Revision 1.9 HC900 Process & Safety Controller Safety Manual 55
01/14
HC900 PFD
Safety-related systems can be classified as operating in either a low demand mode, or in a high
demand/continuous mode. IEC 61508 quantifies this classification by stating that the frequency of demands
for operation of the safety system is no greater than once per year in the low demand mode, or greater than
once per year in high demand/continuous mode.
Table 6 – SIL Levels
Safety
integrity level
(SIL)
Low demand mode of operation
(the average probability of failure to
perform its design function on demand)
High demand or continuous
mode of operation
(probability of dangerous failure per
hour)
4 ≥10
to <10
≥10
to <10
3 ≥10
to <10
≥10
to <10
2 ≥10
to <10
≥10
to <10
1 ≥10
to <10
≥10
to <10
Probability of Failure on Demand (PFD) for Low Demand Mode
Probability of failure on demand (PFD) is the SIL value for a low demand safety-related system as related
directly to order-of-magnitude ranges of its average probability of failure to satisfactorily perform its safety
function on demand. PFD calculations are commonly used for process safety applications and applications
where ESDs are used. Besides parts 2 and 3 of the IEC/EN 61508 part 6 represents one of the central parts
for the development of safety related systems. Detailed information is given for the quantitative
calculations of safety related systems. IEC61508-6 provides detailed information how to calculate the PFD
values for various system configurations as well as equations for generating the diagnostic coverage (DC)
and safe failure fraction (SFF).
PFD
SYS
= PFD
S
+ PFD
L
+ PFD
FE
PFD
SYS
probability of failure on demand of a safety function for the E/E/PE safety
system
PFD
S
is the average probability of failure on demand for the sensor subsystem
PFD
L
is the average probability of failure on demand for the logic subsystem
PFD
FE
is the average probability of failure on demand for the final element subsystem
Care must be taken to calculate the system elements properly to achieve the correct results Annex B of
IEC61508-6 provides detailed information and techniques for determination of the system.
The HC900 provides both analog and digital input voting blocks. They can be configured as
1oo1 – One out of one - Single channel (point of failure)
1oo2 – One out of two – One channel out of two
1oo2D – One out of two – One channel out of two diagnostic
1oo3 or 2oo3 voting groups.
Other system architectures can be found in IEC 61508-6.
Note: Users can obtain the PFD data for all modules from Honeywell.
To Next Page
Loading...
