Safety Integrity Level (SIL)

In a safety integrity level study, the facilitator leads the team in analyzing the reliability of instrumentation of process and safety instrumented functions (SIF) and assigning SIL levels. These studies take into account the consequences of the hazards identified and the required instrumentation reliability.

A (SIF) is an instrumented function with a specified SIL necessary to achieve functional safety. It can be either a safety instrumented protection function or a safety instrumented control function. The safety instrumented system (SIS) consists of an engineered set of hardware and software controls which are especially used on critical process systems. The SIS is used to implement one or more SIFs. It is composed of any combination of sensors, logic solvers, and final elements. SIS is devoted to responding to an emergency situation. It consists of instrumentation for emergency shutdown and thus brings the process to a safe state in the event of upset conditions.

Examples of SIF include:

  • High high level of liquid (LPG) in a knockout drum, which initiates shutdown of emergency shutdown (ESD) inlet feed valve. This protects against liquid carry-over from entering a compressor suction line, which could result in compressor damage/disintegration and subsequent personnel hazards.
  • Another example could be closure of a vessel bottom outlet ESD valve to protect against a loss of containment situation on downstream piping/equipment, which could also lead to loss of containment/fire hazards.
  • Instrumented emergency shutdown systems including flammable gas, toxic gas and fire protection systems.

There are two standards pertinent to the concept of safety integrity levels:

  • IEC 61508 [IEC 61508, 2010] Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems
  • ANSI/ISA S84.01 [IEC 61511, 2003] Functional Safety – Safety Instrumented Systems for the Process Industry Sector

IEC 61508 and 61511 require that SIL values be assigned to the SIF of the SIS for processes that have insufficient mitigation from the potential hazards.

SIL stands for Safety Integrity Level. SIL is a measure of reliability of the respective SIS. There are four levels of SIL. SIL 1 represents the lowest and SIL 4 represents the highest level of safety integrity.

The table below provides SIL correlations with availability and Probability of Failure in Demand (PFD).

The terms ‘SIL’ and ‘availability’ represent the integrity of the SIS when a process demand occurs. Consider that a particular SIF is assigned a value of SIL, as an example. Assigning SIL 1 means that the level of risk is considered to be sufficiently low and the SIF with a 10% chance of failure (90% availability) is acceptable. The availability of 90% would mean that there would be one statistical failure of that SIF out of every 10 demands for that function. If this risk is not acceptable, the SIL may need to be raised to a level 2 or level 3. In other words, it might be more prudent to have a SIL corresponding to one failure in 100, 1000, 10000, or more demands, if it can be justified.


Safety Integrity Levels
SIL Availability Required Probability of

Failure on Demand PFD




4 >99.99% 0.00001 to 0.0001 100,000 to 10,000
3 99.90 – 99.99% 0.0001 to 0.001 10,000 to 1,000
2 99.00 – 99.90% 0.001 to 0.01 1,000 to 100
1 90.00 – 99.00% 0.01 to 0.1 100 to 10

Assign target SIL’s to the SIFs using one of the many methods:

  • Risk Graph
  • Layered Risk Matrix
  • Layer of Protection Analysis (LOPA)

Find out more about our SIL experience.