# Training Session - Lunch and Learn

## Understanding Safety Integrity Level (SIL)

Dinesh Vijay Bhurke
Why Safety ?
Basic Concepts, Definitions, Acronyms
SIL concept
Standards IEC, ISA
Layer of Protection concept
Risk Management
SIL Assignment /Assessment (Risk Reduction)
Hazard Matrix method
Risk Graph method
LOPA method

Content
Why Safety ?
Chernobyl, Nuclear Power Plant,
April 1986
Piper Alpha Platform, July 1986
Bhopal Gas Leak disaster
WORLDs WORST
INDUSTRIAL DISTASTERS
Why Safety ?
WORLDs WORST INDUSTRIAL DISTASTERS
Source: Emersons PlantWeb University, SIS 103 - Safety Standards.
ott. 14
Introduction
Freedom from unacceptable risk.

Per Year Per Year
Occupation Staying at home
Chemical Industry 5 in 1,00,000 Electrocution 1.2 in 10,00,000
Mining(Coal) 2 in 10,000
Travel
Involuntary Air(Scheduled) 2 in 10,00,000
Lightining 1 in 100,00,000 Train 3 in 10,00,000
Fire 2 in 1,00,000 Car 2 in 10,000
Run over 6 in 1,00,000 Motor Cycle 2 in 100
Fatality Rates
What is Risk?
Frequency of occurrence of harm X Severity of that harm.
Risk without any Protection
Tolerable Risk
CONSEQUENCES
F
R
E
Q
U
E
N
C
Y
Reduction
Why Safety?
What is Safety ?

People Outside
Plant
People Inside
Plant
Environment
Assets
Corporate
Image
Off-Spec
Production
Safety Vs. Availability
SIL: Safety Integrity Level
SIF: Safety Instrumented Function
SIS: Safety Instrumented System (ESD)
SFF: Safe Failure Fraction = (s+ dd)/ (s+ dd+ du)
SRS: Safety Requirements Specification
STR: Spurious Trip Rate
RRF: Risk Reduction Factor
PFD: Probability of Failure on Demand
PFD
avg, SIF
: Probability that the SIF fails to respond to a Process Demand
(PFD
avg, SIF
= PFD
sensor
+ PFD
logic solver
+ PFD
FE
+ PFD
power supply
)

MTTF: Mean Time To Failure (e.g. 76 yrs)
MTTR: Mean Time To Repair (e.g. 1 month)
MTBF: Mean Time Between Failure (= MTTF + MTTR)
ALARP: As Low As Reasonably Practicable
IPL: Independent Protection Layer
FMEA: Failure Mode and Effect Analysis
FTA: Fault Tree Analysis
LOPA: Layer of Protection Analysis
HAZOP: Hazard and Operability Analysis

Acronyms
Understanding Safety Integrity Level
(SIL)
What does SIL mean?
Safety Integrity Level
A measure of probability to fail on demand(PFD) of the SIS.
It is statistical representation of the integrity of the SIS when a
process demand occurs.
A demand occurs whenever the process reaches the trip
condition and causes the SIS to take action.
There are 4 SIL levels. SIL Levels are measures of how we
achieve function safety.
Applies to the complete safety function/loop
Higher SIL means
Stricter requirements.
Safety Function fails less and thus plant protection is available more.

Understanding Safety Integrity Level
(SIL)
SIL is how we measure the performance of safety functions
carried out by safety instrumented systems
SIL must be viewed from 3 perspectives
Process Owners
Which Safety function do I need and how much do I need?
Engg. Companies, System Integrators, Product Developers
How do I Build SIL compliant safety devices, function or systems?
Plant Operators
How do I operate, maintain and repair safety functions and systems to
maintain identified SIL levels?

SIL STANDARDS
IEC-61508
(1998 & 2010)
IEC-61511
(2003)
ISO 26262

ISA S84
(1996 & 2004)
IEC 62279
EN 50128
Generic Used By Vendors
Industry Specific-Used by
Designers & End users.
Process Industry
Automotive Railways
Calls Safety system as
E/E/PES
Calls Safety system as
SIS
IEC-61513

Nuclear
IEC 62061

Machinery
ESD/HIPPS/BMS/FGS
SIL Classification

SIL Probability Category
1 1 in 10 to 1 in 100
2 1 in 100 to 1 in 1,000
3 1 in 1,000 to 1 in 10,000
4 1 in 10,000 to 1 in 100,000
1 in 10 means, the function will fail once in a total of 10 process demands
1 in 1000 means, the function will fail once in a total of 1000 process demands
SIL Classification

SIL
Level Risk Reduction Factor
SIL 4 >=10
-5
to <10
-4
>=0.00001 to <0.0001 100000 to 10000
SIL 3 >=10
-4
to <10
-3
>=0.0001 to <0.001 10000 to 1000
SIL 2 >=10
-3
to <10
-2
>=0.001 to <0.01 1000 to 100
SIL 1 >=10
-2
to <10
-1
>=0.01 to <0.1 100 to 10
Probability of failure on demand
(Demand Mode of Operation)
Safety Integrity Levels
Concept of Layers of Protection
Concept of Layers of Protection
Concept of Layers of Protection
Multiple Initiators tripping one
Final Element
Initiators
Final
Element
SIF-1
SIF-2
SIF-3
Logic Solver
One Initiator tripping multiple
Final Elements
Logic Solver
Initiator
Final
Elements
SIF-1
SIF-2
SIF-3
1
A
B 2
Sensors
Final Control
Elements
Logic
Solver
SIF 1
C 3
SIF 2
D 4
SIF 3
5
E
F
6
SIF 4
Overall Safety Instrumented
System showing SIFs
Risk Management
Three important steps
Identify Hazards / Hazardous events
Analyze /Assess the Hazards/Hazardous events
Reduce risk where necessary

Assigning the SIL with Hazard Matrix
Assigning the SIL Risk Reduction
Assigning the SIL Risk Reduction
Assigning the SIL Risk Reduction
24
Assigning the SIL with Risk Graph
Risk reduction with LOPA
Risk reduction with LOPA
