Professional Documents
Culture Documents
2
Safety Acronyms
3
Evolving Standards
4
Industry Standards for
Safety Instrumented Systems (SIS)
5
Evolving Standards
6
Evolving Standards
7
Why do we need Functional Safety?
44 %
Specifications
15%
Operations and
maintenance
6%
15%
Installations and
Design and
commissioning
implementations
Out of control
Why control systems go wrong and how to prevent failure?
(2nd edition, source: © Health & Safety Executive HSE – UK)
8
IEC 61508 Lifecycle
1 Concept
2 Overall Scope
Definition
4 Overall Safety
Requirements
5 Safety Requirements
Allocation
Operation 16 Decommissioning
Phase
9
IEC 61511 & ISA 84.01 Lifecycle
Safety Requirements
Specification for the Safety
Instrumented System
3 Subclause 10
Design and
Design and Engineering of Development of Other
Safety Instrumented System Means of
Subclause 11 Risk Reduction
4 Subclause 9
Realisation
Sub -clause
Clause 5 Sub -clause
6.2
10 Decommissioning 7, 12.7
8 Subclause 16 11
10
When do I use IEC 61511 vs. IEC 61508?
Process Sector
Safety
Instrumented
System
Standards
11
Safety Lifecycle
SIL Selection
PSAT
Conceptual Design
Operation, Maintenance
and Testing
SIL Verification
12
Safety
Safety& Instrumented
Layers of Protection
Function
13
Independent Protection Layers
M Plant and/or
I Emergency Emergency response layer
T Response
I
G
A
Dike Passive protection layer
T
I
Relief valve,
O Rupture disk Active protection layer
N
Safety Emergency Shut
Instrumented
System Down action Isolated protection layer
Trip level alarm
P
R Operator Wild process
E Process control layer
Intervention parameter
V High level alarm
E High level
N Basic
T Process Process
Control value Process control layer
I
System
Normal behavior
O Low level
N Plant
Design
14
What is a SIS?
Formal Definition:
15
What makes up a SIS?
Process Process
Input Output
IAS
SIS Program SV
Transmitter Safety
valve
16
How SIS are Different from BPCS?
SIS
PV
101
USC PT
102 102
PT PIC
101 101
UV
102
BPCS
17
Safety PLC vs. standard PLC – what’s the difference?
19
What is a Safety Instrumented Function (SIF)?
Formal Definition:
USC
102
PT
102
101
hazardous event.” (IEC61511 ISA SP 84.01)
PT PIC
101 101
UV
102
20
SIS versus SIF
SIF
SIS
Logic
Solver
Sensors
Final elements
21
What is (SIL) – Safety Integrity Level?
Safety
Integrity Informal Definition:
Level
SIL ..the Safety Integrity Level of a specific Safety
Instrumented Function (SIF) which is being
SIL 4 implemented by a Safety Instrumented System (SIS).
OR
SIL 3
The amount of risk reduction achieved by a specific
Safety Instrumented Function (SIF)
SIL 2
SIL 1
23
SIL expressed as PFD
PFD:
PFDavg = λDU TI / 2 Probability of Failure
on Demand
PFD (t)
λDU:
Dangerous Undetected
Failures
SIL 1
SIL 2 TI:
SIL 3 PFDavg Test Interval (proof)
SIL 4 test interval
time
24
Different levels of SIL
Safety
Probability of Risk Reduction
Integrity Safety
Failure on Demand Factor
Level
25
Different levels of SIL
Safety
Probability of Risk Reduction
Integrity Safety
Failure on Demand Factor
Level
SILDEALT
2 WITH
99% IN ISA
to 99.9% 84.01
0.1% AND
to 1% IEC 61511
1,000 to 100
26
Different levels of SIL
Safety
Probability of Risk Reduction
Integrity Safety
Failure on Demand Factor
Level
27
What is Risk?
Likelihood
high
moderate
Minor consequence x
low likelihood = low
low risk
minor serious extensive
Consequence
28
Effects of accepting too much risk
moderate
Damage and loss of equipment / property
low
Business interruption associated losses
minor serious extensive
Consequence
Legal liability, litigation & “duty of care defense”
Company image
29
Tolerable Risk
Financial
Unacceptable
Risk Region
Tolerable
Risk Region
Consequence 31
Reducing Risk
Active Protection
e.g. PRV
Likelihood
Unacceptable
Risk Region
Tolerable
Risk Region
Consequence 32
Reducing Risk
Unacceptable
Risk Region
Tolerable
Risk Region
Consequence 33
Reducing Risk
Unacceptable
SIS Applied
Risk Region
Tolerable
Risk Region
Consequence 34
Reducing Risk
SIL 1
SIL 2
SIL 3
Unacceptable
SIS Applied
Risk Region
Tolerable
Risk Region
Consequence 35
Summary
IEC 61511 is the applicable safety standard for the process industry
This is a performance based standards and addresses the entire safety
lifecycle
Compliance is considered “best engineering practice” worldwide
Compliance will help reduce risk and help meet obligations
Safety System (SIS) PLC is different from normal PLC & must be
certified by 3rd party (TÜV) to IEC 61508, 61511
A Safety System must always be separate from a DCS
SIS is made up of sensors, logic solver and final elements
DCS and SIS should not normally “share” the same field devices
36
Summary
SIF (Safety Instrumented Function) consists of detection, logic and
automatic action to bring plant to safe state
SIL (Safety Integrity Level) is a measure of risk reduction provided by a
specific SIF
Risk is a product of likelihood and consequence
Implementing a SIS can help you move from inherent risk region to
tolerable risk region
Conceptual design of SIS involves many elements – not just equipment
SIS device testing, voting and plant availability must all be considered in
design
Without a safety CULTURE in the plant no amount of technology can
provide 100% protection
37
Thank You