SIL Solver® Enterprise FAQ

The SIL Solver^® Enterprise+ software requires installation on a server, whether physical or virtual, running Windows Server 2019, Windows Pro, or a later version.

SIL Solver® Enterprise+ has been fully tested on Google Chrome, which is the recommended browser for optimal performance. Please avoid using other browsers or obsolete ones like Internet Explorer, as they may cause graphic display issues.

At a minimum, the server processor must be 2.0 GHz or faster, with at least 2 CPUs, 8 GB of RAM, and at least 1 GB of free hard disk space recommended for the installation of SIL Solver® Enterprise+.

A separate SIL Solver® Enterprise+ license is required for each server. A server comes with one admin and one user.

The SIL Solver® Enterprise+ database currently includes over 314 initiators or action devices, 40 logic solvers, and 10 support systems. The database has expanded over the years, and users with active licenses receive new device data with program updates. Additionally, users can add their own devices and failure rate data via custom datasheets.

The SSE+ database covers field instruments, final elements, controllers, support systems, and electrical components. The database is derived from an examination and analysis of reliability data extracted from various sources, including data contributed by end-users, information distributed in manufacturer certificates, data collected by SIS-TECH’s field services team, estimates from performance studies, and determinations made through expert judgment.

SSE+ uses Boolean mathematics as the foundation for calculating Probability of Failure on Demand (PFD), Probability of Failure per Hour (PFH), and Safe Time to Repair (STR) for Safety Instrumented Systems (SIS). This method is widely recognized in the process industry and aligns with the guidance from ANSI/ISA/IEC 61511 and related technical reports.

SIL Solver® Enterprise+ offers advanced safety lifecycle management for instrumented protection layers, simplifying access to critical process safety information. Key features include an expanded 2024 device database, automated generation of test procedures, and a customizable dashboard that provides real-time performance metrics. Enhanced data consistency and streamlined workflows improve efficiency, while advanced safety function modeling allows for complex subsystem configurations. Additionally, the centralized database supports secure, role-based access. With robust documentation tools and dedicated support, SSE+ v2.5 significantly improves operational safety and compliance.

Reports are generated from SIL Solver® Enterprise+ as PDFs. SSE+ prints individual reports of typical project deliverables. It also generates summary reports, such as the SIL Verification Report and Safety Requirements Specification.

SIL Solver® Enterprise+ has been used in the process industry for over 30 years. It uses internationally recognized methods for PFD and STR calculation. Industrial organizations, such as CCPS and ISA, recognize its reliability database. SIL Solver® Enterprise+ data has been used to support submissions to regulatory authorities of various governments across the world. For example, it has been used to demonstrate to OSHA that SISs were designed sufficiently to prevent event recurrence, to EPA as part of consent decree response, and to HSE for safety case submission.

There are three configuration levels for modeling the voting of subsystems for inputs and actions in SIL Solver® Enterprise+. On both panels, the 1st level is on the platform. This level votes all the inputs or all the outputs. The 2nd level supports typical voting architectures, such as 2oo3 voting sensors or 1oo2 block valves. The 3rd level is only used for voting with a subsystem.

Three Levels for Input Voting:

Level 1: 1ooN or NooN voting between input subsystems, configured without Common Cause Failure (CCF).

Level 2: Subsystem architecture with user-defined CCF options, including 1oo1, 1oo2, 2oo2, 1oo3, 2oo3, 3oo3, and MooN.

Level 3: Sub-sub device level architecture with fixed CCF from datasheets such as 1oo1, 1oo2, 2oo2, 1oo3, 2oo3, 3oo3, H-PAT and MooN.

Three Levels for Action Voting:

Level 1: NooN voting between action subsystems.

Level 2: Subsystem architecture with user-defined CCF options, including 1oo1, 1oo2, and 1oo3.

Level 3: Sub-sub device level architecture with fixed CCF from datasheets, including options like 1oo1, 1oo2, 2oo2, 1oo3, 2oo3, 3oo3, H-PAT, and MooN.

Beginning users can model more than 90% of the safety functions associated with refining and petrochemical applications. Power users can increase this percentage significantly by breaking the function down into subsystems for modeling. Other methods can also be used to independently model very complex portions of a function, with the resulting performance values entered into custom datasheets for inclusion in SIL Solver projects.

