IEC 61511 is the standard that set the requirements for Safety Instrumented Systems (SIF). As part of this standard, a SIF is required to act within adequate response time to bring the process or a system to a safe state. This is called response time of a SIF and the time available to act before anything dangerous happens is called process safety time (PST). (See part 1, part 2, part 3, part 5, part 6, part 7 and part 8 for more information).
PST calculation and definition is a mandatory requirement for all the instrumented functions to which IEC 61511 is applicable.
Review of calculation
After finishing PST calculation, it is very important that IPF/SIL classification team reviews the PST calculation in a meeting. This is to ensure that:
1- PST calculation is quality checked, assumptions and inputs are correct
2- Agree on the result and identify if PST calculation is acceptable or another rigorous calculation shall be carried out (only for the PST calculation that is debateable)
It is also a way to provide and make sure that any issues or problems in the calculation is identified before the IPF/SIF classification is completed.
Evaluation of PST result
At this stage, the SIF loop (sensor, logic solver and final element) are specified and bought. This means that failure rate data and response times are available.
One can calculate, the actual SIF loop response time by summing up all response times of SIF loop’s elements.
Now we will phase with three possibilities:
1- SIF response time is higher than PST calculated.
In this case the review team must decide if there is a need to the study before deciding to change in the design or add extra layer of protections to the system under review.
2- SIF response time is the same as the PST.
In this case the team must decide if this is acceptable and shall externally communicate and agree upon it with the client or certified body. Or team decides for another calculation or review the calculations again to identify if something is missed out.
3- SIF response time is less than PS.
In this case the design is acceptable. However you might distinguish and agree with your client about new SIFs and existing SIFs.
For an existing SIF this is acceptable as the SIF acts within the PST time to bring the system to safety. However for the new SIFs, it is a good idea to leave some room/margins between SIF response time and PST.
A good practice is to limit the SIF response time to 50 to 70% of PST.
In any case, it is better to discuss and agree this criteria with your client. In this way you will save time afterwards with redoing your calculation.