Optimal SIL Allocation to the Safety Functions Implemented over Layers of Protection - Design Sensitivity due to Dependent Failures

Safety Instrumented Systems (SIS) based on E/E/PE technology have nowadays become a standard for managing risks in complex technical enterprises. These systems typically use multiple layers of protection to mitigate risks to acceptable levels while ensuring high system availability. Compliance with functional safety standards like IEC 61508/61511 or ANSI ISA-84.01 requires assigning risk reduction factors (RRF) to each safety function and protection layer. IEC 61511 offers guidance on failure detection and prevention but lacks provisions for automatic mitigation systems, such as fire & gas systems. This gap, acknowledged in IEC 61511-4:2020, can lead to unnecessary design costs.
In this paper we address this gap by providing cost-effective SIS design for mitigation layers without compromising the safety. By introducing RRFs as proxies for implementation costs, we use Lagrange optimization to calculate these factors while adhering to the risk equation. Cost-optimal RRFs are calculated for each protection layer, considering an overall risk reduction target, and given loss distribution profile associated to single hazardous category. The model accounts for dependent failures across two successive layers. We demonstrate the algorithm's effectiveness through practical examples involving various loss distribution profiles.

Keywords: IEC61508, Functional safety, Safety function, PFD&RRF, SIL, Layers of protection, E/E/PE, SIS, ESD & Fire&Gas system, Lagrange optimization.