ConnectNow

Understanding calculations

SIL Master is a module that implements formulas from different standards to support PFDavg, PFH and STR calculations. The standards and technical report we use have limited architectures and use different assumptions. Therefor it s not always straightforward to understand how calculations work. 

Limited Architectures

The following architectures can be used to make calcuations. If the architecture is not there, it usually means the standard does not support that architecture and is not a limitation of SIL Master.

IEC 61508:2010
For PFDavg:
  • 1oo1
  • 1oo2
  • 1oo2D
  • 2oo2
  • 2oo3
For both PFH:
  • 1oo1
  • 1oo2
  • 1oo2D
  • 2oo2
  • 2oo3
ISA TR84:00.02
For PFDavg
  • 1oo1
  • 1oo2
  • 1oo3
  • 2oo2
  • 2oo3
  • 3oo3
For PFH
  • 1oo1
  • 1oo2
  • 1oo3
  • 2oo2
  • 2oo3
  • 3oo3

For STR
  • 1oo1
  • 1oo2
  • 1oo3
  • 2oo2
  • 2oo3
  • 3oo3
  • 3oo4

VDI/VDE 2180:2019
For PFDavg:
  • 1oo1
  • 1oo2
  • 1oo3
  • 2oo2
  • 2oo3

Formulas

SIL Master implements the formulas for the above architectures from the different standards. You can find the formulas here ADD LINK.



Subsystems based on PFD1oo1 values

Sometimes you have devices that are based on PFDavgvalues instead of failure rates (see devices). We implemented the formulas from VDI/VDE 2180:2019 to help you calculation other architectures when you have the PFDavg value of a 1oo1 design. If you have the PFD value of your 1oo1 device then you can calculate thee PFD values of the following architectures:
  • 1oo1
  • 1oo2
  • 1oo2D
  • 1oo3
  • 2oo3
  • 2oo2
  • 2oo4
  • 3oo3
Dangerous (PFD/PFH)
Calculations based on dangerous faliures:
  • When all subsystem devices have "failureRate" = "true" and their settingns are based on SD, SU, DD, DU:
    • Device PFD/PFH is calculated according to selected standard and selected architecture
    • Subsystem PDF/PFH is the max calculated value
  • When all subsystem devices have "failureRate" = "false" and their settings are based on PFD, PFH:
    • Device PFD/PFH based on selected architecture is calculated with the formulas for the selected architectures.
    • Same formulas are used both for PFD/PFH.
    • Subsystem PDF/PFH is the max calculated value.
  • When subsystem has mixed devices with "failureRate" = "true" and "failureRate" = "false":
    • If device has "failureRate" = "true" - we calculate device PFD/PFH_1oo1 according to selected standard and 1oo1 architecture. Then with calculated PFD/PFH_1oo1 we use formulas on page 11 according to selected architecture.
    • If device has "failureRate" = "false" - we use formulas on page 11 according to selected architecture.
    • Subsystem PDF/PFH is the max calculated value


Safe (STR)
Calculations based on safe failures: the tool calculates device STR according to selected standard and selected architecture. Subsystem STR is the max device STR.

FAQ

  • Q: When you design a safety function, can you mix subsystems based on different standards?
    A: No, from a probability calculation point of view a safety function can only be designed according to one standard. For each subsystem can select the standard to use for architectural constraints. 
  • Q: Why can we not design one safey function and calculate both PFDavg/PFH and STR at the same time?
    A: Because not all architectures are always available at the same time for both PFDavg/PFH and STR. For example if you 1oo2D exist in IEC 61508 but not in ISA TR84.00.002.

We use cookies
Cookie preferences
Below you may find information about the purposes for which we and our partners use cookies and process data. You can exercise your preferences for processing, and/or see details on our partners' websites.
Analytical cookies Disable all
Functional cookies
Other cookies
We use cookies to personalize content and ads, to provide social media features and to analyze our traffic. Learn more about our cookie policy.
Accept all Decline all Change preferences
Cookies