings. We facilitate highly-structured and systematic workshops to identify risks, current protection mechanisms and possible remedial/safeguarding actions.

Examination

  1. For each part of the system, identify risks using guide words, causes and consequences
  2. Identify protection, detection, and indicating mechanisms 
  3. Agree possible remedial/safeguarding measures and actions

Documentation & Follow-up

In the Documentation & Follow-up phase, we produce the final report providing a detailed record of the HAZOP study, its findings, proposed recommendations and the resulting actions register.

Documentation & Follow-up

  1. Record the study findings and produce the final report
  2. Document all follow-up actions in an actions register
  3. Sign off on the HAZOP study

Layer Of Protection Analysis (LOPA)

LOPA is a method used to risk assess high-consequence scenarios to evaluate the adequacy of protection layers. It determines whether the probability of occurrence and severity of consequences meets a company’s risk tolerance. LOPA is widely used for establishing safety instrumented system needs in the process industry.

Our approach involves:

  • Identifying process safety hazards from a HAZOP/ PHA, customer documentation or other study
  • Identifying causes and consequences of potential hazards
  • Identifying and estimating the frequency of initiating events
  • Identifying the independent protection layers that are available and estimating the probability of failure of each layer
  • Identifying safeguards to guard against the hazard and calculating the mitigated consequence frequency
  • Determining the resulting safety integrity level (SIL) where a safety instrumented function (SIF) is required

LOPA Diagram

Layers of Protection – Process Related Hazards

Bow Tie Analysis

Bow Tie analysis illustrates the relationships between hazards, potential consequences, barriers, degradation factors and controls. Shaped like a bow-tie, it creates a clear differentiation between proactive and reactive risk management. It enables the identification and prioritisation of actions to strengthen and maintain risk controls in the safety management system. It is a methodology that’s becoming popular, particularly where there is a high level of risk or where control effectiveness is low. It is also easily interpreted by non-technical users.

Integrated Manufacturing System (IMS)

Risk Assessments for an IMS, such as assembly machines (packaging, palletising and wrapping) are highly complex and require multiple layers of expertise and knowledge. We use ISO 11161 to complete our risk assessments, which provides the requirements and recommendations for the IMS’s safe design, safeguarding, and operational best practice. The risk assessment process follows ISO 12100, paying particular attention to the interfaces between the different parts of the IMS and associated hazards.

Failure Modes and Effects Analysis (FMEA)

FMEA is a methodology to systematically identify faults and failures and their causes. The methodology uses a “bottom-up” approach and is cause-oriented. It focuses on examining individual faults and failures and is typically used in Machine Safety risk assessments.

Quantitative Risk Assessment (QRA)

QRA is a formal and systematic approach for identifying hazardous events and estimating the likelihood and impact of same. The method allows for quantitative risk estimation based on the potential for safety, environmental or financial impact.

Process Safety

The process industry has an obligation to protect people and the environment by continually analysing and assessing their hazardous processes. Risks arising from process hazards need to be identified and appropriate strategies implemented. The international standard IEC 61511 provides a framework to help manage these risks through instrumentation, engineering, and operating practices. The standard deals with the requirements for Safety Instrumented Systems (SIS) in electrical, electronic and programmable electronic equipment; and high, low and continuous demand safety functions in the machine safety industry. IEC 61511 is directed towards those responsible for designing, implementing, or maintaining SIS’s by identifying appropriate measures for risk reduction.

Our process safety team has wide-ranging experience and knowledge of functional safety, IEC 61511 and IEC 61508 process safety standards, and regulatory compliance across multiple industries, including Oil, Gas T&D, Food & Beverage, Pharma, Manufacturing and Utility Electrical T&D. We provide comprehensive Safety Integrity Level (SIL) Determination and Verification studies. Our solutions include turnkey, fully integrated safety systems and custom solutions for Ammonia, Bulk Storage, CO2, Tanks, HIPPS, Chemical Reactors, Natural Gas and Rail Safety.

Manufacturing Process Safety

SIL Allocation/ Determination

SIL allocation is an exercise that bridges the gap between a Risk Assessment and the System Requirements Specification (SRS). Practical implementation and considerations for the end-to-end Safety Instrumented Functions (SIFs), including independence, from one another and how the overall SIS will be realised, are accounted for in the SIL allocation exercise.

Safety functions identified in the LOPA exercise are aggregated to the SIL allocation phase, allowing for SIL levels and other requirements for safety functions to be determined and documented in the SRS.

Example Bow-Tie analysis

SIL Verification

SIL verification involves both hardware and software verification against the requirements of the Standards and the SIF specific requirements of the SRS. SIL verification focuses on the probability of dangerous failure on demand (PFD), SIL architecture, and SIL systematic capability requirements. Additionally, operational requirements such as SIF response time, subsystem mission time, proof test procedures, access control, and availability requirements are verified. The PFD is determined using statistical methods via exSILentia software or other reliability software, and in some cases, for more complex systems, custom detailed modelling is provisioned and can involve:

  • Reliability Block Diagrams (RBD),
  • Failure Modes and Effects Analysis (FMEA), or
  • Markov Modelling.

