LAYER OF PROTECTION ANALYSIS FOR DETERMINING SAFETY INTEGRITY LEVEL

This paper describes the Layer of Protection Analysis (LOPA) method fo r determining the needed SIL (Safety Integrity Level) of a SIS (Safety Instrumented System). The paper also shows the relationship of LOPA t o other analysis methods for safety system requirements. Building on t he CCPS (Center for Chemical Process Safety) Guidelines for Safe Autom ation of Chemical Processes, this paper shows how to determine if addi tional safeguards are needed and how to determine the needed SIL of a SIS. LOPA is a tool that can be used after the HAZOP (HAZard and OPera bility Analysis), but before using fault tree analysis or quantitative risk analysis. Using a multi-disciplined team, the consequences ident ified in the HAZOP are listed as impact events and are classified for severity level. The initiating causes are listed for each impact event and a likelihood is estimated for each initiating cause. Independent Protection Layers (IPLs) are listed, including process design, basic p rocess control system, alarms and procedures, safety instrumented syst ems, and additional mitigation. Each IPL is assigned a Probability of Failure on Demand (PFD). A mitigated event likelihood is calculated by multiplying the initiating cause likelihood by the PFDs for the appli cable IPLs. The mitigated event likelihood is then compared to a crite rion linked to the corporation's criteria for unacceptable risk levels . Additional IPLs can be added to reduce the risk. The mitigated event likelihoods are summed to give an estimate of the risk for the whole process. (C) 1998 Elsevier Science Ltd. All rights reserved.