Safety integrity level (sil) – Flowserve MX Electronic Actuator SIL Safety IOM User Manual
Page 7

7
Limitorque MX Electronic Actuator FCD LMENIM2350-01 – 9/13
flowserve.com
FLOWSERVE PROPRIETARY INFORMATION
Use or disclosure of this information is subject to the restrictions on the title page of this document
2
Safety Integrity Level
(SIL)
The international standard IEC 61508 defines four Safety Integrity Levels (SIL) from SIL 1 to SIL 4. Each level provides
an expectation for the probability of a failure on demand for a given safety function. Higher SIL values indicate higher
integrity against random failure probability that a safety function will perform when required (see Table 1 for relative
comparisons) and higher integrity against systemic failures. The achievable SIL based upon random failure protection
has been determined by using the following safety parameters:
2.1 Failure Rates/Failure Modes
2.1.1 Safe, but Detected (
λ
SD
)
Rate per hour of failures that will result in a transition to the fail-safe state, but that will be detected and annunciated.
2.1.2 Safe, but Undetected (
λ
SU
)
Rate per hour of failures that will result in a transition to the fail-safe state, but that cannot be detected.
2.1.3 Dangerous, but Detected (
λ
DD
)
Rate per hour of failures that will prevent a transition to the fail-safe state when a demand occurs, but that will be detected
and annunciated.
2.1.4 Dangerous, but Undetected (
λ
DU
)
Rate per hour of failures that will prevent a transition to the fail-safe state when a demand occurs and that is not detected
during normal operation. These failures may be detected by PST.
2.2 Mission Time (T
mission
)
Expected operating lifetime expressed in hours for device to provide safety function (10, 15 or 20 years).
2.3 Partial Stroke Test (PST) Period
Minimum one PST per month ==> 730 hr
Failures can be uncovered during PST.