4.3. Functional Testing and Periodic Proof Testing

Another critical aspect is Functional Testing and Periodic Proof Testing, particularly because Not ALL System

Faults are Self-Revealing and Covert Faults that may inhibit SIS action on Demand can only

be detected by

testing the entire system. This requires not only a Full Functional Test prior to commissioning, typically

conducted as an integration test in the vendor or System Integrator’s facility (as well as later in the final

instrumentation room in the plant), but also Periodical Functional Tests using a documented procedures to

Detect Covert Faults and covering the entire SIS.

Functional Testing should record and analyze activation of SIS functions, and spurious activation of an

Emergency Shutdown Valve due to a Process Shut Down, but this does not test the Entire Function of the same

valve during an ESD action.

5. Automation can’t check for human intervention

Once the design is complete, all of these systems will have different degrees of interaction with users, and

different types of users with different levels of competence depending to their role (i.e. operation, maintenance

personnel and engineers)

The most sophisticated automation can’t prevent human error, industrial plants are designed with the highest

accuracy in mind, with several separate safety loops often checking the integrity of process systems. This

apparatus however can’t check for human intervention and a small human error could cause an enormous

catastrophe. 70% of reported incidents in the oil and gas industry worldwide are attributable to human error and

account for in excess of 90% of the financial loss to the industry.

Results from research conducted by the Health and Safety Executive and published in the book “Out of control:

Why control systems go wrong and how to prevent failure “[7] show the impact of the human element in

industrial incidents throughout a project lifecycle. This is shown on Figure 4.

International Functional Safety Standards (IEC 61508 and IEC61511) and previously ISA 84 introduced the

concept of the Safety Lifecycle, describing the phases that should take place from concept to design to

implementation and operation of a Safety Instrumented System. The Safety Lifecycle is a step in the direction of

reducing the impact of human factors by establishing the proper design best practices, documentation reviews

and validation and verification steps in the execution of a safety project. Additionally the standards introduce two

important elements: Competence of Personnel mentioned briefly in Section 4.2 and Functional Safety

Management System (FSMS).

Recent changes to International Functional Safety Standard IEC61508 have turned the requirements on FSMS

and Competence of Personnel into normative clauses of mandatory compliance instead of a recommendation

as was presented in the previous version of the same standard.