PROVIDING SAFETY SOLUTIONS
2721 Hopewell Place NECalgary, Alberta, Canada T1Y 7J7Houston
Singapore1-866-FIREGAS (347-3427)ph. (403) 219-0688
x. (403) 219-0694www.net-saety.com
SAFETY INTEGRITY LEVEL (SIL) - IEC 61508/61511
Saety Integrity Level (SIL) is defned as a relative level o risk-reduction provided by a saety unction, or to speciy a target levelo risk reduction. In (somewhat) simple terms, SIL is a measurement o perormance or probability o ailure on demand (PFD)required or a Saety Instrumented Function (SIF) within a Saety Instrumented System (SIS) based on the ANSI/ISA 84, IEC 61508,and IEC 61511 standards.All organisational and technical risk reduction measures act as a counterweight to the risk potential. The values SIL 1 to SIL 4(SIL = Saety Integrity Level) are derived rom the risk analysis. The greater the risk, the more reliable risk reduction measuresmust be implemented and, consequently, the greater the reliability the components used must exhibit. Typically, as the SILlevel increases, the cost and complexity o the hardware/system also increase. The our SIL levels are defned, with SIL4 beingthe most dependable and SIL1 being the least. A SIL is determined based on a number o quantitative actors in combinationwith qualitative actors such as development process and saety lie cycle management. The requirements or a given SIL are notconsistent among all o the unctional saety standards.
The determination o the saety integrity level (SIL) or each Saety Instrumented Function (SIF) in a Saety Instrumented System(SIS) is dependent on the ollowing actors:The Corporate Standard or the tolerable risk ater applying all the layers o protection. This tolerable risk may1.be a unction o the cost o reducing the residual risk. The IEC 61508-5 Standard – Example o methods or thedetermination o saety integrity levels, discusses the general concept o risk and saety integrity in Annex A and theconcepts o ALARP and tolerable risk in Annex B o the Standard outline.The overall risk rom the unprotected hazards that can occur. The Layers o Protection Analysis (LOPA) provides a2.methodology or determining the overall risk rom data determined in a Hazard and Risk Analysis (HAZOP). The LOPAmethodology is discussed in Answer #C o the Standard outline.The risk reduction provided by all o the non-SIS protection layers. LOPA also provides a methodology or analyzing the3.risk reduction rom various non-SIS protection layers.The residual risk remaining can be computed rom the unprotected risk and the risk reduction provided by the non-SISprotection layers. I the residual risk is greater than the tolerable risk, a SIS is required to provide the fnal required risk reduction.The average probability o ailure on demand o each saety instrumented protection unction, PFDavg, is equal to the necessaryrisk reduction the protection unction must provide. The necessary risk reduction is computed by dividing the tolerable risk by the residual risk remaining beore the application o the saety instrumented unction. The SIL or each saety unction canbe determined rom Table 2 in IEC 61508-1 by use o the required PFDavg. Annex C in IEC 61508-5 discusses this method o determining the required saety integrity level and includes example calculations.Annexes D and E in IEC 61508-5 describe two qualitative methods or determining the SIL. Annex D outlines the risk graphmethod, and Annex E describes a hazardous event severity matrix method.It should be noted that the PFDavg and thecorresponding SIL must be computed or all saety unctions required within the Saety Instrumented System.