1. What is SIL?

SIL represents the level of security integrity. SIL is a measure of the On Demand Probability of Failure (PFD) of security system performance or SIF or SIS. There are four discrete integrity levels related to SIL. The higher the SIL level, the lower the probability of failure in the security system requirements, and the better the system performance. It is also worth noting that as the level of SIL increases, the cost and complexity of the system usually increase.

The SIL level applies to the entire system. Individual products or components do not have SIL ratings. When using the SIL level during SIF execution, it is necessary to reduce the existing intolerable process risk level to an acceptable risk range.

2. What is SIS?

SIS is a safety instrumented system. It aims to prevent or mitigate hazardous events by placing the process in a safe state when predetermined conditions are violated. SIS consists of a logic solver, sensors, and final elements. Other common terms for SIS are safety interlock systems, emergency shutdown systems (ESD), and safety shutdown systems (SSD). SIS can be one or more Safety Instrumented Functions (SIFs).

3. What is SIF?

SIF represents safety instrument function. SIF aims to prevent or mitigate hazardous events by elevating processes to an acceptable level of risk. SIF consists of a logic solver, sensors, and final elements. SIF has a specified SIL level, depending on the amount of risk that needs to be reduced. One or more SIFs contain SIS.

What does functional safety mean?

Functional safety is a term used to describe a safety system that relies on logical solvers, sensors, and final elements to achieve the required level of risk reduction. When each SIF is successfully executed and the process risk is reduced to the required level, functional safety can be achieved.

Why have ANSI/ISA 84, IEC 61508, and IEC 61511 standards been developed?

These standards are a natural evolution that requires more formal and quantifiable methods to reduce process risks and improve safety. In addition, especially for IEC 61508, with the development and popularization of software applications and usage, there is an increasing need to establish standards to guide system/product designers and developers to ensure and "declare" what they need to do. Their systems/products are acceptable and safe for their intended use.

When do I need SIF or SIS?

The standard philosophy states that SIS or SIF should only be implemented when there are no other non instrumented ways to fully eliminate or mitigate process risks. Specifically, ANSI/ISA-84.00.01-2004 (IEC 61511 Mod) recommends a multidisciplinary team approach that follows the safety lifecycle, conducts process hazard analysis, designs various protective layers (i.e. LOPA), and ultimately implements SIS when a hazardous event cannot be prevented or mitigated through methods other than instrumentation.

7. What is the validation test interval?

Verification testing is a requirement of safety instrumented systems to ensure that everything is functioning properly and executed as expected. The testing must include validation of the entire system, logic solver, sensors, and final elements. The interval is the time when the test occurs. The testing frequency varies for each SIS and depends on the technology, system architecture, and target SIL level. The validation test interval is an important component of calculating the probability of system failure requirements.

8. What is Process Hazard Analysis (PHA)?

PHA is an OSHA directive used to identify safety issues and risks during the process, develop corrective measures to address safety issues, and proactively develop alternative emergency measures in the event of safety system failures. PHA must be conducted by a diverse team with specific expertise during the analysis process. Many consulting and engineering companies also provide PHA services. The PHA method can include hypothesis analysis, Hazard and Operability Study (HAZOP), Failure Mode and Effects Analysis (FEMA), and Fault Tree Analysis.

 9. What voting configuration is required for each SIL level?

The required SIL level depends on multiple factors. The type of technology adopted, the number of system components, the number of fault point requirements (PFD) for each component, the system architecture (such as redundancy, voting), and the SIL level that plays an important role in determining the validation testing interval. There is no standard answer to what voting configuration is required for each SIL level. The voting structure must be analyzed in the context of all the aforementioned factors.

 10. Does the SIL rating system require additional maintenance?

The SIL solution is certainly not the most cost-effective solution to reduce process risks. Many times, implementing SIL solutions requires adding equipment, which inevitably requires more maintenance. In addition, the higher the SIL level, the more frequent the validation testing interval, which may ultimately increase the required system maintenance. That's why standards only recommend SIL based solutions when other methods determined by LOPA cannot reduce process risks.

 11. Can the F&G system become SIF or SIS?

The fire and gas (F&G) system can automatically initiate process operations to prevent or mitigate hazardous events, and subsequently place the process in a safe state, which can be considered a safety instrumented function/safety instrumented system.

However, ensuring optimal sensor placement in F&G systems is absolutely crucial. If the position of the gas/flame detector and harmful gases is incorrect and the flame is not fully detected, then SIF/SIS will not be effective.

The correct placement of sensors is more important than determining whether F&G SIF/SIS is SIL 2 or SIL 3.

