Quick update — I’m feeling a bit under the weather this week, so I’m going to reschedule our deep dive review session to make sure I can give it the energy and focus it deserves. I’ll post the new date and time once I’m back on my feet — aiming for Friday if all goes well. In the meantime, if there’s a specific topic or question you’d like me to cover in that session, drop it in the comments below so I can build it into the updated plan. Appreciate your understanding, and I’ll catch you all very soon. – Richard

This session we're reviewing a live burner management system SIL scenario brought by Tomasz Barnert CFSE PhD. The scenario: a protection system with multiple SIFs protecting a furnace. The vendor is claiming SIL 2. Several genuinely contested questions around independence, compound SIF analysis, and LOPA conservatism. Tomasz has three specific questions for the group — and a third point of view he's been holding back for the session. No slides. No lecture. Bring your read on it. Premium members only. Link below.

When they’re gone, Premium moves from $30 to $59/month as soon as they are taken. What’s inside at founding price: → Decision Review Live — 14th April, 18:00 UK. Bring a real scenario. Peer review from working engineers, not a lecture. Tomasz is bringing a burner management system SIL claim with three genuinely contested questions. → Weekly Discussion — Fridays 10:00 UK. One question, open conversation. → Full template library — FSMS, proof test procedures, SRS, LOPA, competency assessment. All aligned to IEC 61508 and 61511. → SILVerify access — three-barrier SIL verification with automatic Word report generation. → Nuclear guidance notes — process vs nuclear practice across eight technical areas, based on ONR TAGs. $30/month. 2 spots left

My proposed topic for discussion: I have experience in conducting a SIL requirement assessments for furnace burning systems. Each client of such analyses have a little bit different approach and risk assessment procedures which I should follow. However as an analyst and session leader I don't agree with them sometimes. It is always a challenge for me, as analyzing such a system raises many questions about the validity of decisions made during the LOPA. Briefly: This particular protection system consists of many instrumented safety functions protecting the furnace, like low and high pressure of the fuel gas, low pressure of combustion air, loss of flame, overpressure in the combustion chamber, wrong air/fuel ratio, CO/O2 flue gas detection, flue gas damper closure detection and some others depending on specific technology used. So the first issue of this SIL analysis is related to the layers of protection. In the most conservative case, we can't take any additional layers of protection independent of the analyzed function. Why? Because all possible other actions are still the same: close the double shutoff valves at the fuel supply line to the burners. The same valves which are part of the SIF we are talking about. What's more it's not always possible to ensure a low personnel presence rate in the hazardous area. This of course results in very high SIL requirements. But I always wonder if this approach is practical and not too conservative? The second question is whether each of these SIFs really needs to be analyzed separately, when most of them protect the furnace from loss of flame and a chamber from the formation of an explosive atmosphere. Perhaps some functions can actually be considered as a one SIF with redundancy and diversification of measurement systems detecting different physical quantities? This case is much closer to my approach of practical side of functional safety. By the way, I've got also a third point of view but maybe I will describe it a little bit later during a discussion.

Just uploaded: Functional Safety in Nuclear — How Non-Power Nuclear Facilities Differ from the Process Industry. 22 pages. Covers the eight areas where nuclear practice materially differs from IEC 61511 — regulatory framework, classification, software, defence in depth, proof testing, the safety case, and the concept everyone gets wrong when they first encounter Class 1 integrity targets. Written for process industry engineers who are entering nuclear, or who want to understand why things are done differently there. It's in the Premium classroom now.