As Low as is Reasonably Practical (ALARP)
A mechanism to identify a point where a risk has been reduced to such an extent that further risk reduction is impracticable or if its cost is grossly disproportionate to the improvement gained. When reached this is deemed to be the point of ALARP. This principle is a fundamental aspect of Functional Safety. It is the method identified within COMAH regulations for demonstrating the reduction of risk to humans. Expenditure generally increases in proportion to risk. Guidelines on the demonstration of ALARP can also be sought from the Health & Safety Executive (HSE) and also the Hazardous Installations Directorate (HID). HSE has compiled a suite of guidance documents concerning ALARP.

Basic Process Control System (BPCS) (61511)
See also EUC Control System (61508)
A system which responds to input signals from the process, its associated equipment, other programmable systems and/or an operator and generates output signals causing the process and its associated equipment to operate in the desired manner but which does not perform any Safety Instrumented Functions with a claimed SIL 1.

Conformity Assessment of Safety Systems (CASS) (61508)
The method to demonstrate compliance to IEC61508. It comprises of 5 type assessments, the Functional Safety Capability Assessment (FSCA) relates to the Safety Management System within a company. Certification is co-ordinated by SIRA and BASEEFA2001 employing CASS accredited assessors from firms such as ABB Eutech.

Competent Authority (COMAH)
The organisation which enforces and assesses compliance of duty holders to COMAH legislation. In England and Wales it is the Health & Safety Executive and the Environment Agency. In Scotland it is the Health & Safety Executive and the Scottish Environment Agency.

Computer HAZOP (CHAZOP) (61508/61511)
The same process as a HAZOP but focussing on the software architectures employed within the overall project.

Continuous Mode Safety Instrumented Function (61511)
Where in the event of a dangerous failure of the Safety Instrumented Function a potential hazard will occur without further failure, unless action is taken to prevent it. Such instances are considered very rare. See also Safety Instrumented Control System and Safety Instrumented Control Function.

Control of Major Accident Hazards (COMAH)
A regulation which became law on the 1st of April 1999. The aim of which is to prevent and mitigate the effects of those major accidents involving dangerous substances which can cause serious damage/harm to people and /or the environment (mainly affecting chemical related businesses). COMAH regulations treat risk to the environment as seriously as those to people. The regulations are enforced by a Competent Authority. Schedule 1 of the regulation identifies the substances which cause the regulation to be applied, and the quantities of each substance which dictate whether a particular plant/process/site is a "Top Tier" or "Lower Tier" site. The prevention of accidents is based on the principle of reducing risk to a level as low as is reasonably practicable (ALARP) for human risk.

Demand Mode Safety Instrumented Function (61511)
Where a specified action (e.g. closing a valve) is taken in response to process conditions or demands. In the event of a dangerous failure of the Safety Instrumented Function a potential hazard only occurs in the event of a failure in the Process or the BPCS. A demand mode SIF is a Safety Instrumented Protection Function, implementing either a Prevention or Mitigation measure. See also Safety Instrumented Protection Function.

Electrical/Electronic/Programmable Electronic (E/E/PE)(61508) see also SIS (61511)
Electrical - electromechanical devices, Electronic - solid-state non programmable electronic devices, PE -electronic devices based on computer technology which may comprise of hardware, software and input/output devices.

Equipment Under Control (EUC) (61508) see also Process (61511)
Plant used for Process activities. Also includes equipment & machinery for manufacturing, transportation, medical or other activities.

EUC Control Systems (61508) see also BPCS (61511)
A system which responds to input signals from the plant/process and/or from an operator and generates output signals causing the EUC to operate in the desired manner.

External Risk Reduction facilities (61508/61511)
Examples include: - fire walls, drain systems or bund (dike).

Failure Modes & Effects Analysis (FMEA) (61508/61511)
A method/technique employed as part of a HAZOP to analyse a system design, by examining all possible sources of failure of a system.

Final Element (61511)
Part of a SIS which implements the physical action necessary to achieve a Safe State, e.g. a solenoid valve and actuator.

Fixed Program Language (FPL) (61511)
In this type of language the user is limited to adjustment of a few parameters (e.g. range of a pressure transmitter, alarm levels, network addresses) as part of a smart sensor.

