Functional Safety Terms and Acronyms Glossary

Functional Safety Terms and Acronyms
Glossary
This list of functional safety terms and acronyms has been compiled from a number of sources listed
at the end including the IEC 61508, IEC 61511 (ISA84.01) standards. It is meant to provide a general
reference for engineers practicing safety lifecycle engineering in the process industry. As such it
provides both safety and related non-safety term definitions in a clear useable form. It specifically
highlights the most important terms and acronyms from the safety lifecycle standards with working
level definitions. The reader is encouraged to pursue IEC 61508 or IEC 61511 for additional
definitions and for additional information on applying the safety lifecycle to the process industry.
Comments and feedback on this document are welcome and can be sent to info@exida.com noting
the title and version of the document.
The definitions appearing in this glossary are provided solely for general informational purposes.
They are not intended to be complete descriptions of all terms, conditions and exclusions applicable
to the practice of safety engineering. Also, in the case of any inconsistency between the definitions in
this glossary and the definitions appearing in the applicable codes and standards, the definitions
contained in the those codes and standards shall govern.
Issued for general distribution: Version 1.0 on 24 November 2006 by Dr. Eric W. Scharpf, CFSE.
2oo3 Two out of three logic circuit (2/3 logic circuit) A logic circuit with three
independent inputs. The output of the logic circuit is the same state as any two
matching input states. For example a safety circuit where three sensors are
present and a signal from any two of those sensors is required to call for a shut
down. This 2oo3 system is said to be single fault tolerant (HFT = 1) in that one
of the sensors can fail dangerously and the system can still safely shut down.
Other voting systems include 1oo1, 1oo2, 2oo2, 1oo3 and 2oo4.
IEC 61508 The IEC standard covering Functional Safety of electrical / electronic /
programmable electronic safety-related systems The main objective of
IEC61508 is to use safety instrumented systems reduce risk to a tolerable level
by following the overall, hardware and software safety lifecycle procedures and
by maintaining the associated documentation. Issued in 1998 and 2000, it has
since come to be used mainly by safety equipment suppliers to show that their
equipment is suitable for use in safety integrity level rated systems.
IEC 61511 The IEC standard for use of electrical / electronic / programmable electronic
safety-related systems in the process industry. Like IEC 61508 it focuses on a
set of safety lifecycle processes to manage process risk. It was originally
published by the IEC in 2003 and taken up by the US in 2004 as ISA 84.00.01-
2004. Unlike IEC 61508, this standard is targeted toward the process industry
users of safety instrumented systems.
Functional Safety and Reliability
Terms and Acronyms Issue 1.0 November 2006
Actuator A device responsible for putting a mechanical device into action such as a
valve. Single acting actuators act in only one direction such as in a spring
and diaphragm actuator where the spring acts in a direction opposite to the
diaphragm thrust. Double acting actuators have a power supply that acts to
move the actuator in two normally opposite directions. Pneumatic actuators
converts the energy of a compressible fluid, usually air, into motion. Vane
actuators are typically fluid-powered devices where the fluid acts upon a
movable pivoted member (the vane) to provide rotary motion to the actuator
stem.
ALARP As low as reasonably practicable. The philosophy of dealing with risks that
fall between an upper and lower extreme. The upper extreme is where the
risk is so great that it is rejected completely while the lower extreme is
where the risk is, or has been made to be, insignificant. This philosophy
considers both the costs and benefits of risk reduction to make the risk as
low as reasonably practicable.
Algorithm A prescribed set of well defined rules or processes for the solution of a
problem in a finite number of steps
Analogue I/O Input or output signals to or from the filed that vary continuously over a
range of values. Typically voltage, electric current, temperature, or pressure
signals are analogue.
Annunciator A device or group of devices that call attention to changes in process
conditions that have occurred. Usually included are sequence logic circuits,
labeled visual displays, audible devices, and manually operated
acknowledge and reset push buttons.
Architecture The voting structure of different elements in a safety instrumented function.
See Architectural Constraints, Fault Tolerance and 2oo3.
Architectural constraints or AC
Limitations that are imposed on the hardware selected to implement a
safety-instrumented function, regardless of the performance calculated for a
subsystem. Architectural constraints are specified (in IEC 61508-2-Table 2
and IEC 61511-Table 5) according to the required SIL of the subsystem,
type of components used, and SFF of the subsystems components. Type A
components are simple devices not incorporating microprocessors, and
Type B devices are complex devices such as those incorporating
microprocessors. See Fault Tolerance.
As-built A document revision that includes all modifications performed as a result of
actual fabrication or installation. Note for safety systems, that where the
actual installation does not conform to the design information, then the
difference shall be evaluated and the likely impact on safety determined. If
the difference has no impact on safety, then the design information shall be
updated to as built status. If the difference has a negative impact on
safety, then the installation shall be modified to meet the design
requirements.
Asynchronous communication
Circuitry or operation without common clock or timing signals. Often called
start/stop transmission; a way of transmitting data in which each character
is preceded by a start bit and followed by a stop bit.
Page 2 of 33
Auto-tuning Controller feature that calculates proportional, integral and derivative (PID)
output settings based on calculations using measured process dynamics
and combining those with the parameters of a PID controller. Calculations
may be based on transient responses, frequency responses or parametric
models.
Availability The probability that a device is operating successfully at a given moment in
time. This is a measure of the uptime and is defined in units of percent.
For most tested and repaired safety system components, the availability
varies as a saw tooth with time as governed by the proof test and repair
cycles. Thus the integrated average availability is used to calculate the
average probability of failure on demand. See PFDavg.
Basic process control system
System which responds to input signals from the process, associated
equipment, and/or an operator and generates output signals causing the
process and its associated equipment to operate in the desired way. The
BPCS can not perform any safety instrumented functions rated with a safety
integrity level of 1 or better unless it meets proven in use requirements. See
proven in use.
Batch process A process that manufactures a fixed quantity of material by subjecting
measured quantities of raw materials to a time sequential order of
processing actions using one or more pieces of equipment. Typically used
for small volume production of high value materials.
-factor Beta factor, indicating common cause susceptibility. The fraction of total
failure rate that is attributed to a single cause in common with other units in
the group. A common cause failure will result in all units with the group
failing simultaneously.
BLEVE Boiling liquid expanding vapor explosion. A specific type of fireball that can
occur as the result of the situation where a vessel containing a pressurized
liquid comes in direct contact with external flame. As the liquid inside the
vessel absorbs the heat of the external fire, the liquid begins to boil,
increasing the pressure inside the vessel to the set pressure of the relief
valve(s). The heat of the external fire will also be directed to portions of the
vessel where the interior wall is not wet with the process liquid. Since the
process liquid is not present to carry heat away from the vessel wall, the
temperature in this region (usually near the interface of the boiling liquid),
will rise dramatically causing the vessel wall to overheat and become weak.
A short time after the vessel wall begins to overheat, the vessel can lose its
structural integrity and a rupture will occur. After vessel rupture, a fireball
will usually result with the external fire available as the ignition source.
BMS Burner management system. The control system designed to improve
combustion safety and assist the operator in starting and stopping the
burners. It also should prevent mis-operation and damage to the fuel
preparation and burning equipment. The BMS can include: interlock system,
fuel trip system, master fuel trip system, master fuel trip relay, flame
monitoring and tripping systems, ignition subsystem, main burner
subsystem, warm-up burner subsystem, bed temperature subsystem, and
duct burner system.
BPCS See Basic Process Control System.
Page 3 of 33
Burn-in Device operation, usually under accelerated environmental conditions that

