beautypg.com

Safety integrity level (sil) – Flowserve MX Electronic Actuator SIL Safety IOM User Manual

Page 7

background image

7

Limitorque MX Electronic Actuator FCD LMENIM2350-01 – 9/13

flowserve.com

FLOWSERVE PROPRIETARY INFORMATION

Use or disclosure of this information is subject to the restrictions on the title page of this document

2

Safety Integrity Level

(SIL)

The international standard IEC 61508 defines four Safety Integrity Levels (SIL) from SIL 1 to SIL 4. Each level provides
an expectation for the probability of a failure on demand for a given safety function. Higher SIL values indicate higher
integrity against random failure probability that a safety function will perform when required (see Table 1 for relative
comparisons) and higher integrity against systemic failures. The achievable SIL based upon random failure protection
has been determined by using the following safety parameters:

2.1 Failure Rates/Failure Modes

2.1.1 Safe, but Detected (

λ

SD

)

Rate per hour of failures that will result in a transition to the fail-safe state, but that will be detected and annunciated.

2.1.2 Safe, but Undetected (

λ

SU

)

Rate per hour of failures that will result in a transition to the fail-safe state, but that cannot be detected.

2.1.3 Dangerous, but Detected (

λ

DD

)

Rate per hour of failures that will prevent a transition to the fail-safe state when a demand occurs, but that will be detected
and annunciated.

2.1.4 Dangerous, but Undetected (

λ

DU

)

Rate per hour of failures that will prevent a transition to the fail-safe state when a demand occurs and that is not detected
during normal operation. These failures may be detected by PST.

2.2 Mission Time (T

mission

)

Expected operating lifetime expressed in hours for device to provide safety function (10, 15 or 20 years).

2.3 Partial Stroke Test (PST) Period

Minimum one PST per month ==> 730 hr

Failures can be uncovered during PST.