Table of Contents
Advertisement
A1.2.9 Reliability Data
A detailed Failure Mode, Effects, and Diagnostics
Analysis (FMEDA) report is available from
Yokogawa with all failure rates and failure modes.
The AXR is certified up to SIL2 for use in a simplex
(1oo1) configuration, depending on the PFDavg
respectively PFH calculation of the entire Safety
Instrumented Function.
The development process of the AXR is certified up
to SIL3, allowing redundant use of the transmitter
up to this Safety Integrity Level, depending the
PFDavg respectively PFH calculation of the entire
Safety Instrumented Function.
When using the transmitter in a redundant
configuration, the use of a common cause factor
(β-factor) of 5% is suggested. If the owner-operator
of the plant would institute common cause failure
training and more detailed maintenance procedures
for avoiding common cause failure, a beta factor of
2% would be applicable.
For details, refer to the FMEDA No. YOK 10/06-091
R001 V2R3.
A1.2.10 Lifetime Limits
The expected lifetime of the AXR is 10 years. The
reliability data listed the FMEDA report is only valid
for this period. The failure rates of the AXR may
increase sometime after this period. Reliability
calculations based on the data listed in the FMEDA
report for AXR lifetimes beyond 10 years may yield
results that are too optimistic, i.e. the calculated
Safety Integrity Level will not be achieved.
For details, refer to the FMEDA No. YOK 10/06-091
R001 V2R3.
A1.2.11 Environmental Limits
The environmental limits of the AXR are specified in
this manual.
A1.2.12 Application Limits
The application limits of the AXR are specified in
this manual. If the flowmeter is used outside of
the application limits, the reliability data listed in
Subsection A1.2.9 becomes invalid.
<Appendix1. Safety Instrumented Systems Installation>
A1.3 Definitions and
A1.3.1 Definitions
Safety
Functional Safety
Basic Safety
Verification
Validation
Safety Assessment The investigation to arrive at a
Further definitions of terms used for safety
techniques and measures and the description of
safety related systems are given in IEC 61508-4.
Abbreviations
Freedom from unacceptable
risk of harm
The ability of a system to carry
out the actions necessary
to achieve or to maintain a
defined safe state for the
equipment/machinery/plant/
apparatus under control of the
system
The equipment must be
designed and manufactured
such that it protects against
risk of damage to persons
by electrical shock and other
hazards and against resulting
fire and explosion. The
protection must be effective
under all conditions of the
nominal operation and under
single fault condition
The demonstration for each
phase of the life-cycle that the
(output) deliverables of the
phase meet the objectives
and requirements specified by
the inputs to the phase. The
verification is usually executed
by analysis and/or testing
The demonstration that the
safety-related system(s) or
the combination of safety-
related system(s) and external
risk reduction facilities meet,
in all respects, the Safety
Requirements Specification.
The validation is usually
executed by testing
judgment -based on evidence-
of the safety achieved by
safety-related systems
A1-3
IM 01E30D01-01EN
Advertisement
Table of Contents
