Calculating SIL suitability levels
For General Monitors, calculating the SIL suitability level for individual products is a combined effort between corporate quality, engineering, and a 3rd party for validating calculations. The steps include failure rate prediction, FMEDA, Failure Path Investigation, and a 3rd party validation.
Step 1 Failure Rate Prediction
This initial step is the basis of all product SIL calculations. Within the product all failure rates of individual components contribute to the overall product failure rate.
- Failure rates of individual components of the BOM
are calculated based on component type and
in-circuit bias. - Product failure rate is the sum of all component
failure rates.
Step 2 Failure Mode Effects and Diagnostic Analysis (FMEDA)
Failure Mode Effects and Diagnostic Analysis (FMEDA) is a technique that evaluates and quantifies the product’s self-diagnostic ability.
Each component’s failure mode and its failure rate are listed.
Failure modes are determined as Safe (product able to detect fire/gas) or Dangerous (product not able to detect fire/gas).
Each safe and dangerous failure mode is determined as Detectable or Un-detectable by the product’s diagnostics.
The result is a list of all components, their failure modes, the failure mode classification as Safe-Detected (SD), Safe-Undetected (SU), Dangerous-Detected (DD) or Dangerous-Undetected (DU), and the failure rate of each classification using the Failure Rate Prediction results (lSD, lSU, lDD, lDU).
Step 3 Failure Path Investigation
Known failure modes that were not classified during the FMEDA step are investigated using actual product. This requires shorting and opening component leads and identifying failure classification. SD, SU, DD, DU.
Step 4 Calculate SFF, SIL and PFD
The SIL level of the product is finally determined from the Safe Failure Fraction (SFF) and the Probability of Failure on Demand (PFD). The following formulas are used.
SFF = (lSD + lSU + lDD) / (lSD + lSU + lDD + lDU)
PFD = (lDU)(Proof Test Interval)/2 + (lDD)(Down Time or Repair Time)
SIL level is then determined from the Safe Failure Fraction for type B equipment per the IEC 61508 table below.
Safe Failure Fraction Hardware Fault Tolerence*
0 1 2
<60% Not allowed SIL 1 SIL 2
60% - <90% SIL 1 SIL 2 SIL 3
90% - <99% SIL 2 SIL 3 SIL 4
? 90% SIL 3 SIL 4 SIL 4
*A hardware fault tolerence of N means that N + 1 faults could cause a loss of the safety function.
Step 5 Third Party Review
All results from the above steps are forwarded to a 3rd party for review and validation.
Definitions
MTBF = Many times a customer will ask for the MTBF (mean time between failures) value of a product. This is calculated by the inverse of unit failure rate minus the MTTR (mean time to repair, usually 4 hours for General Monitors products). The MTTR may be dropped if it is very small compared to the overall product device hours.
MTBF = 1/Failure Rate
An expression for the Risk Reduction Factor is…
RRF = (existing or inherent risk) / (tolerable or acceptable risk)
Probability of Failure on Demand (PFD) = the probability that a SIF fails to perform its intended safety function during a potentially dangerous condition. This is also called a dangerous failure.
The Average Probability of Failure on Demand (PFDavg) =
a useful value if the SIF is regularly inspected and tested. Formulas for PFDavg vary depending on the system architecture.
The simplest formula for a specified proof test interval is…
PFDavg = (lDU)(Proof Test Interval)/2