The Spurious Trip Level™ Concept For Safety Functions

18 September 2007 · Dr. Michel Houtermans · 2 min read
functional safety

Safety Integrity Level (SIL) measures safety. But what about availability? The Spurious Trip Level (STL) fills this critical gap by quantifying the impact of unnecessary trips on your business.

The Missing Metric in Functional Safety

Functional safety standards such as IEC 61508 and IEC 61511 define how to achieve safety through Safety Integrity Levels (SIL). These standards focus on reducing the probability that a safety function fails when it is needed.

However, they do not address the opposite problem: safety functions activating when they are not needed.

The key question is: how do you measure the business impact of safety functions that trip too often?

Introducing the Spurious Trip Level (STL)

To address this gap, Risknowlogy introduced the Spurious Trip Level (STL)—a measurable metric that quantifies the performance of safety functions in terms of process availability.

STL complements SIL by focusing on asset protection, not just risk reduction.

Risknowlogy Insight: SIL protects people. STL protects your business. You need both.

SIL vs STL: Two Sides of the Same Coin

  • SIL (Safety Integrity Level): Measures the probability that a safety function fails on demand (PFD)
  • STL (Spurious Trip Level): Measures the probability that a safety function activates without demand (PFS)

A system designed only for high SIL may result in frequent unnecessary trips, causing downtime and financial losses. STL ensures that availability is also considered.

Understanding STL Quantitatively

STL is expressed through the Probability of Fail Safe (PFS), which represents the likelihood of a spurious trip caused by internal system failure.

STL Level Probability of Fail Safe (per year)
5 ≥ 10E-6 to < 10E-5
4 ≥ 10E-5 to < 10E-4
3 ≥ 10E-4 to < 10E-3
2 ≥ 10E-3 to < 10E-2
1 ≥ 10E-2 to < 10E-1

Linking STL to Business Impact

The higher the cost of a spurious trip, the higher the required STL level should be. STL enables organizations to align safety design with financial risk.

STL Level Typical Financial Impact of Spurious Trip
6 > €20M
5 €10M – €20M
4 €5M – €10M
3 €1M – €5M
2 €500k – €1M
1 €100k – €500k
None < €100k

Why STL Matters

In real operations, unnecessary trips:

  • Stop production and reduce revenue
  • Introduce risk during shutdown and startup phases
  • Increase operational and maintenance costs
  • Reduce confidence in safety systems

STL provides a structured way to balance safety availability and process availability.

Conclusion

Functional safety is not just about preventing dangerous failures—it is also about avoiding unnecessary interruptions.

SIL ensures that safety functions work when needed. STL ensures they do not act when they are not needed.

Together, they provide a complete framework for designing systems that are both safe and economically viable.

Go deeper — STL & Functional Safety

Learn how to balance safety and availability using SIL and STL in real-world system design.

Explore the course → Contact us
← Back to all articles
We use cookies
Cookie preferences
Below you may find information about the purposes for which we and our partners use cookies and process data. You can exercise your preferences for processing, and/or see details on our partners' websites.
Analytical cookies Disable all
Functional cookies
Other cookies
We use cookies to personalize content and ads, to provide social media features and to analyze our traffic. Learn more about our cookie policy.
Accept all Decline all Change preferences
Cookies