Safety Instrumented System (SIS) and safety PLC
- In accordance with IEC 61511 and IEC 61508
- From SIL classification to safe execution
- Safety separated from regular process control
What is a Safety Instrumented System?
A Safety Instrumented System (SIS) is an independent safety system that automatically brings a process to a safe state as soon as a critical limit is exceeded. The SIS is separate from regular process control and consists of three links: sensors that monitor the process, a logic solver (the safety PLC) that executes the safety logic, and end elements such as valves that intervene. Each SIS performs one or more safety instrumented functions, each with a required Safety Integrity Level (SIL) that indicates how reliable the function must be. In the process industry, these systems are designed and assessed according to IEC 61511.
An SIS thus forms a separate layer of protection on top of the normal control. It is precisely this separation between process control and process safety that makes the system reliable: a failure in the regular control should never be able to affect the safety function. Including the safety architecture early on in the design creates a manageable and reproducible setup that meets the requirements of modern process environments.
Functional safety has two worlds. For machines and plants, machine safety applies, expressed in Performance Levels. For process installations, process safety applies, expressed in SIL. This page deals with the process side.
Panel Building Pioneers for Mechanical Engineering
With the precision of a watchmaker and the agility of an acrobat, Kwadrant IA is committed to creating custom electrical panels for mechanical engineering. As a resilient player in panel building, we move quickly without sacrificing quality or durability. Step into our world of innovation and discover how we can take your mechanical engineering projects to the next level.
The structure of an SIS: sensor, logic solver, end element
Each Safety Instrumented System follows the same chain, known as Sensor, Logic Solver, Final Element.
- Sensors: transmitters and level switches monitor pressure, level, temperature or flow and signal when a limit is approached.
- Logic solver (safety PLC): the safety PLC processes the signals and executes the safety logic. Unlike a standard PLC, the hardware and software are set up for fault detection, diagnosis and fail-safe behavior.
- End elements: valves, valves and actuators physically bring the process to a safe state.
Why a safety PLC and not a standard PLC?
A safety PLC differs from a standard PLC in that both the hardware and software are designed for fault detection, diagnosis and safe fault handling. Whereas a standard PLC is optimized for process control, a safety PLC is designed to always go to a predefined safe state in the event of a fault, the fail-safe principle. To this end, the safety PLC features internal redundancy and continuous self-diagnosis, and is certified according to IEC 61508.
In practice, both PLC types often work side by side, with a clear separation of duties. The regular control controls the normal process, while the safety PLC performs only the safety logic. This separation prevents a failure in the process control from affecting the operation of the safety function.
SIL levels and the IEC 61511 standard
The Safety Integrity Level (SIL) indicates how reliable a safety function must be: the higher the SIL, the lower the allowable probability of failure. The standard distinguishes four levels, SIL 1 through SIL 4, each of which has a range for the Probability of Failure on Demand (PFD) and a required Hardware Fault Tolerance. Thus, a higher SIL requires not only more reliable components, but also more redundancy and better fault detection in the architecture.
What SIL is needed does not follow from an assumption but from a risk analysis. In the process industry, this is usually done through a HAZOP (Hazard and Operability Study), followed by a LOPA (Layer of Protection Analysis), which determines how much risk reduction the Safety Instrumented System must provide. The outcome, the required safety functions with their SIL, is defined in a Safety Requirements Specification (SRS), which forms the basis for the design.
This approach falls under IEC 61511, the standard for functional safety in the process industry, which is derived from the overarching IEC 61508. Both standards follow the idea of the Safety Lifecycle: from risk analysis and design, through realization and commissioning, to the operational phase with periodic pilot tests demonstrating that the system maintains its SIL.
Note the distinction with machine safety. For machinery, the Performance Level according to EN-ISO 13849 applies, while SIL and IEC 61511 belong to the process industry.
CONTACT US
Where is an SIS applied?
Safety Instrumented Systems are deployed where process risks can have major consequences for people, plant and environment.
- Emergency shutdown (ESD): Safe shutdown of a plant during hazardous process conditions.
- Process protection: Monitoring against exceeding pressure, level or temperature.
- Fire & gas systems: Fire or gas detection and intervention.
- Boiler and burner protection: safe shutdown of combustion processes.
These systems are mainly found in the petrochemical, energy, food-processing, marine and offshore industries. In ATEX environments, the safety controller is part of an explosion-proof overall design.
Years of experience in the field of industrial automation
Industrial automation with international standards
Industrial automation requires more than just a correctly constructed panel. We start with the architecture of the system and make conscious choices in component selection, standardization and scalability. By fully mastering engineering, panel construction and integration, we realize control systems that perform reliably in demanding industrial environments. From modular construction to international compliance, every detail is focused on quality, longevity and manageable Total Cost of Ownership.
We do not build standard solutions, but technically sound systems that match the complexity of modern mechanical engineering.
Kwadrant IA as a partner for functional safety
Kwadrant IA designs and builds control systems that include functional safety from the very beginning. From the translation of the risk analysis into a Safety Requirements Specification, via the engineering (often with EPLAN) and panel construction of the safety system according to NEN-EN 61439 and UL 508A, to validation with a Factory Acceptance Test and Site Acceptance Test. With engineering, panel building and software in-house, the separation between process control and safety remains guaranteed, with open calculation, a quotation within five working days and UL/CSA in-house for international projects.
With experience in petrochemical, marine and offshore, infrastructure and water management, among others, this approach suits a variety of process plants.
Frequently asked questions about Safety Instrumented Systems
What is a Safety Instrumented System (SIS)?
An SIS is an independent safety system that automatically brings a process to a safe state in the event of a critical deviation. It consists of sensors, a logic solver (safety PLC) and end elements, and performs one or more safety instrumented functions.
What is the difference between an SIS and a DCS or standard controller?
The regular control (such as a DCS) controls the normal process; the SIS intervenes only if safety is compromised. The two are deliberately separated so that a failure in the process control cannot affect the safety function.
What does SIL mean in a Safety Instrumented System?
SIL (Safety Integrity Level) indicates how reliable a safety function must be, expressed in terms of the allowable failure rate. The required SIL follows from a risk analysis and is realized according to IEC 61511.
What is the difference between IEC 61511 and IEC 61508?
IEC 61508 is the umbrella standard for functional safety; IEC 61511 is its application specifically to the process industry. Component manufacturers work according to 61508, while the design of an SIS in a process plant is covered by 61511.
What is the difference between SIL and Performance Level (PL)?
SIL belongs to the process industry (IEC 61511 and 61508), PL belongs to machine safety (EN-ISO 13849). Both express the reliability of a safety function, but within different standards frameworks.
