Safety Integrity Level (SIL) is the discrete level that functions to specify the safety integrity requirements, which is allocated to the E/E/PE safety related systems. SIL 4 has the highest level of safety integrity and SIL 1 has the lowest. E/E/PES is a term introduced by IEC61508 standard, which stands for Electrical/Electronic/Programmable Electronic Systems.

Why SIL?
• Process plants are operated with many sophisticated process control systems. These systems are mandatory for safe and reliable operation of the plant, and they address the safety functions such as process sectioning, fire detection, gas detection, process protection and blow down. The safety functions are often designed through combining various E/E/PES technologies and other external risk reducing devices. In addition, computer and software intensive systems are increasingly being used as part of the system. A malfunction of these systems can lead to loss of life, damage to assets and hazardous impact to the environment.
  How then can we maintain such critical safety functions or Instrumented Protective Functions (IPF), the reliability of which depend on many inter-related technologies such as mechanical, electrical, electronics (hardware), hydraulics, software?

Solutions
• PT WIDE & PIN uses numbers of technique assisted by software tools and models to manage safety critical equipment. These techniques and the approaches are organized according to the model’s life cycle that is recommended for the safety critical equipment by IEC 61508. This Life Cycle model covers the project phases from concept to de-commissioning and can be grouped into three distinct phases, i.e. design, maintenance planning and operation & monitoring

Managing Safety Critical Equipment Services
• The services offered in the three distinct phases are highlighted in the following section:

Design
• The approach to SIL assessment is based on risk analysis where some absolute risk criteria have been established. Each safety function at the plant/system/equipment/tag is allocated reliability targets based on these criteria.
  The SIL’s definitions of IEC 61508 for a safety function that operates in low demand mode of operation are:
  • SIL 1: 10-2 < PFD < 10-1
  • SIL 2: 10-3 < PFD < 10-2
  • SIL 3: 10-4 < PFD < 10-3
  • SIL 4: 10-5 < PFD < 10-4
  
  PFD is 'Probability of Failure on Demand' (this is a measuring tool of safety unavailability and accounts for the unavailability due to hardware failures). Our approach is in line with the cross industry standard: IEC 61508 and industry specific standard like: IEC 61511 for process systems.

Maintenance Planning
• The most dangerous type of failure for safety systems are hidden failure. We use standard methods from probability theory to assess the probability of failure on demand for the safety systems and failure modes under consideration to develop maintenance/test plan which ensure that the desired safety requirements (Required Availability) are complied. In some cases we also perform economic optimization (Cost-benefit Availability) within the boundary where the safety requirements are provided.
  
  A number of different tools are used by us to determine the maintenance strategy needed to achieve the desired SIL levels such as: Fault Tree (CARA), Reliability Block Diagram (RAMA, PDS), Flow Diagram (RAMA, MIRIAM, and MAROS), Reliability Assessment (ACE), Simulation (Extend). We also have a number of (generic) databases such as OREDA, PDS, EIREDA, T-book, ZEDB, Non-electronic Parts Reliability Data, and Process Equipment Reliability Data, etc. DNV also has experts who can assist to analyze and develop data.

Operation & Monitoring
• It is essential that plants monitor the performance of safety critical systems in the operational phase. One of the main objectives is to ensure that these systems perform as assumed in the risk/SIL assessment.
  
  We have developed a scheme for documenting SIL requirements and maintenance & inspection plan to help plants monitor the performance of their safety critical equipment over time. Techniques have been developed by using parameters such as number of tests, failures, etc. to monitor the SIL level and to identify the mitigating activities & adjusted test intervals.

Other Related Services
• In addition to above, we provide numbers of other service related to IEC61508 life cycle model such as:
  • Assistance in certification process
  • Document compliance for component manufacturers/engineering companies
  • Develop/Improve client's operation management so that the components are SIL compliant
  • Audits to ensure the components are manufactured in accordance with established SIL level

• Both local (PSD) and global (ESD) safety functions can be addressed. This includes:
  • Process Sectioning
  • Fire detection
  • Gas detection
  • Electric isolation
  • Start and Stop of fire pumps
  • Active fire fighting
  • Active smoke control
  • Process protection
  • Blow down etc.