Training Session - Lunch and Learn
Understanding Safety Integrity Level (SIL)
Dinesh Vijay Bhurke
13th March 2014
Content







Why Safety ?
Basic Concepts, Definitions, Acronyms
SIL concept
Standards – IEC, ISA
Layer of Protection concept
Risk Management
SIL Assignment /Assessment (Risk Reduction)
 Hazard Matrix method
 Risk Graph method
 LOPA method
Training: Lunch & Learn Session
2
Why Safety ?

Chernobyl, Nuclear Power Plant,
April 1986

Piper Alpha Platform, July 1986
 Bhopal Gas Leak disaster

WORLD’s WORST
INDUSTRIAL DISTASTERS
Training: Lunch & Learn Session
3
Why Safety ?
WORLD’s WORST INDUSTRIAL DISTASTERS
Source: Emerson’s PlantWeb University, SIS 103 - Safety Standards.
Training: Lunch & Learn Session
4
Introduction
What is Safety ?
Freedom from unacceptable risk.
Fatality Rates
Per Year
Occupation
Chemical Industry
Mining(Coal)
Involuntary
Lightining
Fire
Run over
5 in 1,00,000
2 in 10,000
1 in 100,00,000
2 in 1,00,000
6 in 1,00,000
1.2 in 10,00,000
Travel
Air(Scheduled)
Train
Car
Motor Cycle
2
3
2
2
in
in
in
in
10,00,000
10,00,000
10,000
100
What is Risk?
Frequency of occurrence of harm X Severity of that harm.
FREQUENCY

Per Year
Staying at home
Electrocution
Risk without any Protection
Reduction
Tolerable Risk
CONSEQUENCES
Why Safety?
Pres..bozza..
5
ott. ’14
Safety Vs. Availability
People Outside
Plant
People Inside
Plant
Environment
Assets
Corporate
Image
Off-Spec
Production
6
Acronyms
•
•
•
•
•
•
•
•
•
SIL:
SIF:
SIS:
SFF:
SRS:
STR:
RRF:
PFD:
PFDavg, SIF:
Safety Integrity Level
Safety Instrumented Function
Safety Instrumented System (ESD)
Safe Failure Fraction = (ƛs+ ƛdd)/ (ƛs+ ƛdd+ ƛdu)
Safety Requirements Specification
Spurious Trip Rate
Risk Reduction Factor
Probability of Failure on Demand
Probability that the SIF fails to respond to a Process Demand
(PFDavg, SIF = PFDsensor + PFDlogic solver + PFDFE + PFDpower supply)
•
•
•
•
•
•
•
•
•
MTTF:
MTTR:
MTBF:
ALARP:
IPL:
FMEA:
FTA:
LOPA:
HAZOP:
Mean Time To Failure (e.g. 76 yrs)
Mean Time To Repair (e.g. 1 month)
Mean Time Between Failure (= MTTF + MTTR)
As Low As Reasonably Practicable
Independent Protection Layer
Failure Mode and Effect Analysis
Fault Tree Analysis
Layer of Protection Analysis
Hazard and Operability Analysis
Training: Lunch & Learn Session
7
Understanding Safety Integrity Level
(SIL)
• What does SIL mean?
– Safety Integrity Level
– A measure of probability to fail on demand(PFD) of the SIS.
– It is statistical representation of the integrity of the SIS when a
process demand occurs.
– A demand occurs whenever the process reaches the trip
condition and causes the SIS to take action.
– There are 4 SIL levels. SIL Levels are measures of how we
achieve function safety.
– Applies to the complete safety function/loop
– Higher SIL means
Stricter requirements.
Safety Function fails less and thus plant protection is available more.
Training: Lunch & Learn Session
8
Understanding Safety Integrity Level
(SIL)
• SIL is how we measure the performance of safety functions
carried out by safety instrumented systems
• SIL must be viewed from 3 perspectives
– Process Owners
Which Safety function do I need and how much do I need?
– Engg. Companies, System Integrators, Product Developers
How do I Build SIL compliant safety devices, function or systems?
– Plant Operators
How do I operate, maintain and repair safety functions and systems to
maintain identified SIL levels?
Training: Lunch & Learn Session
9
SIL STANDARDS
IEC-61508
(1998 & 2010)
Generic  Used By Vendors
Calls Safety system as
E/E/PES
ESD/HIPPS/BMS/FGS
IEC-61511
(2003)
Industry Specific-Used by
Designers & End users.
ISA S84
(1996 & 2004)
Calls Safety system as
SIS
Process Industry
ISO 26262
IEC-61513
IEC 62061
IEC 62279
EN 50128
Automotive
Nuclear
Machinery
Railways
Training: Lunch & Learn Session
10
SIL Classification
SIL
Probability Category
1
1 in 10 to 1 in 100
2
1 in 100 to 1 in 1,000
3
1 in 1,000 to 1 in 10,000
4
1 in 10,000 to 1 in 100,000
1 in 10 means, the function will fail once in a total of 10 process demands
1 in 1000 means, the function will fail once in a total of 1000 process demands
Training: Lunch & Learn Session
11
SIL Classification
Safety Integrity Levels
SIL
Level
Probability of failure on demand
(Demand Mode of Operation)
Risk Reduction Factor
SIL 4
>=10-5 to <10-4
>=0.00001 to <0.0001
100000 to 10000
SIL 3
>=10-4 to <10-3
>=0.0001 to <0.001
10000 to 1000
SIL 2
>=10-3 to <10-2
>=0.001 to <0.01
1000 to 100
SIL 1
>=10-2 to <10-1
>=0.01 to <0.1
100 to 10
Training: Lunch & Learn Session
12
Concept of Layers of Protection
Training: Lunch & Learn Session
13
Concept of Layers of Protection
Training: Lunch & Learn Session
14
Concept of Layers of Protection
Training: Lunch & Learn Session
15
Multiple Initiators tripping one
Final Element
Initiators
SIF-1
Final
Element
SIF-2
Logic Solver
SIF-3
Training: Lunch & Learn Session
16
One Initiator tripping multiple
Final Elements
Final
Elements
SIF-1
Initiator
SIF-2
Logic Solver
SIF-3
Training: Lunch & Learn Session
17
Overall Safety Instrumented
System showing SIFs
Final Control
Elements
Sensors
SIF 1
1
A
2
B
C
SIF 2
3
SIF 3
4
D
5
E
SIF 4
6
Training: Lunch & Learn Session
Logic
Solver
F
18
Risk Management
Three important steps
• Identify Hazards / Hazardous events
• Analyze /Assess the Hazards/Hazardous events
• Reduce risk where necessary
Training: Lunch & Learn Session
19
Assigning the SIL with Hazard Matrix
Training: Lunch & Learn Session
20
Assigning the SIL – Risk Reduction
Training: Lunch & Learn Session
21
Assigning the SIL – Risk Reduction
Training: Lunch & Learn Session
22
Assigning the SIL – Risk Reduction
Training: Lunch & Learn Session
23
Assigning the SIL – Risk Reduction
24
Assigning the SIL with Risk Graph
Training: Lunch & Learn Session
25
Risk reduction with LOPA
Training: Lunch & Learn Session
26
Risk reduction with LOPA
Training: Lunch & Learn Session
27
Suggestions / Feedback
Thank You
28
Suggestions / Feedback
There could be a next session ……
1. Introduction to Functional Safety.
2. Hardware Design.
3. SIL Verification methods.
Strictly on popular demand
29