DRAFT - 26 March 2015
DRAFT - 26 March 2015
SM45-55-SAD Rev 3
7
6
The above failure rates apply to the hazardous area output only. The line fault detection function is not included
in these figures.
• FITs means failures per 10
9
hours or failures per thousand million hours.
• Reliability data for this analysis is taken from IEC TR 62380:2004 Reliability Data Handbook.
• Failure mode distributions are taken principally from IEC 62061:2005 Safety of Machinery.
It is assumed that the module is powered from a nominal 24Vdc supply. The product has been assumed to
operate at a maximum ambient temperature of 45°C under normal conditions.
Example of use in a safety function
In this example for a
loop-powered
module the application context is assumed to be:
• the safety function is to
de-energise
the output on demand
The failure modes shown above can then be defined as
Failure mode
Category
Output stuck ON
Dangerous undetected,
λ
du
Output stuck OFF (no output)
Safe undetected,
λ
su
Output uncertain (OK or OFF)
Safe undetected,
λ
su
Correct operation but reduced output
voltage when ON
Safe undetected,
λ
su
Correct operation (failures have no
effect)
No effect,
λ
ne
The failure rates for these categories are then (FITs)
Model
λ
sd
λ
su
λ
dd
λ
du
λ
ne
*
MTL4521 or MTL5521
0
255
0
0
100
In this example, the safe failure fraction is 100%.
*Note, that
λ
ne
is not used in the calculation of SFF.
Accordingly, the SFF of all module types described in this manual are as follows, for applications where the
element safety function is to de-energise the output:
Model
λ
sd
λ
su
λ
dd
λ
du
λ
ne
*
SFF
Loop-powered
modules
MTLx521
0
255
0
0
100
100%
MTL4521L
0
261
0
0
101
100%
MTL4523L
0
258
0
0
73
100%
MTL5522
0
312
0
0
108
100%
MTL5525
0
269
0
0
103
100%
Separately-powered
modules
MTLx523/23x/23VL
0
307
0
8
100
97%
MTLx524/4524S
0
305
0
20
110
94%
MTL4525
0
322
0
21
116
94%
