Académique Documents
Professionnel Documents
Culture Documents
Bud Adler
Mike Scott, PE, CFSE Director, Business Development
V P, Process Safety Process Safety Systems
AE Solutions AE Solutions
Greenville, SC 29616 Lake Mary, FL 32746
KEYWORDS
Safety Instrumented System, SIS, Logic Solver, ANSI/ISA 84, IEC 61508, IEC 61511, Safety
PLC, Redundant Architecture, Lifecycle Cost, Benefit-to-Cost Ratio
ABSTRACT
Throughout the industrial process control industry Safety Instrumented Systems are becoming
high profile. Most companies have accepted that the performance-based standards such as
ANSI/ISA 84.01, IEC 61508 and IEC 61511 are here to stay and that conformance is not
optional. A growing number of instrumentation manufacturers have recognized the steadily
increasing interest that this market has shown in bringing their plants into conformance with
the standards. They have responded by introducing a wide range of products that are “suitable
for use” in Safety Instrumented Systems (SIS). These products include sensors, transmitters,
valves and valve positioners and a wide range of logic solvers.
Most users have little concern about being able to select a proper sensor, transmitter or valve
positioner but when it comes to choosing from the vast array of logic solvers, they often do
not know how to make a proper decision. The problem is clear when you consider the range
of choices for Logic Solvers that range from the relatively simple alarm trip architectures up
through the wide variety of safety PLCs offered by about twenty different manufacturers.
These PLC architectures cover the scale from simple one-out-of-one (1oo1) architectures up
through triple and quadruple redundant systems with differing degrees of self-diagnostics.
With all of these choices, how is a control engineer supposed to pick the “best” system for his
project and / or plant standard? If he errors on the side of conservatism, he may cost his
company tens of thousands of wasted dollars by selecting a more sophisticated system than is
warranted by the application. And, even worse, a simplistic system may not be in
conformance with the standards and could place human life at unnecessary risk. The problem
is exacerbated when all factors of lifecycle costs are considered.
INTRODUCTION
Once you’ve completed your risk analysis, performed initial conceptual design and completed
some Safety Integrity Level calculations you may think that your work is complete?
However, there are other issues to consider. What about the economics of the project? Which
Safety Instrumented System architecture optimizes costs through increased availability and
reduced nuisance trips? Is the Safety Instrumented System even a sound financial investment
for the facility? For instance consider the following simple scenario:
Is it a sound investment to purchase a flood insurance policy for the above event? Assuming
a 6% discount rate and home ownership for ten (10) years, a Future Value calculation yields a
cost of $13,181. Thus, the insurance policy as stated above would cost more than the actual
event. If one can analyze the above scenario, why not apply similar logic to review a
proposed Safety Instrumented System design?
This paper will highlight a five (5) step methodology, which can be applied to perform
economic analysis on Safety Instrumented Systems to ensure the “best” system has been
selected
1. Step 1 – Select an architecture for the SIS for evaluation (sensors, logic solver and
final elements)
2. Step 2 – Perform SIL Calculations to determine Probability of Failure on Demand
Average (PFDavg) and Mean Time To Fail Safe (MTTFS) based upon a given
Functional Test Interval
3. Step 3 – Calculate Lifecycle Cost in terms of Net Present Value (NPV)
4. Step 4 – Calculate Benefit-to-Cost Ratio
5. Repeat above steps for each possible SIS architecture being considered for the project
Note: Steps 1 and 2 represent tasks associated with the Safety Lifecycle and are typically
already being performed by designers of Safety Instrumented Systems.
Perform SIL
Calculations (PFDavg
Calculate Lifecycle
Calculate Benefit-to-Cost
Ratio
No Benefit Yes
To Cost >
1.0
No Lowest Yes
Lifecycle
Cost?
LIFECYCLE COST
Lifecycle Cost is a technique that allows those responsible for system selection to consider all
of the costs incurred over the lifetime of the Safety Instrumented System rather than just the
initial purchase costs. This is especially important where the cost of equipment failure can be
significant. The intent of this evaluation is to include all costs of procurement and ownership
A Lifecycle Cost evaluation can show one how to minimize overall cost of ownership by
initially selecting the “best” Safety Instrumented System architecture. The evaluation
considers the costs for: design, purchase, installation, start-up, functional testing, energy,
repair, a failure event, and lost production. To obtain the complete Lifecycle Cost, all yearly
operating costs are converted to “present value”. All future expenses are converted into their
current valve, accounting for discount rate (interest / inflation). Initial costs and the present
yearly costs are added to obtain total Lifecycle Cost. Refer to reference [5] for additional
information regarding Lifecycle Cost calculations. The proposed architecture for each Safety
Instrumented System should be evaluated for minimum Lifecycle Cost.
