Request demo
To overview


Safety Instrumented System (SIS): One software for the entire Lifecycle

The Safety Instrumented System (SIS) Lifecycle is a complex processes where many disciplines must interact. Discover how a single source of truth can help.

3 September '22

sis cenosco

This article explores the Safety Instrumented System (SIS) Lifecycle. Take a closer look into how you can tackle some of the challenges faced throughout the process. First, we introduce the Safety Instrumented System (SIS) Lifecycle and its three stages. The Safety Instrumented System (SIS) Lifecycle requires different disciplines and engineering processes, such as HAZOP, LOPA, SIF design, and SIF Proof Testing, to interact with each other’s data. We explore the potential issues that come with that and how they can be addressed.

Safety Instrumented System (SIS) Lifecycle: An Introduction

A Safety Instrumented System (SIS) is a critical system that consists of at least one automatic safety instrumented function (SIF). The Safety Instrumented System (SIS) Lifecycle combines all the stages of the given system’s life. In accordance with IEC 61511, this generally consists of three steps, as laid out below. Like a Plan-Do-Check-Act cycle, the stages listed below must be revisited continuously.

  1. Analysis Stage: Where hazards in designs are identified and further assessed.
  2. Implementation Stage: Where suitable engineering solutions to reduce the risk of these hazards to tolerable levels are implemented in designs and verified.
  3. Operation Stage: Where the engineering solution is commissioned and put into operational use. From here, it has to be periodically verified to check if the requirements set are still being met.

The stages outlined above each require a series of activities. For example, the Analysis Stage typically involves studies such as HAZOP, LOPA, and SIF Design. In the Implementation Stage, the SIS design is analyzed against the level of risk that it has been designed to mitigate.


The HAZOP process allows companies to map any hazards in their designs that can lead to adverse consequences on people, company assets, or the environment and rank those hazards by the severity of those consequences.


Once the hazards in a design have been identified and have had their severity ranked, the LOPA process can begin. The LOPA process analyzes whether these hazards are sufficiently mitigated in the design (e.g., by alarm or SIF barriers) or whether there are so-called risk gaps where the risk associated with a specific Hazard is deemed intolerable. In case of unacceptable hazards, further action must be taken to make the design safe for operation. The LOPA process is also where any SIFs in the design will be assigned their Safety Integrity Level (SIL) ranking.

SIF Analysis

Once a SIF has been assigned a Safety Integrity Level (SIL) from the LOPA process, the SIF Analysis process can begin to ensure that the SIF design can achieve the level of risk reduction (as indicated by SIL or RRF) that it has been assigned. This ensures the design for the operation is safe. A SIF Design typically consists of three elements: sensors (e.g., a flowmeter), a logic solver (e.g., a safety PLC), and a final element (e.g., a trip valve).

HAZOP, LOPA, and SIF Analysis: How are they connected?

HAZOP, LOPA, and SIF Analysis are all processes that produce a lot of documentation and leave an extensive trail of data that often goes through the hands of various disciplines and engineering processes. These processes are interlinked, as laid out above. A modification in any of these three processes will also influence the other two. For example, adding a cause/consequence pair to a HAZOP will change the LOPA for that cause/consequence pair and subsequently may change the SIL ranking of any SIF that was SIL ranked previously on that LOPA.

sil image

The Safety Instrumented System (SIS) Lifecycle documentation challenge

Any project, from its conception to de-commissioning, produces several different types of documents and interacts with several different disciplines. Looking at the Safety Instrument System (SIS) Lifecycle, you can think of HAZOP study reports, LOPA study reports, SIF design verification reports, SIF test procedures, and so on.

Since the Safety Instrumented System (SIS) Lifecycle processes and process outcomes are interlinked the way they are, this introduces a lot of complexity for document revision management for any project or production site. As stated before, the entire Safety Instrumented System (SIS) Lifecycle is a loop, which means that once additions or changes are made to the original design, previous study documents will become outdated. Projects and production companies are dynamic places where design changes are common and result in documentation piling up. This results in revision management becoming a headache. Furthermore, the various disciplines involved in these changed processes may struggle not only to access the information they need to get their jobs done but also to ensure they are looking at the most up-to-date documentation.

Your Safety Instrumented System (SIS) Lifecycle processes and documentation, all in one place.

The Safety Instrumented System (SIS) Lifecycle is exposed to complications of dynamic engineering processes in ever-changing environments. The optimal solution for this struggle is to provide a single source of truth for all the relevant disciplines involved throughout the lifecycle.

What does this mean? It means evaluating your choice of software for the various processes in the Safety Instrumented System (SIS) Lifecycle (HAZOP, LOPA, SIF design/analysis, Proof Test Scheduling) and finding one that allows for the disciplines involved to work stronger together. Having a single source of truth for your safety studies comes with a lot of benefits.

The benefits of having a single source of truth for your Safety Instrumented System (SIS) Lifecycle

1. Smooth collaboration between different disciplines

It has been established that the various disciplines involved require access to each other’s studies. Having a single source of truth will provide all relevant disciplines with a single location to access all the documentation for their specific needs.

2. Ensure documentation is always up-to-date

By having a single source of truth, you eliminate the confusion between different versions of the hefty documentation created throughout the studies. Regardless of your role, a single source of truth will ensure you are looking at the most up-to-date information.

3. Remain accountable and compliant with proper traceability and auditability

A single source of truth for your entire Safety Instrumented System (SIS) Lifecycle will keep you accountable and compliant. This is due to the software’s ability to keep the process traceable and auditable.

4. Automatic updates to relevant processes when studies are revised

Single source software, such as IMS SIS, can be used to synchronize between the different modules (HAZOP, LOPA, SIF Analysis, Scheduling) to ensure that a change in one module affects the outcome of another module. This type of software will keep your documentation updated automatically. Furthermore, it will make sure the various disciplines are always looking at the right data.

5. Lower Costs

A single source of truth solution will correspond to needing a single software license. This will ultimately reduce costs compared to using multiple software suites to cover the entire Safety Instrumented System (SIS) Lifecycle requirements.

6. Reduce workload and time required

The flow of information between the different modules of a single source of truth solution reduces engineering time and costs. Additionally, accessibility to all Safety Instrumented System (SIS) Lifecycle information for all disciplines increase engineering efficiency.

Risk Management with a Single Source of Truth

With a single source of truth, the question may arise on whether there are risks in allowing various disciplines to interact and get access to the same data. The answer is that there is no risk if proper user management is enforced by the database owner. Having distinct “Editing” and “Viewer” rights for the adequate modules will make all the difference. For example, a SIF designer can be given editing rights for the SIF Analysis module of a certain unit while having viewing rights only for the HAZOP and LOPA modules. Therefore, when choosing single-source software for your Safety Instrumented System (SIS) Lifecycle, it’s important to select a tool that allows proper user management.

IMS SIS offers maximum flexibility for users. It offers fully integrated HAZOP, LOPA, and SIF design verification modules. This means that data from one module will flow flawlessly into the downstream module. Therefore, any project using IMS SIS for their safety studies will benefit from saving precious time.

Ready for a Demo?

Are you ready to see the IMS Suite in action? Fill out the form below to book a demo!