Rockwell Automation Publication ICSTT-RM447M-EN-P - July 2019 65
AADvance System Architectures Chapter 4
V = voting
Table 6 - Modules for SIL 2 Architecture
SIL 2 Fault Tolerant Output Architecture
A SIL 2 Fault Tolerant output architecture has a single output module with
dual processor and single or redundant input modules.
The illustration shows a SIL 2 single output arrangement where the output
module operates in 1oo1D under no fault conditions and fail-safe on the first
detected fault. The processor will operate in 1oo2D under no fault conditions,
will degrade to 1oo1D on the first fault in either processor module and will
fail-safe when there are faults on both processor modules.
Digital Output
For digital output modules the following applies:
• If the required safe state is ON, you must use dual digital output
modules for High Demand applications.
Position Module Type
I/P A and B 2 × T9401/2 Digital Input Module, 24 Vdc, 8/16 Channel +
T9802 Digital Input TA, 16 Channel, Dual or
2 × T9431/2 Analogue Input Module, 8/16 Channel, Isolated, + T9832 Analogue Input TA, 16
Channel, Dual
T9300 I/O Base Unit
CPU A 2 x T9110 Processor Module, T9100 Base Unit
O/P A T9451 Digital Output Module, 24 Vdc, 8 Channel +
T9851 Digital Output TA, 24 Vdc, 8 Channel, Simplex; T9300 I/O Base Unit or
1 x T9481/T9842 Analogue Output Module, 3/8 Ch, Isolated + T9881 Analogue Output TA, 8 Ch,
Simplex
To Next Page
Loading...
Need help?
General
