Professional Documents
Culture Documents
exSILentia Version 2
exida.com LLC
64 North Main Street
Sellersville, PA, 18960
+1 215 453 1720
exsilentia@exida.com
© exida.com L.L.C. August 20, 2009
exSILentia User Guide v25 Page 1 of 167
Introduction
Thank you for purchasing the exida exSILentia Safety Lifecycle engineering tool.
The name exSILentia is derived from the Latin word for excellence. Excellence is exida’s “first name”
(excellence in dependable automation). exSILentia allows you direct access to exida’s years of experience
when performing Safety Lifecycle engineering tasks.
The exSILentia team at exida is confident that you will appreciate this tool, the power of our online Safety
Lifecycle engineering tools directly accessible from your workstation. The exSILentia tool currently integrates
three Safety Lifecycle tools, these are:
SILect for SIL selection
SIF SRS for SIF Safety Requirements Specification
SILver for SIL verification
In addition to these standard Safety Lifecycle tools, the second version of exSILentia is designed to enable
various plug-ins that are optional additions to the standard Safety Lifecycle tools. These plug-ins include the
PHA import plug-in, the System SRS with C&E Matrix plug-in, Proof Test Report Generator, and Lifecycle Cost
Estimator plug-in for example.
In Appendix A of this user guide we have provided a Trouble Shooting and Frequently Asked Questions
section. If you have any problems we urge you to look in this section first. If this user guide doesn’t answer
your questions you can contact the exSILentia team via exsilentia@exida.com. There is also a FAQ section
available on the exSILentia website, visit www.exsilentia.com and click on the FAQ link.
If you have any suggestions for tool improvements we would be happy to hear from you! Please contact the
exSILentia team via exsilentia@exida.com.
Furthermore exida has started an exSILentia home page. We intend to provide tool updates and Safety
Equipment Reliability Handbook Database updates from this website. Visit us at www.exsilentia.com.
Appendix C contains a copy of the Software License Agreement that will also be displayed during installation.
Installation will only be successful when you accept this software license agreement.
1.4 Licensing
exSILentia uses the Sentinel Protection software to enforce its licensing. You need to install the Sentinel
Protection Driver to use the exSILentia USB key. If you do not have Sentinel Protection Driver installed on your
machine a message box as shown in Figure 6 will appear when you insert the USB key into your system. To
download and install the driver click “Yes”.
exSILentia 1.x USB license keys will not work with version 2 of the exSILentia software.
Contact the exSILentia team at exSILentia@exida.com or go to the exSILentia website
www.exSILentia.com for upgrade information.
2.2.1 Projects
As can be seen from the structural overview of the exSILentia tool, through the exSILentia tool a user can
access a specific Project at a time and through that Project access a specific Safety Instrumented Function
with associated SILect, SIF SRS, and SILver records.
Double clicking the exSILentia Icon on your desktop or selecting exSILentia from your programs in your start
menu will launch the exSILentia tool. This will launch the exSILentia Mainframe, see also Figure 9.
Figure 20 shows an example result of the SIF filtering option for the example fired heater project that can be
downloaded from the exSILentia website. In this case the SIFs were filtered on the option where all Target SIL
& RRF are greater than the Achieved SIL and RRF. The results were then sorted on achieved SIL level. Note
the exida logo inside of the Filter icon which indicates that not all available SIFs are shown.
2.3 Audit Trail; Configuring Users, Modifying Tool Status, Session Logs
In order to specify different users for a project select the “Project – User Configuration” menu option. This will
launch the User Overview dialog box as shown in Figure 21. By default two users will be defined an
Administrator and a Guest. The Administrator is the only user who has the ability to create new users and
specify access rights. The Guest has no edit or review rights and can only view information. Selecting Cancel
or OK will at this point not modify or set any user rights.
The 7-by-7 matrix is an extension of the previously available 5-by-5 matrix. Projects with calibrations
defined in the 5-by-5 matrix format are automatically upgraded and will show empty D6, D7, C6, and C7
parameters.
Figure 69 Warning: Change to a Reused IPL Impacts other SIFs / Initiating Events
The Maintenance Capability Index is a parameter that should be specific on project level and can be specified
for field equipment and logic solvers separately. Figure 92 shows the project properties dialog box where the
Maintenance Capability Index can be specified.
Figure 105 Logic Solver Group Properties Dialog Box – My Own Logic Solver Advanced
Figure 120 Two Final Element Group Details for Example – SILver Tab
If we return to the Final Element Part branch of the SILver SIF navigation tree we can determine the
contribution to the overall Final Element Part of both the average Probability of Failure on Demand and the
Mean Time To Fail Spurious of the two Final Element Groups. This is shown in Figure 121.