The output of SIL Verification is captured in a report to demonstrate that the safety functions achieve their target SIL and safety requirements as specified in the SRS. The verification report can include an assessment of:

  • Hardware Integrity: The Hardware Fault Tolerance (HFT) for the specified Safe Failure Fraction (SFF) of each SIF.
  • Systematic Safety Integrity: SIL Verification assessments of proposed or existing SIFs using the failure rate data provided by the vendor.
Pipe-to-pipe concept diagram

Safety Instrumented Function 

Proof Test Procedures

NeoDyne policy is to provision proof test procedures as part of the Safety Design deliverables. The proof test procedures are closely interconnected with the SIL verification process and in order for the SIL verification to be valid the proof test procedure must be in harmony with the SIL verification.

Operations and Maintenance Data Evaluation

The Operations and Maintenance plan is a working document tailored to ensure SIS maintenance meets its desired functional safety requirements. Using IEC 61511’s guidelines for operations and maintenance, we work with our customers to define and document the:

  • Undertaking on-line or off-line maintenance
  • Routine calibration, inspection
  • Personnel competency
  • Equipment decommissioning and replacement
  • Ongoing audit and proof test requirements

Machine Safety

Dangers for people, machines and the environment exist throughout the entire machine lifecycle. From risk assessment to risk validation, our comprehensive machine safety services help our customers reduce risk, improve compliance, and optimise production. This includes working with industrial machinery vendors/suppliers to ensure compliance with EU Directives and safety standards to validating that our customer’s safety systems are correctly installed and functioning.

We partner with global technology companies, including HIMA, Siemens and Rockwell, to provide our customers with leading-edge safety solutions and services. We use multiple tools across all stages of the machine safety lifecycle, including EXIDA exSILentia, DGUV Sistema and others. We provide both turnkey safety system solutions and bespoke solutions specific to a customer’s individual requirements.

Manufacturing Machine Safety

Risk Assessment

Risk assessment is the first step in the machine safety lifecycle to identify hazards and compliance with safety standards and regulations. We conduct our risk assessments according to ISO 12100, a Type-A standard that specifies the terminology, principles, and methodology to achieve safety in machinery design. ISO 12100’s principles are based on the design, use, incidents and accidents associated with machinery. Therefore, implementing the standard’s procedures with appropriate industry knowledge and expertise helps identify hazards and assess their risks.

We develop a proposed safety concept following our machinery risk assessment, detailing:

  • Inherent safe design measures where practicable
  • Safeguarding in the form of fixed and moveable guarding solutions
  • Safeguarding in the form of safety control measures, including appropriately selected electrical, electronic, pneumatic and/or hydraulic control systems and machine actuators.
  • Interlocks with Guardlock, trapped keys, light curtains and scanners
  • Complementary safeguards such as E-stops
  • De-energisation and shutdown trips
  • Safety configuration specification and verification
  • Safety Logic design and analysis
  • Human Factors Analysis
  • SIL or Performance levels for machine safety
  • Conformity assessment against EU Norms harmonised to the Machinery Directive
IEC 62061 Safety Concept

IEC 62061 Safety Concept

Risk Verification/ Validation

Functional Safety is a branch of reliability engineering, and we believe in robust risk verification processes that rely on qualified personnel performing systematic and documented analysis. Our TÜV Nord, TÜV Rheinland and EXIDA certified engineers verify and validate machine SIL and performance levels using Type-B standards, including IEC 62061 and ISO 13849-1. Type-B standards cover safety requirements common to the design of most machines, covering general safety aspects and special protective devices.

ISO 13849 is the safety standard for machinery control systems and provides the framework for designing and integrating safety-related parts, including software. The standard calculates and assesses a control system’s performance levels (PL), i.e. safety-related parts’ ability to perform a safety function under hazardous conditions.

IEC 62061 is an alternative standard with the same purpose and outcome as ISO 13849 but with a different methodology. This standard provides for a methodology that more closely follows the IEC 61508 framework and approach.

ISO 13849-1 Performance Levels

IEC 62061 Matrix for Determining SIL Levels

IEC 62061 Matrix for Determining SIL Levels

Risk Validation involves an inspection and assessment of safety-related parts to ensure they meet their defined PL or SIL levels as per IEC 62061 and ISO 13849-1. All safety-related software and hardware is verified and validated using the V-model and involves functional testing. NeoDyne produces a test report detailing design discrepancies where found and best practice recommendations to ensure the continued safe operation of industrial machines and plants.

