Risk Tolerance Criteria Offsets in SIL Determination

The IEC 61511 / ISA 84 standard requires that safety integrity levels (SILs) be determined for safety instrumented functions (SIFs) that make up safety instrumented systems (SISs). Criteria that express maximum tolerable risk for a facility are used in these determinations.

Commonly, hazard scenarios taken from process hazard analysis (PHA) studies are used with layers of protection analysis to determine SILs for SIFs. However, no PHA study can be guaranteed to identify hazard scenarios completely and, unfortunately, practitioners are unaware of how many scenarios have been missed and what contribution they make to the facility risk. Lack of completeness in hazard scenarios could result in significant underestimates of risk and the tolerance of higher risk than desired in SIL determination studies. This is an inherent limitation of current PHA approaches. Furthermore, actual PHA studies may be of poor quality and identify fewer scenarios than may be possible or may be deficient in other ways that impact SIL determination. The issues of PHA completeness and quality are not addressed in IEC 61511 / ISA 84, although problems in either area may undermine efforts to comply with the standard. Practitioners should consider using offsetting overall facility risk tolerance criteria by a conservative amount to address this issue.

Furthermore, PHA studies usually focus on catastrophic accidents in processes that can result from the realization of flammable, explosive, reactive and/or toxic hazards (so-called major hazards). However, facilities may also pose risks to people from such other hazards as working at height, confined space entry, asphyxiants, corrosives, hot gases, hot liquids, cryogenics, electricity, pinch points, vehicle accidents, etc. Overall facility risk tolerance criteria are usually intended to address risks from all hazards at a facility. Consequently, overall facility risk tolerance criteria should be offset to account for casualties from any sources excluded from a risk analysis. These other sources of casualties can be significant contributors to the overall facility risk and therefore the offsets can be significant.

For more information, you can contact Primatech or consult the article:

The Interface of Functional Safety with Process Safety and Risk Analysis, by Paul Baybutt, Process Safety Progress, Volume 32, Issue 4, pages 346–350, December 2013.

The article is available at: http://onlinelibrary.wiley.com/doi/10.1002/prs.11640/abstract.

