SIL (Safety Integrity Level) Analysis

Summary

Designing Safety Instrumented System (SIS) complying with international standards on functional safety, IEC 61508/IEC 61511 has been widely adopted practice. Safety Integrity Level (SIL) analysis assigns SIL required for SIS according to the magnitude of the process risk (associated with safety, environment and asset) it needs to address, then determine the SIS configuration and frequency of functional tests necessary for maintaining the SIL throughout the lifecycle.

Examples of SIL Analysis Implementation

Overall Scheme of SIL Analysis

Process risk analysis is conducted by a multidisciplinary team composed of process engineer, operation specialist, control & instrument engineer, safety & environmental specialist under the lead by risk analysis specialist.
Through assessment of the process risks, the SIL required for each SIS is determined.
TOYO’s expert performs quantitative reliability analysis and proposes the SIS configuration and the frequency of functional tests for achieving the SIL determined.

Potential hazard analysis

Process hazard analyses such as HAZOP Study is conducted to identify the hazard scenario that forms the base of the process risk analysis.

Process risk analysis (SIL determination)

With respect to the hazard scenarios identified by the process hazard analysis, risk assessment criteria that consider the hazard severity (C), frequency of hazard occurrence (W), possibility of avoiding the hazard (P) and other elements are applied to determine the SIL required for each SIS. SIL is defined as follows based on the Average Probability Failure on Demand (PFDavg), which indicates the probability of a system failing to perform a specified function on demand.

Average Probability of Failure on Demand

Safety Integrity Level (SIL)Average Probability of Failure on Demand (PFDavg)
SIL 410-4 > PFDavg ≧ 10-5
SIL 310-3 > PFDavg ≧ 10-4
SIL 210-2 > PFDavg ≧ 10-3
SIL 110-1 > PFDavg ≧ 10-2

Figure-1. Example of Risk Assessment Criteria: Risk Graph

Figure-1. Example of Risk Assessment Criteria: Risk Graph

Verification on SIL

  • Whether the SIS satisfies the requirements on system configuration and PFD specified in IEC 61508/IEC 61511 is verified.
    PFDTotal = PFDsensor + PFDlogic + PFDfinal element
  • Through reliability analysis that uses fault tree or other methods, the SIS configuration and frequency of functional tests for the constituent elements necessary for achieving the SIL are determined.
  • The failure rate data of the SIS constituent elements used for reliability analysis are obtained from the vendor or from publicly available data sources.
Figure-2. Example of Fault Tree Application

Figure-2. Example of Fault Tree Application

Figure-3. Example of Typical System Configuration by SIL

Figure-3. Example of Typical System Configuration by SIL

Effects of implementation

Grading the importance of SIS (SIL determination) according to the potential risks provides the criteria for effectively allocating the facility and maintenance costs to where they are needed.
By periodically conducting functional tests based on the SIL analysis results, preventive maintenance can be provided in a planned manner.