|
|
SIL 101: How Safe Do I Need to Be?
continued
Example of SIS / SIF / SIL
Determination
A simple example will help illustrate the concepts of SIS, SIF, and
SIL. Consider the installation of a pressure vessel containing flammable
liquid. It is maintained at a design operating pressure by the BPCS.
If the process control system fails, the vessel will be subjected
to an over-pressure condition that could result in a vessel failure,
release of the flammable contents and even fire or explosion. If the
risk in this scenario is deemed to be intolerable by the facility
owner, a SIS will be implemented to further reduce this risk situation
to a tolerable risk level
The SIS system will be independent from the BPCS and will act to prevent
or mitigate the hazardous condition resulting from pressure vessel
over-pressure. The SIS will have a SIF which might include a pressure
transmitter which can sense when an intolerable level of pressure
has been reached, a logic solver to control the system logic, and
a solenoid valve which might vent the contents of the vessel into
a safe location (flare stack, environment, storage tank, etc.), thus
bringing the pressure vessel to a safe state.
If the risk reduction factor required from the Process Hazard Analysis
is a factor of 100 then a SIL 2 level of SIF performance would be
specified. Calculations for the components of the entire SIF loop
will be done to verify that the PFD of the safety function is 10-2
, meaning that the SIF is SIL 2 or reduces the risk of the hazard
by a factor of 100. This one SIF may constitute the entire SIS, or
the SIS may be composed of multiple SIF’s that are implemented
for several other unacceptable process risks in the facility.
Our SIL and SIS Approach
General Monitors is fully committed to SIL and SIS. We feel that focusing
on functional safety is an excellent opportunity for us to partner
with our customers to understand their specific needs and applications,
and to develop optimal safety solutions for their unique operating
environments.
We have based our approach to ensuring a high level of functional
safety on the IEC 61508 and 61511 standards. The programs that we
have developed encompass a comprehensive set of activities conducted
both in-house and with the assistance of leading safety experts from
around the world. In their totality, these programs have resulted
in an integrated system for the designing of products, assessing their
functional safety, improving robustness and validating performance.
An extensive Failure Mode Effects and Diagnostics Analysis (FMEDA)
is now conducted early in the development process for each new product,
and it is used throughout the development cycle to improve functional
safety. At General Monitors, the FMEDA is a critical design tool that
helps us develop products that offer the highest level of safety.
FMEDA is a critical design tool -- not just a post design paper
study to obtain a so-called “target SIL rating”.
|
|