simulate life in the devices' intended application, used to detect early-life
(infant mortality) failures. Such testing helps to ensure that constant failure
rate assumptions for equipment are valid and do not lead to accidents
during plant start up.
Bus A group of wires or conductors, considered as a single entity, which
interconnects part of a system.
Butterfly valve A valve consisting of a disc inside a valve body which operates by rotating
about an axis in the plane of the disc to shut off or regulate flow.
Calibration curve A plot of indicated value versus true value used to adjust instrument
readings for inherent error; a calibration curve is usually determined for
each calibrated instrument in a standard procedure and its validity
confirmed or a new calibration curve determined by periodically repeating
the procedure.
Capacitance The ability of a capacitor to store a charge. The greater the capacitance, the
greater the charge that can be stored. Also applied to tanks in process fluid
flow systems.
Cause and effect diagram
One method commonly used to show the relationship between the sensor
inputs to a safety function and the required outputs. Often used as part of a
safety requirements specification. The methods strengths are a low level of
effort and clear visual representation while its weaknesses are a rigid format
(some functions can not be represented w/ C-E diagrams) and the fact that
it can oversimplify the function.
Cavitation A two stage phenomenon of liquid flow. The first stage is the formation of
voids or cavities within the liquid system; the second stage is the collapse or
implosion of these cavities back into an all liquid state. Cavitation can cause
excessive wear and damage to devices in regions where the voids are
present.
CFSE/CFSP Certified Functional Safety Expert/Professional Qualifications for safety
engineers in either process applications, machine applications, hardware, or
software that demonstrates competence in safety lifecycle activities. These
qualifications are administered by the non-profit CFSE Governance
managed by a global consortium of vendor, user, integrator and consultant
companies.
Check valve A flow control device that permits flow in one direction and prevents flow in
the opposite direction
CPT or PTC Proof test coverage The percentage failures that are detected during the
servicing of equipment. In general it is assumed that when a proof test is
performed any errors in the system are detected and corrected (100% proof
test coverage).
CPQRA (Guidelines for) Chemical Process Quantitative Risk Analysis
Page 4 of 33
CPU central processing unit: The part of a computing system that contains the
arithmetic and logical units, instruction control unit, timing generators, and
memory and I/O interfaces. This is typically a very complex element which
requires Type B classification for SIL hardware fault tolerance requirements
according to IEC 61508.
Common mode failure
A random stress that causes two or more components to fail at the same
time for the same reason. It is different from a systematic failure in that it is
random and probabilistic but does not proceed in a fixed, predictable, cause
and effect fashion. See systematic failure.
Consequence The magnitude of harm or measure of the resulting outcome of a harmful
event. One of the two components used to define a risk.
Coriolis flow meter A mass flow meter which measures mass flow of a fluid by determining the
torque resulting from radial acceleration of the fluid. The name comes from
the Coriolis effect that describes the accelerating force acting on any body
moving freely above the earth's surface, which is caused by the rotation of
the earth about its axis.
Coverage See CPT
Cross talk The unwanted energy transferred from one circuit, the disturbing circuit, to
another circuit, the disturbed circuit. Typically signals electrically coupled
from another circuit.
D Diagnostics Some safety rated logic solvers are designated as having capital D
diagnostics. These are different from regular diagnostics in that the unit is
able to reconfigure its architecture after a diagnostic has detected a failure.
The greatest effect is for 1oo2D systems which can reconfigure to 1oo1
operation upon detecting a safe failure. Thus the spurious trip rate for such
a system is dramatically reduced.
Dangerous failure A failure of a component in a safety instrumented function that prevents that
function from achieving a safe state when it is required to do so. See failure
mode.
Dead time The interval of time between initiation of an input change or stimulus and
the start ofthe resulting response.
Decision table A table of all contingencies that are to be considered in the description of a
problem, together with the actions to be taken. Decision tables can be used
in place of flow charts for problem description and documentation.
Derivative control Change in the output that is proportional to the rate of change of the input.
Also called "rate control."
Design pressure The maximum allowable working pressure permitted under the rules of the
relevant construction code. See also pressure, design.
Diaphragm A sensing element consisting of a thin, usually circular, plate which is
deformed by pressure differential applied across the plate.
Diaphragm valve A valve with a flexible linear motion closure piece that is forced into the
internal flow passageway of the valve body by the actuator.
Page 5 of 33
Diagnostic coverage A measure of a systems ability to detect failures. This is a ratio between the
failure rates for detected failures to the failure rate for all failures in the
system.
Differential gap The smallest increment of change in a controlled variable required to cause
the final control element in a two position control system to move from one
position to its alternative position.
DP (Differential pressure) transmitter
A transducer designed to measure the pressure difference between two
points in a process and transmit a signal proportional to this difference,
without regard to the absolute pressure at either point. Often used to
measure flow by the pressure difference across a restriction in the flow line
or to measure level by measuring the pressure difference between the head
pressure produced by the height of a liquid in a vessel or tank and a
reference pressure.
Digital/Discrete I/O: Input or output that senses or sends either "on or off" (1 or 0) signals to
the field. For example a discrete input would sense the position of a switch
as energized or de-energized. A discrete output would turn a pump or light
on or off.
DCS Digital or Distributed Control System. DCSs historically refers to larger
analog control systems traditionally used for PID control in the process
industries, whereas PLCs were used for discrete or logic processing.
However, PLCs are gaining capability and acceptance in doing PID control
while the DCS has come to mean the system of input/output devices,
control devices and operator interface devices which execute the stated
control functions and permit transmission of control, measurement, and
operating information to and from multiple locations, connected by a
communication link. The DCS is specifically separate from the safety
instrumented system (SIS) in that there are no meaningful random common
mode failures between the two systems.
Digital valve A single valve casing containing multiple solenoid valves whose flow
capacities vary in binary sequence (1, 2, 4, 8, 16, ...); to regulate flow, the
control device sends operating signals to various combinations of the
solenoids; applications are limited to very clean fluids at moderate
temperatures and pressures.
DIN Abbreviation for the standards institution of the Federal Republic of
Germany.
Displacement level meter
A device that measures liquid level by means of a float and balance beam
connected to a position sensor.
Diversity applying different ways to performing a required function. Diversity may be
achieved by different physical methods or different design approaches.
Division 1-2 See Hazardous Area
Doppler effect flowmeter
Page 6 of 33
A device that uses ultrasonic techniques to determine flow rate; a

