EasyManua.ls Logo

Pepperl+Fuchs KFD2-SH-Ex1 - Assumptions

Pepperl+Fuchs KFD2-SH-Ex1
28 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
2017-04
10
Functional Safety KFD2-SH-Ex1(.T)(.OP), KHA6-SH-Ex1
Planning
3.2 Assumptions
The following assumptions have been made during the FMEDA:
The fault indication output which signals if the field circuits are broken or
shorted is not considered in the FMEDA and the calculations.
For output I of the KFD2-SH-Ex1 and KHA6-SH-Ex1 devices, use the
3 redundant relay contacts to establish the necessary redundancy.
Failure rate based on the Siemens standard SN29500.
Failure rates are constant, wear is not considered.
External power supply failure rates are not included.
The safety-related device is considered to be of type A device with a hardware
fault tolerance of 0.
Observe for the high demand mode the useful lifetime limitations of the output
relays.
The device will be used under average industrial ambient conditions, which
are comparable with the classification "stationary mounted" in MIL-HDBK-
217F. Alternatively, the following ambient conditions are assumed:
IEC/EN 60654-1 Class C (sheltered location) with temperature limits in the
range of the manufacturer's specifications and an average temperature of
40 ºC over a long period. The humidity level is within manufacturer's rating.
For a higher average temperature of 60 ºC, the failure rates must be
multiplied by a factor of 2.5 based on experience. A similar factor must be
used if frequent temperature fluctuations are expected.
SIL 3 application
If you use output I of the device, you can reach SIL 3 according to IEC 61508.
The device shall claim less than 10 % of the total failure rate for a SIL 3 safety
loop.
For a SIL 3 application operating in low demand mode the total PFD
avg
value
of the SIF (Safety Instrumented Function) should be smaller than 10
-3
, hence
the maximum allowable PFD
avg
value would then be 10
-4
.
For a SIL 3 application operating in high demand mode the total PFH value of
the SIF should be smaller than 10
-7
per hour, hence the maximum allowable
PFH value would then be 10
-8
per hour.
Since the safety loop has a hardware fault tolerance of 0 and it is a type A
device, the SFF must be > 90 % according to table 2 of IEC/EN 61508-2 for a
SIL 3 (sub) system.

Table of Contents

Related product manuals