understood as the average time for the first (and only) failure of the equipment; in this case MTBF is equal to
MTTF.
In ISO 13849-1 the DC for each single component has the same meaning of the IEC 61508 metric; results of this
Safety Manual can therefore be reused. However, this standard defines the concept of DC
avg
applicable to the
whole SRP or CS in the form of the equation defined in Annex E, formula E.1, where the contribution of each part
of the control system is weighted with respect to MTTF of the various subsystems of the channel. The standard
denies any possibility of fault exclusion while calculating DC
avg
(ISO13849-2 Tab.D.21 no exclusion allowed) and
this is the same assumption done in STM32F2 Series analysis in this Safety Manual.
It is necessary to calculate the DC
avg
only for subsystem made of a 2 MCUs architecture by applying the formula:
DC
avg
=
DC
MCU1
MTTF
MCU1
+
DC
MCU2
MTTF
MCU2
1
MTTF
MCU1
+
1
MTTF
MCU2
For two identical MCUs having the same DC and MTTF, DC
avg
= DC.
Note: An evaluation of the possible common failure modes is required for any architectural solution implemented with
two channels. ISO 13849 defines a simplified approach with respect to IEC 61508 approach.
Table 7 of the ISO 13849 standard provides a simplified procedure for PL evaluation of SRP or CS based on
category, DC
avg
and MTTFd. It is worth to note that each architectural solution analyzed in this Safety Manual
results in PFH-values producing high values of MTTF.
A.1.3 ISO 13849 work products
The following table lists the work products required by the ISO 13849, and how to map these into available work
products from IEC 61508 compliance activity:
Table 120. ISO 13849 work product grid
ISO 13849-1
STM32F2 Series
IEC 61508 document
Information to be provided ISO 13849-1 Part-Clause
Safety functions provided by the SRP or CS
10 Technical documentation End user responsibility
Characteristics of each safety function
Exact points at which the safety-related part(s)
start and end
Environmental conditions
Performance level (PL)
Category or categories selected
Parameters relevant to the reliability (MTTFd, DC,
CCF and mission time)
10 Technical documentation
STM32F2 Series Safety Manual
and FMEA
Measures against systematic failure
Technology or technologies used;
All safety-relevant faults considered
Justification for fault exclusions (see ISO 13849-2) 10 Technical documentation End user responsibility
UM1845
ISO 13849-1 / ISO 13849-2
UM1845 - Rev 4
page 90/108
To Next Page
Loading...
