SIL levels in safety systems: selection of safety-rated components according to IEC 61508

Introduction to safety integrity levels in industrial equipment

Instrument Safety Systems (SIS) are a critical component of industrial processes where failure can have catastrophic consequences. Safety Integrity Levels (SIL) according to IEC 61508:2010 determine the probability of failure of safety systems and establish requirements for the reliability of components. For Ukrainian productions, mandatory compliance with DSTU IEC 61508-1:2018 and DSTU EN ISO 13849-1:2018 ensures compliance with European safety standards.

The correct selection of components with the appropriate SIL rating reduces the risk of accidents by 10-1000 times depending on the SIL level. Non-compliance with the requirements can cost the enterprise from 500,000 to 50,000,000 UAH in fines and suspension of production.

Scope and regulatory requirements

The IEC 61508:2010 standard applies to all electrical, electronic and programmable electronic (E/E/PE) safety systems in industry. In Ukraine, compliance is mandatory for:

• Chemical and petrochemical enterprises (according to Resolution of the CMU No. 804 of 2003)
• Metallurgical complexes with process temperatures over 1000°C
• Energy-generating installations with a capacity of more than 1 MW
• Gas transport systems with pressure over 16 bar
• Automated lines with robotic complexes

DSTU-P IEC/TR 61508-0:2018 sets additional requirements for the Ukrainian market, including a temperature range of -40°C to +70°C for outdoor installations.

Basic requirements of SIL standards

SIL certificates are valid for 3 years with mandatory verification every 18 months according to IEC 61511:2016.

Impact on maintenance operations

Implementation of SIL systems radically changes approaches to maintenance:

Document flow

Each SIL component requires log keeping in accordance with DSTU IEC 61511-1:2018 with a record of:

• Uptime to the nearest hour
• Operating conditions (temperature, humidity, vibration)
• Results of functional tests
• Component replacements with serial numbers

Service planning

Service intervals are determined not by calendar terms, but by statistical reliability calculations. For SIL 2 systems, the maximum test interval cannot exceed 12 months at PFDavg = 5×10⁻³.

Personnel qualifications

Technical personnel must be certified according to IEC 61511:2016. In Ukraine, TÜV, SGS and UkrSEPRO certificates with a validity period of 5 years are recognized.

Requirements for components and spare parts

Components for SIL systems must have appropriate certificates according to IEC 61508-2:2010:

Sensors and sensors

• Pressure sensors: SIL 2/3 with λDU ≤ 10⁻⁷ failures/hour
• Temperature sensors: accuracy class ±0.1% from SIL to SIL 3
• Level meters: HFT=1 (hardware fault tolerance) for SIL 3

Executive mechanisms

• Pneumatic valves: actuation time ≤2 seconds for SIL 2
• Solenoid valves: MTTR ≤8 hours
• Приводи: діагностичне покриття DC ≥90% для SIL 2

Electronic components

• PLC: 2oo3 architecture for SIL 3 applications
• Input/output modules: galvanic isolation 1500V
• Power supplies: N+1 redundancy for SIL 2

Compliance Checklist for Security Engineers

1. ☐ A hazard and risk analysis (HAZOP) was conducted in accordance with IEC 61882:2016
2. ☐ Defined target SIL levels for each safety function
3. ☐ Security Requirements Specification (SRS) developed according to IEC 61511-1:2016
4. ☐ System architecture selected (1oo1, 1oo2, 2oo3) according to target SIL
5. ☐ Checked SIL certificates of all components from suppliers
6. ☐ Calculated PFDavg for each safety loop
7. ☐ Functional testing intervals are set
8. ☐ Testing procedures have been developed according to IEC 61511-2:2016
9. ☐ A maintenance plan is created, taking into account the SIL requirements
10. ☐ Staff trained in procedures for working with SIL systems
11. ☐ A change management system for modifications is in place
12. ☐ Bypass and override procedures are developed
13. ☐ A plan for the management of obsolete components has been created
14. ☐ Validation and verification procedures are established
15. ☐ A data collection system on refusals has been established
16. ☐ Emergency procedures in case of failure of SIL systems have been developed
17. ☐ A documentation archive with a storage period of 10 years has been created
18. ☐ Responsible persons are appointed for each SIL circuit
19. ☐ Audit and inspection procedures are established
20. ☐ A plan for the modernization of outdated systems has been developed

Typical violations during inspections

The analysis of 150+ audits of Ukrainian enterprises for 2022-2024 revealed the most common shortcomings:

Technical violations (78% of cases)

• Using non-qualified components instead of SIL certified ones
• Violation of functional testing intervals (average exceeding 40%)
• Improper calibration of sensors (deviation over ±2%)
• No redundancy for critical SIL 2/3 functions

Documentary violations (65% of cases)

• Incomplete safety documentation according to IEC 61511-3:2016
• No records of functional tests
• Outdated drawings and diagrams (more than 2 years old)
• Irrelevant service procedures

Organizational deficiencies (52% of cases)

• Non-certified personnel to work with SIL systems
• Lack of change management procedures
• Inadequate control of spare parts suppliers

Penalties and liability for non-compliance

According to the Code of Ukraine on Administrative Offenses and the Law "On Labor Protection":

Administrative fines

• Violation of industrial safety requirements: UAH 3,000-17,000 for officials
• Operation of equipment without SIL certificates: UAH 8,500-25,500
• Non-compliance with maintenance schedules: UAH 1,700-8,500
• Lack of staff training: UAH 1,700-3,400

Suspension of activity

The State Industrial Supervision Service has the right to suspend the operation of the enterprise for a period of up to 3 months if critical violations of security systems are detected. The average loss of profit is UAH 50,000-500,000 per day of downtime.

Civil liability

При аваріях внаслідок неналежного функціонування систем SIL підприємство несе повну матеріальну відповідальність. Insurance companies can deny payments if safety standards are not met.

Important: responsibility for SIL systems is borne by the head of the enterprise personally in accordance with Article 21 of the Law "On Occupational Safety".

Conclusions and recommendations

SIL systems are a mandatory requirement for modern industrial production in Ukraine. Correct selection of certified components and adherence to maintenance procedures reduce the risk of accidents and ensure compliance with international standards.

Key factors of successful implementation:

• Use of exclusively certified components with confirmed SIL characteristics
• Regular staff training and professional development
• Careful documentation and implementation of testing schedules
• Cooperation with reliable suppliers of spare parts

UNITEC-D GmbH offers a complete range of certified components for SIL systems from leading European manufacturers. All items have current CE and UkrSEPRO certificates with technical support from our engineers.

To select components according to the requirements of your SIL system, visit the UNITEC-D catalog or contact our technical specialists.

Literature and normative documents

• IEC 61508:2010 "Functional safety of electrical/electronic/programmable electronic safety-related systems"
• IEC 61511:2016 "Functional safety - Safety instrumented systems for the process industry sector"
• DSTU IEC 61508-1:2018 "Functional safety of electrical/electronic/programmable electronic systems"
• DSTU EN ISO 13849-1:2018 "Safety of machines. Parts of control systems related to safety"
• DSTU-P IEC/TR 61508-0:2018 "Functional safety. Guidelines for the use of IEC 61508"
• Resolution of the CMU No. 804 of 2003 "Procedure for conducting an industrial safety examination"
• Law of Ukraine "On Labor Protection" dated 14.10.1992 No. 2694-XII