3.2.4 Reference safety architectures - 1oo2
1oo2 reference architecture (Figure 4) contains two separate channels, either implemented as 1oo1
reference architecture ensuring safety integrity of Compliant item through combining Device internal processes
(implemented safety mechanisms) with external processes WDTe and VMONe. The overall safety integrity is then
ensured by the external voter PEv, which allows claiming hardware fault tolerance (HFT) equal to 1. Achievement
of higher safety integrity levels as per IEC61508-2 Table 3 is therefore possible. Appropriate separation between
the two channels (including power supply separation) should be implemented in order to avoid huge impact of
common-cause failures (refer to Section 4.2 Analysis of dependent failures). However, β and βD parameters
computation is required.
1oo2 reference architecture targets SIL3.
Figure 4. 1oo2 reference architecture
Actuators
Sensors
VMONe
PEc
PEoPEi
PEd
WDTeVMONe
PEv
PEc
PEoPEi
PEd
WDTe
UM2305
Compliant item
UM2305 - Rev 10
page 7/110
To Next Page
Loading...
Need help?
General