continuous ultrasonic beam is projected across fluid flowing through the
pipe, and the difference between incident beam and transmitted beam
frequencies is a measure of fluid flow rate.
Double block and bleed
A three valve configuration common in shut off applications. Two main shut
off valves (block valves) operate on the main process line to stop flow. Then
a third bleed valve to a vent can be opened to relieve pressure of remove
the process fluid from the region between the two block valves. Typically
considered as a 1oo2 voting shut off system provided the bleed valve
opening is not critical to achieving the safe state.
Dual-sealing valve A valve which uses a resilient seating material for the primary seal and a
metal to metal seat for a secondary seal.
Duplex Half duplex is where there is communications in both directions (transmit
and receive), but in only one direction at a given instant in time. Full duplex
is where there is communication that appear to have information transfer in
both directions (transmit and receive) at the same time.
Dust, combustible Dust that (when mixed with air in certain proportions) can be ignited and will
propagate a flame.
Dynamic pressure The increase in pressure above the static pressure that results from
complete transformation of the kinetic energy of the fluid into potential
energy in units of pressure.
Eddy current A circulating current induced in a conductive material by a changing
electromagnetic field.
E/E/PE Electrical / Electronic / Programmable Electronic See 61508 and 61511.
Effect Zone The physical area in which a harmful effect is felt by a receptor. For a toxic
release, the area over which the airborne concentration exceeds some level
of concern. For a physical energy release, the area over which a specified
overpressure criterion is exceeded. For thermal radiation effects, the area
over which an effect based on a specified damage criterion [e.g., a circular
effect zone surrounding a pool fire resulting from a flammable liquid spill,
whose boundary is defined by the radial distance at which the radiative flux
from the pool fire has decreased by 5 kW/m2 (approximately 1600 BTU/hr-
ft2)].
EIA Electronics Industry Association who provide standards for such things as
interchangeability between manufacturers.
EMI Electromagnetic Interference: Any spurious effect produced in the circuits or
elements of a device by external electromagnetic fields. NOTE: A special
case of interference from radio transmitters is known as "radio frequency
interference (RFI)"
Elevation error A type of error in temperature or pressure sensors that incorporate capillary
tubes partly filled with liquid; the error is introduced when the liquid filled
portion of the system is at a different level than the instrument case, the
amount of error varying with distance of elevation or depression.
Page 7 of 33
Event (Independent) Events that do not affect each other (can be series or parallel). Tossing two
coins (parallel)or one coin twice (series) are generally considered to be
independent events.
Event (Initiating) The first event in an event sequence (e.g., the stress corrosion resulting in
leak/rupture of the connecting pipeline to the ammonia tank)
Event (Intermediate) An event that propagates or mitigates the initiating event during an event
sequence (e.g., improper operator action fails to stop the initial ammonia
leak and causes propagation of the intermediate event to an incident; in this
case the intermediate event outcome is a toxic release)
Event tree analysis A method of fault propagation modeling. The analysis constructs a tree-
shaped picture of the chains of events leading from an initiating event to
various potential outcomes. The tree expands from the initiating event in
branches of intermediate propagating events. Each branch represents a
situation where a different outcome is possible. After including all of the
appropriate branches, the event tree ends with multiple possible outcomes.
Exception reporting An information system which reports on situations only when actual results
differ from planned results. When results occur within a normal range they
are not reported.
Explosion Combustion which proceeds so rapidly that a high pressure is generated
suddenly. This high pressure or shock wave is the result of a turbulent flame
boundary and is very difficult to predict relative to a flash fire which
propagates through laminar boundary flow.
Explosion (Physical) The result of sudden catastrophic rupture of a high-pressure vessel. The
blast wave is caused when the potential energy stored in the high-pressure
vessel is transferred to kinetic energy when that material is released. The
effect zone is determined by the quantity of energy released and the blast
shock wave overpressure resulting from the explosion.
Explosion (Vapor Cloud)
The result of ignition of a cloud of flammable vapor, when the flame velocity
is high enough (turbulent and supersonic) to produce an explosive shock
wave. The effect zone is determined by the quantity of energy released and
the blast shock wave overpressure resulting from the explosion.
Explosion door A door in a furnace or boiler setting designed to be opened by a
predetermined gas pressure.
Explosion proof enclosure
An enclosure that is 1) capable of withstanding an explosion of a gas or
vapor within it, 2) able to prevent the ignition of an explosive gas or vapor
that may surround it and 3) that operates with an external temperature that
a surrounding explosive gas or vapor will not be ignited from conditions
within the enclosure.
Fail close A condition wherein the valve closing component moves to a closed position
when the actuating energy source fails.
Fail in place/last A condition wherein the valve closing component stays in its last position
when the actuating energy source fails
Page 8 of 33
Fail open A condition wherein the valve closing component moves to an open position
when the actuating energy source fails.
Fail safe (or preferably de-energize to trip) A characteristic of a particular device
which causes that device to move to a safe state when it loses electrical or
pneumatic energy.
Failure rate The number of failures per unit time for a piece of equipment. Usually
assumed to be a constant value. It can be broken down into several
categories such as safe and dangerous, detected and undetected, and
independent/normal and common cause. Care must be taken to ensure that
burn in and wearout are properly addressed so that the constant failure rate
assumption is valid.
Failure modes The way that a device fails. These ways are generally grouped into one of
four failure modes: Safe Detected (SD), Dangerous Detected (DD), Safe
Undetected (SU), and Dangerous Undetected (DU) per ISA TR84.0.02.
FAT Factory acceptance test. A test performed before shipment to site, usually
at the vendor or integrator premises, often witnessed by the end user. Not a
mandatory step in IEC61511, but very common to avoid problems during
site acceptance testing (SAT) and site integration testing (SIT).
Fault propagation modeling
The analysis of the chain of events that leads to an accident. By analyzing
what events initiate that chain, which events contribute to, or allow the
accident to propagate, and establishing how they are logically related, the
event frequency can be determined. Fault propagation modeling techniques
use the failure rates of individual components to determine the failure rate of
the overall system.
Fault tolerance Ability of a functional unit to continue to perform a required function in the
presence of random faults or errors. For example a 1oo2 voting system can
tolerate one random component failure and still perform its function. Fault
tolerance is one of the specific requirements for safety integrity level (SIL)
and is described in more detail in IEC 61508 Part 2 Tables 2 and 3 and in
IEC 61511 (ISA 84.01 2004) in Clause 11.4
Fault tree diagram Probability combination method for estimating complex probabilities. Since it
generally takes the failure view of a system, it is useful in multiple failure
mode modeling. Care must be taken when using it to calculate integrated
average probabilities.
Fieldbus A Fieldbus is a digital, two-way, multi-drop communication link between
intelligent measurement and control devices. It serves as a Local Area
Network (LAN) for advanced process control, remote input/output and high
speed factory automation applications.
Final element Component of a safety function (such as a valve) which directly prevents
the harmful event and brings the process to a safe state.
Page 9 of 33
Fire (Flash) The result of ignition of a cloud of flammable vapor, when the flame velocity
is too slow (laminar and subsonic) to produce an explosive shock wave.
When a gas phase mixture of fuel an air is ignited, a flame front travels from
the point of ignition in all directions where the fuel/air concentration is within
flammable limits. The velocity of the flame front will determine the type of
damage that will be caused by this event.
Fire (Jet) Results when high-pressure flammable material is ignited as it is being
released from containment. The effect zone of a jet fire is proportional to the
size of the flame generated. As a high-pressure material is released from a
hole, the material will exit with a velocity that is mainly a function of system
pressure and hole size. As distance away from the hole increases, the
amount of oxygen in the mixture increases as air is entrained in the jet. As
the upper flammability limit threshold is crossed, the fuel and air react,
releasing the energy of combustion. As the combustion continues, entrained
air, unburned fuel and combustion products continue to move in the
direction of the release due to the momentum generated by the release.
Fire (Pool) Results when spilled flammable liquids are ignited. The magnitude of the
effect zone created by a pool fire will depend on the size of the flame that is
generated, which in turn depends on the size of the spill surface and the
properties of the spilled fluid. The flames footprint is determined by the
containment of the liquid spill, which is often controlled by any dikes or
curbs present. If a spill is unconfined, the liquid will spread over an area
determined by the fluids viscosity and the characteristics of the surface on
which the material is spilled, such as its porosity.
Fireball Result of a sudden and widespread release of a flammable gas or volatile
liquid that is stored under pressure, coupled with immediate ignition. This is
distinguished from a jet fire by the shorter duration of the event and the
difference in the geometry and shape of the flame. When a pressure vessel
containing a flammable gas or volatile liquid ruptures, the first result is the
quick dispersion of the flammable material as the high-pressure material
rapidly expands to atmospheric pressure. During this expansion, the release
will entrain large quantities of air as a result of the process. If the material in
the vessel is a volatile liquid, this process will also cause formation of an
aerosol with the dispersion of liquid droplets away from the release as a
result of the vapor expansion.
Fixed program language (FPL)
This type of language limits the user to adjusting a few parameters (for
example, range of the pressure transmitter, alarm levels, network
addresses). Typical examples of devices with FPL are: smart sensors (for
example, pressure transmitter), smart valves, sequence of events
controllers, dedicated smart alarm boxes, and small data logging systems.
Flammability Susceptibility to combustion. flammable (explosive) limits The flammable
(explosive) limits of a gas or vapor are the lower (LFL or LEL) and the upper
(UFL or UEL) percentages by volume of concentration of gas in a gas-air
mixture that will form an ignitable mixture
Flash point The minimum temperature where a liquid emits vapor in a concentration
sufficient to form an ignitable mixture with air near the surface of the liquid
but not sufficient to sustain combustion.
Page 10 of 33
Floating ball A full ball positioned within the ball valve that contacts either of two seat
rings and is free to move toward the seat ring opposite the pressure source
when in the closed position to effect tight shutoff
Flow straightener A supplementary length of straight pipe or tube, containing straightening
vanes or the equivalent, which is installed directly upstream of a flow meter
for the purpose of eliminating swirl from the fluid entering the flow meter
FMEDA Failure Modes Effects and Diagnostics Analysis - This is a detailed analysis
of the different failure modes and diagnostic capability for a piece of
equipment. This is an effective method for determining failure modes and
failure rates, a requirement for certification against IEC 61508 in most
certification agencies.
Four-wire transmitter Electronic transmitter that has separate pairs of wires for signal and power.
Full variability language (FVL)
This type of language is designed for computer programmers and provides
the capability to implement a wide variety of functions and applications
Typical example of systems using FVL are general purpose computers. In
the process sector, FVL is found in embedded software and rarely in
application software. FVL examples include: Ada, C, Pascal, Instruction List,
assembler languages, C++, Java, and SQL.
Functional safety Freedom from unacceptable risk achieved through the safety lifecycle. See
IEC 61508, IEC 65111, safety lifecycle, and tolerable risk.
Functional safety assessment
Activity performed by a competent senior engineer to determine if the safety
system does meet the specification and actually achieve functional safety
(freedom from unacceptable risk). This assessment is an important part of
reducing systematic failures. It must be performed at least after
commissioning and validation but before the hazard is present.
Fusible plug A hollowed threaded plug having the hollowed portion filled with a low
melting point material. This element is often used to provide a mechanical
relief device triggered by temperature causing the process fluid to vent
when the plug material melts.
Gain 1. Ratio of output signal magnitude to input signal magnitude; when less
than one this is usually called attenuation. 2. The relative degree of
amplification in an electronic circuit. 3. The ratio of the change in output to
the change in input which caused the change. 4. In a controller, the
reciprocal of proportional band Proportional band can be expressed as a
dimensionless number (gain) or as a percent.
Gasket A sealing member, usually made by stamping from a sheet of cork, rubber,
metal or impregnated synthetic material and clamped between two
essentially flat surfaces to prevent pressurized fluid from leaking through the
crevice; typical applications include flanged joints in piping, head seals in a
reciprocating engine or compressor, casing seals in a pump, or virtually
anywhere a pressure tight joint is needed between stationary members.
Also known as "static seal."
Page 11 of 33
Gate valve A valve with a closing piece in the form of a flat or wedge shaped gate
which may be moved linearly in or out of the flow stream. It has a straight
through flow path.
Gland A device for preventing a pressurized fluid from leaking out of a casing at a
machine joint, such as at a shaft penetration for a valve or pump. Also
known as "gland seal."
Globe valve 1. A valve with a closure piece that moves in a straight line, one or more
ports, and a body distinguished by a globular shaped cavity around the port
region. 2. A type of flow regulating valve consisting of a movable disc and a
stationary ring seat in a generally spherical body. In the general design, the
fluid enters below the valve seat and leaves from the cavity above the seat.
Go/no go test A test in which one or more parameters are determined, but which can
result only in acceptance or rejection of the test object, depending on the
value(s) measured.
Grab sampling A method of sampling bulk materials for analysis, which consists of taking
one or more small portions (usually only imprecisely measured) at random
from a pile, tank, hopper, railcar, truck or other point of accumulation.
Ground loop Circulating current between two or more connections to electrical ground.
This signal can be detected and displayed by electronic instruments. These
signals are generally not associated with the variable to be measured and
represent noise in the measuring system. They are typically broken
(removed) by adding optical coupling devices to the circuit.
HART Highway Addressable Remote Transducer. The HART protocol was
originated by Rosemount in the late 1980's. The protocol was "open" for
other companies to use and a User Group formed in 1990.
Hazard The potential for harm.
Hazard Matrix A category based method for assigning a safety integrity level (SIL). The
user must create a matrix that assigns defined categories to the
consequence (one axis dimension) and likelihood (other axis dimension)
components of the risk with a SIL assignment associated for each entry in
the matrix. In some cases, quantitative tools, such as LOPA, are used to
assist the analyst in determining which category to use, but often the
assignment is done qualitatively, using engineering judgment.
Hazardous area A US classification for an area in which explosive gas/air mixtures are, or
may be expected to be, present in quantities such as to require special
precautions for the construction and use of electrical apparatus.
Division 1 (hazardous). Where concentrations of flammable gases or vapors
exist a) continuously or periodically during normal operations; b) frequently
during repair or maintenance or because of leakage; or c) due to equipment
breakdown or faulty operation which could cause simultaneous failure of
electrical equipment. (See the US "National Electrical Code, Paragraph 500
4(a)" for detailed definition.)
Page 12 of 33
Division 2 (normally nonhazardous). Locations in which the atmosphere is