12. What is SIL 4?

SIL 4 is the highest level of risk reduction that can be achieved through safety instrumented systems. However, in the process industry, this is not a realistic level, and there are currently almost no products/systems that support this level of safety integrity.

SIL 4 systems are often so complex and expensive that they are economically inconvenient to implement. Furthermore, if a process involves many risks that require the SIL 4 system to enter a safe state, then fundamentally, there is an issue in process design that needs to be addressed through process changes or other non instrumented methods.

 13. Can a single product pass SIL certification?

No, it's not possible. Some products are only suitable for SIL environments. SIL level is applicable to safety instrument functions/safety instrument systems.

 14. What type of communication bus or protocol is suitable for SIL 2 or SIL 3 systems?

The type of communication protocol applicable to SIL 2 or SIL 3 systems actually depends on the platform type being used. Options include but are not limited to: 4-20 mA output signal, ControlNet (Allen Bradley), DeviceNet safety (Allen Bradley), SafetyNet (MTL), and PROFIsafe. Currently, the ISA SP84 committee is developing guidelines for secure buses to ensure compliance with the IEC 61508 and IEC 61511 standards. The first batch of devices with a secure bus should be launched before 2008. The Fieldbus Foundation actively participates in the committee and is committed to establishing the Foundation's Fieldbus Safety Instrumented System (FFSIS) project to jointly develop safety bus specifications with suppliers and end-users.

 15. How to access the PFD and MTBF data of a product for a general monitor?

The universal monitor SIL certificate has corresponding PFD, SFF, and SIL numbers for each product. MTBF data can be provided by request.

 16. Can manufacturers declare that their products are "SIL X certified" rather than "applicable to SIL X systems"?

A single product is only suitable for SIL environments. SIL level is applicable to safety instrument functions/safety instrument systems.

The product certificate is issued by the manufacturer (self certification) or other independent organization to indicate that the corresponding process has been performed, calculations have been performed, and analysis of individual products has been completed to demonstrate that they can operate in a given SIL level system.

The complete IEC 61508 certification can be applied to the manufacturer's process. Full certification means that the manufacturer's product development process complies with the standards specified in the corresponding parts of IEC 61508 parts 2 to 3 (including hardware/systems and software). Obtain comprehensive certification from the certification notification agency, ensuring that the manufacturer's engineering process has been audited, and that the electrical content, firmware, and logic of their products have been evaluated and comply with the guiding principles specified in the standards.

Few nationally recognized institutions can issue nationally recognized certifications. Certificates issued by other consulting firms indicate that the product and/or process have been audited by an independent third party.

 17. Can the manufacturer state that their product complies with all parts of IEC 61508 parts 1 to 7?

IEC 61508 consists of the following parts, with the overall title of Functional Safety of Electrical/Electronic/Programmable Electronic Safety Related Systems:

Part 1: General Requirements

Part 2: Requirements for Electrical/Electronic/Programmable Electronics

Security related systems

Part 3: Software Requirements

Part 4: Definitions and Abbreviations

Part 5: Examples of methods for determining security integrity levels

Part 6: Guidelines for Applying Parts 2 and 3

Part 7: Overview of Technology and Measures

In order to meet the standards, it is necessary to comply with parts 1-3. Sections 4-8 only provide information that can be used to understand and apply the standard, but there are no requirements for compliance.

Product manufacturers typically meet the requirements of Section 2 and determine through FMEDA analysis that their products are suitable for use within a given SIL level.

Companies that choose to certify their engineering processes and obtain comprehensive IEC 61508 certification will also comply with the provisions regarding software development in Section 3.

 What is the meaning of SIL X, is it a valid declaration in accordance with standard IEC 61508, or can other wording be used?

SIL represents the level of security integrity. SIL is a measure of the On Demand Probability of Failure (PFD) of security system performance or SIF or SIS. There are four discrete integrity levels related to SIL. The higher the SIL level, the lower the probability of failure in the security system requirements, and the better the system performance. It is also worth noting that as the level of SIL increases, the cost and complexity of the system usually increase.

The SIL level applies to the entire system if it reduces the risk of the corresponding SIL level. Individual products or components do not have SIL ratings. When using the SIL level during SIF execution, it is necessary to reduce the existing intolerable process risk level to an acceptable risk range.

Compliant with standards. Users should ensure that the program is executed correctly, demonstrate that the tests are executed correctly, and that there are appropriate designs, processes, and program files in place. The device or system must be used in the expected manner in order to successfully achieve the required level of risk reduction. Purchasing components suitable for SIL2 or SIL3 cannot guarantee the SIL2 or SIL3 system.

Service hotline: 18924609560 (same WeChat account)