ABSTRACT

When assessing the risk REUC for the baseline system, the designer is tasked to address each hazard category separately and systematically (IEC60812, IEC61508). Per category, he first determines the tolerable risk level Rtol. Then moves to identifying and quantifying the risk contributors (hazardous situations). After deciding how to provide the necessary protection by safety functions, RRF and PFD targets are allocated.