Exida Webinar - A Different Certification Scheme

exidaA Different Certification Scheme exida Sellersville, PA USA By:Ted Stewart Ted Stewart Program Development & Compliance Manger Ted Stewart manages exida’s OEM product certification, assists the End User business, manages the CFSE program, and is the deputy quality manager. His areas of expertise include safety and high availability automation systems, manufacturing, and lean process improvement. 2 Copyright © exida.com LLC 2000-2015 exida Worldwide Locations exida Mexico exida Asia Pacific exida South Africa Main Offices Regional Offices Copyright © exida.com LLC 2000-2015 People Copyright © exida. IEC 62061. SIL Selection LOPA SRS SIL Verification) Safety Case FMEDA Alarm Rationalization Product Certification Functional Safety (IEC 61508) Control System CyberSecurity Network Robustness (Achilles) Training Process Safety Control System Security Onsite Offsite Security Development Alarm Management Reference Materials Databases Tutorials Textbooks Reference Books Market Studies Processes . ISO 26262) Alarm Management Control System Security (ISA S99) Engineering Tools exSILentia (PHA.Products .Main Product / Service Categories Consulting Process Safety (IEC 61511.com LLC 2000-2015 Professional Certification CFSE CFSP Industrial Control System Security Expert (ICSSE) . • Functional Safety Certification involves a detailed analysis of both the engineering process and design margins resulting in random failure rate in all failure modes. Copyright © exida. Components. cyber defense mechanisms. • Cybersecurity Certification involves a detailed analysis of the engineering process. • Certification is a Third Party Assessment done against a set of requirements based primarily on international standards. and Personnel are getting certified. and network robustness.What is Certification? • Systems.com LLC 2000-2015 5 . Products. Copyright © exida.com LLC 2000-2015 6 .Who does Certification? Certification Programs have been established by private companies and governmental bodies around the world. All organizations who perform certifications should be accredited for their field of work. Accreditation An Accreditation Body (AB) will audit and accredit a Certification Body (CB).com LLC 2000-2015 7 . Copyright © exida. Certification Bodies must operate any product certification program under ISO/IEC 17025 and EN45011 (IEC 65) / ISO 17065 requirements. International Recognition exida is fully accredited per ANSI. as a Certification Body for Cybersecurity and Functional Safety ANSI is a member of the International Accreditation Forum (IAF). Most countries in the world are signatories of the IAF Multilateral Recognition Arrangement (MLA) which assures global certificate acceptance. Copyright © exida.com LLC 2000-2015 8 . the United States IEC liaison. Copyright © exida.com LLC 2000-2015 9 .Accreditation Confirmation A Certification Body will show the Accreditation Body (AB) logo on the certificate for all work done under the accredited procedures. ” There is no AB logo.com LLC 2000-2015 10 .“House” Certificate When product certifications are done without accreditation. even by a company that has accreditation. Copyright © exida. this is called a “House Certificate. Copyright © exida.Legacy Documents Agencies that have been around for a long period of time have an advantage whether or not the agency is accredited by an AB.com LLC 2000-2015 11 . Certification Scheme • • • A “Scheme” is established which lists required standards as well as any additional requirements beyond those stated in the standards. the Scheme is established by the Certification Body (CB). In some cases. In some cases. An Advisory Board must be established to provide input on the CB certification scheme. Copyright © exida.com LLC 2000-2015 12 . the Scheme is created by a committee. com LLC 2000-2015 13 . identify problems. establish policy. and resolve complaints. Therefore exida has established an Advisory Board to recommend and review enhancements to the Scheme. Copyright © exida.exida Advisory Board exida strives to operate the most useful and relevant product certification program in the world. exida Advisory Board • • • • • • • • • • • • • Invista Air Products CH2M HILL GE Conoco Phillips Dupont Dow BP Syngenta DSM PetroSA Tebodin Chevron Copyright © exida.com LLC 2000-2015 14 . The exida Scheme • exida has established a Scheme with added requirements beyond the IEC 61508 family of standards based on Advisory Board recommendations: • FMEDA