Programmable systems are becoming the de facto standard for Safety Interlock Systems, allowing for increasing complexity of personnel protection. The SLAC National Accelerator Laboratory has implemented a programmable safety interlock system utilizing a graded approach to protect personnel from exposure to prompt radiation. The Personnel Protection System architecture is based on two tiers of programmable systems performing access control and safety interlocks. The strategy consists in isolating the safety functions from the access control and system monitoring performed through EPICS. The isolation allows the safety functions to be guaranteed even in the absence of a fully working control system. The safety functions are performed by redundant Programmable Logic Controllers certified for safety applications. Each PLCs was programmed by an independent engineer to provide some level of diversity and defense from coding errors. Functional testing was performed through a test bench and, after deployment, through a field checkout procedure designed to certify the system for operation. New processes were developed to manage the life cycle and the integration with existing installations.