Safety Achieved by the Safe Failure Fraction (SFF) in IEC 61508

The present paper examines the effect of safe failure fraction (SFF) constraints on hazardous-event rates, and discusses the validity of the SFF constraints in IEC 61508. First, the safe states are categorized into three types of states, and overall systems involving safety-related systems are classified into six types of systems based on the safe-state categorization, and the completeness of trips. Next, state-transition models for the systems where the effect of SFF is the greatest are presented, and the hazardous-event rates are analysed for the systems. Then, it is found that, when the effect of the SFF constraints is positive, it is negligible; and when it is negative, it is not negligible for safety. Thus, we recommend that the application of the SFF constraints to the standard should be put on hold.