Analysis – accurate failure mode data based on over 150 billion unit operating hours of field failure data.expiration dates Copyright © exida. • Publish failure rates not just PFDavg • Analysis / publication false trip data • Maintainability • Design complexity • Cybersecurity audit • Practical proof test is required • Surveillance audits .com LLC 2000-2015 15 . no false trip data Copyright © exida.User generated requirements Conventional Certification Body Standards based requirements Complete Assessment .com LLC 2000-2015 16 . Have used "Cycle Test" results for Failure Rate Predictions Typically publishes a PFD number.Why is the exida Scheme better? Owner-Operator Benefit Comparison exida Tougher Scheme .Safety Case Accredited Certification Body Relevant Assessment .All Failure Modes Requires Published False Trip Failure Rates Requires Proof Test Procedures with Effectiveness Prediction Cybersecurity Analysis Surveillance Audits to ensure continued safety "House" Certificates from some CBs Have used Manufacturer Warranty Data for PFD.Technical Expertise Realistic Failure Rate Predictions . User generated requirements Conventional Certification Body Standards based requirements The additional requirements added to the exida Scheme go beyond IEC 61508. These requirements were added to meet OwnerOperator needs by the exida Advisory Board.com LLC 2000-2015 17 . Manufacturers and Equipment Suppliers must provide more data and more analysis must be done.Why is the exida Scheme better? Owner-Operator Benefit Comparison exida Tougher Scheme . However. exida updates the Scheme requirements approximately once per year keeping far more current than typical Schemes and standards. Copyright © exida. the result of this work is better information for those choosing equipment and designing bespoke Safety Instrumented Systems. com/SAEL Copyright © exida. published on the exida website.Why is the exida Scheme better? Owner-Operator Benefit Comparison exida Complete Assessment . exida requires that the Assessment Report be publicly available.com LLC 2000-2015 18 .exida. http://www.Safety Case Conventional Certification Body exida has always used the Safety Case approach to assessment to ensure a complete evaluation of all requirements in any scheme. com LLC 2000-2015 19 .Why is the exida Scheme better? Owner-Operator Benefit Comparison exida Accredited Certification Body Conventional Certification Body "House" Certificates from some CBs No AB Logo Copyright © exida. They seemed to be asking the wrong questions during an audit. They understand the key issues. http://www. These are people who have been living in the product development world. The focus seemed to be on bureaucracy.Technical Expertise Conventional Certification Body “We previously used … (a conventional German CB).com LLC 2000-2015 20 .com/Company/Team Copyright © exida.Why is the exida Scheme better? Owner-Operator Benefit Comparison exida Relevant Assessment . and software development engineers. West Coast US Product Manufacturer exida has an experienced team of mechanical.” VP Engineering. electronic. exida went deep into the fundamental safety concept issues.exida. functional safety and alarm management on average once a week globally. More than any other Certification Body.exida. “I learned more from an exida two hour tutorial on IEC 61508 than I learned from several days of meetings with … (a conventional CB).  exida teaches courses on cybersecurity.com/Training  exida personnel have published more technical papers and research results (over 600) than any Certification Body in the world.com LLC 2000-2015 21 . http://www.Why is the exida Scheme better? Owner-Operator Benefit Comparison exida Relevant Assessment .Technical Expertise Conventional Certification Body  exida has many key personnel actively working on the IEC Functional Safety / Automation Cybersecurity technical committees.” Engineering Manager. Midwest US Product Manufacturer Copyright © exida. All Failure Modes Conventional Certification Body Have used Manufacturer Warranty Data for PFD. and proof test coverage for each design variation and application.com LLC 2000-2015 22 . Have used "Cycle Test" results for Failure Rate Predictions COMPONENT DATABASE Product λ Component λ’ s Failure Mode Distribution FMEDA Product Failure Modes Diagnostic Coverage exida uses the FMEDA technique it has developed over the last 20 years of field failure research. automatic diagnostic coverage. useful life. Copyright © exida. This design analysis method predicts failure rates for all failure modes.Why is the exida Scheme better? Owner-Operator Benefit Comparison exida Realistic Failure Rate Predictions . 