Getting the SIL level right for automated systems

A Safety Integrity Level (SIL) is a measure of performance or dependability for systems featuring safety functions. Barry Weller, Product Manager at Mitsubishi Electric, looks at what SILs are and how to determine your application safety requirements.

Automated Safety Instrumented Systems (SISs) are becoming widespread, because they can prevent or mitigate hazardous events in various situations. When a process exceeds given conditions, they move it to a safe state. SISs offer different levels of protection, so it is important to know what Safety Integrity Level an application needs.

SILs are measures of performance or dependability for systems featuring safety functions. IEC61508 standards on “Functional safety of electrical / electronic / programmable electronic safety-related systems”, defines four SIL bands. The higher the SIL number, the higher the required protection.

There are different ways to determine the Safety Integrity Level requirements of a given application. IEC 61508 describes both quantitative and qualitative methods to define the appropriate SIL. Common approaches include risk graphs or matrices, fault tree analysis or layers of protection analysis.

As the SIL level increases, system costs and system complexity also tend to increase. Thus, considering the lowest appropriate SIL for the application may have significant financial benefits.

Furthermore, the applied SIL level refers to the total system configuration. The design of the system architecture and redundancy at the device level are all factors that affect the SIL rating. Most systems needing a SIL level rarely need certification above SIL 2, but it depends on the application and risk.

Importance of SIL 2

The most important aspect that Safety Integrity Level 2 SISs address is the uninterrupted control and regulation of relevant machinery. Known as – ‘equipment under control’ – by a safety controller, it helps avoid any risky downtime. As a result, control systems must feature redundant CPUs and power supplies, redundant network communications infrastructures and processing units. In this way, in the case of equipment failure, the system can maintain its availability and continue to safe operation.

For example, road and rail tunnel ventilation must work when called upon during static traffic conditions or emergency situations. Redundant control systems provide high availability and instant switchover to ensure continuous and safe operations. A proprietary SIL compliant PLC platform coupled with a fast and reliable redundant communications network achieves this.

Mitsubishi Electric’s latest SIL 2-certified solution, MELSEC iQ-R PLC series for example, uses a modular structure. This supports pairing it with extra CPUs and power supply modules to ensure system redundancy. Also, redundant Ethernet communications can be set up providing a single IP address for both control and standby systems.

Mitsubishi Electric’s PLCs in SIL 2 applications enable users can also enjoy improved system responsiveness, through its high-speed CPUs. Furthermore, its CC-Link IE network technology offers network redundancy and 1 Gbit/s network speeds to enhance performance across the network.

Equipment under control

Therefore, solutions like the MELSEC iQ-R for Safety Integrity Level 2 that combine process control and process safety are becoming more popular. SISs regulate correct operation of Equipment Under Control (EUC) by collecting and processing relevant data under normal and emergency conditions. Based on the results obtained, the process and safety controllers communicate with EUC to get pre-set safe conditions.

Mitsubishi Electric’s SIL 2 controllers enable end-users to slash their total cost of ownership (TCO). The iQ-R Series Process Automation Controllers (PAC) offer the reliability and functionality of by more costly Distributed Control Systems (DCS). This is a clear example of how the world of equipment safety is advancing, providing more reliable, available and flexible solutions, so staying up to date is essential to futureproof automation system integration practices. It demonstrates how safety controllers provide reliable, available and flexible solutions essential to futureproof automation system integration practices.

Leave a Reply