Safety Integrity Level

Download as pdf or txt
Download as pdf or txt
You are on page 1of 5

24/10/2014 Safety Integrity Level - Wikipedia, the free encyclopedia

http://en.wikipedia.org/wiki/Safety_Integrity_Level 1/5
Safety Integrity Level
From Wikipedia, the free encyclopedia
Safety Integrity Level (SIL) is defined as a relative level of risk-reduction provided by a safety
function, or to specify a target level of risk reduction. In simple terms, SIL is a measurement of
performance required for a Safety Instrumented Function (SIF).
The requirements for a given SIL are not consistent among all of the functional safety standards. In the
European Functional Safety standards based on the IEC 61508 standard four SILs are defined, with SIL
4 being the most dependable and SIL 1 being the least. A SIL is determined based on a number of
quantitative factors in combination with qualitative factors such as development process and safety life
cycle management.
Contents
1 SIL Assignment
2 Problems with the use of SIL
3 Advantages for Managers
4 Certification to a Safety Integrity Level
5 SIL in Safety Standards
6 See also
7 References
8 Textbooks
9 External links
SIL Assignment
Assignment of SIL is an exercise in risk analysis where the risk associated with a specific hazard, that is
intended to be protected against by a SIF, is calculated without the beneficial risk reduction effect of the
SIF. That "unmitigated" risk is then compared against a tolerable risk target. The difference between the
"unmitigated" risk and the tolerable risk, if the "unmitigated" risk is higher than tolerable, must be
addressed through risk reduction of the SIF. This amount of required risk reduction is correlated with the
SIL target. In essence, each order of magnitude of risk reduction that is required correlates with an
increase in one of the required SIL numbers.
There are several methods used to assign a SIL. These are normally used in combination, and may
include:
Risk Matrices
Risk Graphs
Layers Of Protection Analysis (LOPA)
Of the methods presented above, LOPA is by far the most commonly used by large industrial facilities.
24/10/2014 Safety Integrity Level - Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Safety_Integrity_Level 2/5
The assignment may be tested using both pragmatic and controllability approaches, applying guidance
on SIL assignment published by the UK HSE.
[1]
SIL assignment processes that use the HSE guidance to
ratify assignments developed from Risk Matrices have been certified to meet IEC EN 61508
Problems with the use of SIL
There are several problems inherent in the use of Safety Integrity Levels. These can be summarized as
follows:
Poor harmonization of definition across the different standards bodies which utilize SIL
Process-oriented metrics for derivation of SIL
Estimation of SIL based on reliability estimates
System complexity, particularly in software systems, making SIL estimation difficult to
impossible
These lead to such erroneous statements as, "This system is a SIL N system because the process adopted
during its development was the standard process for the development of a SIL N system", or use of the
SIL concept out of context such as, "This is a SIL 3 heat exchanger" or "This software is SIL 2".
According to IEC 61508, the SIL concept must be related to the dangerous failure rate of a system, not
just its failure rate or the failure rate of a component part, such as the software. Definition of the
dangerous failure modes by safety analysis is intrinsic to the proper determination of the failure rate.
[2]
SIL is for electrical controls only and does not relate directly to the caT architecture in EN 62061. It
appears to be a precursor to PL ratings that are now the new requirements which encompass hydraulic
and pneumatic valves.
It is sometimes assumed that the 'S' in SIL refers to software but the failure rate of the software
component of a system is merely a contribution to the overall SIL level of the system as a whole.
Advantages for Managers
Because SIL has a simple number scheme to represent its levels (1-4), a high-level understanding of
each level is typically all that is necessary to convey SIL at management levels. This saves management
from having to understand the technical aspects of SIL, while allowing them to discuss their concerns.
Certification to a Safety Integrity Level
The International Electrotechnical Commission's (IEC) standard IEC 61508, now IEC EN 61508,
defines SIL using requirements grouped into two broad categories: hardware safety integrity and
systematic safety integrity. A device or system must meet the requirements for both categories to
achieve a given SIL.
The SIL requirements for hardware safety integrity are based on a probabilistic analysis of the device.In
order to achieve a given SIL, the device must meet targets for the maximum probability of dangerous
failure and a minimum Safe Failure Fraction. The concept of 'dangerous failure' must be rigorously
defined for the system in question, normally in the form of requirement constraints whose integrity is
verified throughout system development. The actual targets required vary depending on the likelihood of
a demand, the complexity of the device(s), and types of redundancy used.
24/10/2014 Safety Integrity Level - Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Safety_Integrity_Level 3/5
PFD (Probability of Failure on Demand) and RRF (Risk Reduction Factor) of low demand operation for
different SILs as defined in IEC EN 61508 are as follows:
SIL PFD PFD (power) RRF
1 0.1-0.01
10
1
- 10
2
10-100
2 0.01-0.001
10
2
- 10
3
100-1000
3 0.001-0.0001
10
3
- 10
4
1000-10,000
4 0.0001-0.00001
10
4
- 10
5
10,000-100,000
For continuous operation, these change to the following. (Probability of failure per hour)
SIL PFH PFH (power) RRF
1 0.00001-0.000001
10
5
- 10
6
100,000-1,000,000
2 0.000001-0.0000001
10
6
- 10
7
1,000,000-10,000,000
3 0.0000001-0.00000001
10
7
- 10
8
10,000,000-100,000,000
4 0.00000001-0.000000001
10
8
- 10
9
100,000,000-1,000,000,000
Hazards of a control system must be identified then analysed through risk analysis. Mitigation of these
risks continues until their overall contribution to the hazard are considered acceptable. The tolerable
level of these risks is specified as a safety requirement in the form of a target 'probability of a dangerous
failure' in a given period of time, stated as a discrete SIL.
Certification schemes are used to establish whether a device meets a particular SIL.
[3]
The requirements
of these schemes can be met either by establishing a rigorous development process, or by establishing
that the device has sufficient operating history to argue that it has been proven in use.
Electric and electronic devices can be certified for use in Functional Safety applications according to
IEC 61508, providing application developers the evidence required to demonstrate that the application
including the device is also compliant. IEC 61511 is an application-specific adaptation of IEC 61508 for
the Process Industry sector. This standard is used in the petrochemical and hazardous chemical
industries, among others.
SIL in Safety Standards
The following standards use SIL as a measure of reliability and/or risk reduction.
ANSI/ISA S84 (Functional safety of safety instrumented systems for the process industry sector)
IEC EN 61508 (Functional safety of electrical/electronic/programmable electronic safety related
systems)
IEC 61511 (Safety instrumented systems for the process industry sector)
IEC 61513 (Nuclear Industry)
IEC 62061 (Safety of machinery)
EN 50128 (Railway applications - Software for railway control and protection)
EN 50129 (Railway applications - Safety related electronic systems for signalling
24/10/2014 Safety Integrity Level - Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Safety_Integrity_Level 4/5
EN 50402 (Fixed gas detection systems)
ISO 26262 (Automotive industry)
MISRA, various (Guidelines for safety analysis, modelling, and programming in automotive
applications)
Defence Standard 00-56 Issue 2 - accident consequence
The use of a SIL in specific safety standards may apply different number sequences or definitions to
those in IEC EN 61508.
[4]
See also
ALARP
Spurious trip level
HIPPS (High Integrity Pressure Protection System)
There is a whole family of C-level standards based more or less on IEC 61508 that also uses SIL, e.g.,
62061, 26262.
References
[5]

