SIL Study Exercises

1. What range of probability of failure on demand (PFD) is associated with SIL 2? What
range of risk reduction factors is associated with SIL 1? How are risk reduction
factors and probability of failure on demand related?
A. Range of probability of failure on demand (PFD) associated with SIL 2 is 10-2 to 103.
B. Range of risk reduction factors associated with SIL 1 is 10 to 100
Refer below table for other SIL levels
Safety Integrity Levels and Corresponding PFD
SIL
4
3
2
1

and RRF
PFD Range
10-4 to 10-5
10-3 to 10-4
10-2 to 10-3
10-1 to 10-2

RRF Range
10000 to 100000
1000 to 10000
100 to 1000
10 to 100

Risk Reduction Factor is amount of risk that particular instruments must reduce for
selected SIL level.
While PFD is Frequency of failure of SIL level instruments on Demand or that a time
when Instruments are required to do certain task.
2. Name one of the standards that describes the safety life cycle for safety instrumented
systems.
A. The concept of a safety life cycle has been described in several important national
and international standards, such as the ANSI/ ISA-84.01-1996, the IEC 61508, and
IEC 61511. This concept develops a global context for specifying, designing,
implementing, an maintaining safety instrumented systems so as to achieve overall
functional safety. SIL selection and the analysis techniques that support this process
are a key part of this safety life cycle process.
3. Explain the difference between a safety instrumented function and a safety
instrumented system.
A. Safety instrumented function (SIF) is an action a safety instrumented system takes
to bring the process or the equipment under control to a safe state. This function is a
single set of actions that protects against a single specific hazard.

Safety instrumented system (SIS), on the other hand, is a collection of sensors,

logic solvers, and actuators that executes one or more safety instrumented functions
that are implemented for a common purpose.

4. What are the two components of risk?

B. Risk is product of Likelihood and Consequence
5. Describe three of the psychological traps that make qualitative estimates of risk
inaccurate.
Below are common psychological traps that make qualitative estimates of risk
inaccurate.
Common Psychological Traps of Qualitative
Relying too much on first thoughts
Focusing on the current design
Protecting earlier choices
Focusing on dramatic events
Neglecting relevant information
Slanting probabilities and estimates

Analysis
The anchoring trap
The status quo trap
The sunk-cost trap
The recall ability trap
The base rate trap
The prudence trap

Researchers have repeatedly shown that humans are actually quite horrible judges
of the frequency of events that occur at long intervals. Despite this, human experts
are expected to evaluate the difference between two events whose frequency is less
than once in one thousand years (or ten lifetimes)! Its no wonder their results are
often poor.
Luckily, the recall ability trap and prudence trap conspire to create risk estimates that
are too conservative rather than too aggressive. Although conservative estimates
may mean the part of a plant in question is judged to be slightly safer than it really is,
the resulting overdesigned systems require much more capital to install and maintain
than is necessary. Studies have shown that more than 50 percent of a typical
refinerys safety functions are over engineered. The extra capital spent for marginal
improvement in a few arbitrary areas could always be spent more wisely elsewhere
in the plant to improve safety more equitably over a broader range of situations. It is
thus safer and more efficient to look at the entire plant consistently and objectively to
ensure that all systems meet the same requirements based on the best information
available. In one specific case where an organization took these benefits in financial
terms, lowering unbalanced integrity requirements for a single refining plant to more

realistic, more consistent levels lowered operating expenditures by more than

$100,000 per year.

6. Which part of the risk equation (i.e., consequence or likelihood) is layer of protection
analysis used to estimate?
Using LOPA to estimate likelihood complements almost every SIL selection protocol
currently in use, from Hazard Matrix all the way to Quantitative Risk Analysis. LOPA
is accomplished by performing the following steps:
i.
Define the unwanted impact.
ii.
Determine and list all of the initiating events that can cause the unwanted
iii.

impact.
Determine and list all the layers of protection that are available for preventing
an initiating event from propagating into the unwanted impact (the protection

iv.

layers for each initiating event may be different).

Quantify the frequency of the initiating event(s), based on historical data and

v.

engineering judgment.
Quantify the effectiveness of the layers of protection in terms of probability of

vi.

failure on demand (PFD), based on historical data and engineering judgment.

Calculate the resulting frequency of the unwanted impact.