Using risk tolerance criteria to determine safety integrity levels for safety instrumented functions

摘要

Standards and industry guidelines for Safety Instrumented Systems (SISs) describe the use of hazard and risk analysis to determine the risk reduction required, or Safety Integrity Levels (SILs), of Safety Instrumented Functions (SIFs) with reference to hazardous events and risk tolerance criteria for them. However, significant problems are encountered when putting this approach into practice. There is ambiguity in the meaning of the term hazardous event. Notably, even though it is a key concept in the process-sector-specific SIS standard, IEC 61511/ISA 84, it is not defined in the standard. Consequently, risk tolerance criteria for hazardous events are ill-defined and, therefore, they are not the most appropriate criteria to use. Most current approaches to SIL determination use them and therefore they are flawed fundamentally. An informed decision on the tolerability of risk for a facility cannot be made by determining only the tolerability of risk for individual hazardous events. Rather, the tolerability of the cumulative risk from all hazard scenarios and their hazardous events for a facility must be determined. Such facility risk tolerance criteria are the type used by regulators. This issue applies to all per event risk tolerance criteria. Furthermore, determining the tolerability of risk for a facility based only on the risks of single events, be they hazard scenarios or hazardous events, and comparing them to risk tolerance criteria for the events is not meaningful because there is no consideration of how many such events can actually occur and, therefore, no measure of the total risk. The risks from events should be summed for a facility and compared with overall facility risk tolerance criteria. This paper describes and illustrates SIL determination using a risk model implemented within the framework of Layers of Protection Analysis (LOPA) that overcomes these problems. The approach allows the allocation of risk across companies, facilities, processes, process units, process modes, etc. to be managed easily.