I received a great question today about the safety integrity level (SIL) of a distributed control system (DCS). In this case, the question was specific to the DeltaV system:
Can you please advise if the Emerson DeltaV DCS has a SIL rating i.e. ‘0’ or ‘1’? I understand that the DeltaV SIS has a SIL rating of ‘3’.
I turned to safety expert, Chuck Miller, whom you may recall from earlier process safety-related posts. I thought Chuck’s response was great and asked if I could share it in a blog post for others who may have similar questions. Chuck agreed and here was his response:
Any basic process control system or BPCS (DeltaV DCS included) is a SIL 0 technology.
Applying an uncertified technology to a safety application with a Risk Reduction Factor, as defined in IEC 61508, of 10 or above is not supported by the safety standards or mainstream philosophies. The lack of diagnostic coverage is the main factor that precludes most users from considering BPCS technology even to most low-level safety applications.
Companies who do choose to take this approach employ redundancy and software configuration to create “comparative diagnostic capabilities.” This often drives the cost well beyond purpose-designed safety technology. Even then, the Safe Failure Fraction may not be great enough to provide adequate risk mitigation without very frequent manual testing.
This in turn drives the lifecycle cost of the system up, up, and up. While the front-end costs (CapEx) may look good, the operations and maintenance (OpEx) cost cannot be supported in most cases.
This also creates implications on the Layers of Protection Analysis (LOPA) in more ways than can be described in this e-mail.
I hope this helps others with their IEC 61511 / ISA-84 safety lifecycle planning efforts.