SIL certificate: Does your product really need one?

IEC 61508 certification (including product certification) is not listed as a specific requirement for compliance with the standard, so why do it?

The process for equipment or system certification under IEC 61508 is an evidence-based, structured and methodical approach to evaluate how product (or system) development (design, engineering and manufacturing) meets the requirements for achievement of the specified Safety Integrity Levels (SILs) in IEC 61508 and overall safety system performance targets.

By performing a detailed Failure Modes and Effects Analysis (FMEA), (as well as failure history), the system integrator or product manufacturer can confirm to its clients, the capability (hardware and systematic) of the element or sub-system to provide the required safety function in conformance with IEC 61508.

Certification of your product can support you in the delivery of high integrity solutions for safety systems, when supported by clear evidence and expert judgement.

Does every element in the safety system need to be SIL rated?

Let’s start by setting the record straight… SIL rating of an element, sub-system or system is a misconception.

The concept of an element which is part of a sub-system used in a Safety Function being SIL rated fundamentally contravenes the definition of Safety Integrity Level in IEC 61508-4 clause 3.5.8. Note 4, which states; “SIL is the property of the function not of the element, sub-system or system. SIL is the property of the Safety Function and a “SIL n safety system” should be interpreted as a system capable of supporting safety functions with a SIL “n” requirement”.

The standard does however, require that that both hardware and systematic capability of any element, sub-system or system used in a Safety Function with a defined SIL is demonstrated in conformance with IEC 61508 requirements.

How do we demonstrate an element or sub-system complies with the requirements of IEC 61508 for a particular SIL?

The ability of an element to meet the required level of integrity must be demonstrated to be suitable for use in the Safety Function for which it is being designed.

The two routes to compliance (1 & 2) provides flexibility to address new designs; to account for existing experience and use in specific applications (“Proven-in-use” concept).

With integrity levels defined on two major categories (random failure analysis [H] and systematic capability evaluation [S]) the certification process reviews the inherent reliability of the components and sub-systems within the product (or system) and the processes defined to develop that same product (or system), producing a clear judgement of its ability to deliver high quality safety system performance.


Certification conducted by Engineering Safety Consultants  Ltd (ESC), will provide an independent, specific and realistic analysis of the ability of your product (or system) to meet the requirements in IEC 61508 and support you in the delivery of the level of integrity required by you and your clients.

With extensive experience in product and system development, application and certification, ESC Ltd apply a pragmatic approach to achieving compliance with Functional Safety standards.  To ensure peace of mind for our clients, ESC Ltd apply IEC 61508-compliant analytic techniques for hardware and systematic capability assessments.