Section 1 Safety Operator Warnings
Warnings
2PAA110888-600 - Warnings based on 3BNP004865-600 RevA
17
a calculation to check if the result is OK. If the result is not OK the user has to
handle this in an appropriate way.
Programming Languages and Libraries
For an overview of certification levels and safety restrictions for System Functions
and Library Types, see Appendix A, Certified Libraries.
It is not allowed to use Functions, Function Blocks or Control Modules marked as
SILxRestricted in a way that can influence the safety function of a SIL classified
application. If such code affects an output from a SIL3 application, it might result in
a Safety Shutdown.
It is not allowed to use output parameters from Function Blocks or Control Modules
marked with NONSIL in the parameter description in a way that can influence the
safety function of a SIL classified application. If such code affects an output from a
SIL3 application, it might result in a Safety Shutdown.
The Split and Join elements shall not be used in SIL Diagrams, since reverse
components are not transferred. If needed, single (forward) components can be
retrieved using dot notation, i.e. the (structured) signal can be branched, and a
component from one of the branches can be connected to application logic.
If a faceplate with possibility for operator changes to objects in a SIL classified
application is to be created or modified, the guidelines for Confirmed Write support
in chapter Access Management Settings shall be followed.
Control Builder M Professional - Settings and Restrictions
If the EN (Enable) input on functions and function blocks is used in FBD and FD,
great care shall be taken to avoid unintentional stop of application execution.
The user shall always connect the EN input to true when used on SFC and ST Code
Blocks in FD.
When setting the “Application type” due care shall be taken to the properties of the
process to be controlled by the AC 800M HI.
FDRT (Fault Detection and Reaction Time) is the maximum time from an internal
error occur in the controller, to the defined action is taken. This time shall be set
according to the process safety time and the demand rate of the controlled process.