Frequently Asked Questions

We currently support MRT value greater than 4 hours. Values lower than 4 make the calculated PFD better (lower), but marginally at best. Consider the simplified equation:

We recommend that you set a longer limit for MTTR. If you cannot solve the problem within the assumed MRT, you will need to transition to the safe state. For example, if MRT=1 hour, and if the you assume a 1 hour MRT and for whatever reason the maintenance person is not available right away, you end up needing to shut the process down, whereas if you assumed 8 hours the PFDavg is virtually identical and you have more time to fix problems.

• Severe Service
• Valve Trip Open
• Tight Shutoff Required

For most SIFs, full stroke is sufficient to achieve the safe state, however, in some cases Tight Shutoff (ANSI Class IV and higher) is required. In that scenario, certain seat failures are an issue whereas, with a full stroke only this issue does not occur. The open on trip has different failure mechanisms as compared to the close on trip. The Severe Service represents applications where the valve is used at the edge (and a bit beyond) its specified operating profile.

The following images show the failure rates from SERH with different options. Note that for final elements, both, normal and partial stroke failure rates are shown).

ExSilentia V4 calculation engine supports only automatic channel count.

When you upgrade a ExSilentia V3 loop that uses manual channel count to a ExSilentia V4 engine, the automatic channel count check box is selected by default during the upgrade process.

Similarly, IEC 61508:2000 tables [per 61511-1 11.4.5]: looks like referring the Tables 2 and 3 (from IEC 61508-2:2000), the reference ‘per 61511-1 11.4.5’ is confusing

All SIFs are subject to IEC61511 directly, and not IEC61508. However, the Minimum Hardware Fault Tolerance tables in IEC61511 are lacking in some ways, therefore, you can apply the IEC 61508 tables if you have the data. The IEC61508 tables often yield better results, for many devices. The ability to use the IEC61508 tables, is granted in 11.4.5. IEC61511 allows for the use of IEC61508 tables.

Similarly, IEC 61511 appears like implying Route 2H.

Can you clarify the understanding for the items under ExSilentia V3 and V4 above. Also, clarify whether each one refers to Route 1H or Route 2H.

In ExSILentia 3, all are considered Route 1H only. In ExSILentia 4, all cases are Route 1H, unless all devices in the leg are qualified to support 2H, and all devices are Type A, or combine to have a Dangerous Coverage of >= 60%. Also, note if the 1H SILac is better than the 2H SILac, ExSILentia will still use the 1H SILac.

Are PVST Failure rates used in ExSilentia V4 Calculation?

ExSILentia 4 does not use the Failure Rates with PVST directly (“xxxP”). These failure rates may only be used to calculate the effective PVST coverage, that will be applied to the actual failure rates.

The older version of the standard allowed for automatic diagnostics to be considered continuous, if they occurred often. This allowed for adjustment of the input failure rates, as the failures that PVST can detect were detected instantly.

The newer version of the standard, and the only standard that ExSILentia 4 supports, requires that you always consider the interval of diagnostics. With this change, there is no longer an allowable condition where the PVST failure rates may be used as failure rates.

If you use the PVST failure rates and also apply a PVST coverage, you are taking credit for the PVST twice, which is incorrect as well as dangerous.

How is failure Rate SFF calculated?

To find the failure rate SFF total for a leg, sum each failure rate directly from each device in that leg, then use those sums in this SFF formula.

Or, the shorter version: