Control Systems for SIL 1 Safety Applications?

I received a great question today about the safety integrity level (SIL) of a distributed control system (DCS). In this case, the question was specific to the DeltaV system:

Can you please advise if the Emerson DeltaV DCS has a SIL rating i.e. ‘0’ or ‘1’? I understand that the DeltaV SIS has a SIL rating of ‘3’.

I turned to safety expert, Chuck Miller, whom you may recall from earlier process safety-related posts. I thought Chuck’s response was great and asked if I could share it in a blog post for others who may have similar questions. Chuck agreed and here was his response:

Any basic process control system or BPCS (DeltaV DCS included) is a SIL 0 technology.

Applying an uncertified technology to a safety application with a Risk Reduction Factor, as defined in IEC 61508, of 10 or above is not supported by the safety standards or mainstream philosophies. The lack of diagnostic coverage is the main factor that precludes most users from considering BPCS technology even to most low-level safety applications.

Companies who do choose to take this approach employ redundancy and software configuration to create “comparative diagnostic capabilities.” This often drives the cost well beyond purpose-designed safety technology. Even then, the Safe Failure Fraction may not be great enough to provide adequate risk mitigation without very frequent manual testing.

This in turn drives the lifecycle cost of the system up, up, and up. While the front-end costs (CapEx) may look good, the operations and maintenance (OpEx) cost cannot be supported in most cases.

This also creates implications on the Layers of Protection Analysis (LOPA) in more ways than can be described in this e-mail.

I hope this helps others with their IEC 61511 / ISA-84 safety lifecycle planning efforts.

GreenPodcast.gif MP3 | iTunes

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.


  1. Mohsin Jamil says:

    ABB 800xA controller claim to be SIL-2 in simplex form which is normally used as BPCS .I suggest that for projects with low rating SIL loops it is better to opt for such system which can serve both functions of BPCS abd Safety system

    • Thanks for your comment Mohsin. From my understanding checking with a colleague, there is a separate 800M controller for SIL-rated applications. If one is willing to use a SIL-certified platform to run BPCS logic, this should be an option, but its important to remember that to fulfill the standards, one still needs to have separate application, which will save some spare parts spending, but project implementation tends to be much higher.

  2. Is there a drive (AFD) that carries a SIL rating (specifically SIL1) that you are aware of?

Leave a Reply