normally nonhazardous and may become hazardous only through the
failure of the ventilating system, opening of pipe lines, or other unusual
situations. (See the US "National Electrical Code, Paragraph 500 4(b)" for
detailed definition.)
Nonhazardous. Areas not classified as Division 1 or Division 2 are
considered nonhazardous. NOTE: It is safe to have open flames or other
continuous sources of ignition in nonhazardous areas [S12.4].
Hazardous material Any substance that requires special handling to avoid endangering human
life, health or well being. Such substances include poisons, corrosives, and
flammable, explosive or radioactive chemicals.
HAZOP Hazards and operability study. A process hazards analysis procedure
originally developed by ICI in the 1970s. The method is highly structured
and divides the process into different operationally-based nodes and
investigates the behavior of the different parts of each node based on an
array of possible deviation conditions or guidewords.
HFT Hardware fault tolerance (see fault tolerance)
H&MB Heat and Material Balance. An accounting of the distribution of the heat and
material input and output for a process. Usually prepared as part of the
process flow sheet or diagram (PFD) development early in an engineering
project. Usually part of the input to a HAZOP or other hazard identification
process.
Heuristic Pertaining to a method of problem solving in which solutions are discovered
by evaluation of the progress made toward the final solution, such as a
controlled trial and error method. An exploratory method of tackling a
problem, or sequencing of investigation, experimentation, and trial solution
in closed loops, gradually closing in on the solution. A heuristic approach
usually implies or encourages further investigation, and makes use of
intuitive decisions and inductive logic in the absence of direct proof known
to the user. Thus, heuristic methods lead to solutions of problems or
inventions through continuous analysis of results obtained thus far,
permitting a determination of the next step. A stochastic method assumes a
solution on the basis of intuitive conjecture or speculation and testing the
solution against known evidence, observations, or measurements. The
stochastic approach tends to omit intervening or intermediate steps toward
a solution. Contrast with stochastic and algorithmic.
HMI/MMI Human or Man Machine Interface. Refers to the software that the process
operator "sees" the process with. An example HMI/MMI screen may show a
tank with levels and temperatures displayed with bar graphs and values.
Valves and pumps are often shown and the operator can "click" on a device
to turn it on, off or make a set point change.
HSE (UK) Health and Safety Executive
Hydrogen damage Any of several forms of metal failure caused by dissolved hydrogen,
including blistering, internal void formation, and hydrogen induced delayed
cracking.
IDLH Immediately Dangerous to Life and Health. Use in consequence analysis to
estimate toxic effects on people.
Page 13 of 33
IEC International Electrotechnical Commission. A worldwide organization for

standardization. The object of the IEC is to promote international
cooperation on all questions concerning standardization in the electrical and
electronic fields. To this end and in addition to other activities, the IEC
publishes international standards. See 61508 and 61511.
Impact analysis activity of determining the effect that a change to a function or component
will have to other functions or components in that system as well as to other
systems
Impedance The complex ratio of a force-like parameter to a related velocity-like
parameter - for instance, force to velocity, pressure to volume, electric
voltage to current, temperature to heat flow, or electric field strength to
magnetic field strength.
Incident The result of an initiating event that is not stopped from propagating. The
incident is most basic description of an unwanted accident, and provides the
least information. The term incident is simply used to convey the fact that
the process has lost containment of the chemical, or other potential energy
source. Thus the potential for causing damage has been released but its
harmful result has not has not taken specific form.
Inductance 1. In an electrical circuit, the property that tends to oppose changes in
current magnitude or direction. 2. In electromagnetic devices, generating
electromotive force in a conductor by means of relative motion between the
conductor and a magnetic field such that the conductor cuts magnetic lines
of force.
Infrared Any electromagnetic wave whose wavelength is 0.78 to 300 microns.
Typically used to detect moisture or heat/temperature.
Integral control A type of controller function where the output (control) signal or action is a
time integral of the input (sensor) signal.
Interference, common mode
A form of interference which appears between measuring circuit terminals
and ground. See also EMI.
Interference, electromagnetic
Any spurious effect produced in the circuits or elements of a device by
external electromagnetic fields. NOTE: A special case of interference from
radio transmitters is known as "radio frequency interference (RFI)" See also
EMI.
Interference, normal-mode
A form of interference which appears between measuring circuit terminals.
See also EMI.
Interlock 1. Instrument which will not allow one part of a process to function unless
another part is functioning. 2. A device such as a switch that prevents a
piece of equipment from operating when a hazard exists. 3. To arrange the
control of machines or devices so that their operation is interdependent in
order to assure their proper coordination.
Page 14 of 33
Intrinsic safety 1. A type of protection in which a portion of the electrical system contains
only intrinsically safe equipment (apparatus, circuits, and wiring) that is
incapable of causing ignition in the surrounding atmosphere. No single
device or wiring is intrinsically safe by itself (except for battery-operated
self-contained apparatus such as portable pagers, transceivers, gas
detectors, etc., which are specifically designed as intrinsically safe self-
contained devices) but is intrinsically safe only when employed in a properly
designed intrinsically safe system. This type of protection is referred to by
IEC as "Ex I.". 2. Design methodology for a circuit or an assembly of circuits
in which any spark or thermal effect produced under normal operating and
specified fault conditions is not capable under prescribed test conditions of
causing ignition of a given explosive atmosphere. 3. A method to provide
safe operation of electric process control instrumentation where hazardous
atmospheres exist. The method keeps the available electrical energy so low
that ignition of the hazardous atmosphere cannot occur. 4. A protection
technique based upon the restriction of electrical energy within apparatus
and of interconnecting wiring, exposed to a potentially explosive
atmosphere, to a level below that which can cause ignition by either
sparking or heating effects. Because of the method by which intrinsic safety
is achieved, it is necessary to ensure that not only the electrical apparatus
exposed to the potentially explosive atmosphere but also other electrical
apparatus with which it is interconnected is suitably constructed.
I/O Input/Output. Refers to the electronic hardware where the field devices are
wired. Discrete I/O would have switches for inputs and send signals to
solenoid valves and pumps for outputs. Analog I/O would have continuously
variable process values inputs, and controller outputs.
I/S barrier Intrinsic safety barrier. Physical element that limits current and voltage into
a hazardous area in order to satisfy Intrinsic Safety requirements.
IPL Independent protection layer or layers. This refers to various other methods
of risk reduction possible for a process. Examples include items such as
rupture disks and relief valves which will independently reduce the likelihood
of the hazard escalating into a full accident with a harmful outcome. In order
to be effective, each layer must specifically prevent the hazard in question
from causing harm, act independently of other layers, have a reasonable
probability of working, and be able to be audited once the plant is operation
relative to its original expected performance.
ISA Instrumentation, Systems and Automation Society See IEC 61511.
Jacketed valve A valve body cast with a double wall or provided with a second wall by
welding material around the body so as to form a passage for a heating or
cooling medium. Also refers to valves which are enclosed in split metal
jackets having internal heat passageways or electric heaters. Also referred
to as "steam jacketed" or "vacuum jacketed. " In a vacuum jacketed valve, a
vacuum is created in the space between the body and secondary outer wall
to reduce the transfer of heat by convection from the atmosphere to the
internal process fluid, usually cryogenic.
Page 15 of 33
Ladder diagram Symbolic representation of a control scheme. The power lines form the two
sides of a ladder like structure, with the program elements arranged to form
the rungs. The basic program elements are contacts and coils as in
electromechanical logic systems. Typically programs of this form fall into the
limited variability language (LVL) category.
Lambda Failure rate for a system. See failure rate.
Laser Doppler flowmeter
An apparatus for determining flow velocity and velocity profile by measuring
the Doppler shift in laser radiation scattered from particles in the moving
fluid stream
Latent fault A fault that is present but hidden from regular means of detection. Typically
these faults can only be identified as part of an accident or a detailed proof
test.
LEL/LFL Lower explosive (or flammable) limit. See flammability.
Likelihood The frequency of a harmful event often expressed in events per year or
events per million hours. One of the two components used to define a risk.
Note that this is different from the traditional English definition that means
probability.
Limited variability language (LVL)
This type of language is designed for process sector users, and provides
the capability to combine predefined, application specific, library functions to
implement the safety requirements specifications. An LVL provides a close
functional correspondence with the functions required to achieve the
application. Typical examples of LVL are ladder diagram, function block
diagram and sequential function chart
Linear variable differential transformer (LVDT)
A position sensor consisting of a central primary coil and two secondary
coils wound on the same core; a moving iron element linked to a
mechanical member induces changes in self induction that are directly
proportional to movement of the member.
Linear variable reluctance transducer (LVRT)
A position sensor consisting of a centre tapped coil and an opposing moving
coil attached to a linear probe; the winding is continuous over the length of
the core, instead of being segmented as in an LVDT.
Load cell A transducer for the measurement of force or weight. Action is based on
strain gauges mounted within the cell on a force beam.
Loop A combination of two or more instruments or control or safety functions
arranged so that signals pass from one to another for the purpose of
measurement and/or control of a process variable or executing a safety
function.
Longitudinal redundancy check (LRC)
Error detection scheme that consists of a byte where each bit is calculated
on the basis of the parity of all the bits in the block that have the same
power of two.
Page 16 of 33
LOPA Layer of Protection Analysis. A method of analyzing the likelihood

