The main benefit to a business (set aside any “government regulator” issues for now, since that should not be very important) in implementing SIS standards is the consistency in understanding the safeguard level for an instrumented safety system. But, there are disadvantages to following “only” IEC 61508/61511. One disadvantage is that the PFDavg calculated for a SIF of a given SIL level is not always equal to the PFD (probability of failure on demand) for that entire instrumented IPL, since the SIL verification calculation does not require consideration of the specific human errors of leaving the SIF in bypass and the specific errors of common cause mis-calibrations, etc..  This is critical since usually for SIL 3, and in a major percentage of SIL 2 applications, the predominant mode of failure of the SIF is the human error (such as leaving the system in bypass).  So, we see many SIL 2 and SIL 3 specified when other, more effective solutions (non-instrumented solutions) would be better choices.  The best even-weighted approach is to follow the guidance by CCPS/AICHE for weighing all alternatives for acheiving tolerable risk; including SIS as one alternative (but not over-emphasizing SIS).  LOPA is a good tool (and one that is very widely accepted) for this even-handed approach.

With that said, the SIS standards were necessary to set the minimal critieria for interlocks.  Before these standards, nearly any configuration could be called an interlock (and implied as a safety-critical interlock); the SIS standards help us define the instrumented systems determine and implement them better and maintain them better.   But for SIL determination, the approaches for evaluating alternative protection layers are better defined by the risk assessment experts (not the instrumentation experts).

Attend PII’s training on SIS, to learn more.  Also, download the paper on this subject from