Endress+Hauser Liquiline M CM42 Functional Safety Manual Download Page 24 | Manualshive

Page: 24 / 72

background image

Functional Safety Manual

for the Memosens transmitter Liquiline M CM42 SIL

Version:

Page:

2.0

24

of

72

A

ll

e

R

ec

h

te

v

o

rb

eh

al

te

n

.

D

as

K

o

p

ie

re

n

d

ie

se

s

D

o

k

u

m

en

ts

u

n

d

d

ie

V

er

w

en

d

u

n

g

v

o

n

T

ei

le

n

au

s

d

ie

se

m

D

o

k

u

m

en

t

is

t

o

h

n

e

sc

h

ri

ft

li

ch

e

G

en

eh

m

ig

u

n

g

d

er

E

n

d

re

ss

+

H

au

se

r

C

o

n

d

u

ct

a

G

m

b

H

+

C

o

.

K

G

n

ic

h

t

er

la

u

b

t.

A

ll

ri

gh

ts

re

se

rv

ed

.

P

as

si

n

g

o

n

an

d

co

p

yi

n

g

o

f

th

is

d

o

cu

m

en

t,

u

se

an

d

co

m

m

u

n

ic

at

io

n

o

f

it

s

co

n

te

n

ts

n

o

t

p

er

m

it

te

d

w

it

h

o

u

t

w

ri

tt

en

au

th

o

ri

za

ti

o

n

fr

o

m

E

n

d

re

ss

+

H

au

se

r

C

o

n

d

u

ct

a

G

m

b

H

+

C

o

.

K

G

.

Dangerous undetected failures in this scenario:

A dangerous undetected failure

DU

is defined as a wrong measurement signal on the

current outputs in the range of 4..20 mA, whereas a wrong measurement value is a
value departing for more than the given precision (see chapter 2.1.3) from the true
measurement value.

Some dangerous undetected failure can be found by the voter – but not all of them. In
these cases, the transmitter does not show an error message or an unusual behaviour.

Useful lifetime of electronic components:

The underlying failure rates apply within the useful lifetime according to IEC 61508-2
Clause 7.4.7.4 Note 3 [IEC61508:2000] or Clause 7.4.9.5 Note 3 [IEC61508:2010].
Other values can be used from experience of the previous use in a similar environment.

It is assumed that early failures are detected to a huge percentage during the production
testing and installation period and therefore the assumption of a constant failure rate
during the useful lifetime is valid.

According to IEC 61508-2 section 7.4.7.4 a useful lifetime based on experience should
be assumed.

Note!

Safe operation of the device requires a correct installation according to chapter 2.3.

2.4

Behavior of the device when in operation and in case of failure

2.4.1

Behavior of the device when switched on

When starting the device, loading the software takes about 40-60s.

Safety

related internal tests are carried out. During that time the current output is held at the

high error current (>21.5 mA)

.

The power to the Memosens cable and Memosens sensor is switched on after the boot
phase, not earlier.

2.4.2

Behavior of the device on demand

If an internal error is detected, the device enters the safe state within the error reaction
time (see chapter 2.2).

In case the device reaches the active safe state, the SIL measurement mode is left, but
the SIL mode is still active. So the SIL icon remains visible in the status bar.

«
...
22
23
24
25
26
...
»

Summary of Contents for Liquiline M CM42

Page 1: ...plication Used to run a Memosens sensor to satisfy the particular requirements for safety related systems as per IEC 61508 The measuring device meets the following requirements Functional safety in accordance with IEC 61508 Explosion protection Electromagnetic compatibility in accordance with EN 61326 and NAMUR recommendation NE 21 Electrical safety in accordance with IEC EN 61010 1 Ingress protec...

Page 2: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 3: ...ktion Safety function 1 Sichere Übermittlung des gemessenen mV Wertes und Ausgabe als Messwert in pH auf den Stromausgängen Safe transmission of the measured mV value and output of the converted pH value on both current outs 2 Grenzwertüberwachung des pH Wertes Limit monitoring of pH value 3 4 Sichere Kalibrierung Justierung Safe calibration adjustment Systematischer SIL Systematic SIL Software SI...

Page 4: ...s and boundary conditions 10 2 1 Safety Function SAF SIL measuring mode 10 2 1 1 Safety Function 1 SAF1 limit value monitoring 11 2 1 2 Safety Function 2 SAF2 safe measurement 13 2 1 3 Precision and Timing of SAF1 and SAF2 13 2 1 4 Safe calibration and adjustment SAF3 and SAF4 15 2 2 Safety related signal and safe state 15 2 3 Restrictions for the use in safety related applications 18 2 4 Behavior...

