The evaluation of safety instrumented systems — tools to peer past the hype

Abstract Just as there are many different levels of risk in many different process facilities, there are many different ways of designing safety instrumented systems. Questions abound as to which technology should be used (electric, electronic, or programmable), what level of redundancy is appropriate (single, dual, or triple), how often should systems be tested (monthly, quarterly, yearly, or once per shutdown) and what type of field devices should be used (discrete, analog, smart, redundant, etc). Debate continues as to how one even makes these choices (past experience, qualitative judgment, quantitative analysis, etc). Current national and international draft standards (as well as existing guidelines) on the design of safety instrumented systems are performance oriented, rather than prescriptive. The ISA draft standard, for example, identifies three “safety integrity levels” and cites performance requirements for each level. Simply put, different levels of risk require different levels of safety system performance. This is in line with recent national legislation (29 CFR 1910.119) on process safety management which states that users must “ determine and document that systems are designed and operating in a safe manner” (emphasis added). This paper will review the use of one engineering tool currently available for analyzing the performance of safety control systems, and how the information obtained may be used to help develop company standards for the design of these systems.