Lifecycle Costs
Procurement Costs Description
System Design Engineering costs associated with Front End Loading and
Detailed Design
Purchase Cost of Equipment including Factory Acceptance Testing
and shipping
Installation Construction costs associated with SIS
Start-up Commissioning, PSAT and Initial Functional Testing of
SIS
Operating Costs Description
Engineering Changes Engineering costs associated with maintenance
Consumption Power, spares parts, instrument air, etc.
Maintenance Inspection, Functional Testing
Cost of System Failure Description
Lost Production Cost of lost production
Asset Loss Cost of lost equipment
BENEFIT-TO-COST RATIO
Another tool to determine if the “best” Safety Instrumented System architecture has been
selected is to calculate the ratio of benefits to costs on a financial basis. If the ratio is greater
than one, the system is cost effective. For example if a system has a Benefit-to-Cost Ratio of
1.5, for every $1.00 invested, the system will return $1.50.
SAMPLE PROBLEM
The following sample problem will highlight how economic analysis must be an integral part
of the overall SIS architecture selection / design process.
A company has completed their initial risk analysis and SIL selection exercises associated
with a batch reactor. The team identified a single SIF for this particular unit operation. The
results are as follows:
The SIL Selection process included a Layer of Protection Analysis (LOPA). Based upon the
above information the SIS Engineer needs to perform the following:
Thus, the SIS Engineer needs to answer the following questions about the “best” design:
1. Sensors: transmitters versus switches and associated architecture (1oo1, 1oo2, 2oo3,
etc)
HV
100
PT
101 To Safe Location
Feed
PSV
FCV 102
Reactor
Using the steps highlighted in Figure 1 Economic Analysis Flowchart, the following analysis
was completed. To underscore the importance of cost of ownership the analysis shall be
completed for two (2) different nuisance trips cost scenarios (cost of nuisance trip is $10,000
and $150,000). In addition two (2) different cost of the event shall be evaluated (rupture of
vessel costs $1,000,000 and $12,000,000).
This was the first Safety Instrumented System to be installed in this particular area of the
plant. As such, the SIS Engineer decided to evaluate a wide variety of options with respect to
the architecture of the new SIS. Thus, the following options were to be evaluated:
The SIS Engineer completed the following SIL calculations based upon the following design
conditions:
Note: Based upon the need to meet SIL 2 options 1a, 1b, 3a, 3b, and 4a have been eliminated
from further analysis since they could not reach SIL 2.
To calculate the Lifecycle Costs several additional pieces of information are required. For
this sample problem, the following data was utilized:
Table 4 – SIS Lifecycle Cost Analysis Summary - $10,000 Nuisance Trip Cost
Table 5 – SIS Lifecycle Cost Analysis Summary - $150,000 Nuisance Trip Cost
The above two tables underscore how the cost of a nuisance trip can dominate the overall cost
of ownership. In Table 4 with a nuisance trip cost being assumed to be $10,000, the best SIS
architecture consists of redundant pressure transmitters, current switches and valves tested
every 24 months. In Table 5 with a nuisance trip cost being assumed to be $150,000, the best
SIS architecture consists of redundant pressure transmitters, 1oo2D Safety PLC and 1oo2
Shutoff Valves tested every 24 months. Note depending upon actual costs utilized, the results
will vary and different SIS architectures may prove to be “best” for your project.
To calculate the Benefit-to-Cost ratio several additional pieces of information are required
and typically are available as a result of completing the SIL Selection process. For this
sample problem, the following data was utilized:
Note: To underscore importance of costs in overall analysis, two different event costs were
evaluated as well as two different cost of a nuisance trip.
