HIMatrix 3 Safety Concept for Using the PES
HI 800 023 E Rev. 1.01 Page 19 of 72
In practice, shorter proof test intervals are required for the input and output field devices
(e.g., every 6 or 12 months) than for the HIMatrix controller. Testing the entire safety loop
together with a field device automatically includes the test of the HIMatrix controller. There
is therefore no need to perform additional proof tests of the HIMatrix controller.
If the proof test of the field devices does not include the HIMatrix controller, the HIMatrix
controller must be tested for SIL 3 at least once every 10 years. This can be achieved by
restarting the HIMatrix controller.
If additional proof test requirements apply for special devices, the manual of the
corresponding device must be observed.
3.4 Safety requirements
The following safety requirements must be met when using the safety-related PES of the
HIMatrix system:
3.4.1 Hardware Configuration
Personnel configuring the HIMatrix hardware must observe the following safety
requirements.
Product-Independent Requirements
To ensure safety-related operation, only approved fail-safe hardware and software may
be used. The approved hardware and software are listed in the Version List of Devices
and Firmware of HIMatrix Systems of HIMA Paul Hildebrandt GmbH + Co KG,
Certificate-No. 968/EZ 128.19/09. The latest versions can be found in the version list
maintained together with the test authority.
The operating requirements specified in this safety manual (see Chapter Fehler!
Verweisquelle konnte nicht gefunden werden.) about EMC, mechanical, chemical,
climatic influences must be observed.
Non fail-safe, non-reactive hardware and software may be used for processing safety-
relevant signals, but not for handling safety-related tasks.
The de-energized to trip principle must be applied to all safety circuits externally
connected to the system.
Product-Dependent Requirements
Only connect devices to the system that are safely electrically isolated from the power
supply.
The safe electrical power supply isolation must be ensured within the 24 V system
supply. Only power supply units of type PELV or SELV may be used.
3.4.2 Programming
Personnel developing user programs must observe the following safety requirements.
Product-Independent Requirements
In safety-related applications, ensure that the safety-relevant system parameters are
properly configured.
In particular, this applies to the system configuration, maximum cycle time and safety
time.
Product-Dependent Requirements
Requirements for using the programming tool
The following tools must be used for programming:
- Operating system versions beyond 7: SILworX.
- Operating system versions prior to 7: ELOP II Factory.
Once the application has been created, compile the program twice and compare the two
resulting CRCs to ensure that the program was compiled properly.
To Next Page
Loading...
Need help?
General
