VIDEO
HIGHLIGHT
Log InSign up
Functional Safety (IEC 61508) explained / SIL levels
SummaryTranscriptChat

Functional Safety (IEC 61508) explained / SIL levels

Understanding Functional Safety and Safety Instrumented Systems

Introduction to Machine Protection Systems

  • The primary goal of machine protection systems is to ensure safe operations while protecting humans, the environment, and machinery from hazardous situations.
  • Key takeaways include assessing safety integrity level (SIL) requirements, probability of failure on demand (PFD) requirements, influencing these parameters, and avoiding common mistakes in selecting and operating safety instrumented systems.

Understanding PFD and SIL

  • PFD stands for Probability of Failure on Demand; a critical concept that will be explored in detail later.
  • Functional safety and SIL requirements are essential for operators managing critical processes with inherent risks such as toxic substances or high pressures.

Risk Management in Processes

  • Inherent process risks can arise from handling toxic materials, extreme temperatures, radiation exposure, or high mechanical energy.
  • The objective is to reduce remaining process risk to a tolerable level through multiple layers of protection rather than eliminating all risk entirely.

Layers of Protection

  • Basic Process Control Systems (BPCS) manage flows, pressures, and temperatures within design limits to prevent equipment failures.
  • Additional protective measures include physical barriers around processes and operational protocols like restricting access during machine operation.

Safety Instrumented Systems (SIS)

  • SIS consists of three main components: sensors that detect conditions, logic solvers that process signals, and final elements that execute actions based on those signals.
  • Two relevant standards are IEC 61508 for vendors producing SIS components and IEC 61511 for operators managing these systems.

Evaluating Failures in SIS

  • It’s crucial to evaluate potential failure modes within the SIS components—sensor failures can lead to dangerous consequences if not properly managed.
  • Distinctions exist between non-dangerous failures (e.g., failed LED indicators with no safety relevance), dangerous detected failures (e.g., broken critical sensors), and dangerous undetected failures which pose significant risks.

Understanding SIL Levels

  • The discussion transitions into different SIL levels ranging from one to four based on their PFD values.
  • For instance, SIL 1 has a PFD range from 10^-1 to 10^-2, while higher levels indicate lower acceptable probabilities of failure per hour.

Understanding SIL Ratings and Process Risk

Overview of SIL Ratings

  • The Safety Integrity Level (SIL) rating indicates the probability of failure on demand, with a lower lambda value driving a higher Performance Failure Demand (PFD) value.
  • For a SIL 2 requirement, the PFD must be calculated across the entire system chain, including sensors, logic solvers, and final elements.

Criticality and Risk Assessment

  • Higher SIL levels correlate with increased criticality and process risk; for instance, a nuclear power station may require a SIL 4 system due to severe consequences of failure.
  • IEC 61511 provides a risk graph that assesses process risks based on four factors: extent of damage (C1-C4), frequency of exposure (F1-F2), possibility of avoidance, and probability of occurrence.

Factors Influencing Risk Levels

  • The extent of damage is categorized from slight injury (C1) to catastrophic events like multiple deaths (C3-C4).
  • Frequency of exposure considers how often personnel are near potentially hazardous machinery; frequent exposure increases risk assessment severity.

Decision-Making in Risk Evaluation

  • The likelihood of avoiding harm during an incident is crucial; if operators cannot avoid danger when close to machinery, this raises the required SIL level.
  • A decision-making process leads to determining necessary SIL levels based on expected outcomes—e.g., requiring at least a SIL 2 system for potential severe injuries.

Implementation Strategies for Safety Systems

  • Operators conduct risk assessments according to IEC 61511 standards; they cannot arbitrarily reduce criticality without proper justification.
  • Enhancements such as redundancy in sensor systems can improve PFD ratings. For example, implementing two out of three voting systems can increase reliability.

Maintenance and Testing Considerations

  • Diagnostic channels help identify faulty instruments which contribute to reduced PFD by detecting dangerous undetected failures.
  • Increasing proof testing intervals lowers PFD values but raises maintenance costs. More frequent testing ensures safety instrumented systems function correctly.

Value in Certified Systems

  • Many installations do not require certified systems; however, opting for higher-rated systems can provide significant risk reduction benefits even if not mandated by standards.
  • A typical SIL 2 system offers substantial risk reduction factors between 100 and 1000 hours mean time between failures.

Understanding System Reliability and Appropriateness

Importance of Appropriate Systems

  • A reliable solution must be highly available when needed, emphasizing the importance of having a system that is appropriate for its specific application.
  • Using an unsuitable sensor, like a SIL 3 gas temperature sensor on a critical centrifugal compressor, can lead to catastrophic failures due to inadequate early detection of mechanical issues.
  • Adhering to OEM standards is crucial for ensuring systems are fit for purpose and capable of capturing problems reliably and in a timely manner.

Misconceptions About High Ratings

  • A high SIL rating indicates availability but does not guarantee effective problem detection; it may lead to false security regarding system reliability.
  • The IEC standards suggest that if there is any doubt about safety, shutting down the process is the safest operation method, which does not prevent false trips or alarms.

Design Considerations for Reliability

  • High availability does not equate to quality outcomes; systems can still experience false trips or alarms despite being rated highly.
  • Thoughtful design should include channel diagnostics to minimize instrument count and enhance fault recognition within both machinery and instrumentation.
  • Implementing systems that identify faulty instruments helps avoid false alarms while ensuring they are suitable for their intended applications.
Video description

The main purpose of any machine protection system is to ensure the safe operation and to protect people, environment and the machine. During the video you will learn more about how an operator can assess the SIL (Safety Integrity Level), or PFD (Probability of Failure on Demand) requirements and the key parameters. What could be done to influence those parameters and what SIL levels could be achieved. Also we will discuss common mistakes when selecting and operating an SIS (Safety Instrumented System). Get insights of failure modes and standards used for such systems like the IEC 61508 or IEC 61511. More videos on our YouTube-Channel: https://www.youtube.com/user/PROGNOST2000/ Visit our website and social media channels: Website: https://prognost.com Facebook: https://www.facebook.com/PROGNOST/ Instagram: https://www.instagram.com/prognost_systems/ Linkedin: https://www.linkedin.com/company/prognost-systems-gmbh About PROGNOST: The systems and services of PROGNOST Systems are based upon many years of technical experience and competence in the acquisition, automated evaluation, and interpretation of condition data for reciprocating machinery. Asset Performance Management systems from PROGNOST Systems are the world-leading technology for the safe, reliable and economical operation of reciprocating machinery.