Formulation for Determining SIL using Sequential Failure Logic

Abstract

Recently computer systems have been widely applied to safety-related systems for achievement of safety functions. This general trend forced IEC to compile IEC 61508 as a standard related to functional safety of electrical/electronic/programmable electronic safety-related systems, i.e., E/E/PE SRS (SRS). Currently JIS includes the translated standard of IEC 61508, JIS C 0508. In accordance with the standard, an SRS is specified with its safety function (s) and safety integrity level (s) (SIL) and the SILs to be allocated to the SRS are specified with four levels of safety integrity. The standard requires assessing the risk reduction achieved by SRS using appropriate probabilistic techniques for allocation of SILs to SRS. However, the relationships among SILs, operation modes and hazardous event frequencies are not always cleared up yet. This paper presents a new model using two Sequential Failure Logics in order to describe causation of hazardous events in the overall system composed of equipment under control (EUC), EUC control system (BCS) and SRS. The SRS is assumed to implement a safety function in a dynamic demand state and assumed to have no automatic self-diagnosis functions. Then, the relationship among a dangerous undetected failure of SRS, demands for actuation of SRS and hazardous events brought about in the overall system is formulated based on the model. Moreover, new demand modes of operation and estimations of Hazardous Event Frequencies are proposed for allocation of SILs to SRS.