Full Variability Language (FVL) (61511)
This type of language is designed to be comprehensible to computer programmers and provides the capability to implement a wide variety of functions and applications. In the process sector FVL is found in embedded software rarely in application software. FVL includes Ada, C, Pascal, C++, Java, SQL. Those using FVLs should follow the guidance within IEC61508 Part 3.

Functional Safety Capability Assessment (FSCA) (61508)
See also Management of Functional Safety (61511)
The first assessment within the CASS scheme, undertaken by an organisation wanting to demonstrate procedures and practises within that company for the management of Functional Safety. Certification will be to IEC 61508, but appropriate reference will be made to 61511 on the certificate. Figures 2 & 3 of 61511 part 1 show the relationship between the two standards, and this provides the basis for the assessment strategy of a company.

Note. Clause 5 of BS IEC 61511 Part 1 deals with the management of Functional Safety, and relates very closely to clause 6 of BS IEC 61508 part 1. Compliance with one implies compliance with the other, since both are assessed in the context of the activities carried out by the company being assessed.

Functional Safety (61511)
Part of the overall safety relating to the Process and the BPCS which depends on the correct functioning of the SIS and other protection layers.

Harm (61508/61511)
Physical injury or damage to the health of people either directly or indirectly as a result of damage to property or the environment.

Hazard (61511/61508)
A potential source of Harm.

Hazardous Event (61511/61508)
A situation which results in Harm.

Hazardous Situation (61511/61508)
Circumstance in which a person is exposed to Hazard(s).

Hazard & Risk Assessment (HRA) (61511/61508)
To determine: -
a. The Hazards and Hazardous Events for all reasonably foreseeable circumstances.
b. The event sequences leading to the Hazardous Events.
c. The risks associated with the Hazardous Events.

HAZOP - Hazard & Operability Study (61511/61508)
Parts a and b of the Hazard Risk Analysis. Comprising of a team of engineers with expertise covering the Process and associated equipment (e.g. BPCS) under consideration, participating in a structured examination of a design, through a series of meetings, considering functional aspects of the design and how the system would operate (including human activity and maintenance). A leader is elected, who encourages team members to be creative in exposing potential hazards. Every applied condition or failure is considered for its feasibility, how it could arise, the possible consequences (if there is a Hazard), how it could be avoided and if the avoidance technique is worth the expense.

Informative (61511/61508)
Elements of IEC61508 and IEC61511 which provide additional information intended to assist in the understanding or use of these standards. It is not necessary to conform to these parts to claim compliance. These elements do not contain the word shall.

International Electro technical Committee (IEC)
The leading global organisation that prepares & publishes international standards for all electrical, electronic and related technologies. IEC's standards represent the core of the World Trade Organisations Agreement on Technical Barriers to Trade (TBT).

Intolerable Risk (61511/61508)
Risk which cannot be justified except in extraordinary circumstances. Below this level exists the tolerability band.

Limited Variability Language (LVL) (61511)
This language is designed to be comprehensible to process sector users, and provides the capability to combine predefined, application specific, library functions to implement the Safety Requirements Specifications. An LVL provides a close functional correspondence with the functions required to achieve the application. Languages include, ladder logic, function block diagram and sequential function. Those businesses employing or applying LVLs should follow 61511 for the implementation of Functional Safety.

Logic Solver (61511)
The portion of a BPCS or SIS that performs one or more logic functions, e.g. PE logic system for PESs.

Lower Tier (COMAH)
An operation that has substances below a certain quantity threshold. Operators of these plants must describe their policies toward the prevention of accidents in a Major Accident Prevention Policy (MAPP).

Major Accident Prevention Policy (MAPP) (COMAH)
The COMAH regulations require Lower Tier operators to prepare this document which describes their policy on the subject. The document addresses issues relating to the safety management system that will be used to put the policy into action. The detail will be contained in other documentation relating to the establishment, e.g. plant procedures, training records, job descriptions and audit reports. The key areas are: -
- Organisation and personnel. - Identification and evaluation of major hazards.
- Operational control. - Planning for emergencies.
- Monitoring, audit and review.

