Certification of SIS components has received a level of respect among some practitioners of SIS engineering that is excessive and borders on dangerous. While certification of complex devices whose service conditions are very uniform, such as programmable logic controllers, is very useful, certification of field devices is much less so, and certification of basic components such as solenoid valves, relays, timers, and other pneumatic and electronic appurtenances borders on ridiculous. The reason I say that this practice borders on dangerous is that some organizations end up replacing devices that are truly proven in use with devices that they have no experience with, often resulting in systematic failures during installation and maintenance. The result is an overall significant decrease in safety as a result of using the certified product.
The benefit of prior use experience with SIS equipment can not be overstated. While it may be difficult to obtain this kind of experience for devices that are few in number or very complex, this kind of experience for a common appurtenance such as a time delay relay is extremely common. Using a new and untested device simply because it has been certified by a third part, who typically has no experience in using the device, is a poor substitute for actual experience. If high SIL levels are required to be achieved, users are much better off applying redundancy to proven components than replacing those proven devices with an untested new “certified” device.
This concept has been proven out lately as a number of users have reported a series of problems with some pneumatic and electronic appurtenances that were ostensibly certified to SIL 3. As a result of some component failures and also a high degree of systematic failure that was the result of unusual installation requirements, the achieved failure rate (as opposed to the predicted failure rate resulting from the certification FMEDA) was much higher than the standard non-certified devices that they replaced.
Unfortunately, some engineers are not using common sense and pushing off responsibility to third parties with respect to their SIS designs. A healthy skepticism of certification and return to common sense and respect for devices that are proven in use will increase the level of safety in the process industries.