Page 5: ...ent mode 35 4 7 Using the safe sensor calibration and adjustment 38 4 7 1 2 point pH calibration 38 4 7 2 1 point temperature calibration 45 5 Maintenance recalibration 49 6 Proof test 49 6 1 Proof test 49 6 2 Testing to ensure its safe functioning 49 6 2 1 Proof test of the Liquiline M CM42 transmitter 49 6 2 2 Proof test of the Memosens cable CYK10 51 6 2 3 Proof test of the Orbisint CPS11D pH s...

Page 6: ... www endress com SIL and in the competence brochure CP002Z Functional safety in the Process Industry risk reduction with Safety Instrumented Systems Note For general and technical information please read the Technical Information or Operating Instructions of Liquiline M CM42 1 Structure of measuring system using a CM42 SIL transmitter 1 1 System Components A system using CM42 looks for example lik...

Page 7: ...afety function of the transmitter The transmitter must be connected to a safe PCS by using both analogue current outputs The voter can for example be realized by safe function blocks inside a PLC or by a hardware based 2oo2 voter The logic component must be able to handle LO and HI alarms N 3 6mA O 21 0mA The CM42 system has several modes of operation 1 Classic mode 2 SIL mode Active safe state mo...

Page 8: ... Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG is not safe and therefore not executing the safety functions After a reset power on the system is NOT in SIL measurement mode The following diagram gives an overview of the two states of the system...

Page 9: ...in doubt call Endress Hauser service Device versions valid for use in safety related applications CM42 MGx4xxEBxxxx Valid Hardware Versions electronics currently FMIH1 module FC2W1 Ex Rev 07 Version 51512636 FBIH1 Ex Rev 01 Version 71131675 FSDG1 module Ex Rev 04 Version 71083049 Valid Firmware Software versions currently FMIH1 module FC2W1 V1 00 00 0012 Parameter version V11 00 00 FBIH1 V3 03 04 ...

Page 10: ...al documentation is delivered Please see the TI and the Operating Instructions of Liquiline M CM42 Documentation Contents Technical Information TI381CEN 1310 TI381CDE 1310 and future editions Technical data Details to accessories Operating Instructions Depends on the order code of CM42 Identification Installation Cabling Usage Commissioning etc Ex Information XA381CA3 1008 and future editions Safe...

Page 11: ...ons SAF1 and SAF2 SAF3 and SAF4 are special safety functions which are not executed constantly like SAF1 or SAF2 Note In SIL measuring mode the following formulas are used The pH value is computed for a measured voltage U at temperature Tk by using pH U STk pHNP STk slope at temperature Tk zero point pHNP both from pH adjustment The pH value is always automatically temperature compensated ATC usin...

Page 12: ... All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG The defined interval I of the monitored measured value is transferred automatically in an optimum way with respect to resolution to the current outs using a lower limit of 4 mA and an upper limit of 20 mA see picture ...

Page 13: ...int 0 001pH The precision of all values is given in the safety manual of the sensor 2 1 3 Precision and Timing of SAF1 and SAF2 For all information or results given here we assume we have no errors in the slope and zero point of the sensor The error of the Liquiline M CM42 transmitter on the current output caused by the hardware is below 0 05 mA for the complete range from 4 20 mA and for all poss...

Page 14: ... and communication problems etc This value is only valid for the transmitter They do not include delays caused by the cable almost zero for Memosens cable or sensor about 1 second for Orbisint CPS11D see safety manual of sensor Endress Hauser pH measuring chain If you are using a Endress Hauser pH measuring chain using the SIL Memosens CYK10 cable and the pH glass sensor Orbisint CPS11D with KSG2 ...

Page 15: ...e the values in the sensor slope 0 001pH mV and zero point 0 001pH This also refers to the pH values needed for the used pH buffers at the given temperature The safe adjustment does store the results of the calibration in a safe manner into the sensor interacting in a safe way with the user The safely calibrated and adjusted values in the sensor can then be used for the SIL measurement of the pH v...

Page 16: ... of full span for an interval of 14 pH the allowed difference is 0 04 pH 1 143 mA pH 0 04572 mA 0 3 of full span you have to use 0 05 because of the given physical resolution of the current outputs See below for a table of values for different spreading Spread pH 1 0 2 0 3 0 4 0 5 0 6 0 7 0 Allowed difference mA 0 64 4 0 32 0 21 0 16 0 13 0 11 0 09 Spread pH 8 0 9 0 10 0 11 0 12 0 13 0 14 0 Allowe...

