• IEMEK Journal of Embedded Systems and Applications
• /
• v.17 no.3
• /
• pp.157-165
• /
• 2022

As the number of the installed escalators in Korea continues to increase, the accident rate is also increasing. Therefore, it would be necessary to proactively secure safety. PESSRAE is a controller that implements safety functions as electric/electronic/programmable electronic devices to respond to risks that may occur in escalators. Safety Integrity Level (SIL) is assigned to the safety functions of PESSRAE and it must be verified that the quantitative target value according to the SIL level is satisfied. In this paper, the initial PESSRAE is analyzed using the FMEDA (Failure Mode, Effects and Diagnostic Analysis), which is a quantitative safety analysis method, and design improvement specifications are derived from the analysis in order to satisfy the quantitative target values. Based on the derived design specifications, the improved PESSRAE controller was manufactured. And the appropriateness of the design was verified experimentally in a testbed environment simulating the real environment.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.12
• /
• pp.1905-1910
• /
• 2013

This paper demonstrates the result of Safety Integrity Level (SIL) allocation for IL-type Train Control System(IL-TCS), by applying the semi-quantitative approach. IL-type TCS is defined in this paper as the set of Hardware and Software ATS equipment, Track-side ATP equipment, On-board ATP equipment, Track-side ATO equipment, On-board ATO equipment. SIL allocation is performed for these constituent subsystems of TCS. Based on three principles of the semi-quantitative method, the SIL allocation process is performed for the subsystems composing TCS.

• Journal of the Korean Society of Safety
• /
• v.35 no.6
• /
• pp.1-8
• /
• 2020

In recent years, hydrogen has received much attention as an alternative energy source to fossil fuels. In order to ensure safety from the increasing number of hydrogen refueling stations, prevention methods have been required. In this regard, this study suggested an approach to reduce the risk of hydrogen refueling station by increasing Safety Integrity Level (SIL) for a Steam Methane Reformer (SMR) in On-Site Hydrogen Refueling Station. The worst scenario in the SMR was selected by HAZOP and the required SIL for the worst scenario was identified by LOPA. To verify the required SIL, the PFDavg.(1/RRF) of Safety Instrumented System (SIS) in SMR was calculated by using realistic failure rate data of SIS. Next, several conditions were tested by varying the sensor redundancy and proof test interval reduction and their effects on risk reduction factor were investigated. Consequently, an improved condition, which were the redundancy of two-out-of-three and the proof test interval of twelve months, achieved the tolerable risk resulting in the magnitude of risk reduction factor ten times greater than that of the baseline condition.

• Journal of international Conference on Electrical Machines and Systems
• /
• v.3 no.3
• /
• pp.248-251
• /
• 2014

As more vehicles become equipped with advanced electronic control systems, more consideration is needed with regards to automotive safety issues related to the effects of electromagnetic waves. Unwanted electromagnetic waves from the antenna, electricity and other electronic devices cause the performance and safety problem of automotive components. In general, Power Integrity and Signal Integrity analysis have been widely used, but these analyses have stayed PCB level. PCB base analysis is different from radiated emission TEST condition so its results are used just for reference. This paper proposes EMC optimization technology using module level 3-dimensional radiation simulation process closed to fundamental test conditions. If module level EMC analysis, which is proposed in this study, is applied to all automotive electronics systems, unexpected EMC noise will be prevented.

• Journal of the Korean Society of Safety
• /
• v.27 no.5
• /
• pp.64-69
• /
• 2012

The concept of SIL is applied in the most of all standards relating to functional system safety. However there are problems for the people to apply SIL to their plants. as these standards don't include sufficient informations. In this regards, this paper will suggest the direction of SIL application and concept based on IEC 61508 and IEC 61511. A Safety Integrity Level(SIL) is the discrete level(one out of possible fours), corresponding to a range of the probability of an E/E/PE (Electric/Electrical/Programmable Electrical) safety-related system satisfactorily performing the specific safety functions under all the stated conditions within a stated period of time. SIL can be divided into the target SIL(or required SIL) and the result SIL. The target SIL is determined by the risk analysis at the analysis phase of safety lifecycle and the result SIL is calculated during SIL verification at the realization phase of safety lifecycle. The target SIL is determined by the risk analysis like LOPA(Layer Of Protection Analysis), Risk Graph, Risk Matrix and the result SIL is calculated by HFT(Hardware Fault Tolerance), SFF(Safe Failure Fraction) and PFDavg(average Probability of dangerous Failure on Demand). SIL is applied to various areas such as process safety, machinery(road vehicles, railway application, rotating equipment, etc), nuclear sector which functional safety is applied. The functional safety is the part of the overall safety relating to the EUC and the EUC control system that depends on the correct functioning of the E/E/PE safety-related systems and other risk reduction measures. SIL is applied only to the functional safety of SIS(Safety Instrumented System) in safety. EUC is the abbreviation of Equipment Under Control and is the equipment, machinery, apparatus or plant used for manufacturing, process, transportation, medical or other activities.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.10 no.9
• /
• pp.1001-1008
• /
• 2015

