EXECUTIVE SUMMARYThe final report o

EXECUTIVE SUMMARY
The final report of the Process Safety Leadership Groups (PSLG) safety and environmental standards for fuel storage sites was published in December 2009. Appendix 4 of that report provides guidance on the architecture and design of automatic overfill protection systems for bulk gasoline storage tanks, one of the systems (or layers of protection) necessary to achieve the target Safety Integrity Level (SIL) level identified through the risk assessment.
The PSLG report provides supplementary guidance to the British Standard on the design, operation and maintenance of safety instrumented systems (for example an automatic overfill protection system) BS EN 61511, Functional safety – Safety instrumented systems for the process industry sector.
For a safety instrumented function designed to achieve a specific safety integrity level, BS EN 61511 has architectural requirements for the subsystems that comprise that safety instrumented function (sensors, logic solver and final elements). These architectural requirements are in addition to the failure measure requirements for the intended safety integrity level - BS EN 61511 Clause 11.4. The architectural requirements are expressed in terms of hardware fault tolerance (the number of dangerous failures that a subsystem can tolerate and still perform its function as intended).
If the end user wishes to reduce the hardware fault tolerance requirements for a specific safety instrumented function, the end user can gather evidence to meet the "Prior Use" requirements described in BS EN 61511 Clause 11.5.3. This allows the end user to reduce the hardware fault tolerance requirements by 1 - see BS EN 61511 Clause 11.4.4. The demonstration of "Prior Use" in BS EN 61511 is solely related to allowing a modification of the hardware fault tolerance needed for a specific safety integrity level.
A working group was commissioned under CDOIF to develop this guideline to assist users in preparing a case for demonstration of prior use. This is not intended to be prescriptive in defining the mechanism by which prior use should be demonstrated, but aims to highlight key factors that should be considered.