functional safety Functional safety is the part of the overall safety of a system or piece of equipment that depends on automatic protection operating correctly in response to its inputs or failure in a predictable manner (fail-safe). The automatic protection system ...

a safety instrumented system (SIS) is an engineered set of hardware and software controls which provides a protection layer that shuts down a chemical, nuclear, electrical, or mechanical system, or part of it, if a hazardous condition is detected.

Requirement specification

An SIS performs a safety instrumented function (SIF). The SIS is credited with a certain measure of reliability depending on its safety integrity level (SIL). The required SIL is determined from a quantitative process hazard analysis (PHA), such as a Layers of Protection Analysis (LOPA). The SIL requirements are verified during the design, construction, installation, and operation of the SIS. The required functionality may be verified by design reviews, factory acceptance testing, site acceptance testing, and regular functional testing. The PHA is in turn based on a hazard identification exercise. In the

process industries Process manufacturing is a branch of manufacturing that is associated with formulas and manufacturing recipes,

(oil and gas production,

refineries A refinery is a production facility composed of a group of chemical engineering unit processes and unit operations refining certain materials or converting raw material into products of value. Types of refineries Different types of refineries a ...

, chemical plants, etc.), this exercise is usually a hazard and operability study (HAZOP). The HAZOP usually identifies not only the process hazards of a plant (such as release of hazardous materials due to the process operating outside the safe limits of the plant) but also the SIFs protecting the plant from such excursions.

Design

An SIS is intended to perform specific control functions to prevent unsafe process operations when unacceptable or dangerous conditions occur. Because of its criticality, safety instrumented systems must be independent from all other

control system A control system manages, commands, directs, or regulates the behavior of other devices or systems using control loops. It can range from a single home heating controller using a thermostat controlling a domestic boiler to large industrial ...

s that control the same equipment, in order to ensure SIS functionality is not compromised. An SIS is composed of the same types of control elements (including

sensors A sensor is often defined as a device that receives and responds to a signal or stimulus. The stimulus is the quantity, property, or condition that is sensed and converted into electrical signal. In the broadest definition, a sensor is a devi ...

, logic solvers,

actuators An actuator is a component of a machine that produces force, torque, or displacement, when an electrical, pneumatic or hydraulic input is supplied to it in a system (called an actuating system). The effect is usually produced in a controlled way. ...

and other control equipment) as a Basic

Process Control Industrial process control (IPC) or simply process control is a system used in modern manufacturing which uses the principles of control theory and physical industrial control systems to monitor, control and optimize continuous Industrial processe ...

System (BPCS). However, all of the control elements in an SIS are dedicated solely to the proper functioning of the SIS. The essential characteristic of an SIS is that it must include instruments, which detect that process variables (flow, temperature, pressure etc. in the case of a processing facility) are exceeding preset limits (

), a logic solver which processes this information and makes appropriate decisions based on the nature of the signal(s), and final elements which receive the output of the logic solver and take necessary action on the process to achieve a safe state. All these components must function properly for the SIS to perform its SIF. The logic solver may use electrical, electronic or programmable electronic equipment, such as

relay A relay Electromechanical relay schematic showing a control coil, four pairs of normally open and one pair of normally closed contacts An automotive-style miniature relay with the dust cover taken off A relay is an electrically operated switc ...

s, trip

amplifier An amplifier, electronic amplifier or (informally) amp is an electronic device that can increase the magnitude of a signal (a time-varying voltage or current). It is a two-port electronic circuit that uses electric power from a power su ...

s, or

programmable logic controller A programmable logic controller (PLC) or programmable controller is an industrial computer that has been ruggedized and adapted for the control of manufacturing processes, such as assembly lines, machines, robotic devices, or any activity that ...

s. Support systems, such as power, instrument air, and communications, are generally required for SIS operation. The support systems should be designed to provide the required

integrity Integrity is the quality of being honest and having a consistent and uncompromising adherence to strong moral and ethical principles and values. In ethics, integrity is regarded as the honesty and Honesty, truthfulness or of one's actions. Integr ...

and

reliability Reliability, reliable, or unreliable may refer to: Science, technology, and mathematics Computing * Data reliability (disambiguation), a property of some disk arrays in computer storage * Reliability (computer networking), a category used to des ...

. One example of SIS is a temperature sensor that provides a signal to a controller, which compares the sensed process temperature to the desired temperature setpoint and sends a signal to an emergency on-off valve actuator which stops the flow of heating fluid to the process if the process temperature is exceeded by an unsafe margin. SIFs are implemented as part of an overall risk reduction strategy which is intended to minimize the likelihood of a previously identified accident that could range from minor equipment damage up to the uncontrolled catastrophic release of energy or materials. The safe state must be achieved in a sufficiently short amount of time (known as ''process safety time'') to prevent the accident.

International standards

International standard IEC 61511 was published in 2003 to provide guidance to end-users on the application of Safety Instrumented Systems in the

process industries Process manufacturing is a branch of manufacturing that is associated with formulas and manufacturing recipes,

. This standard is based on

IEC 61508 IEC 61508 is an international standard published by the International Electrotechnical Commission (IEC) consisting of methods on how to apply, design, deploy and maintain automatic protection systems called safety-related systems. It is titled '' ...

, a generic standard for functional safety including aspects on design, construction, and operation of electrical/electronic/programmable electronic systems. Other industry sectors may also have standards that are based on IEC 61508, such as IEC 62061 (machinery systems), IEC 62425 (for railway signalling systems), IEC 61513 (for nuclear systems), and

ISO 26262 ISO 26262, titled "Road vehicles – Functional safety", is an international standard for functional safety of electrical and/or electronic systems that are installed in serial production road vehicles (excluding mopeds), defined by the Intern ...

(for road vehicles).

Related concepts

Other terms often used in conjunction with and/or to describe safety instrumented systems include: * Critical control system * Protective instrumented system * Equipment protection system * Safety shutdown system * Process shutdown system * Emergency shutdown system *

Safety-critical system A safety-critical system or life-critical system is a system whose failure or malfunction may result in one (or more) of the following outcomes: * death or serious injury to people * loss or severe damage to equipment/property * environmental h ...

Interlock An interlock is a feature that makes the state of two mechanisms or functions mutually dependent. It may consist of any electrical or mechanical devices, or systems. In most applications, an interlock is used to help prevent any damage to the mac ...

(of which there is a specific domain in

railway signalling Railway signalling (), or railroad signaling (), is a system used to control the movement of railway traffic. Trains move on fixed rails, making them uniquely susceptible to collision. This susceptibility is exacerbated by the enormous weight ...

)

References

{{reflist

External links