Advertisement
SAFETY MANUAL: 700 SIGNAL PROCESSOR
700ACSP, 700DCSP Product Declaration
FIT FOR USE IN A LOW DEMAND SAFETY APPLICATION.
Models: 700ACSP & 700DCSP
Models
SIL
700AC
3
700DC
3
System Architecture
MTTR (Mean Time to Restoration
Proof Test Interval
Fit for use in
Term
Dangerous Failure
Safety-related System
Safety Function
Proof Test
MTTR (Mean Time to
Restoration)
λ
sd
λ
su
λ
dd
λ
du
HFT
System Architecture
PFD
(Average Probability
AVG
of Failure on Demand)
FIT (Failures in Time)
Safety Function of the 700
The safety function of the 700 signal processor consists of a
Flame Relay which comprises its safety function and behaves
as follows:
The Flame Relay (Normally Open)
• The Flame Relay will be energized when the signal
processor is powered and a flame on condition is detected.
HONEYWELL MODEL 700/800 SIGNAL PROCESSOR AND VIEWING HEAD
HFT
SFF
0
>99%
0
>99%
Table 5. Definitions.
Failure which has the potential to put the safety-related system in a hazardous or fail-to-function
state.
A system that implements the required safety functions required to achieve or maintain a safe
state and is intended to achieve on its own or with other systems the necessary safety integrity for
the required safety functions.
Defined function, which is performed by a safety-related system with the aim of achieving or
maintaining a safe state for the plant, in respect of a specified hazardous event.
Periodic test performed to detect failures in a safety-related system so that, if necessary, the
system can be restored to an "as new" condition or as close as practical to this condition.
The average duration required for restoration of operations after a failure.
Rate of safe detectable failures per one billion hours.
For example if λ
= 3000, then it is estimated that there will be about 3,000 safe detectable
sd
failures during every one billion hours of operation.
For λ
= 3000, this is about one safe detectable failure every 38 years.
sd
Rate of safe undetectable failures per one billion hours.
Rate of dangerous detectable failures per one billion hours.
Rate of dangerous undetectable failures per one billion hours.
Hardware Fault Tolerance
Specific configuration of hardware and software elements in a system.
Average Probability of Failure on Demand. In this case, regarding the 700 Signal Processor.
A unit of measurement representing one failure per billion hours. 1,000,000,000 hours is
approximately 114,155.25 years.
λ
PFD
-4
1.79 x 10
1.93 x 10
-4
1.79 x 10
1.36 x 10
1oo1
8 hours
5 years
SIL 3 environment
Definition
• The Flame Relay will be de-energized when the signal
processor is powered, a flame of condition is detected, and
the FFRT (Flame Failure Response Time) has elapsed.
• The Flame Relay will be de-energized when the signal
processor is powered and detects a fault condition.
• The Flame Relay will be de-energized when power to the
signal processor is off.
35
λ
s
dd
-6
-9
8.53 x 10
-6
-9
8.53 x 10
λ
du
-9
8.20 x 10
-9
8.20 x 10
66-2069—04
Advertisement