Figure 121 Final Element Part Details for Example – SILver Tab
7.1.1 References
Additional guidance on PHA principles and the relationship between PHA and SIL Selection is given in the
publications listed underneath.
Safety Integrity Level Selection - Systematic Methods Including Layer of Protection Analysis, ISBN 1-
55617-777-1, by Ed Marszal and Eric Scharpf, 2002, ISA; Particularly section 4.2 (pp 52)
Layer of Protection Analysis: Simplified Process Risk Assessment, 2001, AIChE - Center for Chemical
Process Safety (CCPS); New York, NY, USA; Particularly sections 7.2 (pp 119) and 11.3 (pp 184) for
multiple scenarios.
Guidance on the application of Hazard and Operability studies is given in the following International Standard;
IEC 61882, Hazard and operability studies (HAZOP studies) - Application guide, 2001, International
Electrotechnical Commission, Geneva, Switzerland
WARNING - Altering the hierarchy within the Settings tab of the PHA-Pro file can rectify this, but this
has a serious impact on any established relationships!
This is better explained with reference to the default worksheet format given in Figure 128. This example has 2
Causes, each of which have 2 Consequences which themselves do not have their own Safeguards since these
are related to the Causes and similarly the Recommendations are related to the Causes and not to the
Consequences. If the hierarchy is changed such that the Safeguards are ‘children’ of the Consequences, then
the worksheet will look like shown in Figure 130.
Figure 131 PHA-Pro Modified Safeguard Hierarchy CSV Export File Example
In this modified safeguard hierarchy the number of Safeguards is doubled. These can however be deleted, but
require some work (particularly for larger studies) as well as a close attention to detail to ensure that required
data is not lost. If the hierarchy is further changed so that the Recommendations are also ‘children’ of the
Consequences, then the worksheet will resemble the one shown in Figure 132.
For further assistance with customizing PHA-Pro, please contact the exida PHA specialists via the
information provided in section 7.1.2.
For further assistance with customizing PHA-Pro, please contact the exida PHA specialists via the
information provided in section 7.1.2.
For further assistance with customizing PHA-Pro, please contact the exida PHA specialists via the
information provided in section 7.1.2.
Node
└ Deviation
└ Cause
└ Consequence
└ Safeguard
└ Recommendation
For further assistance with customizing PHAWorks, please contact the exida PHA specialists via the
information provided in section 7.1.2.
For further assistance with customizing PHAWorks, please contact the exida PHA specialists via the
information provided in section 7.1.2.
For further assistance with customizing PHAWorks, please contact the exida PHA specialists via the
information provided in section 7.1.2.
For further assistance and technical support on creating CSV files, please contact the exida PHA
specialists via the information provided in section 7.1.2.
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
The following list explains the function of each of the PHA import data settings of the PHA Import Plug-in
Interface. The dropdown boxes shown in Figure 150 are populated based on the header information included
in the file selected as part of the PHA import file settings.
[1] SIF Name
From the dropdown box select which header in the PHA import file corresponds to the SIF Name
variable in exSILentia.
[2] Equipment
From the dropdown box select which header in the PHA import file indicates the equipment being
protected.
[3] Deviation
From the dropdown box select which header in the PHA import file indicates the deviation being
considered.
[4] Unit Name
From the dropdown box select which header in the PHA import file corresponds to the Unit Name
variable in exSILentia.
[5] Cause
From the dropdown box select which header in the PHA import file indicates the cause being
considered.
[6] Consequence
From the dropdown box select which header in the PHA import file indicates the consequence being
considered.
[7] Safeguards
From the dropdown box select which header in the PHA import file represents the identified safeguards.
[8] Recommendations
From the dropdown box select which header in the PHA import file represents the identified
recommendations.
7.5.2.1 PHA-Pro
The import from PHA-Pro files is implemented as described in this subsection.
Inferred SIF
Safety Instrumented Functions are inferred according to the following rules;
Safeguard includes any of the keyword text, or;
Recommendation includes any of the keyword text, or;
Identified SIF
Rules for identified Safety Instrumented Functions will be implemented in a subsequent version of the
exSILentia PHA Import Plug-in.
SIF Data
7.5.2.2 PHAWorks
The import from PHAWorks files is implemented as described in this subsection.
Inferred SIF
Safety Instrumented Functions are inferred according to the following rules;
Safeguard includes any of the keyword text, or;
Recommendation includes any of the keyword text, or;
Identified SIF
Rules for identified Safety Instrumented Functions will be implemented in a subsequent version of the
exSILentia PHA Import Plug-in.
Figure 161 exSILentia Report Wizard with Proof Test Report Plug-in
A sample of the Proof Test Report that is generated is shown in Figure 162.
