Even before the adoption of ISA-S84.013 as a national standard, safety instrumented systems (SIS) were used to mitigate the risks of process hazards. With the establishment of the standard, there is now a framework for defining Safety Integrity Levels (SIL) for such systems and the associated reliability requirements. However, the standard does not address the topic of how to determine what SIL category is needed to fill the independent layers of protection (IPL) gap. It assumes (section 4.2.2) that this analysis is performed prior to applying the principles of the standard. The IPL gap is usually addressed during a Process Hazard Analysis (PHA) or in a separate exercise such as Layer of Protection Analysis (LOPA) or Fault Tree Analysis (FTA). All of these involve some type of risk assessment (typically risk ranking) against established tolerability criteria. Needless to say, the quality of the IPL gap analysis is very critical to the overall risk mitigation benefit and implementation cost. As part of the IPL gap analysis for existing plants, it is necessary to determine the SIL credit afforded by the current SIS IPLs. During the PHA, the tendency is to err on the conservative side to avoid overstating the credit. By using FTA, it may be possible to incorporate factors such as functional testing, and to allow the proper credit for existing IPLs. FTA also has application in establishing the SIL credit for the design of new SISs that are required to address recommendations from PHAs or that are associated with new or modified plant projects. FTA is one of the evaluation techniques for which ISA has developed guidelines4 to be used for determining the SIL for Safety Instrumented Functions (SIF). Because ANSI/ISA-S84.01 is a performance based standard, it provides the designer some flexibility as to how the required reliability is achieved. Section 6.2.3 of the standard states that the desired SIL shall be met through a combination of fifteen design considerations that include: separation, redundancy, failure rates and failure modes, and functional testing interval to mention a few. Furthermore, Appendix B.15.2 states, “The functional test interval should be selected to achieve the Safety Integrity Level (SIL).” This paper offers process safety professionals a comprehensive and practical guide to evaluating and improving the reliability and Safety Integrity Levels (SIL) of SIS using Fault Tree Analysis (FTA) within the framework of the ISA-S84.01 standard.
To download our resources, you must become a registered site user. After you register, you will receive an email with a login username and password.