SIS (safety instrumented system) basics
What is SIS?
An SIS is safety instrumented system, which takes control action to prevent the risks and safeguard a process when abnormal conditions are present.
An SIS loop will be implemented as single or multiple functions, and safety instrumented functions should be separate from the control hardware used to regulate the process. An SIS loop consists of SIS sensor, SIS controller, and final control elements for the purpose of taking a process to a safe state when predetermined conditions are violated.
SIS sensor:
The sensors in an SIS measure the process variable conditions that indicate a potential hazard. Many sensors that use a 4–20 milliamp (mA) analog current to signal the process variable also use the current level to signal an internal failure detected by the sensor’s automatic diagnostics. One common set of current values used for this purpose is based on the NAMUR NE-43 recommendation.
SIS Controller or Logic solver:
The logic solver must be configured to either vote the sensor failure signal to trip or annunciate the failure to the plant repair team so that the failure can be quickly repaired and correct operation restored. It is essential that the logic solver connected to these sensors be programmed to detect a current less than 3.6 mA or greater than 21 mA. A decision is then made to interpret this signal as a trip indication, or not.
An example of a safety-specific programming instruction is the GuardLogix DCSRT instruction, which compares two redundant input channels for agreement before activating a “start” bit which may be used to start some equipment function such as an electric motor:
SIS final control element:
A final control device which receives the signal from the logic device and implements appropriate action in the plant. Triggering a shutdown response from the logic solver, the final control elements must move with decisive and swift action.
SIL (SAFETY INTEGRITY LEVEL):
The Security Integrity Level (SIL) is a statistical representation of the integrity of the SIS when a process demand occurs. The purpose of the SIS is to reduce the risk, so the SIL levels can be defined in terms of the risk reduction factor (FRR). The safety standards require that the SIL assignment is carried out and documented carefully. If it is concluded that an SIS is required, ANSI / ISA-84.00.01 (IEC 61511 modified) and IEC 61508 require that a destination SIL be assigned to it