Furthermore, the following assumptions were made:
●
The failure rates for the “Safe end position feedback” safety function always
refer to an end position feedback signal (i.e. either to “OPEN” or “CLOSED”).
If both end positions are used within the safety function, the indicated parameters
must be accounted once for end position OPEN and once for end position
CLOSED.
●
The failure rates are constant, wear mechanisms are not included.
●
Only one individual component fault leads to failure of the overall system.
●
Fault propagation is not relevant.
●
All components not included in the safety function and which do not have an
impact on the safety function are excluded.
●
The system is installed in compliance with the manufacturer’ s instructions (safety
manual).
●
Faults caused by maintenance functions or improper operation are specific to
locations and consequently not included.
●
Materials are compatible with the process conditions.
●
All devices are operated in low demand mode.
●
For ESD function, the actuator is operated at least at the defined diagnostic
test interval to perform internal diagnostics.
●
The frequency of diagnostic operations (PVST/FVST) depends on the interven-
tion demanded by the SIS (proof test interval) and the applicable standards.
●
The frequency of diagnostic operations is limited internally to 22 days by the
FQM to anticipate wear. More frequent operations are easily possible. However,
internal diagnostics is not executed by the FQM.
●
Only the variants and functions described for the FQM fail safe unit are used
for safety applications.
●
Internal and external diagnostic options are specified in the safety manual.
●
A PVST is executed for the safety function as diagnostic measure.
●
Manual operation is not part of the safety function and was consequently not
considered.
●
The listed electronic failure rates apply for typical service voltage conditions in
industrial field environments with temperature limits within the manufacturer
evaluation and a mean temperature of 40 °C (35 °C ambient temperature plus
internal heating up) across a longer time period. For higher average temperat-
ures, the failure rates shall be multiplied using a field feedback factor of 1.5 for
50 °C, 2.5 for 60 °C and 5 for 80 °C.
●
The system limit for failure considerations with regard to FQM is the valve
coupling.
The safe end position feedback is e.g. the feedback signal indicating that the
coupling has reached the respective position. However, no assessment can be
made on potential valve failures.
The following tools were used for calculating the safety figures.
●
SILcal V8.0.14 – 64bit
●
Microsoft Excel 14.0.7227.5000 – 32 bit
30
Safety-related figures with non safety-related actuators
To Next Page
Loading...