Figure 163 Lifecycle Cost Estimator Plug-in Parameter Definition Launch Button
Figure 164 shows the Lifecycle Cost Estimator Options dialog box. Here you can specify a variety of hourly
rates, like engineering rates, drafting rates, installation labor rates, etc. You can also define the cost of loss
production per hour. Finally you can specify the inflation / discount rate, the time period over which you want to
annualize the cost and your monetary identifier like $, £, €, ¥, etc.
Figure 169 exSILentia Report Wizard with Lifecycle Cost Estimator Plug-in
For download of or information on any of the third party interfaces listed visit the download section of the
exSILentia website (www.exsilentia.com/exsil-downloads.asp).
12.1 Disclaimer
The user of the exSILentia software is responsible for verification of all results obtained and their applicability
to any particular situation. Calculations are performed per guidelines in applicable international standards.
exida.com L.L.C. accepts no responsibility for the correctness of the regulations or standards on which the tool
is based. In particular, exida.com L.L.C. accepts no liability for decisions based on the results of this software.
The exida.com L.L.C. guarantee is restricted to the correction of errors or deficiencies within a reasonable
period when such errors or deficiencies are brought to exida’s attention in writing. exida.com L.L.C. accepts no
responsibility for adjustments to the automatically generated reports made by the user.
14.1 Releases
Version: V25
Revision: R1
Version History: V25, R1: Release exSILentia 2.5, August 20, 2009
V23, R1: Release exSILentia 2.3, January 8, 2009
V21, R1: Release exSILentia 2.1, July 10, 2008
V20, R1: First Release exSILentia 2.0, December 17, 2007
A.3 exSILentia
This section will provide quick answers to questions we have received that relate to either functionality of
exSILentia or questions that cannot be directly attributed to any of the Safety Lifecycle tools.
Q: exSILentia doesn’t fit on my screen
A: exSILentia was developed for a minimum screen resolution of 1024 by 768, see also section 1.2, Minimal
System Requirements. Consider increasing your screen resolution.
A.4 SILect
There are currently no entries.
A.6 SILver
This section will provide quick answers to more common questions we have received on the SILver tool.
Q: The calculated results are set to zero, why and what should I do?
A: See section 5.9 on Resetting of Calculation Results.
Q: I get a “Consider increasing the Mission Time” message
A: This message will appear when any of the proof test intervals specified is larger than the mission time. The
message will also indicate the part of the safety instrumented function where this is the case. SILver will only
perform its reliability calculations for the mission time specified. It can handle mission time periods of up to 30
yrs. If you want the effects of the proof test to be considered in the calculations the mission time needs to be
equal to or larger than the largest proof test interval. It is suggested that the mission time is set equal to the
major turnaround time.
IMPORTANT – READ CAREFULLY: This Software License Agreement is the legal agreement (“agreement”)
between you, the customer who has acquired the software (“You”) and exida.com LLC (“exida”). Please read
this agreement carefully before completing the installation process and using the exida exSILentia tool
(together with its accompanying documentation, the “Software”). This agreement provides a license to use the
Software and contains warranty information and liability disclaimers.
BY INSTALLING, COPYING OR OTHERWISE USING THE SOFTWARE, YOU ARE CONFIRMING YOUR
ACCEPTANCE OF THE SOFTWARE AND AGREEING TO BECOME BOUND BY THE TERMS OF THIS
AGREEMENT. IF YOU DO NOT AGREE, DO NOT INSTALL OR USE THE PRODUCT.
IF YOU DID NOT ACQUIRE THE SOFTWARE FROM exida, THEN YOU MAY NOT ENTER INTO THIS
AGREEMENT OR USE THE SOFTWARE. NO OTHER PARTY HAS THE RIGHT TO TRANSFER A COPY
OF THE SOFTWARE TO YOU.
The Software is owned by exida and is protected by copyright laws and international copyright treaties, as well
as other intellectual property laws and treaties. THE SOFTWARE IS LICENSED, NOT SOLD.
If you have any questions or concerns about this agreement, please contact exida at exsilentia@exida.com.
1. DEFINITIONS.
a. “exida” means exida.com LLC
b. “You”, “Your” means you and your company
c. "Software" means the product provided to You, which includes the exSILentia tool and may include
associated media, printed materials, and "online" or electronic documentation.
2. OWNERSHIP. The Software is owned and copyrighted by exida. Your license confers no title or ownership
in the Software and is not a sale of any rights in the Software.
