2223A Oxygen Transmitter Functional Safety Manual
02223006A / Revision 0 3
2 DEFINITIONS AND DESCRIPTIONS
2.1 Safety instrumented system (SIS)
A safety instrumented system comprises components and subsystems (from sensor
through to final element) which provide functions aimed at mitigating dangerous failure
conditions.
2.2 Safety function
A defined function executed by a safety instrumented system which is intended to mitigate
a specific dangerous event.
2.3 Safe failure
A failure other than the specific failures which lead to the defined hazardous failure state.
2.4 Dangerous failure
A specific failure mode which leads to a defined non-functioning state. Note that there may
be more than one dangerous failure mode for any particular system.
2.5 Detected failure
A failure that is detected by diagnostic tests, proof tests, operator intervention or through
normal operation.
2.6 Type A and type B subsystems
This relates to the complexity of the subsystem and the degree to which it is understood.
A subsystem is classified as Type A if all of the following are true:-
• The failure modes of all components are well defined
• The behaviour of the subsystem under fault conditions can be completely
determined
• There is sufficient dependable field failure data to show that the claimed failure
rates for detected and undetected dangerous failures are met.
A subsystem is classified as Type B if any of the following are true:-
• The failure mode of at least one component is not well defined
• The behaviour of the subsystem under fault conditions cannot be completely
determined
• There is insufficient dependable field failure data to support claims for failure rates
for detected and undetected dangerous failures.
Type B subsystems include those with complex components (e.g. microprocessors) or
software.
To Next Page
Loading...
Need help?
General