© exida.com GmbH berthold 0408-10 r003 v1r3.doc, Apr. 12, 2007
Rainer Faller Page 5 of 18
1 Purpose and Scope
Generally three options exist when doing an assessment of sensors, interfaces and/or final
elements.
Option 1: Hardware assessment according to IEC 61508
Option 1 is a hardware assessment by
exida
according to the relevant functional safety
standard(s) like IEC 61508 or EN 954-1. The hardware assessment consists of a FMEDA to
determine the fault behavior and the failure rates of the device, which are then used to calculate
the Safe Failure Fraction (SFF) and the average Probability of Failure on Demand (PFD
AVG
).
Fault injection testing will be used to confirm the effectiveness of any self-diagnostics.
This option for pre-existing hardware devices shall provide the safety instrumentation engineer
with the required failure data as per IEC 61508 / IEC 61511 and does not include an
assessment of the software development process
Option 2: Hardware assessment with proven-in-use consideration according to IEC 61508 /
IEC 61511
Option 2 is an assessment by
exida
according to the relevant functional safety standard(s) like
IEC 61508 or EN 954-1. The hardware assessment consists of a FMEDA to determine the fault
behavior and the failure rates of the device, which are then used to calculate the Safe Failure
Fraction (SFF) and the average Probability of Failure on Demand (PFD
AVG
). Fault injection
testing will be used to confirm the effectiveness of any self-diagnostics. In addition this option
consists of an assessment of the proven-in-use documentation of the device and its software
including the modification process.
This option for pre-existing programmable electronic devices shall provide the safety
instrumentation engineer with the required failure data as per IEC 61508 / IEC 61511 and may
help justify the reduced fault tolerance requirements of IEC 61511 for sensors, final elements
and other PE field devices when combined with plant specific proven-in-use records.
Option 3: Full assessment according to IEC 61508
Option 3 is a full assessment by
exida
according to the relevant application standard(s) like IEC
61511 or EN 298 and the necessary functional safety standard(s) like IEC 61508 or EN 954-1.
The full assessment extends option 1 by an assessment of all fault avoidance and fault control
measures during hardware and software development.
This assessment shall be done according to option 1.
This document shall described the results of the assessment carried out on the Level
Transmitter LB490 Uni-Probe with Software Revision V2.00.
This document does neither consider any systematic software design failures nor calculations
necessary for proving intrinsic safety.
The information in this report can be used to evaluate whether a sensor meets the average
Probability of Failure on Demand (PFDavg) requirements and the architectural constraints, i.e.,
the minimum hardware fault tolerance and safe failure fraction requirements per IEC 61508.
© exida.com GmbH berthold 0408-10 r003 v1r3.doc, Apr. 12, 2007
Rainer Faller Page 6 of 18
2 Project management
2.1 exida.com
exida is one of the world’s leading knowledge companies specializing in automation system
safety and availability with over 200 years of cumulative experience in functional safety.
Founded by several of the world’s top reliability and safety experts from assessment
organizations like TUV and manufacturers, exida is a partnership with offices around the world.
exida offers training, coaching, project oriented consulting services, internet based safety
engineering tools, detail product assurance and certification analysis and a collection of on-line
safety and reliability resources. exida maintains a comprehensive failure rate and failure mode
database on process equipment.
2.2 Roles of the parties involved
Berthold Technologies Manufacturer of the Level Transmitter LB490 Uni-Probe
exida Performed the hardware assessment according to option 1 (see
section 1).
Berthold Technologies contracted exida.com GmbH in August 2004 with the FMEDA of the
above mentioned device.
2.3 Standards / Literature used
The services delivered by exida were performed based on the following standards / literature.
[N1] IEC 61508-2:2000 Functional Safety of
Electrical/Electronic/Programmable Electronic
Safety-Related Systems
[N2] ISBN: 0471133019
John Wiley & Sons
Electronic Components: Selection and Application
Guidelines by Victor Meeldijk
[N3] FMD-91, RAC 1991 Failure Mode / Mechanism Distributions
[N4] FMD-97, RAC 1997 Failure Mode / Mechanism Distributions
[N5] NPRD-95, RAC Non-electronic Parts – Reliability Data 1995
[N6] SN 29500 Failure rates of components
[N7] NSWC-98/LE1 Handbook of Reliability Prediction Procedures for
Mechanical Equipment
[N8] IEC 60654-1:1993, 2
nd
edition Industrial process measurement and control
equipment – Operating conditions – Part 1:
Climatic conditions
To Next Page
Loading...
