5th Thailand International Chemical Engineering and Chemical Technology Asia Conference (TNChE Asia 2026), Thailand
Hazardous scenarios such as fired heater overfiring or explosion, reactor runaway, pipeline overpressure, tank or vessel overfilling, cold breakthrough, and ground flare piping overpressure often rely on a Safety Instrumented Function (SIF) as the primary preventive safeguard, since no mechanical protection is available. These are high consequence events with the potential for multiple fatalities, escalation, and impact to the public. Therefore, the required Safety Integrity Level (SIL) for such functions is typically determined as SIL 2 or SIL 3 during a SIL determination workshop involving Process, Operations, Safety, and Instrumentation specialists, using methods such as Risk Graph, Risk Matrix, or Layer of Protection Analysis (LOPA) in accordance with IEC 61511.
First critical aspect is identification of Primary Final elements for complex SIF. Designing a SIF to meet SIL 2 or SIL 3 is relatively straightforward when only a single stream must be isolated to prevent the hazard. However, identifying appropriate primary final elements becomes challenging when multiple actions are required. This selection should be addressed during Process Hazard Analysis (PHA) studies.
While assigning SIL through LOPA, where initiating causes are aggregated to estimate the intermediate mitigated event likelihood without the SIF and compared with the target mitigated likelihood to determine the required Risk Reduction Factor (RRF) and SIL. Determining the extent to which causes can be aggregated while justifying low demand operation presents additional challenges for the PHA team.
This paper highlights the challenges in designing complex SIFs and emphasizes the need for stakeholder alignment to ensure designs are appropriate, optimal, and capable of meeting process safety requirements, avoiding false confidence in plant safeguards.