SIL‐3, SIL‐2, and unicorns (there is a high probability your SIL 2 and SIL 3 SIFs have no better performance than SIL 1)

Abstract

AbstractSafety instrumented system (SIS) standards improved the definition of interlocks and introduced requirements for improved management systems to enforce independence from other independent protection layers (IPLs). SIS standards require verification that the performance of each safety instrumented function (SIF) will be met during its lifetime, where the performance criterion is documented as the target safety integrity level (SIL) or risk reduction factor for the SIF. The SIL is in turn tied to specific values of probability of failure on demand (PFD). The current SIS standards and the TR (Technical Reports, from ISA) that explain how to do SIL verification calculations do not include accounting for specific human error probabilities—this is a major deficiency as even the probability of a single human error can be much larger than the target PFD of 0.001 for a SIL 3 and oftentimes a little larger than the PFD of 0.01 for a SIL 2. The SIL verification methods outlined in the standards and technical reports like ANSI/ISA TR84.00.02 facilitate consistency for the component‐only failure rates. As user companies seek to obtain greater risk reduction from their SIS to satisfy their corporate risk criteria, failure to adequately address potential specific human failures can lead to overly optimistic results and a misallocation of resources intended to reduce risk.