Allocate required risk reduction across BPCS, alarms, SIS, and non-SIS layers per IEC 61511 Cl.9
Phase 2 allocates the required risk reduction from Phase 1 across the various protection layers — BPCS, alarms, operator response, mechanical relief, SIS, plant emergency response. LOPA (Layer of Protection Analysis) is the dominant method, with IPL credit governed by CCPS LOPA Guidelines.
Allocation discipline prevents the SIL-3-everywhere capex pattern. A well-allocated layered protection scheme uses cheaper, more reliable independent layers before reaching for SIL-rated SIFs.
Phase 2 outputs feed Phase 3 (SRS) with SIL targets per SIF and inform Phase 4 (Design) on architecture requirements. It also touches Process Knowledge Management for IPL inventory.
A focused 6-step methodology calibrated to deliver allocation of safety functions to protection layers as a working capability — not a documented compliance artefact.
Set up LOPA per scenario from Phase 1; identify initiating event frequency and target tolerable frequency.
Catalogue protection layers — BPCS, alarms, operator response, mechanical relief, SIS, ER; assess each for IPL eligibility.
Apply CCPS four-part test — independence, dependability, audit, validation; document evidence per IPL.
Calculate RRF from initiating frequency to tolerable; deduct existing IPL credits; determine residual gap.
Allocate SIL per IEC 61511 Cl.9 Table 4 (SIL 1: RRF 10-100; SIL 2: 100-1000; SIL 3: 1000-10000).
Issue SIF register with SIL band, RRF, IPL credits, and assumption log; hand to Phase 3 for SRS.
Decision-gated workflow showing the actual sequence of activities — from initiation through steady-state operation — with key decision points highlighted.
We can scope this element implementation against your facility, regulatory context, and existing management-system maturity — and integrate it with the other Functional Safety Lifecycle Implementation elements you already operate.