3. GRANT OF LICENSE. exida grants You the following rights provided You comply with all terms and
conditions of this agreement. For each license You have acquired for the Software:
a. You are granted a non-exclusive right to use and install ONE copy of the software
b. You are granted a non-exclusive right to apply quarterly updates to the Safety Equipment Reliability
Handbook database for the duration of 1 year
c. The license key restricts use to ONE PC only
d. You may make one copy of the installation program for backup or archival purposes
4. RESTRICTED USE.
a. You agree to use reasonable efforts to prevent unauthorized copying of the Software
b. You may not disable any licensing or control features of the Software or allow the Software to be
used with such features disabled
5. DISCLAIMER OF WARRANTY. The Software is provided on an "AS IS" basis, without warranty of any
kind, including, without limitation, the warranties of merchantability, fitness for a particular purpose, non-
infringement title, and results. The entire risk as to the quality and performance of the Software is borne by
You. Should the Software prove defective, You, not exida, assume the entire cost of any service and
repair. If the Software is intended to link to, extract content from or otherwise integrate with a third party
service, exida makes no representation or warranty that Your particular use of the Software is or will
continue to be authorized by law in Your jurisdiction or that the third party service will continue to be
available to You. This disclaimer of warranty constitutes an essential part of the agreement.
7. TERMINATION. exida may terminate Your license if You do not abide by the license terms. Upon
termination of license, You shall immediately discontinue the use of the Software and shall within ten (10)
days return to exida all copies of the Software or confirm that You have destroyed all copies of it. Your
obligations to pay accrued charges and fees, if any, shall survive any termination of this
Agreement. You agree to indemnify exida for reasonable attorney fees in enforcing its rights pursuant to
this license. Sections 2, 4, 5, 6, 7 and 13 will survive expiration or termination of this Agreement for any
reason.
8. exSILentia USE. You are required to perform any verification activities when using the software as
described in its user guide.
10. UPGRADES. If this copy of the software is an upgrade from an earlier version of the software, it is provided
to You on a license exchange basis. Your use of the Software upgrade is subject to the terms of this
license, and You agree by Your installation and use of this copy of the Software to voluntarily terminate
Your earlier license and that You will not continue to use the earlier version of the Software or transfer it to
another person or entity.
11. ADDITIONAL SOFTWARE. This license applies to updates, upgrades, plug-ins and any other additions to
the original Software provided by exida, unless exida provides other terms along with the additional
software.
12. THIRD PARTY SERVICES. This Software may make use of, or have the ability to make use of, link to, or
integrate with 3rd party content or services. The availability of the content or services is at the sole
discretion of the 3rd party service providers and may be subject to usage agreements and other
restrictions. You agree to indemnify and save harmless exida from all claims, damages, and expenses of
whatever nature that may be made against exida by 3rd party content and service providers as a result of
Your use of the Software.
13. GENERAL.
13.1. SERVICES. There are no services provided under this Agreement. Support, maintenance and other
services, if available, must be purchased separately from exida
13.2. APPLICABLE LAW. This license shall be interpreted in accordance with the laws of Pennsylvania,
USA without giving effect to any choice of law principles that would require the application of the laws of a
different state or country. Any disputes arising out of this license shall be adjudicated in a court of
competent jurisdiction in Pennsylvania, USA. The United Nations Convention on Contracts for the
International Sale of Goods and the Uniform Computer Information Transactions Act (USA) do not apply to
this Agreement.
13.3. GOVERNING LANGUAGE. Any translation of this License is done for local requirements and in the
event of a dispute between the English and any non-English versions, the English version of this License
shall govern.
13.4. COMPLIANCE WITH LAWS. You will comply with all applicable export and import control laws and
regulations in your use or re-exportation of the Software and, in particular, you will not export or re-export
the Software without all required government licenses. You will defend, indemnify, and hold harmless exida
and its suppliers from and against any violation of such laws or regulations by you.
13.6. ASSIGNMENTS. You may not assign or transfer, by operation of law or otherwise, your rights under
this Agreement (including your licenses with respect to the Software) to any third party without exida’s prior
written consent. Any attempted assignment or transfer in violation of the foregoing will be void. exida may
freely assign its rights or delegate its obligations under this Agreement.
13.7. SEVERABILITY. If any provision of this Agreement is held unenforceable by a court, such provision
may be changed and interpreted by the court to accomplish the objectives of such provision to the greatest
extent possible under applicable law and the remaining provisions will continue in full force and effect.
Without limiting the generality of the foregoing, you agree that Section 6 will remain in effect
notwithstanding the unenforceability of any other provision of this Agreement.
14. ENTIRE AGREEMENT. This license constitutes the entire agreement between the parties relating to the
Software and supersedes any proposal or prior agreement, oral or written, and any other communication
relating to the subject matter of this license. Any conflict between the terms of this License Agreement and
any Purchase Order, invoice, or representation shall be resolved in favor of the terms of this License
Agreement. In the event that any clause or portion of any such clause is declared invalid for any reason,
such finding shall not affect the enforceability of the remaining portions of this License and the
unenforceable clause shall be severed from this license. Any amendment to this agreement must be in
writing and signed by both parties.