What is Systematic Capability?
Systematic capability (SC) is a measure of the confidence that a safety-related element (hardware or software) meets the requirements of its specified Safety Integrity Level (SIL) for a given safety function. This confidence is assessed based on the systematic safety integrity of the element when used in accordance with the instructions in the device’s safety manual.
Systematic capability is expressed on a scale ranging from SC 1 to SC 4, with each level corresponding to the SIL requirements:
- SC 1: Suitable for SIL 1
- SC 2: Suitable for SIL 2 and SIL 1
- SC 3: Suitable for SIL 3, SIL 2, and SIL 1
- SC 4: Suitable for SIL 4, SIL 3, SIL 2, and SIL 1
Determining Systematic Capability
For a device to achieve a specific SC, it must comply with the requirements for the avoidance and control of systematic faults as specified in IEC 61508-2:2010 and IEC 61508-3:2010. These requirements involve:
- Avoidance of Systematic Faults: Ensuring that faults are minimized during design and development.
- Control of Systematic Faults: Managing and mitigating faults that could lead to system failure.
The nature of the device dictates the systematic failure mechanisms:
- For hardware-only devices, only hardware failure mechanisms are considered.
- For devices with both hardware and software, interactions between hardware and software failure mechanisms must be addressed.
Combining Systematic Capabilities
When combining multiple elements to achieve higher systematic capability, certain limitations apply:
- The systematic capability of a combination of identical elements with SC N can at most be SC (N+1).
- Successive assemblies of SC N elements cannot achieve SC (N+2) or higher.
For example:
- Using identical transmitters with SC N may allow a manufacturer to claim SC (N+1).
- However, achieving SC (N+2) or higher through repeated combination is not permissible.
Systematic Capability and SIL
The relationship between SC and SIL is direct. A device with SC 2 can meet the requirements for SIL 2 or lower. For SIL 3, SC 2 can be used if hardware fault tolerance (HFT) is applied (e.g., redundancy mechanisms).
Practical Considerations
For devices approved under IEC 61508, systematic capability claims are clearly documented in the safety manual. For equipment maintained under prior use, systematic capability should be verified through the instrument reliability program and systematic error analysis.