The second edition of the international standard of IEC 61508, functional safety of electrical/electronic/programmable electronic safety-related system (SRS), was published in 2010. This international standard adopts a risk-based approach by which safety integrity requirements can be determined. It presents a formula to estimate the hazardous event rate taking account of non-perfect proof-tests. But it is not clear how to derive the formula. In the present paper, firstly, taking account of non-perfect proof-tests, the relationship between the dangerous undetected failure of SRS, the demand on the SRS and hazardous event is modeled by a fault tree and state-transition diagrams. Next, the hazardous event rate is formulated by use of the state-transition diagrams for the determination of the safety integrity requirements. Then, a comparison is made between the formulas obtained by this paper and given in the standard, and it is found that the latter does not always present rational formulation.

The present paper modifies the algorithm to estimate harmful event frequencies and examines the definition of modes of operation in IEC 61508. As far as the continuous mode concerns, the calculated results coincide with those obtained based on the standard. However, for the intermediate region of medium demand frequencies and/or medium demand durations, the standard gives much higher harmful event frequencies than the real values. In order to avoid this difficulty, a new definition of modes of operation and a shortcut method for allocation of SILs are presented.