E10.1) The tolerable level of hazardous events is mainly determined by: a) The IEC 61508 standard, b) Left to the regulatory body in each country c) Determined by the organization d) Fixed by default to be 2,500 US or equivalent. E10.2) An event causing shutdown to a process and possible injury to personnel classified (in 3 severity scale) as a) Extensive b) Serious c) Minor d) Low likelihood E10.3) Which is NOT true about safety lifecycle process: a) can reduce SIS costs. b) increases process safety c) helps ensure that regulations are met. d) Reduces the cost of dangerous events. E10.4) Which is NOT a prevention layer? a) Basic Process Control b) Fire Alarm Systems c) Safety Instrumentation systems d) Rules and Procedures. E10.5) Which layer is the focus of IEC61508 and 61511? a) Basic Process Control b) Fire Alarm Systems c) Safety Instrumentation systems d) Rules and Procedures ET E10.6) Scrubbers and flares are considered a) Preventive systems b) Mitigating systems c) Part of the basic plant control systems d) Safety Instrumented Function E10.7) Which is NOT true about IEC61508? a) IEC61508 consists of 7 parts b) IEC61508 addresses suppliers and manufacturers of devices c) The main structure points are Safety management, safety lifecycle and functional safety assessment d) Provides examples of methods for the determination of safety integrity levels; e) Based on 61511 concept of safety mitigation layers. E10.8) Which is NOT true about IEC61511? a) IEC61508 consists of 3 parts b) IEC61508 addresses system integrators and end users c) The main structure points are Safety management, safety lifecycle, and functional safety assessment d) Provides a frame work that can be applied to any industry specific applications. e) Based on 61508 concept of safety lifecycle. Modern Distributed Control Systems October, 2010 Moustafa Elshafei 10-35 E10.9) What parts of the safety lifecycle are subject to functional safety management? a) The analysis phase b) The operation phase c) Only the phases before commissioning d) Only during project execution E10.10) A safety lifecycle ends when a) It never ends b) When the project is fully commissioned c) When the safety system is decommissioned d) When the safety system is proven in use. E10.11) Which of the following methods is NOT usually part of the analysis phases of the safety life cycle? a) Layer of Protection Analysis (LOPA) b) SIL Verification Analysis c) HAZOP d) Risk Analysis E10.12) The total failure rate for a pressure switch is 5 10 failures per hour. The %Safe is 40%. What is the dangerous failure rate? a) 5.0 10 b) 60% c) 3.0 10 d) 7.5 10 E10.13) The failure rate for an electronic component is 312 FITS. What is the equivalent failure in units of failures per hour? a) 31.2 10-9 b) 31.2 24365 -273312 E10.14) According to the safety lifecycle in IEC 61508, when should a process hazards analysis be conducted? a) Immediately after defining the project scope b) Immediately before specifying the overall safety requirements c) Immediately before verifying the Safety Instrumented Function (SIF) will achieve the required risk reduction d) Both a and b are correct. E10.15) In the analysis phase of the safety lifecycle, the following activity is done: a) Install SIS b) Analyze Risk c) Decommission SIS d) Operation and validation planning e) SIS validation E10.16) A pressure transmitter has an MITF of 200 years. What is the failure rate in failures per year? a) 1/MTTF =0.005 failures per year b) 200/365 days in a year) C) MTTF/Number of years =200/200=1 failure per year E10.17) A pressure transmitter has an MTTF of 200 years. What is the failure rate in FITS? a) 570 FITS b) 57 FITS c) 0.0228 FIT'S E10.18) A motor is driven by AC power. The availability of the AC power is 0.99, and the availability of the motor is 0.97. What is the combined availability? Modern Distributed Control Systems October, 2010 Moustafa Elshafei 10-36 AC POWER MOTOR a) 0.99 b) 0.97 c) 0.96 d) 0.98 E10.19) An instrument has a failure rate of 0.01 failures per year. What is the unreliability for a five-year mission? a) 0.0488 b) 10-10 c) 0,002 d) 20 E10.20) The rate of a dangerous event if a system is left without protection is an accident every 16 months. The desired tolerable level is one accident every 1000 years. What is the required Risk Reduction Factor RRE? a) 16000 b) 800 c) 16 10 d) 0.016 E10.21) The rate of a dangerous event, if a system is left without protection, is an accident every 16 months. The desired tolerable level is one accident every 1000 years. What is required PFD of the Safety Instrumented System? a) 0.0013 b) 0.008 c) 0,016 d) 1.25 W E10.22) The risk analysis of a dangerous event indicates an SIS of PF Davg -3 10 or less is required, what is the SIL level of the required SIS? a) SILI b) SIL2 c) SIL3 d) SIL4 E10.23) A pressure release valve has an MTTF of 200 years. Can it be used in SIL3 SIS? a) Yes b) No E10.24) Two identical pressure release valves a MTTF of 20 years, will be used in 1002 HFT configuration Can this system meet SIL 2 requirements? a) Yes b) No