SIL Solver® Enterprise+ allows the user to select the test interval. The user should choose a test interval that has been proven through experience to be sufficient to maintain the equipment in the “as good as new” condition and is consistent with known constraints on the useful life of the equipment. In general, the test interval is constrained by production schedules which provide off-line access to equipment. For devices, the test interval is a free field for logic solvers, allowing users to select from 17 available options, while supporting systems have 16 options. Opportunities for inspection, preventive maintenance, and proof testing should be identified by process engineering and operations personnel in the process requirements specification.

Most IEC 61508 certificates are based on a theoretical analysis of the product design in a perfect environment. The data in SSE+ reflects the installed performance of each technology in typical applications within the process sector. SIS-TECH uses a Delphi method to analyze multiple data sources and to select the failure rate numbers for SIL Solver’s reliability database. The Delphi analysis is weighted towards data sources derived from field installations and from our direct personal experience working with instrumentation and controls. For this reason, the numbers are unlikely to match up with a particular IEC 61508 certificate. The Delphi method generates values that are expected to meet the 70% upper bound confidence limit as recommended by IEC-61511 for approving devices via prior use.

SIS-TECH’s analysis has shown that for a given technology, configuration and operating environment, there is very little difference between the different products, as long as the manufacturer sustains the quality assurance program required by IEC 61508. Further, decoupling the calculation from the specific product ensures that engineering focuses on the functional and integrity specification of the safety instrumented function, while procurement negotiates the purchase of the best product, which meets the specification.

Data in the SSE+ database are the result of a Delphi process that uses expert judgement to select appropriate failure rate values for typical process operating environments. Among the many sources of information used by the team of experts, preferential weight is given to data captured from actual installations. Our sources include a variety of the more challenging automation environments in the process sector. With this approach, the resulting failure rates are expected to have at least a 70% upper-bound confidence limit for our process sector clients.

Ultimately, positive confirmation of the appropriateness of the data regarding your specific application comes from the periodic operations and maintenance performance assessment that is also required by the standard. Using a SIL verification reliability database that is designed to provide a more realistic estimate of actual field performance should reduce the likelihood of design rework resulting from this assessment.

Yes, so long as the contractor is assigned a user seat and has sufficient access into the server you have loaded the application on. If the client has implemented Single Sign-On (SSO), they must first add the contractor to the directory before granting access.

Requests for SIL Solver® Enterprise+ technical support can be submitted via email at silsolversupport@sis-tech.com or by phone at 713-909-2005 (select the SIL Solver support option). Software technical support is available during Houston business hours, Monday through Friday. Clarification of requests and their resolutions may occur through phone calls, emails, or web conferences as needed.

SIL Solver® Enterprise+ includes an in-tool user manual, updated with each new release to describe new features and clarify existing guidance. SIS-TECH frequently updates the FAQ document on the SIL Solver webpage to address common questions received by technical support. Additionally, SIS-TECH provides training materials and installation instructions, which are also updated as questions arise from new customers. A video series of tutorials is available to assist users in navigating the software effectively.

SIS-TECH validates the software prior to release through a two-phase testing process:

Alpha Testing: This initial phase occurs within the development environment, where standard test cases are applied to assess the functionality, performance, and stability of the software. The development team conducts these tests to identify and address any issues early in the development cycle.

Beta Testing: Following successful alpha testing, the software undergoes beta testing. This phase involves SIS-TECH personnel testing the software on internal projects and demo users testing it on our hosted server. This broader testing environment allows for real-world usage scenarios, providing valuable feedback on the software’s performance and usability.

Together, these testing phases ensure that SIS-TECH releases a robust and reliable product to its users.

The dataset in SSE+ has been largely derived from observed failure rates within the process sector. These failure rates include the full installation for the indicated device technologies. In field application, the dominant failure modes for sensors (e.g., frozen reading, incorrect reading) are dangerous whether the application is a high vote or a low vote. The remaining significant failure modes (e.g., open circuit, short circuit) are essentially evenly split. Using fundamental technology performance-based failure rates in this manner results in numbers that are applicable for low or high voting functions across a broad range of process sector applications. In contrast, there are different device identifiers for fail-open vs. fail-closed valves, as there is a significant difference in the failure rates based on the direction of the safety action.