Safety Software

We partner with global technology companies, including HIMA, Siemens and Rockwell, to provide our customers with leading-edge safety software solutions.

The safety standards, IEC 62061 and ISO 13849, prescribe variants of the V-model to develop and test safety applications in a PLC depending on the complexity and type of programming language involved. The V-model focuses on verification and validation activities, linking each development phase to an associated test phase. By adhering to the V-model, we provide our customers with a high degree of transparency and clearly defined and comprehensive software development processes.

V Model

V-Model Lifecycle Software Design and Development

Cybersecurity

Most safety functions involve safety logic and black channel networks as part of the logic solver element. The safety standards require access control but do not specify in detail how this should be achieved. Under the current environment, all networked deployments must be treated as having a cybersecurity dimension.

NeoDyne’s cyber security team can help your organisation implement and maintain an operational technology (OT) cyber security program to ensure the security and continuity of your systems in line with the NIS directive and based on international standards, including IEC TS 63074:2021. As IEC-62443 IC33 Cyber Security Assessment Specialists and IEC-62443 IC34 Cyber Security Design Specialists, we can deliver a complete solution for NIS directive compliance and provide services for the full cyber security lifecycle.

Click here to find out more about our Network and Cybersecurity assessment services.

CE Marking Services

Under the Machinery Directive 2006/42/EC regulations, all plant machinery and parts must meet essential health and safety requirements to be placed on the market or put into service, protecting workers and consumers alike.

We conduct conformity assessments to ensure compliance with EC Directives (Machinery Directive and ATEX Directive 94/9/EC) and relevant safety standards. Furthermore, we produce a risk assessment and safety design (where appropriate) for any design flaws or omissions. We also assume the role of an authorised representative to carry out CE marking and help our customers compile all necessary documentation under EU regulations.

Functional Safety Operations and Maintenance

Operations and maintenance lifecycle phases are crucial in ensuring the integrity and reliability of the Safety Instrumented System (SIS). Safety instrumented functions (SIFs) may no longer function correctly without a commitment to operations and maintenance, harming people, assets, business continuity, reputation, and the environment. Therefore, it is essential to manage risk reduction measures and inspect and maintain the SIS throughout the safety lifecycle.

NeoDyne’s operations and maintenance services include:

  • Proof Testing
  • Functional Safety Management System
  • Managed Services Plan
Engineers reviewing control systems

Proof Testing

Proof testing is an integral part of the maintenance of a SIS and is used to detect dangerous hidden failures in safety systems. As process safety systems typically operate in low-demand mode, where the safety instrumented function (SIF) remains dormant over time, proof testing uncovers undetected failures. Properly designed proof tests ensure the integrity of the SIS over the mission time.

Proof test procedures can vary in complexity and can be divided into full functional (end-to-end) or partial tests. A partial proof test only tests a percentage of a device’s failure modes, whereas a full proof test verifies the correct operation of all sensing element(s) and actuating devices. Proof testing can be completed online or offline during a shutdown or turnaround. Online testing requires careful planning and coordination and is very much dependent on the nature of the process, the process materials and associated risk.

Writing and implementing a proof test procedure is an important step to ensure the integrity of the SIF over its lifetime. The test procedures should provide sufficient details to ensure they can be safely and consistently performed at required intervals.

Functional Safety Management System

NeoDyne can work with you to help establish a Functional Safety Management System (FSMS) based on your existing ISO 9001:2015 quality management system (QMS). The ISO 9001:2015 standard is based on key quality management principles, including the process approach and continuous improvement. We foster continuous improvement through a variety of processes, including internal and external auditing, corrective and preventive action and training. We perform a gap analysis to identify any FSMS gaps and make recommendations on how to achieve a fully compliant FSMS, as required by IEC 61511 and 61508.

IEC 61511 Lifecycle

IEC 61511 Process Lifecycle

Managed Services Plan

We are passionate about customer service and adopt a “customer first” approach in all our interactions. We provide scheduled and unscheduled technical support and 24/7/365 systems support. We can tailor a support package to suit our customers’ individual needs and guarantee minimum response times.

Scheduled Support Service

The NeoDyne scheduled support service has been designed to preserve and enhance SIS reliability by identifying and actioning issues before they become problematic. Our services include:

  • A review of the functional safety management plan, FSMS and QMS
  • Lifecycle stage functional safety assessments
  • SIS performance reviews
  • Proof testing
  • Compliance assessments against safety standards and EU regulations

Unscheduled Support Service

We also provide an out-of-hours callout service through our Support Pager System. This unscheduled callout service includes:

  • First-line response telephone support,
  • Unscheduled callout available 24/7/365, and
  • Guaranteed response times for functional safety engineer to site.

We have an expansive knowledge of our products and their on-site implementation, ensuring we offer a knowledgeable and responsive service for all our installed Safety Systems.