(frequency) of a harmful outcome event based on an initiating event
frequency and on the probability of failure of a series of independent layers
of protection capable of preventing the harmful outcome.
Markov analysis A fault propagation method used to analyze failure rate or probability for
safety instrumented functions. A diagram is constructed to represent the
system under consideration including the logical relationships between its
components. In Markov analysis there are a group of circles, each of which
represents a system state. The different states are connected with
transitions, which are shown as arrows and indicate paths to move from one
state to another. The transitions are quantified using either failure rates
when the transition is from an OK state to a failed state or repair rates when
the transition is from a failed state back to an OK state. As with other
models, there are several solution methods to obtain results. For safety
instrumented system applications, the method using steady state equations
is not appropriate. Numeric discrete time solutions are excellent.
Mode (Continuous) When demands to activate a safety function (SIF) are frequent compared to
the test interval of the SIF. Note that other sectors define a separate high
demand mode, based on whether diagnostics can reduce the accident rate.
In either case, the continuous mode is where the frequency of an unwanted
accident is essentially determined by the frequency of a dangerous SIF
failure. When the SIF fails, the demand for its action will occur in a much
shorter time frame than the function test, so speaking of its failure
probability is not meaningful. Essentially all of the dangerous faults of a SIF
in continuous mode service will be revealed by a process demand instead
of a function test. See low demand mode, high demand mode, and SIL.
Mode (High Demand) (also continuous mode per IEC 61511) Similar to continuous mode only
there is specific credit taken for automatic diagnostics. The split between
high demand and continuous mode is whether the automatic diagnostics
are run many times faster than the demand rate on the safety function. If the
diagnostics are slower than this there is no credit for them and the
continuous mode applies.
Mode (Low Demand) (also demand mode per IEC 61511) when demands to activate the safety
instrumented function (SIF) are infrequent compared to the test interval of
the SIF. The process industry defines this mode when the demands to
activate the SIF are less than once every two proof test intervals. The low
demand mode of operation is the most common mode in the process
industries. When defining safety integrity level for the low demand mode, a
SIFs performance is measured in terms of average Probability of Failure on
Demand (PFDavg). In this demand mode, the frequency of the initiating
event, modified by the SIFs probability of failure on demand times the
demand rate and any other downstream layers of protection determine the
frequency of unwanted accidents.
Modulation 1. The process or the result of the process by which some characteristic of
one wave is varied in accordance with some characteristic of another wave
(AM, amplitude modulation; PM, phase modulation; FM, frequency
modulation). 2. The action of a control valve to regulate fluid flow by varying
the position of the closure component.
Page 17 of 33
MTTF Mean Time to Failure - The average amount of time until a system fails or
its expected failure time. Please note that the MTTF can be assumed to be
the inverse of failure rate (lambda) for a series of components, all of which
have a constant failure rate for the useful life period of the components.
MTTR Mean Time to Repair The average time between the occurrence of a
failure and the completion of the repair of that failure. This includes the time
needed to detect the failure, initiate the repair and fully complete the repair.
MTTFS Mean Time to Fail Spurious - The mean time until a failure of the system
causes a spurious process trip.
Multiplexing The transmission of a number of different messages simultaneously over a
single circuit.
MWP maximum working pressure. See Pressure, maximum working
NAK Negative acknowledgment. This code indicates that the last block
transmitted was in error and that the receiver is expecting a re-transmission.
Needle valve Its essential design feature is a slender tapered rodlike control element
which fits into a circular or conoidal seat. Operating the valve causes the
rod to move into or out of the seat, gradually changing the effective cross
sectional area of the gap between the rod and its seat. Typically used for
precise low flow applications.
NEMA standard Consensus standards for electrical equipment approved by the majority of
the members of the US National Electrical Manufacturers Association.
NC / (NO) Normally Closed (Normally Open) 1. A switch position where the usual
arrangement of contacts permits (prevents) the flow of electricity in the
circuit. 2. In a solenoid valve, an arrangement whereby the disk or plug is
seated (open) when the solenoid is de-energized. 3. A field contact that is
closed (open) for a normal process condition and open (closed) when the
process condition is abnormal. 4. A valve with means provided to move to
and/or hold in its closed (open) position without actuator energy supply. 5.
Relay contacts that are closed (open) when the coil is not energized.
NIOSH (US) National Institute of Occupational Safety and Health
Noise 1. In process instrumentation, an unwanted component of signal or. See
"interference, electromagnetic". 2. Any spurious variation in the electrical
output not present in the input. 3. An unwanted component of a signal or
variable which obscures the information content. 4. Random variations of
one or more characteristics of any entity, such as voltage, current, or data.
5. A random signal of known statistical properties of amplitude, distribution,
and spectral density. 6. Loosely, any disturbance tending to interfere with
the normal operation of a device or system
Nozzle 1. A short flanged or welded neck connection on a drum or shell for the
outlet or inlet of fluids; also a projecting spout through which a fluid flows. 2.
A streamlined device for accelerating and directing fluid flow into a region of
lower fluid pressure. 3. A particular type of restriction used in flow system to
facilitate flow measurement by pressure drop across a restriction
Nuisance trip See safe failure
Page 18 of 33
Occupancy A measure of the probability that the effect zone of an accident will contain
one or more personnel receptors of the effect. This probability should be
determined using plant-specific staffing philosophy and practice. See effect
zone.
Offset 1. A sustained deviation of the controlled variable from set point. This
characteristic is inherent in proportional controllers that do not incorporate
reset action. 2. Offset is caused by load changes. 3. The steady state
deviation when the set point is fixed. NOTE: The offset resulting from a no
load to a full load change (or other specified limits) is often called "droop" of
load regulation." 4. A constant and steady state of deviation of the
measured variable from the set point.
On-off control A simple form of control whereby the control variable is switched fully on or
fully off in response to the process variable rising above the set point or
falling below the set point respectively. Cycling always occurs with this form
of control.
Orifice meter A plate with a calibrated sharp edged hole in it. The plate is positioned
across the flow stream in a pipe for measuring fluid flow rates. It typically
has differential pressure taps positioned near the orifice and a calibrated
calculation element to convert the measured pressure difference into a flow
rate value.
OSHA Occupational Safety and Health Administration
OSI Open system interconnection. A seven layered model of communications
networks defined by ISO. The seven layers are:
Layer 7 Application: provides the interface for application to access the OSI
environment.
Layer 6 Presentation: provides for data conversion to preserve the meaning
of the data.
Layer 5 Session: provides user to user connections.
Layer 4 Transport: provides end to end reliability.
Layer 3 Network: provides routing of data through the network.
Layer 2 Data Link: provides link access control and reliability.
Layer 1 Physical: provides an interface to the physical medium.
Overrange In process instrumentation, of a system or element, any excess value of the
input signal above its upper range value or below its lower range value
Overrange limit The maximum input that can be applied to a device without causing damage
or permanent change in performance.
Override control 1. Generally, two control loops connected to a common final control
element-one control loop being nominally in control with the second being
switched in by some logic element when an abnormal condition occurs so
that constant control is maintained. 2. A technique in which more than one
controller manipulates a final control element. The technique is used when
constraint control is important.
Page 19 of 33
Overshoot 1. The amount of output measured beyond the final steady output value, in
response to a step change in the input. NOTE: Expressed in percent of the
equivalent step change in output. 2. A transient response to a step change
in an input signal which exceeds the normal or expected steady state
response. 3. The maximum difference between the transient response and
the steady state response.
Pareto chart A display of the number of failures of components by part number in
descending order of failure rate or number of failures observed. Data may
also be shown taking into account the total cost of each failure.
Parity A check that tests whether the number of ones or zeroes in an array of
binary digits is odd or even used to verify data storage and transmission.
This is usually done by calculating the sum of the " 1 " bits in a data unit and
determining if it is either an odd or even number. A binary digit (parity bit) is
then added to a group of bits to make the sum of all the bits always odd
(odd parity) or always even (even parity).
PFDavg Probability of Failure on Demand average- This is the probability that a
system will fail dangerously, and not be able to perform its safety function
when required. PFD can be determined as an average probability or
maximum probability over a time period. IEC 61508/61511 and ISA 84.01
use PFDavg as the system metric upon which the SIL is defined.
Also Process Flow Diagram. A diagram of the basic process equipment
usually accompanied by a heat and material balance. Typically prepared
early in an engineering project, it is usually part of the input to a HAZOP or
other hazard identification process.
pH meter An instrument for electronically measuring electrode potential of an aqueous
chemical solution and directly converting the reading to pH value. pH is the
symbol for the measurement of acidity or alkalinity. Solutions with a pH
reading of less than 7 are acid; solutions with a pH reading of more than 7
are alkaline on the pH scale of 0 to 14, where the midpoint of 7 is neutral.
PHA Process hazards analysis. Required by both PSM and the safety lifecycle.
Identifying the hazards of a process for all reasonably foreseeable
circumstances, determining the sequence of events leading to harm, and
estimating the likelihood (frequency) and consequence magnitude of the
potential harm. Various hazard identification methods include Checklist,
What if?, What if? / Checklist, HAZOP (Hazards and Operability Study),
FMEA (Failure Modes and Effects Analysis), and Fault Tree Analysis.
Physical relief device
Mechanical equipment that performs an action to relieve pressure when the
normal operating range of temperature or pressure has been exceeded.
Physical relief devices include pressure relief valves, thermal relief valves,
rupture disks, rupture pins, and high temperature fusible plugs.
PID control Proportional-plus-integral-plus-derivative control, used in processes where
the controlled variable is affected by long lag times.
Pigtail A 270 or 360 loop in pipe or tubing to form a trap for vapor condensate.
Used to prevent high temperature vapors from reaching the instrument.
Used almost exclusively in static pressure measurement.
Page 20 of 33
P&ID Piping and instrumentation drawing. Shows the interconnection of process

