Understanding SIL

Training Session - Lunch and Learn

Understanding Safety Integrity Level (SIL)Dinesh Vijay Bhurke

13th March 2014

Why Safety ? Basic Concepts, Definitions, Acronyms SIL concept Standards – IEC, ISA Layer of Protection concept Risk Management SIL Assignment /Assessment (Risk Reduction)

Hazard Matrix method Risk Graph method LOPA method

Content

2Training: Lunch & Learn Session

Why Safety ?


Chernobyl, Nuclear Power Plant, April 1986

Piper Alpha Platform, July 1986

Bhopal Gas Leak disaster

WORLD’s WORST INDUSTRIAL DISTASTERS

http://en.wikipedia.org/wiki/File:Bhopal-Union_Carbide_2.jpg

Why Safety ?


WORLD’s WORST INDUSTRIAL DISTASTERS

Source: Emerson’s PlantWeb University, SIS 103 - Safety Standards.

28 aprile 2023

Pres..bozza.. 5

Introduction

Freedom from unacceptable risk.

Per Year Per YearOccupation Staying at homeChemical Industry 5 in 1,00,000 Electrocution 1.2 in 10,00,000Mining(Coal) 2 in 10,000

TravelInvoluntary Air(Scheduled) 2 in 10,00,000Lightining 1 in 100,00,000 Train 3 in 10,00,000Fire 2 in 1,00,000 Car 2 in 10,000Run over 6 in 1,00,000 Motor Cycle 2 in 100

Fatality Rates

What is Risk? Frequency of occurrence of harm X Severity of that harm.

Risk without any Protection

Tolerable Risk

CONSEQUENCES

FRE

QU

EN

CY

Reduction

Why Safety?

What is Safety ?

6

People Outside Plant

People Inside Plant

Environment

Assets Corporate Image

Off-Spec Production

Safety Vs. Availability

• SIL: Safety Integrity Level• SIF: Safety Instrumented Function• SIS: Safety Instrumented System (ESD)• SFF: Safe Failure Fraction = (ƛs+ ƛdd)/ (ƛs+ ƛdd+ ƛdu)• SRS: Safety Requirements Specification• STR: Spurious Trip Rate• RRF: Risk Reduction Factor• PFD: Probability of Failure on Demand• PFDavg, SIF: Probability that the SIF fails to respond to a Process Demand

(PFDavg, SIF = PFDsensor + PFDlogic solver + PFDFE + PFDpower supply)

• MTTF: Mean Time To Failure (e.g. 76 yrs)• MTTR: Mean Time To Repair (e.g. 1 month)• MTBF: Mean Time Between Failure (= MTTF + MTTR)• ALARP: As Low As Reasonably Practicable• IPL: Independent Protection Layer• FMEA: Failure Mode and Effect Analysis• FTA: Fault Tree Analysis• LOPA: Layer of Protection Analysis• HAZOP: Hazard and Operability Analysis

Acronyms


Understanding Safety Integrity Level (SIL)

• What does SIL mean?– Safety Integrity Level – A measure of probability to fail on demand(PFD) of the SIS.– It is statistical representation of the integrity of the SIS when a

process demand occurs.– A demand occurs whenever the process reaches the trip

condition and causes the SIS to take action.– There are 4 SIL levels. SIL Levels are measures of how we

achieve function safety.– Applies to the complete safety function/loop– Higher SIL means Stricter requirements. Safety Function fails less and thus plant protection is available more.


Understanding Safety Integrity Level (SIL)

• SIL is how we measure the performance of safety functions carried out by safety instrumented systems

• SIL must be viewed from 3 perspectives– Process Owners Which Safety function do I need and how much do I need?– Engg. Companies, System Integrators, Product Developers How do I Build SIL compliant safety devices, function or systems?– Plant Operators How do I operate, maintain and repair safety functions and systems to maintain identified SIL levels?


SIL STANDARDS


IEC-61508 (1998 & 2010)

IEC-61511 (2003)

ISO 26262

ISA S84 (1996 & 2004)

IEC 62279

EN 50128

Generic Used By Vendors

Industry Specific-Used by Designers & End users.

Process Industry

Automotive Railways

Calls Safety system as E/E/PES

Calls Safety system as SIS

IEC-61513

Nuclear

IEC 62061

Machinery

ESD/HIPPS/BMS/FGS

SIL Classification

SIL Probability Category

1 1 in 10 to 1 in 100

2 1 in 100 to 1 in 1,000

3 1 in 1,000 to 1 in 10,000

4 1 in 10,000 to 1 in 100,000

1 in 10 means, the function will fail once in a total of 10 process demands

1 in 1000 means, the function will fail once in a total of 1000 process demands


SIL Classification

SILLevel Risk Reduction Factor

SIL 4 >=10-5 to <10-4 >=0.00001 to <0.0001 100000 to 10000

SIL 3 >=10-4 to <10-3 >=0.0001 to <0.001 10000 to 1000

SIL 2 >=10-3 to <10-2 >=0.001 to <0.01 1000 to 100

SIL 1 >=10-2 to <10-1 >=0.01 to <0.1 100 to 10

Probability of failure on demand (Demand Mode of Operation)

Safety Integrity Levels


Concept of Layers of Protection






Multiple Initiators tripping one Final Element

Initiators

Final Element

SIF-1

SIF-2

SIF-3

Logic Solver


One Initiator tripping multiple Final Elements

Logic Solver

Initiator

Final Elements

SIF-1

SIF-2

SIF-3


1 A

B2

SensorsFinal Control

Elements

LogicSolver

SIF 1

C3SIF 2

D4SIF 3

5 E

F6

SIF 4

Overall Safety Instrumented System showing SIFs


Risk Management


Three important steps• Identify Hazards / Hazardous events• Analyze /Assess the Hazards/Hazardous events• Reduce risk where necessary

Assigning the SIL with Hazard Matrix


Assigning the SIL – Risk Reduction






24


25

Assigning the SIL with Risk Graph

Training: Lunch & Learn Session

Risk reduction with LOPA


27

Risk reduction with LOPA

Training: Lunch & Learn Session

Thank You

28

Suggestions / Feedback

29

There could be a next session ……1. Introduction to Functional Safety.2. Hardware Design.3. SIL Verification methods.

Strictly on popular demand

Suggestions / Feedback

Understanding SIL

Documents