Analyze Safety Integrity Levels (SIL) Using Fault Trees

Even before the adoption of ISA-S84.01 as a national standard, safety instrumented systems (SIS) were used to mitigate the risks of process hazards. With the establishment of the standard, there is now a framework for defining Safety Integrity Levels (SIL) for such systems and the associated reliability requirements. However, the standard does not address the topic of how to determine what SIL category is needed to fill the independent layers of protection (IPL) gap. It assumes (section 4.4.2) that this analysis is performed prior to applying the principles of the standard.

The IPL gap is usually addressed during a Process Hazard Analysis (PHA) or in a separate exercise such as Layer of Protection Analysis (LOPA) or Fault Tree Analysis (FTA). All of these involve some type of risk assessment (typically risk ranking) against established tolerability criteria. Needless to say, the quality of the IPL gap analysis is very critical to the overall risk mitigation benefit and implementation cost.

As part of the IPL gap analysis for existing plants, it is necessary to determine the SIL credit afforded by the current SIS IPLs. During the PHA, the tendency is to err on the conservative side to avoid overstating the credit. By using FTA, it may be possible to incorporate factors such as functional testing, and to allow the proper credit for existing IPLs.


To download our resources, you must become a registered site user. After you register, you will receive an email with a login username and password.

Want to Get Full Access to our Technical Resources?

Register Now