Safety Integrity Level (SIL) and more specifically, SIL 3, is a topic that comes up with increasing regularity when we speak to clients about the development of safety-critical systems.
If you are questioning whether your company should be requesting SIL 3 capabilities and what the benefits are, then let the ETC experts help to clarify the business case.
Firstly, what is SIL?
Safety Integrity Levels (SILs) are a measure of the impact that a Safety Instrumented Function (SIF) has over the risk associated with a specific hazard. The higher the SIL level is, the more efficient that function will be at reducing
the risk it mitigates. In other words, SIL can be seen as an indicator of the acceptable failure rate for a security function.
SIL rating is a fundamental parameter to consider when comparing products; it is also an increasingly important requirement in various public and private tender invitations for the supply of mechanical systems and electrical and electronic products.
SIL standards, developed by the International Electrotechnical Commission (IEC), focus on functional safety. IEC standards define four SILs – 1 to 4 – a SIL is determined on the base of both quantitative and qualitative factors based on several methods used in combination, these include risk matrix, risk graphs and Layers of Protection Analysis (LOPA). The higher the SIL, the more serious the potential impact of a failure is, therefore the lower the acceptable failure rate is.
SIL certification, within a given system, depends on multiple factors, these include:
- type of technologies;
- system architecture;
- number of system components;
- probability of failure on demand (PFD) of each component;
- diagnostic test intervals.
A product with SIL certification is deemed “suitable for use within a given SIL environment”, in this way the entire system is taken into account.
It is worth noting that a device suitable for use in SIL 3 may be redundant if placed in a SIL 2 environment. However, using a product with a SIL level higher than requested can be useful as it automatically increases the T-proof test time intervals up to 10 times.
What is a T-proof test time?
T-proof test time refers to the periodic interval between two proof tests. If reduced, for example from two years to one year, SIL capability can be improved and hidden failures can be detected faster.
What is SIL 3?
SIL 3 is one of the SILs defined by the IEC 61508 standard. SIL 3 is defined by a risk reduction factor of 1.000 – 10.000 of failure on demand and 10-8 – 10-7 for probability of failure per hour. It is a quantitative assessment of the acceptable failure level for a security function.
Why is SIL 3 important?
The SIL of a Safety Instrumented Function (SIF) in a Safety Instrumented System (SIS) is based on a number of methods such as Safety Layer Matrix (SLM), Layers of Protection Analysis (LOPA) or Fault Tree Analysis (FTA).
The above methods take into a
ccount the types of accident that can occur, their probability, the way they are related and their consequences in terms of cost. The recommended SIL level is therefore the appropriate level for the risks that your organisation faces.
If SIL 3 is deemed the appropriate SIL, it means that SIL 3 is the minimum integrity level that can reduce the risk – that is, the cost per unit of time – associated with a particular hazard to an acceptable level.
What does SIL 3 mean for device choice?
SIL 3 is not designed to give a rating of a specific device, but of the function that a device (or a set of devices) performs.
Is SIL 3 expensive?
Evaluating the cost of a safety function is a difficult task. You need to be mindful that it is not just the upfront cost of implementing it, but also the cost associated with the risk that it mitigates.
Implementing and maintaining SIL 3 will incur additional operating costs, it requires a specific skill set to be developed within the operating team and devices rated for SIL 3 use can be more expensive.
Therefore, SIL 3 is only recommended under critical and specific circumstances. However, the cost of not implementing the appropriate SIL significantly outweighs the cost of implementing it.
In conclusion
SIL 3 is recommended only under special circumstances. Nevertheless, where it is deemed appropriate, SIL 3 is critical to ensuring the adequate safety of an operation.
If you would like to discuss how SIL 3 could help your business please do get in touch.