System integrity

DCS SIS
1

The integrity required of a safety related system depends upon the level of risk reduction claimed for the safety function to be performed.

Safety integrity is the probability that safety related system will satisfactorily perform the required safety function under all stated conditions within a stated period of time when required to do so.

Safety integrity is therefore a function of performance and availability.

Performance is the ability of the system or device to perform the required safety function in a timely manner under all relevant conditions so as to achieve the required state.

Availability is the measure of readiness of the system to perform the required safety function on demand, and is usually expressed in terms of probability of failure on demand.

Performance and availability depend on:

  • Proper design or selection, installation and maintenance and testing of the plant interfaces, including sensors actuators and logic, for the required duty and full range of process and environmental conditions under which they will be required to operate, including, where necessary, any excursions beyond the safe operating limits of the plant;
  • Accuracy and repeatability of the instrumentation;
  • Speed of response of the system;
  • Adequate margins between normal and safe operating limits and the system settings;
  • Reliability;
  • Survivability from the effects of the hazardous event or other external influences such as power system failure or characteristics, lightning, electromagnetic radiation (EMR), flammable, corrosive or humid atmospheres, temperature, rodent attack, vibration physical impact, and other plant hazards;
  • Independence (the ability of the system to act alone, without dependence on other protective measures, control systems or common utilities or to be influenced by them.

The following measures are required to ensure adequate performance and availability of the safety related system:

  • Protection against random failures by hardware reliability, fault tolerance (e.g. by redundancy) and fault detection (diagnostic coverage, and proof testing);

  • Protection against systematic and common mode failures by a properly managed safety lifecycle, independence from common utilities, common management systems and other protective systems, and by diversity. The lifecycle includes hazard and risk evaluation, specification, design, validation, installation, commissioning, operation, maintenance, and modification and are detailed in BS IEC 61508.