Management of Functional Safety (61511)
See also FSCA (61508)
As described in clause 5 of the standard, the objective of the requirements is to identify the management activities that are necessary to ensure Functional Safety objectives are met. Achieved by having a safety management system in place. Persons, departments, organisations or other units which are responsible for carrying out and reviewing each stage of the life-cycle phases shall be identified and be informed of their responsibilities. All identified personnel shall be competent to carry out the activities for which they are accountable.

Mitigation (61511)
Action that reduces the consequence(s) of a Hazardous Event.

Mode of operation (61511)
The way in which a Safety Instrumented Function (SIF) operates. Either Demand Mode or Continuous Mode.

Necessary Risk Reduction (61511)
The risk reduction required to ensure that the risk is reduced to a tolerable level. Fundamentally important in the development of the Safety Requirement Specification (in particular the Safety-Integrity requirements).

Normative (61511/61508)
Elements of IEC61508 and IEC61511 which must be conformed to in order to claim compliance with these standards. Elements of the standard which contain the words shall and should.

Operator Interface (61511)
Means by which information is communicated between a human operator(s) and the SIS(e.g. CRTs, indicating lights, push-buttons, horns or alarms), sometime referred to as the Human-Machine Interface (HMI).

Other Technology Safety-Related Systems (61511)
Those systems that are based on a technology other than electrical, electronics or programmable electronic. E.g. a relief valve, or include hydraulic or pneumatic systems.

PES - Programmable Electronic System (61511/61508)
System for control, protection or monitoring, based on one or more Programmable Electronic (PE) devices, most commonly a PLC, PCS or DCS. However, it should be noted that other devices such as sensors and actuators can also have PE elements.

Prevention (61511)
Action that reduces the frequency of occurrence of a Hazardous Event.

Process (61511) see also EUC
Plant required to produce the product.

Process Control Systems see also BPCS (61511)
A conventional system, typically a DCS, which manages the Process.

Protection Layer (61511)
Any independent mechanism that reduces risk by control, prevention or mitigation.
Where the layers of protection are deemed to be;
- The inherent design of the process.
- Control & monitoring (BPCS)
- Prevention (Safety instrumented prevention systems)
- Mitigation (Safety instrumented mitigation systems)
- Plant emergency response
- Community emergency response

Proven In Use (61511)
When a documented assessment has shown that there is appropriate evidence, based on the previous use of the component, that the component is suitable for use in a Safety Instrumented System.

Random Hardware Failure (61511)
Failure occurring at a random time, which results from a variety of degradation mechanisms in the hardware.

Risk (61511)
Combination of the frequency of occurrence of Harm and the severity of that Harm.
Risk Assessment (61511/61508)
The third element of the Hazard & Risk Assessment. A study to determine the risks for a specific hazardous event for the process. The determined risks would be:-
- The risk existing for the process, the BPCS and associated human factor issues.
- The risk which is accepted in a given context, based on current values of society.
- The risk remaining after the addition of risk reduction facilities.

Safe Failure Fraction (SFF) (61511)
Fraction of the overall random hardware failure rate of a device that results in either a safe failure or a detected dangerous failure.

Safe State (61511)
State of the Process when Safety is achieved.

Safety (61511/61508)
Freedom from unacceptable risk.

Safety Function (61511)
A function implemented by a SIS, other technology safety-related system or external risk reduction facilities, which is intended to achieve or maintain a safe state for the process in respect to a specific hazardous event.

Safety Instrumented Function (SIF) (61511)
Has a specified SIL which is necessary to achieve functional safety and which can be either a Safety Instrumented Protection (prevention or mitigation) or a Safety Instrumented Control Function.

Safety Instrumented Control Function (SICF) (61511)
A Continuous Mode SIF which either prevents a Hazardous Event or mitigates the consequences. See also Continuous Model Safety Instrumented Function.

Safety Instrumented Protection Function (61511)
A Demand Mode SIF which either prevents a Hazardous Event or mitigates the consequences. See also Demand Mode Safety Instrumented Function.

Safety Instrumented Control System (61511)
A system employing one or more SICFs, considered rare in the process sector, and should be treated as a special case and designed on an individual basis. See also Continuous Mode Safety Instrumented Function

Safety Instrumented System (SIS) (61511)
Instrumented system used to implement on or more SIFs. A SIS is composed of any combination of sensor(s), logic Solver(s) and final elements(s) performing a safety instrumented control or protection function or both.

