Click here to read the first entry in this blog series 

Once the Safety Integrety Level (SIL) of a product is found, it will be used FOUR ways:

1. To establish risk reduction requirements
2. Probabilistic limits for hardware random failure
3. Architectural constraints 
4. To establish systematic capability

To establish risk reduction requirements

Each safety function has a requirement to reduce risk.

Example of Risk Reduction:

PHA Determines that a specific hazard can occur every 10 years causing a major release of toxic fumes into the atmosphere. Determine the RRF for the hazard to occur once in 500 years.

RRF = 500/10 = 50 

To set probabilistic limits for hardware random failure

1. Random Failures
   - A failure occurring at a random time, which results from one or more of degradation mechanisms.
2. Systematic Failures
   - A failure related in a deterministic way to a certain cause, which can only be eliminated by a modification of the design or of the manufacturing process, operational procedures, documentation, or other relevant factors.

Where the random failure probability factors are:

1. Dangerous Undetected Failure Rate (FMEDA)
2. Proof Test Coverage
3. Proof Test Interval
4. Mission Time

PFDavg = (PTC)*DU*TI/2 + (1-PTC)*DU*MT/2
Where
PTC = Proof Test Coverage
DU = Dangerous Undetected Failures
TI = Proof Test Interval
MT= Mission Time

Determine Architectural constraints

Architectural constraints are established by following Route 1H or Route 2H.  Route 1H involves calculating the Safe Failure Fraction for the element.  A valve is typically one component of the final element of a safety instrumented function (SIF).
Route 1H - Safe Failure Fraction (SFF) according to 7.4.4.2 of IEC 61508.
                        Safe Failures / ( Safe + Dangerous Failures )
Route 2H  - Assessment of the reliability data for the entire element according to 7.4.4.3.3 of IEC 61508.

Establish systematic capability

The equipment used to implement any safety function must be designed using procedures intended to prevent systematic design errors.  The rigor of the required procedure is a function of SIL level.