Introducing a SIL/RRF Graph

No other statement in Process Safety is more synthetic and significant than ?a hazard is a source of danger.? As long as the hazard energy remains contained in the process within the limits of its operating conditions, it is not dangerous; it is just a hazard, i.e. a chemical and/or physical condition capable of developing its potential energy to cause damaging consequences for individuals, the community, the environment, production assets, production profits, jobs, and markets.

But a specific initiating dangerous event can cause the hazard to initiate a dangerous incident which in turn can develop and culminate (incident outcome), producing consequences of various kinds with different probabilities and magnitudes of damage. In such circumstances, it becomes necessary to prevent the incident from escalating and propagating across the process containment boundary by aborting it in a proper and timely manner or by mitigating its consequences once the incident has crossed such boundary.

Therefore, an Independent Safety Instrumented Control Loop, known as Safety Instrumented Function (SIF), is absolutely essential to detect the initiation of the specific dangerous incident on an early basis and abort it by promptly triggering a protective action.

The SIF does not specifically reduce the magnitude component of the risk, but its probability of occurrence, which is what we need to ensure an accident will happen as infrequently as possible? the bigger the potential damage, the more infrequently.

But the SIF may also fail to do its job. It is thus extremely important to determine its own dangerous failure probability upon being demanded for protection by the process. This means assessing its inherent integrity in terms of Probability of Failure on Demand (PFD), which measures the strength of the SIF as to capability and reliability to keep doing its abortive and/or mitigation task efficiently, when and as required, in accordance with the process level of risk. The Process Safety Engineer (or Safety Engineering task force) should thus design the appropriate SIF with the appropriate level of integrity.

The purpose of this presentation is to introduce a new SIL/RRF Graph that can be used instead of the conventional SIL Tables, with the advantage of making the determination of a SIF's Safety Integrity Level to integrate the required Safety Instrumented System (SIS) much more easy, understandable, and accurate.

The use of this new graph will also help prevent some costly and repeated mistakes in SIS implementation. It will also make it clear that a SIF chain is actually weaker than its weakest link.