Schematex
rbd·IEC 61078 / IEC 61511 (SIF)·engineering, manufacturing, energy·complexity 3/3·since v0.9.5

Safety instrumented function (SIF) — emergency shutdown

A reliability block diagram of an IEC 61511 emergency-shutdown loop — 2-of-3 voting pressure transmitters, a redundant logic solver, and 1-out-of-2 shutdown valves. The classic sensor → logic → final-element SIF architecture, with the engine computing the loop reliability.

For the functional-safety engineer verifying a SIL target

Open in Playground →
rbd·§
↘ preview
100%
Emergency Shutdown SIF (SIL 2) Reliability block diagram: 7 blocks. System reliability R = 0.99722. Highest reliability-importance block: SDV1. No single point of failure — every block has redundancy in the success path. Emergency Shutdown SIF (SIL 2) System reliability R = 0.99722 2/3 Pressure Tx 1 R=0.98 Pressure Tx 2 R=0.98 Pressure Tx 3 R=0.98 Logic solver A R=0.999 Logic solver B R=0.999 Shutdown valve A R=0.96 Shutdown valve B R=0.96
UTF-8 · LF · 16 lines · 399 chars✓ parsed·1.0 ms·5.8 KB SVG

What this shows

The canonical safety-instrumented-function architecture from IEC 61511, laid out as a series of three subsystems: sensing, logic, and final elements. Sensing uses 2-out-of-3 voting transmitters (tolerates one failure and rejects one spurious trip); the logic solver is a redundant pair; the final elements are two shutdown valves in a 1-out-of-2 (parallel) arrangement so either can close the line.

The reliability is computed across the loop. The engine evaluates the 2oo3 sensor group exactly, the two parallel pairs as 1 − (1−R)², and the series chain — giving a loop reliability of ≈ 0.9972. Because every subsystem is redundant, there's no single point of failure, and the importance ranking points at the valves (the lowest-reliability stage) as the place a SIL upgrade buys the most. The success-space companion to the fault tree a safety case also needs.

RBD syntax