This paper introduces the architecture of the power supply in order to achieve the safety integrity target for power supply which is a part of safety related system. The integrity level for safety is set 4 and according to the IEC 62425 which is standard for railway application the architecture design is conducted and process for design is developed. The procedure for design consists with 6 steps. The architecture of power supply that is able to keep the safety integrity against of failure of power supply is derived through the analysis and it is suggested that the power supply adopted the result in this paper is suitable to apply in safety system. Also, the failure frequency that is a quantitative value for the power supply is proposed.

• Fire Science and Engineering
• /
• v.20 no.3 s.63
• /
• pp.1-8
• /
• 2006

The purpose of this work is to analyze quantitatively if the safety instrumented system(SIS) like the pressure safety valves(PSV) in the processes of ethyl benzene plant have been designed relevantly to the safety integrity level because overpressure in the benzene or ethyl benzene columns causes the explosive reactions, fires and reactor explosions. The safety integrity level(SIL) 3 has been adopted as a target level of SIS based on the general data of the Probability of Failure on Demand of PSV, $1.00E-4{\sim}1.00E-3$. The standard model of the reliability has been set up and then the fault tree analysis of it has been carried out to get the PFD of SIS, and the results show 8.97E-04, 5.37E-04, 5.37E-04 for benzene prefractionator column, benzene column and EB column, respectively. Thus, we conclude that the SIS is designed to fulfill the condition of SIL3, and when the partial stroke test for the control valve are carried out every sixth month, the SIS of each column is expected to increase its reliability up to $22{\sim}27%$.

• Proceedings of the KSR Conference
• /
• 2003.05a
• /
• pp.511-516
• /
• 2003

It is very important to ensure system safety during the process of developing a system. Railway system is also devoting a great portion for the safety. Nowadays many countries leading railway industry have their own system assessment principles according to the situation of their train control systems. In this paper, several principles to derive Safety Integrity Level are represented in the railway signalling system. The characteristics of those principles are also considered respectively.

• Journal of Positioning, Navigation, and Timing
• /
• v.10 no.4
• /
• pp.263-269
• /
• 2021

The carrier-based differential global navigation satellite system (CD-GNSS) has been garnering significant attention as a promising technology for unmanned vehicles for its high accuracy. The CD-GNSS systems to be used for safety-critical applications should provide a certain level of integrity. The integrity of these systems must be analyzed under various conditions, including fault-free and satellite fault conditions. The systems should be able to detect the faults that can cause large biases on the user position errors and quantify the integrity risk by computing the protection level (PL) to protect the user against the faults that are left undetected. Prior work has derived and investigated the PL for the fault-free condition. In this study, the integrity of the CD-GNSS system under the fault condition is analyzed. The position errors caused by the satellite's fault are compared with the fault-free PL (PL_H0) to verify whether the integrity requirement can be met without computing the PLs for the fault conditions. The simulations are conducted by assuming the ephemeris fault, and the position errors are evaluated by changing the size of the ephemeris faults that missed detection. It was confirmed that the existing fault monitors do not guarantee that the position error under the fault condition does not exceed the PL_H0. Further, the impact of the faults on the position errors is discussed.

• Journal of the Society of Naval Architects of Korea
• /
• v.49 no.6
• /
• pp.447-460
• /
• 2012

In this study, the shutdown system of the fuel gas supply system is designed based on the Safety Integrity Level of IEC 61508 and IEC 61511. First of all, the individual risk($10^{-4}$/year) and the risk matrix which are the risk acceptance criteria are set up for the qualitative risk assessment such as the HAZOP study. The natural gas leakage at the gas supply pipe is identified as the highest risk among the hazards identified through the HAZOP study and as a safety instrumented function the shutdown function for leakage was defined. SIL 2 and PFD($2.5{\cdot}10^{-3}$) for the shutdown function are determined by the layer of protection analysis(LOPA). The shutdown system(SIS) carrying out the shutdown function(SIF) is verified and designed according to qualitative and quantitative requirements of IEC 61508 and IEC 61511. As a result of SIL verification and SIS conceptual design, the shutdown system is composed of two gas detectors voted 1oo2, one programmable logic solver, and two shutdown valve voted 1oo2.