The Sellafield site, formerly known as Windscale and Calder Works, is a large nuclear plant sited in West Cumbria, in the North West of England. The Sellafield site is probably the most complex nuclear facility in the world, with safety systems to match. Many of the safety systems have been ‘back-fitted’ onto decades-old plant as safety cases have been modernised; however, due to the original design, many of these systems cannot be fully end-to-end proof tested. It is for this reason, Sellafield Ltd has developed their own risk-based process of how to assure the probability of failure on demand of a safety system when one or more of the components of the system cannot (throughout this paper where it is stated that the proof test ‘cannot be carried out’ it means it is undesirable for safety, practicality or business reasons) be fully or actively tested. Sellafield Ltd are leading the way in the proof testing of legacy plant throughout the nuclear and chemical industries in the United Kingdom; these arrangements, as described below, are considered (by Sellafield Ltd) as best practices for assuring the probability of failure on demand of Safety Instrumented System in legacy plants.