Table of Contents
Advertisement
Functional Safety SJ2-SN, SJ3,5-S(1)N
Planning
3.2
Assumptions
The following assumptions have been made during the FMEDA:
•
Failure rate based on the Siemens standard SN 29500.
•
Failure rates are constant, wear is not considered.
•
External power supply failure rates are not included.
•
The safety-related device is considered to be of type A device with a hardware fault
tolerance of 0.
•
The device will be used under average industrial ambient conditions comparable
to the classification "stationary mounted" according to MIL-HDBK-217F.
Alternatively, operating stress conditions typical of an industrial field environment similar
to IEC/EN 60654-1 Class C with an average temperature over a long period of time
of 40 ºC may be assumed. For a higher average temperature of 60 ºC, the failure rates
must be multiplied by a factor of 2.5 based on experience. A similar factor must be used
if frequent temperature fluctuations are expected.
SIL 2 Application
Only use the device in SIL 2 applications in combination with a control unit according
to EN 60947-5-6 (NAMUR).
•
The device claims less than 25 % of the total failure budget for a SIL 2 safety loop.
•
For a SIL 2 application operating in low demand mode the total PFD
of the SIF (Safety Instrumented Function) should be smaller than 1 x 10
hence the maximum allowable PFD
•
For a SIL 2 application operating in high demand mode the total PFH value
of the SIF should be smaller than 1 x 10
PFH value would then be 2.5 x 10
•
Since the safety loop has a hardware fault tolerance of 0 and it is a type A device,
the SFF must be > 60 % according to table 2 of IEC/EN 61508-2 for a SIL 2 (sub) system.
SIL 3 Application
Only use the device in SIL 3 applications in combination with a control unit for
SIL 3 safety applications from Pepperl+Fuchs, i. e. switch amplifier KFD2-SH-Ex1.
•
The device claims less than 25 % of the total failure rate for a SIL 3 safety loop.
•
For a SIL 3 application operating in low demand mode the total PFD
of the SIF (Safety Instrumented Function) should be smaller than 10
hence the maximum allowable PFD
•
For a SIL 3 application operating in high demand mode the total PFH value
of the SIF should be smaller than 10
would then be 2.5 x 10
•
Since the safety loop has a hardware fault tolerance of 0 and it is a type A device,
the SFF must be > 90 % according to table 2 of IEC/EN 61508-2 for a SIL 3 (sub) system.
value would then be 2.5 x 10
avg
-6
per hour, hence the maximum allowable
-7
per hour.
value would then be 2.5 x 10
avg
-7
per hour, hence the maximum allowable PFH value
-8
per hour.
value
avg
-2
,
-3
.
value
avg
-3
,
-4
.
11
Advertisement
Table of Contents
