10
Safety concept
4 Safety
Instruction book, IQAN-MC3
The IQAN-MC3 module and input subsystem diagnostics.
It can also be used for input subsystems of up to SIL2 in accordance with EN/IEC
62061, for subsystems type C (zero fault tolerance with a diagnostic function) or type
D (single fault tolerance with a diagnostic function).
Alternatively, it can be used for connection to an input subsystem communication over
CAN, for up to SIL2 or PLd.
Logic subsystem, IQAN-MC3 and application software
The logic subsystem consists of the IQAN-MC3 and the application software. The
hardware and embedded software of the IQAN-MC3 allows it to be used to implement
safety functions of up to SIL2 or PLd.
In order to achieve this, the application software must be designed up to the same level.
The application software can be designed using the generic standard for functional
safety, IEC 61508. However, it is recommended that a standard for the functional safety
of machinery is applied, either EN ISO 13849-1 or EN/IEC 62061. Use IQANdesign to
develop the application software.
It is not necessary for all development of the application to be made using an official
release of IQANdesign; a beta version may be used for prototyping. However, before
the safety integrity of the module can claimed, the application must be upgraded to an
official release of IQANdesign.
Output subsystem
The output subsystem is the output power elements, e.g. valves, which control the
machine actuators. The outputs of the IQAN-MC3 control the valves. Each DOUT or
COUT output on the IQAN-MC3 is individually safe, meaning that the unit does not
place any restriction on the possible architecture for the output subsystem.
MC3-SMR-005:A Only use an official release of IQANdesign
The application shall be built using an officially released version of IQANdesign.
MC3
DIN
DIN
Signal
Conditioning
Signal
Conditioning
CORE
+
IN 2 IN 1
Diagnostics performed in the application
Internal
diagnostics
Sensors
To Next Page
Loading...
