Safety data
The safety data for the Safe torque off function is given below.
Note: The safety data is calculated for redundant use, and does not apply if both STO
channels are not used.
T
M
(a)
CCFHFTSCCat.
DC
(%)
MTTF
D
(a)
PFD
avg
(T
1
= 5
a)
PFD
avg
(T
1
= 2
a)
PFH
(T
1
=
20 a)
(1/h)
SFF
(%)
PL
SIL/
SILCL
Frame
size
2080133≥9036908
5.58E-
05
2.23E-
05
2.68E-
09
91.5e3R3
2080133≥9036908
5.58E-
05
2.23E-
05
2.68E-
09
91.5e3R6
2080133≥909630
6.67E-
05
2.67E-
05
3.21E-
09
99.1e3R8
3AXD10000606249 B, 3AXD10000006217 M
• The following temperature profile is used in safety value calculations:
•
670 on/off cycles per year with ΔT = 71.66 °C
•
1340 on/off cycles per year with ΔT = 61.66 °C
•
30 on/off cycles per year with ΔT = 10.0 °C
• 32 °C board temperature at 2.0% of time
• 60 °C board temperature at 1.5% of time
• 85 °C board temperature at 2.3% of time.
• The STO is a type A safety component as defined in IEC 61508-2.
• Relevant failure modes:
• The STO trips spuriously (safe failure)
• The STO does not activate when requested
• A fault exclusion on the failure mode “short circuit on printed circuit board” has
been made (EN 13849-2, table D.5). The analysis is based on an assumption
that one failure occurs at one time. No accumulated failures have been analyzed.
• STO response times:
• STO reaction time (shortest detectable break): 1 ms
• STO response time:
- Frames R3 and R6: 2 ms (typical), 10 ms (maximum)
- Frame R8: 2 ms (typical), 15 ms (maximum)
222 The Safe torque off function
To Next Page
Loading...