Page 17: ...All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG This is the safe function block F_1oo2AI of a Siemens PLC This function block checks for valid inputs compares the two inputs against a configured delta tolerance and checks for a discrepancy time See the manuals of th...

Page 18: ...on this assumption It has to be checked that at all times a SIL capable cable is used e g CYK10 SIL look for the nameplate with the SIL and TÜV logo This can not be checked by the transmitter or the sensor in operation Before going into operation it has to be checked if any metal masses are close to the transmitter or the sensor head which can influence the inductive transmission of the cable and ...

Page 19: ...his is checked for by the Endress Hauser transmitter Liquiline M CM42 Storage temperature see operating instructions Environmental temperature 20 C 4 F up to 60 C 140 F The LED on the display is never used to display any relevant state of the system It is not part of the safe path and therefore deactivated DAT modules are for safety reasons not allowed to be connected to the ports of the display w...

Page 20: ... safe state if the voltage drops below 15 5V o If you are using the HI error current you must use voltage supervision on current output 2 and drive the system to a safe state if the voltage drops below 9V The current output 1 is supervised by the Liquiline M CM42 system and is reset if the voltage on output 1 drops below 9V o We recommend using two independent voltage supplies for the two current ...

Page 21: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 22: ...fety parameters for single channel device operation Parameters according to IEC 61508 Liquiline M CM42 Memosens Safety function 1 pH limit monitoring 2 pH value measurement 3 and 4 safe calibration adjustment See also chapter Fehler Verweisquel le konnte nicht gefunden werden for details SIL Hardware 2 Software 2 in homogenous redundancy 2 HFT 0 Device type B Mode of operation Low demand mode SFF ...

Page 23: ...iprocal of PFH Total assuming constant failure rate 2 During this time all diagnostic functions are completed at least once 3 Time between failure detection and failure reaction here this is the error current 4 Of course you can choose different e g longer proof test intervals Choose the one suited for your application by using the chart given below 0 00E 00 2 00E 03 4 00E 03 6 00E 03 8 00E 03 1 0...

Page 24: ...ause 7 4 7 4 Note 3 IEC61508 2000 or Clause 7 4 9 5 Note 3 IEC61508 2010 Other values can be used from experience of the previous use in a similar environment It is assumed that early failures are detected to a huge percentage during the production testing and installation period and therefore the assumption of a constant failure rate during the useful lifetime is valid According to IEC 61508 2 se...

Page 25: ...e safe state indicates a serious problem with the system If the RAM or ROM Flash Test detects an error the system stops working and sets the error currents without any information on the display passive safe state The display in the passive safe state looks like this Please use this information to report to E H service 2 4 3 Behavior of the device in the event of alarms and warnings Error current ...

Page 26: ...hots shown in this chapter are done using an English version of the Liquiline M CM42 Depending on your language the screen might differ slightly 4 1 Basics of safety relevant operations For all safety relevant operations The SETUP menu has an additional item called Functional safety This has to be used for almost all safety relevant operations To enter or leave the SIL mode you need the user manag...

Page 27: ...Conducta GmbH Co KG 4 3 Method of device parameterization The usual parameterization is described in the standard documentation see chapter 1 4 4 4 Using the SIL mode and the Classic mode Switch to SIL mode The classic mode is the default mode of the device after a reset or power on sequence It is the non safe mode of the traditional Liquiline M CM42 Only in this mode parameter settings can be cha...

Page 28: ... the SIL mode is active and in the status bar the SIL icon is shown Now both current outputs show a high error current until you switch into the SIL measurement mode Leaving SIL mode After selecting this from the Setup Functional Safety menu just enter the password and you will leave the SIL mode the SIL icon is gone Note that the error current is set on the current outputs for at least 4 seconds ...

Page 29: ...authorization from Endress Hauser Conducta GmbH Co KG CAL hold off SETUP hold off DIAG hold off Logbooks on Lab device off Correct hardware and software versions See chapter 1 3 Lower Limit current output 1 and 2 Identical Upper Limit current output 1 and 2 Identical The fastest way to default settings required for SIL mode Use factory settings DIAG Service Factory default The following screenshot...

Page 30: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 31: ...schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG You get this screen if you have not correctly set up all parameters for SIL mode If all parameters are OK you get the screen to input the ex...

Page 32: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 33: ...n of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG Now the menu looks like 4 5 The SIL mode Active safe state mode This mode always displays the reason for its activation It is given as a hexadecimal number and looks like In this example the reason is 00000003 which means user has explicitly deactivated the SIL measurement mode via safe adjustment...

