SIL Allocation
Introduction
The SIL Allocation Process takes the cause consequence pairs from the PHA and assesses the protection layers that can be applied to them to identify the gap between the tolerable risk and the risk presented by the system being examined. The gap between the two is then compared with the requisite standard being used in the country of the facility and a Safety Integrity Level applied. The PHA is developed during phase 2 of the Functional Safety lifecycle, and must be available throughout the lifecycle.
Application
The SIL allocation process is Phase 2 of the functional Safety Lifecycle as described in the IEC 61511 standard. There are multiple tools that can be used to determine the SIL, Risk Graph, Layer of Protection Analysis (LOPA), Fault Trees, Risk Matrix etc. and any of the tools can be used to determine the SIL requirement.
The tools all require the tolerable risk to be identified for the scenario described and this is either used directly in the case of LOPA or Fault Tree to identify the gap and hence the SIL required, or is used in the calibration of Risk Graphs and Risk Matrices
The key to identifying the SIL required is in identifying the enabling events, barriers and conditional modifiers that cause the event to happen and to then systematically examine whether other protection layers can be applied to prevent the incident from occurring (e.g. Bunds prevent environmental release, PSV venting to a flare prevents overpressure of Hydrocarbon system) or whether a Safety Instrumented System is required. In all cases the protection layers must be independent of the initiating event and must be shown to be capable of preventing the hazardous outcome. Independence between protection layers and common cause failure of equipment should be examined and tends to move the assessment to a quantitative / semi quantitative techniques such as LOPA or Fault Tree rather than the qualitative techniques such as Risk Matrix and Risk Graph
The SIL Allocation process is the second phase of the Functional Safety Lifecycle
and depends on a multi functional team from across the operations, design and engineering discipline that can assess the identified cause consequence pairs and assign frequency of events, other protection layers and confirm the adequacy of said protection layers
Services
ProSalus has assisted a number of our clients in carrying out SIL Allocation Process using the LOPA, Risk Graph, Fault Tree and Event Tree tools