The Layer of Protection Analysis (LOPA) method is a Process Hazard Analysis tool. The method
utilizes the hazardous events, event severity, initiating causes and initiating likelihood data developed
during the Hazard and Operability analysis (HAZOP). The LOPA method allows the user to determine
the risk associated with the various hazardous events by utilizing their severity and the likelihood of
the events being initiated. Using corporate risk standards, the user can determine the total amount of
risk reduction required and analyze the risk reduction that can be achieved from various layers of
protection. If additional risk reduction is required after the reduction provided by process design, the
basic process control system (BPCS), alarms and associated operator actions, pressure relief valves,
etc., a Safety Instrumented Function (SIF) may be required. The safety integrity level (SIL) of the SIF
can be determined directly from the additional risk reduction required.
Annex F – Layer of Protection Analysis from the Draft IEC 61511 Part 3 Standard is attached. The IEC
61511 is the process industry specific safety standard based on the IEC 61508 standard and is titled
« Functional Safety of Safety Instrumented Systems for the Process Industry Sector ». IEC 61511
Part 3 is informative and provides guidance for the determination of safety integrity levels. Annex F
illustrates the general principles involved in the LOPA method and provides a number of references to
more detailed information on the methodology. It should be noted that Annex F is derived from a CDV
version of the IEC 61511 Part 3 Standard dated 24 November 2000. The CDV version of the standard
is for National Committee comments and vote on the draft. The draft will be subject to change based
upon comments received from various National Committees around the world. I have included a few
editorial comments received from members of the ISA SP84 Committee that were submitted to the
IEC with a positive vote for the IEC 61511 Part 3 standard.