Chemical Technology July 2015

PLANT MAINTENANCE, SAFETY, HEALTH & QUALITY

Figure 6: SIL 3 instrumented protection configuration

Figure 7: SIL Risk graph

Table 3 SIL MATRIX Severity

Catastrophic

Critical

Marginal

Negligible

Financial effect

R100m

R50m

R1m

R100 000

Environmental damage

Permanent

Long term

Medium

Short

Health effect

Fatal

Irreversible

Major

Minor

Event Safety Frequency

> 1 death and injuries

1 death / injuries

Disabling injuries

Minor injuries

10 per year

Too high

Too high

Too high

Too high

1 per year

SIL 4

SIL 3

SIL 2

SIL 1

1 per 10 years

SIL 3

SIL 2

SIL 1

ALARP

1 per 100 years

SIL 2

SIL 1

ALARP

ALARP

1 per 1000 years

SIL 1

ALARP

ALARP

ALARP

1 per 10 000 years

SIL 1

ALARP

ALARP

NONE

1 per 100 000 years

ALARP

ALARP

NONE

NONE

Consequences

Exposure time

C1 Minor injury

F1 Rare to more often

C2 Permanent injury > 1 persons; 1 death

F2 Frequent to permanent

Safety instrumented systems are normally incorporated in hazardous installations as a first choice of a layer of protection.

C3 Death of several persons C4 Very many people killed

Avoidance of hazard

Probability of unwanted occurrence

P1 Possible under certain circumstances

W1 Very slight

P2 Almost impossible

W2 Slight W3 Relatively high

Figure 8: Description of inputs into the SIL risk graph

Acknowledgement Content was reviewed by David Macdonald, SIS Specialist who provided valuable input. References International Electro-technical Commission standard IEC 61508 – Functional safety of electrical/electronic/ programmable electronic safety-related systems. HSE, UK Health and Safety Executive, Reducing Risks, Protecting People (R2P2), 2001 – ISBN 07176 21 51 0. IEC 61511-1, clause 11, " Functional safety - Safety instru- mented systems for the process industry sector - Part 1: Framework, definitions, system, hardware and software requirements", 2003-01. z

is categorised into four levels, known as safety integrity levels, abbreviated as SIL. Safety integrity levels can be determined by either basic calculations or a risk graph or by simply using a matrix. Once the required level of safety is known, the safety instrumented systemdesign can be specified in terms of the proof test period, component reliability and the redundancy of components comprising the safety instrumented system. It was further shown that another use of layer of protec- tion analysis is that the selected safety integrity level for the safety instrumented system can be reduced by taking credit for other layers of protection, which may include design integrity, control, indications and alarms, physical protec- tion devices such as relief valves and emergency response.

15

Chemical Technology • July 2015