Modern standards on system safety employ the concept of safety integrity levels (SILs). Increasing numbers of system purchasers are expecting their suppliers to demonstrate that they use the concept, so system developers are seeking to apply it. But the standards differ in their derivation of SILs and none explains the concept satisfactorily, with the result that it is often misunderstood and used inconsistently, incorrectly, and inappropriately. This paper explains the concept and its application, giving examples of how SILs are derived in three current safety standards. It then shows a number of ways in which the SIL concept is misinterpreted and used misleadingly. Further, it considers the relationship between SILs and risk-tolerability decisions.
[1]
Ceri Rees,et al.
Safety Integrity Levels: An Industrial Viewpoint
,
1999
.
[2]
Felix Redmill.
IEC 61508 - principles and use in the management of safety
,
1998
.
[3]
Bev Littlewood,et al.
Validation of ultrahigh dependability for software-based systems
,
1993,
CACM.
[4]
Peter A. Lindsay,et al.
A systematic approach to software safety integrity levels
,
1997,
SAFECOMP.
[5]
R. Bell,et al.
IEC 61508: functional safety of electrical/electronic/ programme electronic safety-related systems: overview
,
1999
.