Safety Integrity (61511)
Average probability of a SIS satisfactorily performing the required Safety Instrumented Functions under all the stated conditions within a stated period of time. It is therefore a function of performance and availability.

Safety Integrity Level (SIL) (61511)
Discrete level (one out of a possible four) for specifying the safety integrity requirements of the SIFs to be allocated to the SIS, where SIL4 is the highest & normally associated with the nuclear industry and SIL1 is the lowest. A SIL is a band, and each SIL has a maximum and minimum Target Failure Measure.

Safety Lifecycle (61511/61508)
A systematic procedure incorporating all aspects of a project from concept through to plant decommissioning, including, but not limited to: -
- Process plant and controls systems design.
- Installation.
- Commissioning and ongoing maintenance.
The safety lifecycle provides a consistent approach to enable identification of potential process hazards. It details techniques to complete a Process Hazard & Risk Assessment which leads to the identification of Safety Instrumented Functions with calculated Safety Integrity Levels, ensuring risk is maintained at a tolerable level.

Safety-Related Systems (61508)
See also SIS. A system designed to reduce the frequency (probability) of the hazardous event and/or the consequences of a hazardous event. A designated system that implements the required safety functions necessary to achieve or maintain a safe state for the EUC. A system that is intended to achieve, on its own or with other E/E/PE safety-related systems, the necessary safety integrity for the required safety functions.

Safety Report (COMAH)
As set out in schedule 4 of the COMAH regulations, this must include: -
- A policy on how to prevent and mitigate major accidents.
- A management system for implementing that policy.
- An effective method for identifying any major accidents that might occur.
- Measures (such as safe plant and operating procedures) to prevent and mitigate major accidents.
- Information on the safety precautions built into the plant and equipment when it was designed and constructed.
- Details of measures (such as fire fighting, relief systems and filters) to limit the consequences of any major accident that might occur.
- Information about the emergency plan for the site which is also used by the local authority in drawing up an offsite emergency plan.

Safety Requirements Specification (61511)
Identifies all the requirements of the SIFs that are required to be performed, which also includes the safety integrity requirements of the SIFs that have to be performed by the SIS(s).
Sensor (61511)
Device or combination of devices which measure the process condition (e.g. transmitters, transducers, process switches or position switches)

Shall (61511/61508)
Used in a requirement to indicate that the requirement must be strictly followed if compliance to the standard is to be claimed.

Should (or it is recommended that) (61511/61508)
Indicates that among several possibilities one is recommended as particularly suitable, without mentioning or excluding others, or that a certain course of action is preferred but not necessarily required.

System (61511/61508)
Set of elements which interact according to design and may include hardware, software and human interaction. Element(s) of a system can be another system, called a sub system, which may be a controlling system or a controlled system.

Target Failure Measure (TFM) (61511)
Intended probability of dangerous mode failures to be achieved in respect of the safety integrity requirements, specified in terms of either: -
- The average probability of failure to perform the design function on demand (Demand Mode).
- The probability of a dangerous failure per hour (Continuous mode).

Tolerable Risk (61511/61508)
A situation where there is a willingness to live with risk, based on current values of society, so as to secure certain benefits. Is that which is deemed to be reasonable with respect to both the frequency (or probability) of the hazardous event and its specific consequences. Where risk falls between the two extremes (intolerable and acceptable regions) and the ALARP principle has been applied, then the resulting risk is the tolerable risk for that application.
Depends on many factors, severity of injury, the number of people exposed to danger, the frequency at which a person or people are exposed to danger and the duration of the
exposure.
To determine what constitutes a tolerable risk for a specific application, a number of inputs are considered: -
- Guidelines from appropriate safety regulatory authority.
- Discussions and agreement from those involved in the application.
- Industry standards and guidelines.
- National and international standards.
- The best independent, industrial expert and scientific advice from advisory bodies.
- Legal requirements relevant to the specific application.

Top Tier (COMAH)
Tier 1, an operation (site/plant or process) which has substances above a certain quantity threshold. Tier 1 operations must provide a greater depth of information than lower tier sites on the measures they undertake to prevent and mitigate major accidents in the form of a Safety Report.