equipment and the instrumentation used to control the process. In the
process industry, a standard set of symbols is used to prepare drawings of
processes. The instrument symbols used in these drawings are generally
based on Instrument Society of America (ISA) Standard S5. 1. 2. The
primary schematic drawing used for laying out a process control installation.
Pitot tube 1. An instrument for measuring stagnation pressure of a flowing liquid; it
consists of an open tube pointing upstream, into the flow of fluid, and
connected to a pressure indicator or recorder. 2. An instrument which will
register total pressure and static pressure in a gas stream, used to
determine its velocity.
PLL Probable loss of life. A numerical expression for the magnitude of a
consequence in terms of the most likely number of lives that will be lost in a
given event or over a given time interval. The value need not be a whole
number.
Plug valve 1. A valve with a closing element that may be cylindrical, conical or a
spherical segment in shape that is opened or closed with rotary motion. 2. A
type of shutoff valve consisting of a tapered rod with a lateral hole through
it. As the rod is rotated 90 about its longitudinal axis, the hole is first
aligned with the direction of flow through the valve and then aligned
crosswise, interrupting the flow.
Positioner A position controller, which is mechanically connected to a moving part of a
final control element or its actuator, and automatically adjusts its output
pressure to the actuator in order to maintain a desired position that bears a
predetermined relationship to the input signal. The positioner can be used to
modify the action of the valve (reversing positioner), extend the
stroke/controller signal (split range positioner), increase the pressure to the
valve actuator (amplifying positioner) or modify the control valve flow
characteristic (characterised positioner).
PLC Programmable Logic Controller. These computers replace relay logic and
often have PID (proportional integral and derivative) controllers built into
them. PLCs are very fast at processing discrete signals (like a switch
condition). They can be designed for either regular or SIL rated applications.
Predictive control 1. A type of automatic control in which the current state of a process is
evaluated in terms of a model of the process and controller actions modified
to anticipate and avoid undesired excursions. 2. Self tuning. 3. Artificial
intelligence.
Pressure, design The pressure used in the design of a vessel or device for the purpose of
determining the minimum permissible thickness or physical characteristics
of the parts for a given maximum working pressure (MWP) at a given
temperature.
Pressure, maximum working
Page 21 of 33
The maximum total pressure permissible in a device under any

circumstances during operation, at a specified temperature. It is the highest
pressure to which it will be subjected in the process. It is a designed safe
limit for regular use. NOTE: MWP can be arrived at by two methods: a)
designed-by adequate design analysis, with a safety factor; b) tested-by
rupture testing of typical samples.
Pressure relief device
A mechanism that vents fluid from an internally pressurized system to
counteract system overpressure; the mechanism may release all pressure
and shut the system down (as does a rupture disc) or it may merely reduce
the pressure in a controlled manner to return the system to a safe operating
pressure (as does a spring loaded safety valve).
Prior use See Proven in use
Proof test Testing of safety system components to detect any failures not detected by
automatic on-line diagnostics i.e. dangerous failures, diagnostic failures,
parametric failures followed by repair of those failures to an equivalent as-
new state. Proof testing is a vital part of the safety lifecycle and is critical to
ensuring that a system achieves its required safety integrity level throughout
the safety lifecycle.
Protection layer See IPL.
Proven in use Basis for use of a component or system as part of a safety integrity level
(SIL) rated safety instrumented system (SIS) that has not been designed in
accordance with IEC 61508. It requires sufficient product operational hours,
revision history, fault reporting systems, and field failure data to determine if
the is evidence of systematic design faults in a product. IEC 61508 provides
levels of operational history required for each SIL.
Proportional control A control mode in which there is a continual linear relationship between the
deviation computer in the controller, the signal of the controller, and the
position of the final control element.
PSM Process safety management. Part of the US requirement under the
Occupational Safety and Health Administration (OSHA) guidelines for
managing risk when dealing with large quantities of certain materials. The
regulation (29 CFR 1910.119) was published in 1992 to help prevent or
minimize the consequences of catastrophic releases of toxic, reactive,
flammable, or explosive chemicals.
PTC or CPT Proof Test Coverage The percentage failures that are detected during the
servicing of equipment. In general it is assumed that when a proof test is
performed any errors in the system are detected and corrected (100% proof
test coverage).
PTI or TI Proof Test Interval - The time interval between servicing of the equipment.
Purging 1. The addition of air or inert gas (such as nitrogen) into the enclosure
around the electrical equipment at sufficient flow to remove any hazardous
vapors present and sufficient pressure to prevent their re entry. 2.
Elimination of an undesirable gas or material from an enclosure by means
of displacing the undesirable material with an acceptable gas or material.
Page 22 of 33
Pyrometer Any of a broad class of temperature measuring instruments or devices.

Some typical pyrometers include thermocouples, radiation pyrometers,
resistance pyrometers and thermistors, but usually not thermometers. It is a
temperature transducer that measures temperatures by the EM radiation
emitted by an object, which is a function of the temperature.
Quick-opening valve Control valve with trim characteristic designed to produce large flow
capacity with small amount of valve opening.
Random failure A failure occurring at a random time, which results from one or more
degradation mechanisms. Random failures can be effectively predicted with
statistics and are the basis for the probability of failure on demand based
calculations requirements for safety integrity level. See systematic failure.
Rated capacity The manufacturers stated capacity rating for mechanical equipment, for
instance, the maximum continuous capacity in pounds of steam per hour for
which a boiler is designed.
Ratio controller 1. A controller that maintains a predetermined ratio between two or more
variables. 2. Maintains the magnitude of a controlled variable at a fixed ratio
to another variable.
Receptor The object or persons on the receiving end of the harm in an unwanted
event. Common receptors include personnel, plant equipment, plant
production, the environment, and the general public.
Redundancy Use of multiple elements or systems to perform the same function.
Redundancy can be implemented by identical elements (identical
redundancy) or by diverse elements (diverse redundancy). Redundancy of
primarily used to improve reliability or availability.
Reliability 1. The probability that a device will perform its objective adequately, for the
period of time specified, under the operating conditions specified. 2. The
probability that a component, piece of equipment or system will perform its
intended function for a specified period of time, usually operating hours,
without requiring corrective maintenance.
Reliability block diagram
Probability combination method for estimating complex probabilities. Since it
generally takes the success view of a system, it can be confusing when
used in multiple failure mode modeling.
Relief valve An automatic pressure relieving device actuated by the pressure upstream
of the valve and characterized by opening pop action with further increase
in lift with an increase in pressure over popping pressure. See pressure
relief device.
Repeatability The ability of a transducer to reproduce output readings when the same
input value is applied to it consecutively under the same conditions, and in
the same direction. NOTE(S): Repeatability is expressed as the maximum
difference between output readings; it is expressed as "within percent of full-
scale output." Two calibration cycles are used to determine repeatability
unless otherwise specified.
Page 23 of 33
Repeater 1. Device used to extend the range over which signals can be correctly
transmitted and received for a given medium. 2. A device that amplifies or
regenerates data signals in order to extend the distance between data
stations.
Resealing pressure The inlet pressure at which fluid no longer leaks past a relief valve after it is
closed.
Response 1. The change in output of a device in relation to a change of input. 2.
Defined output for a given input under explicitly stated conditions.
Risk Risk is a measure of the likelihood (frequency) and consequence (severity)
of an adverse effect. (i.e., How often can harm happen and what will be the
effects if it does?)
Risk (Inherent) The risk from a completed process design that contains a given amount of
process materials at given process parameters (i.e. temperature, pressure,
etc.) Can usually be managed by good process engineering.
Risk (Unmitigated) The level of risk that is present in a process before any safety instrumented
systems are considered. This level helps identify how much risk reduction is
required to be provided by any safety instrumented system installed as part
of a process. This unmitigated risk level must be defined in terms of both
consequence and likelihood.
Risk graph A qualitative and category-based method of safety integrity level (SIL)
assignment. Risk graph analysis uses four parameters to make a SIL
selection: consequence, occupancy, probability of avoiding the hazard, and
demand rate. Each of these parameters is assigned a category and a SIL is
associated with each combination of categories. In some cases, quantitative
tools, such as LOPA, are used to assist the analyst in determining which
category to use, but typically the assignment is done qualitatively. Using the
selected categories, the analyst follows the resulting path that leads to the
associated SIL assignment.
Risk integral A summation of risk as expressed by the product of consequence and
frequency. The integral is summed over all of the potential unwanted events
that can occur. If calculating the risk integral for loss of life, the
consequence of concern and thus the units of the integral are fatalities. It is
useful in combination with event trees to determine a total value of risk for
an group of related accidents.
RMP Risk management plan. Part of the US requirement under the Occupational
Safety and Health Administration (OSHA) guidelines for managing risk
when dealing with large quantities of certain materials.
RRF Risk Reduction Factor - The inverse of PFDavg
RTD Resistance Temperature Device
Rupture disc A diaphragm designed to burst at a predetermined pressure differential.
Symbol rupture disc device A nonreclosing pressure relief device that
relieves excessive static inlet pressure via a rupture disc.
Safe area 1. Nonhazardous (unclassified) location. 2. An area in which explosive
gas/air mixture are not expected to be present so that special precautions
for the construction and use of electrical apparatus are not required.
Page 24 of 33
Safe failure Failure that does not have the potential to put the safety instrumented
system in a dangerous or fail-to-function state. The situation when a safety
related system or component fails to perform properly in such a way that it
calls for the system to be shut down or the safety instrumented function to
activate when there is no hazard present.
Safe failure fraction See SFF.
Safe state The state of the process after acting to remove the hazard resulting in no
significant harm.
Safety ground 1. A connection between metal structures, cabinets, cases, etc. which is
required to prevent electrical shock hazard to personnel. 2. Safety ground is
not a signal reference point.
Safety lifecycle The procedures to first analyze the situation and document the safety
requirements (Analysis Phases). Then, translate these requirements into a
documented safety system design, using appropriate software and
hardware subsystems and design methodology (Realization Phases). Next,
evaluate the system against the required integrity and reliability
specifications and modify it as needed. Finally, operate and maintain the
system according to accepted procedures (Operation Phases), and
document the results to insure that performance standards are maintained
throughout the systems life. See 61508 and 61511.
Safety manual Document required for equipment certified in accordance with IEC 61508
that describes the conditions of use for that equipment in safety
applications. It typically includes usage requirements/restrictions,
environmental limits, optional settings, failure rate data, useful life data,
common cause beta estimate, inspection and test procedures. The safety
manual may be part of another document.
Safety requirements specification
Specification containing all the requirements of the safety functions that
have to be performed by the safety-related system. It includes both what the
functions must do and also how well they must do it. It is often a contractual
document between companies and is one of the most important documents
in the safety lifecycle process.
Sample interval The rate at which a controller samples the process variable, and calculates
a new output. Ideally, the sample interval should be set between 4 and 10
times faster than the process dead time.
Sampling rate For a given measurement, the number of times that it is sampled per
second in a time division multiplexed system. Typically, it is at least five
times the highest data frequency of the measurement.
SAT Site acceptance test. Involves shipment of the system(s) to site, installation
and start-up activities. Tests then validate that the installed safety
instrumented system and its associated safety instrumented functions
achieve the requirements as stated in the Safety Requirement Specification.
Note: Full loop checking may come at a later stage.
Saturation A situation when a further change in the input signal produces no significant
additional change in the output.
Page 25 of 33
SCADA Supervisory control and data acquisition: Operator interface and monitoring
of (usually remote) control devices by computer.
Seal chambers Enlarged pipe sections in measurement impulse lines to provide a) a high
area to volume displacement ratio to minimize error from hydrostatic head
difference when using large volume displacement measuring elements, and
b) to prevent loss of seal fluid by displacement into the process. Also known
as Seal Pots
Seal leg The piping from the instrument to the top elevation of the seal fluid in the
impulse line. seal on disk A seal ring located in a groove in the disk
circumference. The body is unlined in this case [S75.05].
Seat The fixed area of a valve into which the moving part of a valve rests when
the valve is closed to retain pressure and prevent flow.
Segmented ball A closure piece in a valve that is a segment of a spherical surface which
may have one edge contoured to yield a desired flow characteristic.
Sensor device or combination of devices that measure the process condition (e.g.,
transmitters, transducers, process switches, position switches, etc.)
Sensor group For complex safety functions, there may be more than one property which is
measured to determine if a shut down is required.
Set point 1. An input variable which sets the desired value of the controlled variable It
is expressed in the same units as the controlled variable.
Set pressure The inlet pressure at which a safety relief valve opens; usually a pressure
established by specification or code.
SFF Safe Failure Fraction - The fraction of the overall failure rate of a device that
results in either a safe fault or a diagnosed (detected) unsafe fault. The safe
failure fraction includes the detectable dangerous failures when those
failures are annunciated and procedures for repair or shutdown are in place.
SIF Safety Instrumented Function A set of equipment intended to reduce the
risk due to a specific hazard (a safety loop). Its purpose is to 1.
Automatically taking an industrial process to a safe state when specified
conditions are violated; 2. Permit a process to move forward in a safe
manner when specified conditions allow (permissive functions); or 3. Taking
action to mitigate the consequences of an industrial hazard. It includes
elements that detect an accident is imminent, decide to take action, and
then carry out the action needed to bring the process to a safe state. Its
ability to detect, decide and act is designated by the safety integrity level
(SIL) of the function. See SIL.
Sight glass A glass tube, or a glass faced section of a process line, used for sighting
liquid levels or taking manometer readings.
Signal common 1. The signal common shall refer to a point in the signal loop which may be
connected to the corresponding points of other signal loops. It may or may
not be connected to earth ground [S50.1]. 2. The reference point for all
voltage signals in a system. Current flow into signal common is minimized to
prevent IR drops which induce inaccuracy in the signal common reference.
Signal isolation Signal isolation refers to the absence of a connection between the signal
loop and all other terminals and earth ground.
Page 26 of 33
SIL Safety Integrity Level - A quantitative target for measuring the level of
performance needed for safety function to achieve a tolerable risk for a
process hazard. Defining a target SIL level for the process should be based
on the assessment of the likelihood that an incident will occur and the
consequences of the incident. The following table describes SIL for different
modes of operation.
LOW DEMAND MODE SIL