[6]
1. ^ M. Charlwood, S Turner and N. Worsell, UK Health and Safety Executive Research Report 216, "A
methodology for the assignment of safety integrity levels (SILs) to safety-related control functions
implemented by safety-related electrical, electronic and programmable electronic control systems of
machines", 2004. ISBN 0-7176-2832-9
2. ^ F. Redmill, "Understanding the Use, Misuse, and Abuse of SILs"
http://www.csr.ncl.ac.uk/FELIX_Web/3A.SILs.pdf with capture date of 11 October 2010
3. ^ CASS Scheme, Conformity Assessment of Safety Systems, http://www.cass.uk.net/
4. ^ F. Redmill, "Understanding the Use, Misuse, and Abuse of SILs"
http://www.csr.ncl.ac.uk/FELIX_Web/3A.SILs.pdf with capture dates of 9 July 2010 and 11 October 2010
5. ^ Marszal, Edward, "Safety Integrity Level Selection - Systematic Methods Including Layer of Protection
Analysis", The Instrumentation, Systems, and Automation Society, Research Triangle Park, NC, USA, 2002.
6. ^ Mitchell, KJ, Longendelpher, TM, Kuhn, MC, "Safety Instrumented Systems Engineering Handbook",
Kenexis, Columbus, OH, USA, 2010.
Textbooks
D. Smith, K. Simpson, "Safety Critical Systems Handbook - A Straightforward Guide to Functional
Safety, IEC 61508 (2010 Edition) and Related Standards" (3rd Edition, ISBN 978-0-08-096781-3, 270
Pages).
M. Punch, "Functional Safety for the Mining Industry An Integrated Approach Using AS(IEC)61508,
AS(IEC)62061 and AS4024.1." (1st Edition, ISBN 978-0-9807660-0-4, in A4 paperback, 150 pages).
www.marcuspunch.com (http://www.marcuspunch.com)
24/10/2014 Safety Integrity Level - Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Safety_Integrity_Level 5/5
M.J.M. Houtermans, "SIL and Functional Safety in a Nutshell (Risknowlogy Best Practices Series, 1st
Edition, eBook in PDF, ePub, and iBook format, 40 pages). * SIL and Functional Safery in a Nutshell
(http://risknowlogy.com/product/sil-functional-safety-nutshell/)
External links
61508.org (http://www.61508.org) The 61508 Association
IEC Safety Zone (http://www.iec.ch/functionalsafety) The IEC Functional safety zone
Functional Safety, A Basic Guide
(http://www.ida.liu.se/~snt/teaching/SCRTS/IEC61508_Guide.pdf) Functional Safety and IEC
61508: A basic guide
SIL Made Simple (http://docs.google.com/viewer?
a=v&pid=explorer&chrome=true&srcid=0B5PSPJfG9S5kMzhhZDM4YjMtYjhhMC00NDZhLTg
zZTAtNDkzYTk3MGJmNDhh&hl=en_US&authkey=CJqWsYEJ) - White Paper presented at
Valve World 2010
Safety Integrity Level Manual (http://files.pepperl-
fuchs.com/selector_files/navi/productInfo/doct/tdoct0713a_eng.pdf) Pepperl+Fuchs SIL Manual
Retrieved from "http://en.wikipedia.org/w/index.php?title=Safety_Integrity_Level&oldid=628082838"
Categories: Safety Risk
This page was last modified on 3 October 2014 at 14:05.
Text is available under the Creative Commons Attribution-ShareAlike License; additional terms
may apply. By using this site, you agree to the Terms of Use and Privacy Policy. Wikipedia is a
registered trademark of the Wikimedia Foundation, Inc., a non-profit organization.

You might also like