00E-07 2.00E-07 exida FMEDA Spool Solenoid 3 8.00E+00 TÜV Certificate Data exida FMEDA Poppet Solenoid 2 Solenoid Valve Total Failure Rate * Combining field failure data with new instrument design margins to predict failure rates for SIS Verification.00E-07 1.00E-07 6. Comparisons with site field failure data have shown the exida FMEDA predictive technique is accurate or slightly pessimistic. William M.00E-06 exida FMEDA Spool Solenoid 2 9. 2014 23 .00E-07 7. Copyright © exida.00E-07 exida FMEDA Poppet Solenoid 1 Manufacturer Warranty Data 0. Have used "Cycle Test" results for Failure Rate Predictions 1.00E-07 exida FMEDA Average exida FMEDA Spool Solenoid 1 DOW Field Data 4. Iwan van Beurden.Why is the exida Scheme better? Owner-Operator Benefit Comparison exida Realistic Failure Rate Predictions . exida. Oct.00E-07 3. Goble.All Failure Modes The exida FMEDA Component Database is based on over 150 billion hours of field failure data from the process industries.* Conventional Certification Body Have used Manufacturer Warranty Data for PFD.com LLC 2000-2015 Dr.00E-07 5. com LLC 2000-2015 24 . US Chemical Industry exida predicted failure data is provided for different applications of each product.Why is the exida Scheme better? Owner-Operator Benefit Comparison exida Requires Published False Trip Failure Rates Conventional Certification Body Typically publishes a PFD number.” Control Engineer. no false trip data “False trip rate is an essential design parameter for our SIS designs. How can I do this without the data? Only exida certifications provide that. Copyright © exida. com LLC 2000-2015 25 . Copyright © exida.Why is the exida Scheme better? Owner-Operator Benefit Comparison exida Requires Proof Test Procedures with Effectiveness Prediction Conventional Certification Body No requirement exida works with manufacturers to create practical proof test procedures. The FMEDA analysis is then used to predict the effectiveness of each different proposed proof test. The results are published in FMEDA reports and typically included in the exSILentia Safety Lifecycle Tool. exida includes a cybersecurity threat analysis with functional safety certifications.Why is the exida Scheme better? Owner-Operator Benefit Comparison exida Cybersecurity Analysis Conventional Certification Body No requirement If applicable. exida also has additional Automation Cybersecurity Schemes for personnel. and system certification. product. exida is one of the few CBs accredited to certify industrial automation products to cybersecurity standards.com LLC 2000-2015 26 . Copyright © exida. The last thing we need is to hold up an important change waiting in the work / vacation queue of the CB.” Engineering Manager. every change had to be preapproved before release to the market. exida audits changes every Surveillance audit. At each Surveillance. exida asks questions to find out “Does the device still meet functional safety and cybersecurity requirements?” “We switched from … (a conventional German CB) to exida because of the exida surveillance policy. The expiration date on each exida certificate shows when the next audit is due. Some change approvals have taken several months. exida‘s surveillance policy allows changes that follow our approved change process to be released to production immediately. Our customers get better product.Why is the exida Scheme better? Owner-Operator Benefit Comparison exida Surveillance Audits to ensure continued safety Conventional Certification Body No requirement The exida Scheme requires periodic Surveillance Audits. US West Coast Manufacturer. With our former CB. Copyright © exida.com LLC 2000-2015 27 . ” “The most comprehensive safety equipment list of the internet.List of Certified Equipment “We use the SAEL as our primary equipment selection source.” www.com LLC 2000-2015 28 .com Copyright © exida.sael-online. com LLC 2000-2015 29 .How is the exida Scheme working Copyright © exida. How is the exida Scheme working Copyright © exida.com LLC 2000-2015 30 . com LLC 2000-2015 31 .How is the exida Scheme working Copyright © exida. com LLC 2000-2015 32 .All of the questions in this webinar will be answered via email and given to ALL participants. We feel this topic is very important and want to make sure your questions are answered and easily stored Contact information: [email protected] Copyright © exida.