SIL PFDavg RRF
10 to < 10 > 10,000 to 100,000
-5 -4
4
3 10-4 to < 10-3 > 1,000 to 10,000
10 to < 10 > 100 to 1,000
-3 -2
2
1 10 to < 10
-2 -1
> 10 to 100
HIGH DEMAND or CONTINUOUS MODE SIL

SIL PFDavg per hour
4 10-9 to < 10-8
3 10-8 to < 10-7
2 10-7 to < 10-6
1 10-6 to < 10-5
SIL selection The process of defining tolerable risk, confirming existing risk (both
likelihood and consequence) and assigning a SIL rated safety function as
needed to achieve a tolerable level of risk.
SIL verification The process of calculating the average probability of failure on demand (or
the probability of failure per hour) and architectural constraints for a safety
function design to see if it meets the required SIL.
SIS Safety Instrumented System Implementation of one or more Safety
Instrumented Functions. A SIS is composed of any combination of
sensor(s), logic solver(s), and final element(s). A SIS is usually has a
number of safety functions with different safety integrity levels (SIL) so it is
best avoid describing it by a single SIL. See SIF.
SIT Site integration test. Once site acceptance testing is completed, the basic
process control system and the safety instrumented system (SIS)
communications and any hard-wired links are integrated and tested as a
complete system to ensure that the system as a whole functions correctly.
SIS signals, diagnostics, bypasses and alarms displayed on shared basic
process control system human machine interface (HMI) screens will be
tested during this stage.
Snubber 1. A device which is used to damp the motion of the valve stem. This is
usually accomplished by an oil filled cylinder/piston assembly. The valve
stem is attached to the piston and the flow of hydraulic fluid from one side of
the piston to the other is restricted. 2. A mechanical or hydraulic device for
restraining motion. 3. A device installed between an instrument and the
process used to protect the instrument from rapid pressure fluctuations.
Page 27 of 33
Solenoid A type of electromechanical operator in which back and forth axial motion of
a ferromagnetic core within an electromagnetic coil performs some
mechanical function; common applications include opening or closing
valves or electrical contacts.
Solenoid valve A shutoff valve whose position is determined by whether or not electric
current is flowing through a coil surrounding a moving iron valve stem.
Span The difference between the upper and lower range values.
Spurious trip See Safe failure
Standard condition 1. A temperature of 0C and a pressure of 1 atmospheres (760 torr). Also
known as "normal temperature and pressure (NTP)"; "standard temperature
and pressure (STP)." 2. According to the American Gas Association (AGA),
a temperature of 60F (1 5-5/9C) and a pressure of 30 inches of mercury
(762 mm). 3. According to the Compressed Gas Institute (CGI), a
temperature of 20 C (68F) and a pressure of 1 atmosphere.
Standpipe A vertical tube filled with a liquid such as water.
Static head liquid level meter
A pressure sensing device, such as a gauge, connected in the piping
system so that any dynamic pressures in the system cancel each other and
only the pressure difference due to liquid head above the gauge position is
registered.
Static pressure 1. The pressure of a fluid that is independent of the kinetic energy of the
fluid. 2. Pressure exerted by a gas at rest, or pressure measured when the
relative velocity between a moving stream and a pressure measuring device
is zero.
Stochastic Pertaining to direct solution by trial and error, usually without a step by step
approach, and involving analysis and evaluation of progress made, as in a
heuristic approach to trial and error methods. In a stochastic approach to a
problem solution, intuitive conjecture or speculation is used to select a
possible solution, which is then tested against known evidence,
observations or measurements. Intervening or intermediate steps toward a
solution are omitted. Contrast with "algorithmic" and "heuristic. "
Stress corrosion cracking
Deep cracking in a metal part due to the combination of tensile stress and a
corrosive environment, causing failure in less time than could be predicted
by simply adding the separate effects of stress and the corrosive
environment.
Supervisory control A term used to imply that a controller output or computer program output is
used as an input to other controllers. See SCADA.
Suppressed range A suppressed range is an instrument range which does not include zero.
The degree of suppression is expressed by the ratio of the value at the
lower end of the scale to the span.
Page 28 of 33
Systematic failure A failure that happens in a deterministic (non random) predictable fashion from
a certain cause, which can only be eliminated by a modification of the
design or of the manufacturing process, operational procedures,
documentation, or other relevant factors. Since these are not
mathematically predictable, the safety lifecycle includes a large number of
procedures to prevent them from occurring. The procedures are more
rigorous for higher safety integrity level systems and components. Such
failures cannot be prevented with simple redundancy.
Target flow meter A device for measuring fluid flow rates through the drag force exerted on a
sharp edged disk centered in a circular flow path due to differential pressure
created by fluid flowing through the annulus. Usually, the disk is mounted on
a bar whose axis coincides with the tube axis, and drag force is measured
by a secondary device attached to the bar.
Thermal type flow meter
An apparatus where heat is injected into a flowing fluid stream and flow rate
is determined from the rate of heat dissipation; either the rise in temperature
or some point downstream of the heater or the amount of thermal or
electrical energy required to maintain the heater at a constant temperature
is measured.
Thermistor A temperature transducer constructed from semiconductor material and for
which the temperature is converted into a resistance, usually with negative
slope and highly nonlinear.
Thermocouple Two dissimilar wires joined together that generate a voltage proportional to
temperature when their junction is heated relative to a reference junction.
See thermojunction.
TI Test Interval This acronym is typically used in risk analysis equations to
represent the proof test interval described above.
Temperature Indicator This acronym is used in piping and Instrumentation
Diagrams (P&IDs) to designate a device with measures and displays the
temperature.
Thermojunction Either of the two locations where the conductors of a thermocouple are in
electrical contact; one, the measuring junction, is in thermal contact with the
body whose temperature is being determined, and the other, the reference
junction, is generally held at some known or controlled temperature.
Thermowell A thermowell is a pressure tight receptacle adapted to receive a
temperature sensing element and provided with external threads, flanges or
other means for pressure tight attachment to a vessel.
Time constant 1. The value t in an exponential response term. For the output of a first
order system forced by a step or an impulse, t is the time required to
complete 63.2% of the total rise or decay. In higher order systems, there is
a time constant for each of the first order components of the process. 2. The
length of time required for the output of a transducer to rise to 63% of its
final value as a result of a step change of input.
Torque tube flow meter
Page 29 of 33
A device for measuring liquid flow through a pipe in which differential

pressure due to the flow operates a bellows, whose motion is transmitted to
a recorder arm by means of a flexible torque tube.
Transient response The response of a transducer to a step change of input. NOTE: Transient
response, as such, is not shown in a specification except as a general
heading, but is defined by such characteristics as time constant, response
time, ringing period, etc
Trim The internal parts of a valve which are in flowing contact with the controlled
fluid. Can be designed to any of the following requirements:
Anti cavitation: reduces the tendency of the controlled liquid to cavitate.
Anti noise: reduces the noise generated by fluid flowing through the valve.
Balanced: minimizes the net static and dynamic fluid flow forces acting on
the trim.
Restricted or Reduced: has a flow area less than the full flow area for that
valve.
Soft-seated: with an elastomeric, plastic or other readily deformable material
used either in the closure component or seat ring to provide shutoff with
minimal actuator forces.
Turbine flow meter A volumetric flow measuring device using the rotation of a turbine type
element to determine flow rate.
Turndown The ratio of the maximum plant design flow rate to the minimum plant
design flow rate.
TV Technische berwachungsverein (technical inspection association) Any one
of a number of different private German companies which provide
assessment services to various industries including process safety
engineering.
Two-wire transmitter Electronic transmitter which uses the power wires (typcally 24vdc) for signal
transmission, usually by manipulating the current flow (typically 4-20mA) to
represent the desired signal.
U tube manometer A device for measuring gauge pressure or differential pressure by means of
a U shaped transparent tube partly filled with a liquid, commonly water; a
small pressure above or below atmospheric is measured by connecting one
leg of the U to the pressurized space and observing the height of liquid
while the other leg is open to the atmosphere; a small differential pressure
may be measured by connecting both legs to pressurized space for
example, high and low pressure regions across an orifice or venturi.
UEL/UFL Upper explosive (or flammable) limit. See flammability.
Ultrasonic flow meter A device for measuring flow rates across fluid streams by either Doppler
effect measurements or time of transit determination; in both types of flow
measurement, displacement of the portion of the flowing stream carrying the
sound waves is determined and flow rate calculated from the effect on
sound wave characteristics.
UL Underwriters Laboratories An independent US testing and certifying
organization.
Page 30 of 33
Useful life See wearout

V Model The basic project execution model that starts with high level design and
goes down to detailed design followed by testing of the detailed design and
then testing of the higher level design elements.
V orifice "V"-shaped flow control orifice which allows a characterized flow control as
the gate moves in relation to the fixed Vee opening.
Validation the activity of demonstrating that the safety instrumented function(s) and
safety instrumented system(s) under consideration after installation meets
in all respects the safety requirements specification.
Valve body The part of the valve which is the main pressure boundary relative to the
ambient. The body also provides the pipe connecting ends, the fluid flow
passageway, and may support the seating surfaces and the valve closure
member.
Valve body assembly An assembly of a body, bonnet assembly, bottom flange and trim elements.
The trim includes a valve plug which opens, shuts or partially obstructs one
or more ports.
Valve bonnet An assembly including the part through which a valve plug stem moves and
a means for sealing against leakage along the stem. It usually provides a
means for mounting the actuator. Sealing against leakage may be
accomplished by packing or a bellows. A bonnet assembly may include a
packing lubricator assembly with or without isolating valve. Radiation fins or
an extension bonnet may be used to maintain a temperature differential
between the valve body and sealing means.
Valve flow coefficient (Cv) The number of US gallons (3.785 liters) per minute of 60F (15.6C)
water that will flow through a valve with a one pound per square inch (6.89
kPa) pressure drop.
Vapor pressure 1. The pressure of a vapor corresponding to a given temperature where the
liquid and vapor are in equilibrium. Vapor pressure increases with
temperature. 2. The pressure (for a given temperature) at which a liquid is in
equilibrium with its vapor. As a liquid is heated, its vapor pressure will
increase until it equals the total pressure of the gas above the liquid; at this
point the liquid will begin to boil.
Venturi meter A type of flow meter that measures flow rate by determining the pressure
drop through a venturi constriction. A venturi is a constriction in a pipe, tube
or flume consisting of a tapered inlet, a short straight constricted throat and
a gradually tapered outlet; fluid velocity is greater and pressure is lower in
the throat area than in the main conduit upstream or downstream of the
venturi; it can be used to measure flow rate, or to draw another fluid from a
branch into the main fluid stream.
Verification Activity of demonstrating for each phase of the safety lifecycle by analysis
and/or tests that, for the specific inputs, the deliverables meet the objectives
and requirements set for the specific phase.
Page 31 of 33
Vortex flow meter A device that measures flow by sensing the movement of vortices in a pipe
or conduit. The instrument usually is constructed with a partial barrier
(vortex shedder) inserted perpendicular to the flow to allow formation of
vortices, and sensor(s) to detect the passing vortices. The vortices are shed
from one side of the shedder and then the other side as the fluid flows
around the shedder. The sensor counts the number of vortices generated
per unit of time and the velocity of the fluid can then be calculated.
Wearout The point where a piece of equipment has accumulated enough stress and
weakened to the point where its failure rate increases significantly. Note that
since essentially all safety systems assume a constant failure rate, theye
must be replaced before they reach this wearout point.
Windup Saturation of the integral mode of a controller developing during times when
control cannot be achieved, which causes the controlled variable to
overshoot its set point when the obstacle to control is removed.
Zero shift A change in the output in response to a zero input over a specified period of
time and at room conditions.. NOTE: This error is characterized by a parallel
displacement of the entire calibration curve [S37. 1]. 2. A shift in the
instrument calibrated span evidenced by a change in the zero value.
Usually caused by temperature changes, overrange, or vibration of the
instrument.
Zone The international method of specifying the probability that a location is made
hazardous by the presence, or potential presence, of flammable
concentrations of gases and vapors. NOTE: Zone classification has not yet
been defined for dust.
Zone 0: Classification of a location in which an explosive concentration of a
flammable gas or vapor mixture is continuously present or is present for
long periods.
flammable or explosive gas or vapor mixture is likely to occur in normal
operation.
flammable or explosive gas or vapor mixture is unlikely to occur in normal
operation and, if it does occur, will exist only for a short time
References:
Cross Instrumentation; Control Valve and Actuator Definitions downloaded from
http://www.crossinstrumentation.com/tn/Presentation/Presentations%20Literature/
Common%20terms/Glossary.xls on 17 November 2006
Gerry, John; Glossary of Process Control Terms downloaded from
http://www.expertune.com/glossary.html on 15 November 2006.
Goble, W. M, Control Systems Safety Evaluation & Reliability. ISA 1998
Guidelines for Chemical Process Quantitative Risk Analysis; (New York: American Institute of
Chemical Engineers Center for Chemical Process Safety) 2000.
IICA; Dictionary of Technical Terms downloaded from http://www.iica.org.au/info/terms/ on 15
November 2006
Page 32 of 33
IEC 61508; Functional Safety of electrical / electronic / programmable electronic safety-related

systems, IEC, 1998, 2000.
IEC 61511 / ISA 84.00.01-2004; Functional safety - Safety instrumented systems for the process
industry sector IEC 2003; ISA 2004.
Marszal, E., and Scharpf, E.; Safety Integrity Level Selection Systematic Methods Including Layer
of Protection Analysis ISA 2002.
PAControl.com; Foundation Fieldbus Glossary downloaded from
http://www.pacontrol.com/ffglossary.html on 15 November 2006.
Page 33 of 33

Functional Safety Terms and Acronyms Glossary

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Functional Safety Terms and Acronyms Glossary

Hochgeladen von

Copyright:

Verfügbare Formate

Functional Safety Terms and Acronyms

Burn-in Device operation, usually under accelerated environmental conditions that

A device that uses ultrasonic techniques to determine flow rate; a

Division 2 (normally nonhazardous). Locations in which the atmosphere is

IEC International Electrotechnical Commission. A worldwide organization for

LOPA Layer of Protection Analysis. A method of analyzing the likelihood

P&ID Piping and instrumentation drawing. Shows the interconnection of process

The maximum total pressure permissible in a device under any

Pyrometer Any of a broad class of temperature measuring instruments or devices.

LOW DEMAND MODE SIL

HIGH DEMAND or CONTINUOUS MODE SIL

A device for measuring liquid flow through a pipe in which differential

Useful life See wearout

IEC 61508; Functional Safety of electrical / electronic / programmable electronic safety-related

Das könnte Ihnen auch gefallen