Safety Instrumented System

A Safety Instrumented System (SIS) performs a safeguarding function using instrumentation, rather than basic physical hardware, to execute this function. Instrumentation in this context includes sensors (such as transmitters), logics and actuators (such as valves). Under IEC 61508, these systems are referred to as E/E/PES “Electrical/ Electronic/ Programmable Electronic” systems that perform a functional safety objective.

Examples of Safety Instrumented Systems are:

  • Emergency Shutdown and Depressurisation Systems (ESD/EDP)
  • Unit Safeguarding Systems (SGS)
  • High Integrity Pressure Protection Systems (HIPPS)
  • Burner Management Systems (BMS)
  • Boiler Protection Systems (BPS)
  • Fire & Gas systems (F&G)

A Safety Instrumented System reduces risk by reducing the likelihood that a hazardous event occurs. A Safety Instrumented System does not reduce the impact of that event, if it occurs. To clarify this, we need to visualize things:

Sample risk evaluation tool

Consider the case where a HAZOP has found that there is an unacceptable risk of explosion as a result of pressure build-up in a vessel. The installation of pressure relief valves, that act as a “last line of defence” and release inventory to the flare or vent, reduces the likelihood of such an explosion, but not the impact if it does occur. This impact can however be limited by siting the plant in a remote area and by locating the Control Room away from the vessel. Lastly, a Safety Instrumented System can prevent pressure build-up in the vessel by halting a chemical reaction, by preventing flow into the vessel or by speeding up flow from the vessel. The SIS therefore reduce the likelihood of an accident occurring. The combined effect of these three safety measures may reduce the risk of this particular scenario to a “tolerable” or even “acceptable” level.

A Safety Instrumented System must be considered in the context of a particular site, with particular hazards and particular precautions. The desired SIL level of a safety function can therefore only be determined effectively by the process owner, rather than by a provider of Safety Instrumented Systems. At Beldick we are aware of the practical implications of this and are happy to participate in HAZOPs and similar events to discuss risk in order to determine required SIL levels for safeguarding loops.