Table 6 – SIS Benefit-to-Cost Ratio Analysis Summary - $10,000 Nuisance Trip Cost
Nuisance
Cost SIS Cost NT B-C
Cost NT EV No SIS EV SIS FNo SIS PFDavg FSIS Trip Rate
(per yr) (per yr) Ratio
(Yrs)
Case
2a $11,150 $10,000 $1,000,000 $1,000,000 0.020000 1.48E-03 0.00002960 6.84 $ 1,462 1.79
2b $7,523 $10,000 $1,000,000 $1,000,000 0.020000 3.92E-03 0.00007840 6.94 $ 1,441 2.65
3c $11,078 $10,000 $1,000,000 $1,000,000 0.020000 4.09E-04 0.00000818 10.11 $ 989 0.95
3d $7,462 $10,000 $1,000,000 $1,000,000 0.020000 1.37E-03 0.00002740 10.24 $ 977 1.14
4b $11,477 $10,000 $1,000,000 $1,000,000 0.020000 2.22E-03 0.00004440 4.25 $ 2,353 0.93
5a $14,249 $10,000 $1,000,000 $1,000,000 0.020000 7.29E-04 0.00001458 10.63 $ 941 0.82
5b $10,630 $10,000 $1,000,000 $1,000,000 0.020000 1.95E-03 0.00003900 10.79 $ 927 0.97
6a $15,875 $10,000 $1,000,000 $1,000,000 0.020000 7.30E-04 0.00001460 10.99 $ 910 0.77
6b $12,259 $10,000 $1,000,000 $1,000,000 0.020000 1.95E-04 0.00000390 11.14 $ 898 0.90
Cost Nuisance
Cost Cost NT B-C
Case SIS (per EV No SIS EV SIS FNo SIS PFDavg FSIS Trip Rate
NT (per yr) Ratio
yr) (Yrs)
2a $128,299 $150,000 $12,000,000 $12,000,000 0.020000 1.48E-03 0.00002960 6.84 $ 21,930 0.86
2b $78,966 $150,000 $12,000,000 $12,000,000 0.020000 3.92E-03 0.00007840 6.94 $ 21,614 1.04
3c $119,656 $150,000 $12,000,000 $12,000,000 0.020000 4.09E-04 0.00000818 10.11 $ 14,837 0.89
3d $70,488 $150,000 $12,000,000 $12,000,000 0.020000 1.37E-03 0.00002740 10.24 $ 14,648 1.09
4b $99,449 $150,000 $12,000,000 $12,000,000 0.020000 2.22E-03 0.00004440 4.25 $ 35,294 0.96
5a $121,950 $150,000 $12,000,000 $12,000,000 0.020000 7.29E-04 0.00001458 10.63 $ 14,111 0.88
5b $72,755 $150,000 $12,000,000 $12,000,000 0.020000 1.95E-03 0.00003900 10.79 $ 13,902 1.08
6a $123,018 $150,000 $12,000,000 $12,000,000 0.020000 7.30E-04 0.00001460 10.99 $ 13,649 0.88
6b $73,856 $150,000 $12,000,000 $12,000,000 0.020000 1.95E-04 0.00000390 11.14 $ 13,465 1.07
As can be seen by the above Benefit-to-Cost numbers, not all architectures represent a sound
financial investment.
CONCLUSION
Based upon the scenarios evaluated it is readily apparent that one cannot simply stop at
completing a SIL calculation to determine if the required SIL has been achieved. Fourteen
(14) different SIS architectures were reviewed and of these designs only nine (9) met the
required SIL requirements. Upon further review, only two SIS architectures were clearly the
“best” in that they minimized cost of ownership, as well as, had a Benefit-to-Cost Ratio > 1.0.
These SIS architectures were as follows:
Case SIS Architecture Nuisance Event Cost Lifecycle B-C Ratio Savings
Trip Cost
3d Xmtr (1oo2) $10,000 $1,000,000 $111,924 1.14 $126,206
Current Switch
(1oo2)
Valve (1oo2)
5b Xmtr (1oo2) $150,000 $12,000,000 $1,091,326 1.08 $833,164
Safety PLC
(1oo2D)
Valve (1oo2)
DISCLAIMER
REFERENCES
3. IEC 61511, Functional Safety: Safety Instrumented Systems for the Process Industry
Sector, Parts 1-3, Geneva: International Electrotechnical Commission, 2003.
5. Goble, W.M., Control Systems Safety Evaluation & Reliability, 2nd Edition, ISA, 1998
6. Barringer, H. P, Life Cycle Cost and Good Practices, NPRA Maintenance Conference,
1998
7. Marszal, E & Scharpf, E, Safety Integrity Level Selection – Systematic Methods Including
Layer of Projection Analysis, 2002, ISA, Research Triangle Park, NC
1oo1 1-out-of-1
1oo1D 1-out-of-1 D (D for extensive self-diagnostics)
1oo2 1-out-of-2
1oo2D 1-out-of-2 D (D for extensive self-diagnostics)
2oo3 2-out-of-3
IEC International Electrotechnical Commission
MTTFS Mean Time To Fail Spurious
NPV Net Present Value
FV Future Value
PFDavg Average Probability of Failure on Demand
PLC Programmable Logic Controller
RRF Risk Reduction Factor
SIF Safety Instrumented Function
SIL Safety Integrity Level
SIS Safety Instrumented System