Page 34: ...tivated the SIL measurement mode via safe adjustment 4 00000004 Physical sensor reported internal error change sensor 5 00000005 Sensor value ranges check violation change sensor 6 00000006 Sensor state error bits set change sensor 7 00000007 Sensor and transmitter pH value difference try changing sensor 8 00000008 Sensor sends measurement values too fast or often change sensor 9 00000009 Sensor s...

Page 35: ...y below the SIL mode switch A SIL sensor has to be connected to do this switch Please switch on the SIL measurement mode and check and confirm the values of the sensor s latest calibration zero point slope and sensor temperature adjustment It is necessary to document these values during calibration adjustment and compare them with the values given here The software itself does not have the possibi...

Page 36: ...on Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG The following screenshots give an impression how it looks like on the display ...

Page 37: ...d die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG Now the Functional Safety menu looks like ...

Page 38: ...f a correct safe calibration is used 4 7 1 2 point pH calibration The two point calibration uses the following formulas to compute the slope and the zero point of the sensor in the transmitter the transmitter transforms the given equations internally to reduce computational errors Use two buffers only E H buffers with pH 7 00 and pH 4 00 and in this sequence are allowed measure the two voltages U1...

Page 39: ...uence is the same as for the traditional unsafe calibration adjustment in classic mode Except that there are some safe screens in between During the 2 point calibration in SIL mode the current outputs show the measured values of the calibration Only after the calibration is finished or cancelled the error current is set on both current outputs because you have entered the active safe state Importa...

Page 40: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 41: ...e Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG Now carefully check the next screen if all values are the same and if the value displayed makes sense for you Only if everything is OK push the yes sof...

Page 42: ...nehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG Now again very carefully check the three values If they are all the same you can be sure that these values have been written to the sensor correctly and wi...

Page 43: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 44: ...eserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG You can check if a safe calibration was done by entering the calibration logbook DIAG Logbooks Calibration logbook A safe calibration is marked with SIL The last picture above shows the result of the temperature calibration the ac...

Page 45: ...ent use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG 4 7 2 1 point temperature calibration First enter the menu using the CAL menu in SIL measuring mode and follow the instructions given on the display carefully Again Only the safe screens must be used to document values See the remarks given with the 2 point pH calibration i...

Page 46: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 47: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 48: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 49: ...defined by the operator refer to chapter 2 3 Proof testing must be carried out in accordance with the procedure given below If several devices are used in MooN M out of N configurations the proof test described here must be performed separately for each device In addition checks must be carried out to ensure that all restrictions for the operation are still obeyed see chapter 2 3 6 2 Testing to en...

Page 50: ...nd transmitter are switched off Put the sensor into the buffer with pH 9 0 or pH 9 2 Wait for at least two minutes to discharge almost all capacities of the electronic Switch on the transmitter and wait until the system shows the pH value in the main screen of the transmitter display Now almost all self tests of the device have been run successfully Now run the cable proof test in the menu SETUP F...

Page 51: ... 6 2 2 Proof test of the Memosens cable CYK10 You need a transmitter a Memosens cable and a Memosens sensor All components must be certified according to IEC 61508 Note The proof test can be done in the laboratory or in process The procedure of the proof test is as follows Navigate to the menu Setup Functional Safety and deactivate SIL meas Mode if switched on Enter the menu item Cable Proof Test ...

Page 52: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 53: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 54: ...o need two buffer solutions one with pH 7 0 and the other with pH 4 0 Note The proof test can be done in the laboratory or in process The procedure of the proof test is as follows Navigate to the menu Setup Functional Safety and deactivate SIL meas Mode if switched on Enter the menu Sensor Proof Test Read carefully the instructions given on the display and push the jog shuttle button as requested ...

Page 55: ...ne manually by you A Put electrode into pH 4 0 a Adjust sensor with special slope zero point 1 b Sensor into pH 7 0 B Put electrode into pH 4 0 a Put electrode into pH 7 0 b Adjust sensor with special slope zero point 2 c Sensor into pH 4 0 C Put electrode into pH 7 0 a Adjust sensor with a default slope zero point b Start measuring again D Do a safe calibration and adjustment with this sensor now...

Page 56: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 57: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 58: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 59: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 60: ...Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG In case the system detects a correctable error you get for example In case of an unrecoverable error you get for example ...

Page 61: ...our specific system To avoid this effort a service kit containing both hardware modules FMIH1 SIL and FSDG1 SIL is offered order code 71123799 These modules are not available separately Regarding PFDavg the exchange of both modules is comparable with a new device 2 In case the voter detected an du error error displayed by PCS but Liquiline M CM42 status seems to be ok please send the device back t...

