Why is SIL3 important and how much does it cost for your organization?
Originally published on GMI blog by GM International| July 24, 2018
SIL 3is a topic that routinely comes up in discussions related to thedevelopment of safety-critical systems.Do I need SIL 3 capabilities? How do I know? What will it cost?
These are questions that everyone involved in safety-critical applications is confronted with and correct answers are critical to maximizing the efficiency and reliability of a process plant.
Let’s take a look at the most importantaspects of SIL 3and find out exactly what they mean for your organization.
WHAT IS SIL 3?
Safety Integrity Levels(SILs) are a measure of theimpactthat aSafety Instrumented Function(SIF) has over the risk associated with a specific hazard. The higher the SIL level is, the more efficient that function will be at reducing the risk it mitigates.
SIL 3 is one of thesafety integrity levelsdefined by the IEC 61508 standard. It is defined by a risk reduction factor of 1.000 – 10.000 of failure on demand and 10-8 – 10-7 for probability of failure per hour. It is aquantitative assessmentof the acceptable failure level for a security function and it is therefore representative for its safety and reliability.
IEC 61508 defines 4 safety integrity levels, labeled from SIL 1 to SIL 4.SIL 3 is the highest safety integrity levelthat is economically feasible for most industrial operations.
WHY IS SIL 3 IMPORTANT?
The safety integrity level (SIL) of a Safety Instrumented Function (SIF) in a Safety Instrumented System (SIS) is not chosen at random, or on a best-effort basis. Instead, the appropriate SIL level is determined, based on a number of methods such asSafety Layer Matrix(SLM),Layer of Protection Analysis(LOPA) orFault Tree Analysis(FTA).
These methods take into account the types of accident that can occur within your organization, their probability, the way they are related and their consequences in terms of cost. The SIL level that they recommend is therefore thelevel appropriate for the risksthat your organization faces.
In other words, any given safety integrity level (including SIL 3) is not just a metric that you should aspire to, but a direct reflection of the risk that your organization faces. Within the framework of IEC 61508, risk is defined in terms of cost per time unit.
If SIL 3 is determined as the appropriate SIL, it means that SIL 3 is the minimum integrity level that can reduce the risk (that is, the cost per unit of time) associated with a particular hazard to an acceptable level.
WHAT DOES SIL 3 MEAN IN TERMS OF DEVICE CHOICE?
SIL 3 is not the rating of adevice, but of the function that a device (or a set of devices) performs. That being said, only certain devices can be used to implement a given safety integrity level. For SIL 3 functions, only devices that are rated for SIL 3 operation can be used or redundance devices with lower SIL.
IS SIL 3 EXPENSIVE?
Evaluating the cost of a safety functionis a difficult task, because what you need to consider is not just the upfront cost of implementing it, but also the cost associated with the risk that it mitigates. However, the former is an immediate cost, whereas the latter is essentially a potential cost.
SIL 3ismore expensive than either SIL 1 or SIL 2. Implementing and maintaining it incurs additional operating costs, requires a specific set of knowledge, skills and processes to be developed within the operating team and devices rated for SIL 3 use can be more expensive.
Consequently, SIL 3 is only recommended under critical and specific circumstances. However, the cost ofnotimplementing the appropriate SILsignificantly outweighsthe cost of implementing it.
SIL 3 is a high safety integrity levelthat is recommended only under special circumstances. However, where it is deemed appropriate, SIL 3 is critical to ensuring the adequate safety of an operation.