Terms And Definitions - ABB TTH200 Additional Instructions

4 TTH200, TTR200, TTF200 TEMPERATURE TRANSMITTER | SM/TTX200/SIL-EN REV. E

3 Terms and definitions

IEC 61508
Safety integrity
SIL
Safety integrity level
Functional safety
Safety function
Hardware fault tolerance
HFT n
Architectural constraints
Systematic safety integrity SC
Low demand mode
Dangerous failure
Safe failure
No effect failure
FIT
Failure rate
PFD
avg
Safe failure fraction
SFF
Proof test
Proof test interval
Proof test coverage PTC
Diagnostic coverage
DC
Diagnostic test interval
Common cause failure
Systematic failure
Random hardware failure
Type A element
Type B element
MooN architecture
Useful lifetime
International standard 'Functional safety of electrical/electronic/programmable electronic safety-related systems'.
Probability of a safety system satisfactorily performing the specified safety functions under all the stated conditions.
Discrete safety integrity level corresponding to a range of safety integrity values, where level 4 has the highest and level 1 has
the lowest.
Part of the overall safety relating to the controlled system that depends on the correct functioning of the safety system and
other risk reduction measures.
Function to be implemented by a safety system or other risk reduction measures, that is intended to achieve or maintain a
safe state for the controlled system, in respect of a specific hazardous event.
Ability to continue to perform a required function in the presence of n hardware faults or errors.
The highest safety integrity level that can be claimed limited by the hardware constraints (SFF, HFT).
Measure on a scale of SC 1 to SC 4 on the systematic safety integrity of an element when the element is applied in accordance
with the instructions specified in the safety manual for the element.
The safety function is only performed on demand with a demand interval
a) no greater than one per year and b) greater than twice the proof test interval.
Failure in implementing the safety function that prevents a safety function from operating as expected.
Failure that results in the spurious operation of the safety function.
Failure without direct effect on the safety function.
Failure in Time (1x10-9 failures per hour) named Lambda
Conditional probability of failure per unit of time, usually declared as FIT
– detected dangerous failures
DD
– detected safe failures
SD
Average probability of dangerous failure on demand.
Ratio of safe plus dangerous detected failures to all failures.
SFF = ( + + ) / ( + +
SD SU DD SD SU
Periodic test performed to detect dangerous hidden failures and weaknesses in the mechanical integrity within the final
application environment.
Execution interval of the period proof test.
Fraction of detected dangerous failures by the periodic proof test.
Fraction of dangerous failures detected by on-line diagnostic tests.
DC = / ( + )
DD DU DD
Interval between on-line tests to detect faults.
Failure causing concurrent failures of two or more separate channels in a multiple channel system, leading to system failure.
Failure, related in a deterministic way to a certain cause, which can only be eliminated by design modification, manufacturing
process, operational procedures, documentation or other relevant factors.
Failure, which results from degradation mechanisms in the hardware. For equipment comprising many electrical components
those failures occur at predictable rates but at unpredictable random times.
An element can be regarded as type A if, the failure modes of all constituent components are well defined; and the behavior of
the element under fault conditions can be completely determined; and there is sufficient dependable failure data to show that
the claimed rates of failure for detected and undetected dangerous failures are met. Otherwise the element shall be regarded
as type B.
Voting redundancy architecture. e. g.
1oo2: 1 out of 2 redundant channel architecture
2oo3: 2 out of 3 redundant channel architecture
Beyond the useful lifetime the probability of failure significantly increases with time and the probabilistic failure rate
estimation is meaningless.
– detected dangerous failures
DU
– intrinsic safe failures
SU
+ )
DD DU