APPENDIX C
Curtis AC F4-A Motor Controller – August 2020 Return to TOC
pg. 194
To mitigate the hazards typically found in machine operations, EN13849 requires that safety functions
be dened; these must include all the input, logic, outputs, and power circuits that are involved in any
potentially hazardous operation. Two safety functions are dened for Curtis Enhanced AC Motor
Controllers: Uncommanded Powered Motion and Motor Braking Torque.
e Uncommanded Powered Motion safety function provides detection and safe shutdown in the
following circumstances: faulted throttle; improper sequence of forward/reverse switches, throttle,
and interlock; incorrect direction of travel; loss of speed control or limiting; uncommanded
movement; or movement at start-up. e Braking Torque safety function provides detection and
safe shutdown in the event of the loss of braking torque, position/hill hold, or emergency reverse.
Curtis has analyzed each safety function and calculated its Mean Time To Dangerous Failure
(MTTFd) and Diagnostic Coverage (DC), and designed them against Common Cause Faults (CCF).
e safety-related performance of the F-series controller are summarized as follows:
Safety Function Designated Architecture MTTFd DC CCF PL
In-commanded
Powered Motion
2 >40 yrs. >90 % Pass D
Motor Braking Torque 2 >16 yrs. >90 % Pass C
EN1175-1 (1998+ +A1 (2010) species that traction and hydraulic electronic control systems must
use Designated Architecture 1 or greater. is design employs input, logic, and output circuits
that are monitored and tested by independent circuits and soware to ensure a high level of safety
performance (up to PL=d).
Mean Time To Dangerous Failure (MTTFd) is related to the expected reliability of the safety
related parts used in the controller. Only failures that can result in a dangerous situation are
included in the calculation.
Diagnostic Coverage (DC) is a measure of the eectiveness of the control system’s self-test and
monitoring measures to detect failures and provide a safe shutdown.
Common Cause Faults (CCF) are so named because some faults within a controller can aect
several systems. EN13849 provides a checklist of design techniques that should be followed to achieve
sucient mitigation of CCFs. e CCF value is a pass/fail criterion.
Performance Level (PL) categorizes the quality or eectiveness of a safety channel to reduce the
potential risk caused by dangerous faults within the system with “a” being the lowest and “e” being
the highest achievable performance.
To Next Page
Loading...
Need help?
General
