The Safe torque off function 209
The following temperature profile is used in safety value calculations:
• 670 on/off cycles per year with T = 71.66 °C
• 1340 on/off cycles per year with T = 61.66 °C
• 30 on/off cycles per year with T = 10.0 °C
• 32 °C board temperature at 2.0% of time
• 60 °C board temperature at 1.5% of time
• 85 °C board temperature at 2.3% of time.
• The STO is a type B safety component as defined in IEC 61508-2.
• Relevant failure modes:
• The STO trips spuriously (safe failure)
• The STO does not activate when requested
A fault exclusion on the failure mode “short circuit on printed circuit board” has been
made (EN 13849-2, table D.5). The analysis is based on an assumption that one
failure occurs at one time. No accumulated failures have been analyzed.
• STO reaction time (shortest detectable break): 1 ms
• STO response time: 2 ms (typical), 25 ms (maximum)
• Fault detection time: Channels in different states for longer than 200 ms
• Fault reaction time: Fault detection time + 10 ms
• STO fault indication (parameter 31.22) delay: < 500 ms
• STO warning indication (parameter 31.22) delay: < 1000 ms
Abbreviations
Abbr. Reference Description
Cat. EN ISO 13849-1 Classification of the safety-related parts of a control system in respect
of their resistance to faults and their subsequent behavior in the fault
condition, and which is achieved by the structural arrangement of the
parts, fault detection and/or by their reliability. The categories are: B, 1,
2, 3 and 4.
CCF EN ISO 13849-1 Common cause failure (%)
DC EN ISO 13849-1 Diagnostic coverage
FIT IEC 61508 Failure in time: 1E-9 hours
HFT IEC 61508 Hardware fault tolerance
MTTF
D
EN ISO 13849-1 Mean time to dangerous failure: (The total number of life units) / (the
number of dangerous, undetected failures) during a particular
measurement interval under stated conditions
PFD
avg
IEC 61508 Average probability of dangerous failure on demand
PFH IEC 61508 Average frequency of dangerous failures per hour
PL EN ISO 13849-1 Performance level. Levels a…e correspond to SIL
SFF IEC 61508 Safe failure fraction (%)
SIL IEC 61508 Safety integrity level (1…3)
SILCL IEC/EN 62061 Maximum SIL (level 1…3) that can be claimed for a safety function or
subsystem
SS1 IEC/EN 61800-5-2 Safe stop 1
STO IEC/EN 61800-5-2 Safe torque off
T1 IEC 61508-6 Proof test interval. T1 is a parameter used to define the probabilistic
failure rate (PFH or PFD) for the safety function or subsystem.
Performing a proof test at a maximum interval of T1 is required to keep
the SIL capability valid. The same interval must be followed to keep the
PL capability (EN ISO 13849) valid. Note that any T1 values given
cannot be regarded as a guarantee or warranty.
See also section Maintenance (page 207).
To Next Page
Loading...
