Functional Safety: Where Compliance Ends and Confidence Begins

If you’ve ever worked in major hazard industries and hydrogen projects you’ll know that trust in the Safety Instrumented System (SIS) can be the key difference in prevention vs. escalation of an incident.

That trust? It comes from applying Functional Safety Management (FSM) throughout the facility lifecycle. It begins during the design phase where risk allocation (HAZOPs and LOPAs) defines the hazards and reliability that the SIS needs to meet. It continues into the SIS design and deployment through the Safety Requirements Specification (SRS), Safety Instrumented Level (SIL) verification, equipment selection and factory acceptance testing all the way to commissioning where the sensors, controllers and final elements are tested against the requirements of the SRS. It continues into the operations phase where modifications are required.

In my career, I’ve seen a lot of systems that tick all the right boxes; technically compliant, SIL ratings, signed off and commissioned. However, without a robust FSM system in place throughout the lifecycle these SISs may no longer be fit for purpose. Examples include changes in process conditions, changes in process safety times, modifications to facilities, failure to select appropriate equipment, inadequacies in testing and failure to consider spurious trips in the design.

When demand is placed on the SIS we need it to work. As such you need more than compliance, you need assurance throughout the lifecycle. That’s what FSM is there to provide.

What Functional Safety Really Demands

Functional safety isn’t just about achieving a SIL level, it’s about proving that your systems will perform, in context, under stress, and with human interaction.

For the process industries international standards IEC 61511 and IEC 61508 set the requirements and are recognised by industry and regulators as good practice. The requirement for functional safety is not limited to the design phase alone but stretches across every phase of an asset’s lifecycle:

• Hazard and risk assessment (e.g. HAZOP)
• Safety Requirements Specification (SRS)
• SIL determination, allocation and verification
• Design, installation, commissioning
• Operation, maintenance and modification
• Eventual decommissioning

In addition to application of the FSM system throughout the lifecycle there are Functional Safety Assessments (FSAs) that need to be undertaken, usually by a third party, to demonstrate that the SIS meets the SRS requirements. Whether it’s FSA 1 before design, or FSA 4 during ongoing operation, functional safety must be continually validated to ensure systems haven’t drifted from their original performance intent. In addition to FSAs there is a need to conduct safety audits, involving a comprehensive review of documentation related to functional safety practices and processes.

What makes this challenging isn’t the technical calculations. It’s the human factors. Systems are upgraded, operators change, control logic gets revised, and assumptions fade over time. If FSM isn’t embedded into the project / facility / operator, there is the potential for risk creep.

Lessons Learned Offshore

One of the biggest lessons I’ve learned is this: FSM is as much about discipline as it is about design.

I’ve worked on facilities where ESD systems weren’t proof-tested in years; where SRS documents were forgotten after commissioning; where modifications were made on paper but never re-verified against original SIL assumptions; where cybersecurity measures had not been assessed.

And in every one of those cases, the system wasn’t broken – but it wasn’t safe either.

That’s why a robust FSM approach matters. Not because it prevents failure entirely, but because it gives you confidence in your SIS which is often the last barrier between prevention vs. escalation of an incident.

How We Approach FSM at Kent

At Kent, we treat FSM as a lifecycle commitment, not a compliance phase. That means:

• Clear SRS development:that guides engineering from the start
• Smart SIL selection:that balances protection with cost (we recently helped a client save over AUD $2M annually by selecting the appropriate SIL level, not the highest)
• Independent FSAs:conducted across all five stages, especially FSA 4 for ageing assets
• Modular support:for SIS upgrades, decommissioning, and hydrogen readiness
• Hands-on verification:during commissioning and operations, not just desk-based audits

Whether it’s a greenfield facility or a brownfield modification, our aim is the same: to make sure the system you rely on still does what it was built to do, when you need it most.

Why This Matters Now

The pressure on process safety systems has never been higher. We’re dealing with older infrastructure, newer fuels, tighter margins, and greater public scrutiny.

That makes FSM not just a good idea but a strategic imperative. It’s how we reduce uncertainty. How we align operations with intent. And how we build not just safe systems, but safe operations that last.

For me, functional safety is where compliance ends, and confidence begins. It's about more than just HAZOP and SIL verification. It's about making sure that the SIS we trust with people’s lives actually work when it matters. And ensuring that this dependability continues, year after year, modification after modification.

In major hazard industries, we have come to rely on SIS to keep us safe from harm. With the rapid development in this field and greater automation more reliance will continue to be placed on the SIS. Knowing that the SIS is robust and reliable throughout the lifecycle can give operators confidence that they are safe and the difference between everyone going home safely or an escalation of an incident.