Page 62: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 63: ...genous redundancy But you can use inhomogeneous redundancy to reach SIL 3 using this device Redundant use of the E H SIL2 measuring chain Liquiline M CM42 SIL CYK10 SIL Memosens SIL sensor and one of another manufacturer is an option to reach a SIL3 pH measuring chain 9 Proof test protocol example Application Specific Data Company Measuring point Facility Device type Liquiline M CM42 SIL Serial nu...

Page 64: ...L Mode active safe state mode 21 5 mA 21 5 mA SIL Mode passive safe state mode 21 5 mA 21 5 mA SIL Mode calibration running Measured pH value computed by transmitter Measured pH value computed by sensor SIL Mode SIL measurement mode Measured pH value computed by transmitter Measured pH value computed by sensor System startup until classic mode reached 21 5 mA 21 5 mA 11 PFDavg computation examples...

Page 65: ...her PFDavg than 1 80 10 4 at all times Initial PFDavg of new cable PFDavg 0 0 PFDavg of a two year old cable PFDavg 2 years 1 80 10 4 assuming DU 2 05 10 8 1 h 20 5 FIT and where PFDavg t 1 2 t DU t in hrs Then you do the proof test follow the CM42 menu guidance successfully Proof test coverage is see Memosens cable safety manual 90 New values after the proof test has been successfully finished Ne...

Page 66: ...4 0 1 2 3 4 5 t years PFDavg t PFDavg t Target Allowed PFD PFDavg t The dotted line is the PFDavg t value if the proof test is done after 2 years and 21 6 months The solid line if the proof test is done after 2 years and 4 years And the straight horizontal line denotes the limit of the PFDavg value given by the customer 11 2 PFDavg computation example for a pH measuring point Note The following ex...

Page 67: ...the chain including the communication protocol here the Memosens protocol PFDavg mc PFDavg sensor PFDavg cable PFDavg transmitter PFDavg Memosens protocol Then for a complete safety instrumented system SIS you get PFDavg sis PFDavg mc PFDavg PCS PFDavg actor As an example the value of the complete non redundant Endress Hauser pH measuring chain described at the beginning of this section we get The...

Page 68: ...dress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG For the SFF of this specific chain you get SFFmc 93 8 with SFFsensor 92 3 SFFcable 90 4 and SFFtransmitter 94 8 The following table shows the specific functional safety pa...

Page 69: ... Hauser Conducta GmbH Co KG Parameters according to IEC 61508 E H Memosens pH SIL measuring chain Safety Function 1 pH limit monitoring 2 pH value measurement 3 4 safe calibration and adjustment SIL Hardware 2 Software 2 in homogenous redundancy 2 HFT 0 Device Type B Mode of Operation Low demand mode SFF 93 8 MTTR used for PFD calculation 8 h T1 Proof test interval Recommended 1 1 1 year sensor ca...

Page 70: ...hout written authorization from Endress Hauser Conducta GmbH Co KG 1 According to Siemens SN29500 at 60 100 Celsius 140 F 212 F MTBF calculated as reciprocal of PFH Total 2 During this time all diagnostic functions are completed at least once 3 Time between failure detection and failure reaction 4 Of course you can choose different e g longer proof test intervals Choose the one suited for your app...

Page 71: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Page 72: ...n dieses Dokuments und die Verwendung von Teilen aus diesem Dokument ist ohne schriftliche Genehmigung der Endress Hauser Conducta GmbH Co KG nicht erlaubt All rights reserved Passing on and copying of this document use and communication of its contents not permitted without written authorization from Endress Hauser Conducta GmbH Co KG ...

Reviews:

No comments

Related manuals for Liquiline M CM42

Brand: Samson Pages: 4

Brand: Bamo Pages: 8

Brand: dacell Pages: 22

Brand: DAE Pages: 28

Brand: Omano Pages: 14

Brand: Omicron Lab Pages: 33

Brand: Omicron Lab Pages: 21

Brand: Omicron Lab Pages: 22

Brand: Vectornav Pages: 114

Brand: Qu-Bit Electronix Pages: 10

Brand: Ulvac Pages: 24

Brand: T&D Pages: 2

Brand: T&D Pages: 2

Brand: WAGNER Pages: 9

Brand: YOSensi Pages: 27

STORA-ABG RKS-01

Brand: ECOTEST Pages: 146

Brand: Magnescale Pages: 2

Brand: Datakom Pages: 27

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands