NTNU Course

PK 6022 in reliability of safety critical functions is one out of several courses in the specialization of reliability, availability, maintenance and safety.


This particular course places focus on safety-critical systems and how to ensure and verify that they are sufficiently safe and reliable. Safety-critical systems are implemented in many different ways across industry sectors, but some fundamental properties and framing conditions (like standards) will apply. The course aims for a generic focus (with respect to applications), but with specific examples taken from different industry sectors. After taking this course, the participants should be familiar with prevailing framing conditions, methods used to formulate reliability and safety requirements of new safety functions, and methods used to verify if the requirements have been met.

The course is also an arena to bring in experience and discussions with basis in participants own experience. New regulatory requirements, new types of threats, new demands for services, and new technologies all make design of safety-critical system a moving target. What was the best solution yesterday, may not be the best suited to meet challenges of tomorrow.

Target group: The topics covered are relevant for engineers in the field of automation, mechanical engineering, technical safety, and computer science who are directly or indirectly involved in design and reliability assessment of safety-critical systems that employ electrical/electronic/programmable electronic technologies.

More specific topics covered in the course are:

  • Definition and interpretation of key concepts and requirements in IEC 61508 and related standards, like IEC 61511. Selected topics from the Norwegian Oil and Gas guideline GL 070 may also be addressed, as an example of a how an industry guideline may be developed with basis in international standards.
  • The implementation of functional safety management for safety-critical systems, in design phases as well as in operation
  • Relationship between risk acceptance, reliability target measure, and reliability requirement for safety-critical functions.
  • Definition and interpretation of safety integrity level (SIL), and the principle distinction between SIL requirement and design according to the SIL requirement.
  • Methods for deriving at SIL-requirements, including risk graph, layers of protection analysis (LOPA), and minimum SIL (the latter is the method advocated in GL 070).
  • Definition and interpretation of reliability target measures like probability of failure on demand (PFD) and failure frequency (PFH), and their link to SIL requirements.Definition and interpretation of specific measures to achieve reliable hardware architectures (architectural constraints).
  • Methods and models for preparing for and assessing the reliability of safety-critical functions, including:
  • Functional analysis
  • Failure modes and effects analysis, with focus on the application of FMEDA.
  • Methods and models for quantification of PFDavg and PFHavg, including reliability block diagrams, fault trees, Markov methods. The derivation of formulas that are presented in IEC 61508, part 6, is also included.
  • Estimation and/or selection of values for common cause failures (CCFs) parameters
  • Application of the PDS method, as a special case of reliability assessments
  • Reliability implications of imperfect testing, with focus on the effects of partial stroke testing.
  • Loss of production measures, with focus on models for quantifying the spurious trip rate.
  • Choice of reliability data sources
  • Follow-up of SIL requirements in operation
  • Relationship between security analyses, RAM analyses, and SIL analyses
  • Requirements to the development of software for application programs.

Published January 1, 2017


Norwegian centre of force for developing Safety Instrumented Systems (SIS) in the petroleum industry