SOMMAIRE
LOREME
12, rue des Potiers d'Etain - 57071 Metz
03.87.76.32.51 - Fax 03.87.76.32.52 - Email: [email protected] - [email protected]
E 12
Abbreviation
Description
HFT
Hardware Fault Tolerance, capability of a functional unit to continue the execution of the demanded function when
faults or anomalies exist.
MTBF
Mean interval between two failures
MTTR
Mean interval between the occurrence of the failure in a device or system and its repair
PFD
Probability of a dangerous failure of a system on demand
PFDavg
Average of probability of dangerous failure of a system on demand
SIL
Safety Integrity Level, the international standard IEC 61508 defines four discrete safety integrity levels (SIL1 to SIL4).
Each level corresponds to a specific probability range with respect to the failure of a safety function. The higher the
integrity level of the safety-related system, the lower the likelihood of the demanded safety functions not occurring.
SFF
Safe Failure Fraction, the proportion of failures without the potential to put the safety-related system into
a dangerous or impermissible functional state.
TProof
In accordance with IEC 61508-4, chapter 3.5.8, TProof is defined as the periodic testing to expose errors in a
safety-related system.
XooY
Classification and description of the safety-related system with respect to redundancy and the selection procedure
used. "Y" indicates how often the safety function is carried out (redundancy). "X" determines how many channels must
work properly.
λsd and λsu
λsd Safe de λsu Safe undetected Safe failure (IEC 61508-4, chapter 3.6.8):
A safe failure is present when the measuring system switches to the defined safe state or the fault signaling mode with
out the process demanding it.
λdd and λdu
λdd Dangerous de λdu Dangerous undetected Unsafe failure (IEC 61508-4, chapter 3.6.7):
Generally a dangerous failure occurs if the measuring system switches into a dangerous or functionally inoperable
condition.
λdu
λdu Dangerous undetected. A dangerous undetected failure occurs if the measuring system doesn't switch into a define
safe state, or into an alarm signaling mode on process demand.
Appendix : term and definitions
.
SIL stands for "Security Integrity Level", which is the level of integrity of security. The concept of SIL has been introduced in the
IEC61508 standard and is incorporated in standards derived from IEC61508, such as the IEC61511 standard for safety instrumented
systems (SIS) for processes and IEC62061 for safety systems with programmable electronics for machines.
When you want to make a security application, you have to start by assessing the risk (its dangerousness, its frequency of occur-
rence), which leads to defining the security requirements that we expect from the SIS. to say its SIL.
Ultimately, the SIL defines the level of reliability of the SIS. There are two ways to define the SIL, depending on whether the security
system operates in low demand mode or if on the contrary it operates continuously or with high demand. There are 4 levels of SIL
(rated SIL1 to SIL4) higher the SIL level, higher the availability of the security system.
For
Safety system operating in low demand mode
,
The failure measure is based on average Probability of dangerous Failure on Demand ( PFD
avg
) with a 10 years period.
The relationship between SIL level and PFDavg are following:
SIL 4 : PFDavg from 10
-5
to 10
-4
SIL 3 : PFDavg from 10
-4
to 10
-3
SIL 2 : PFDavg from 10
-3
to 10
-2
SIL 1 : PFDavg from 10
-2
to 10
-1
For
Safety system operating in high demand mode,
The failure measure is based on average Frequency of Dangerous failure per hour. relationship between level and PFH are following:
SIL 4 : PFH from 10
-9
to 10
-8
SIL 3 : PFH from 10
-8
to 10
-7
SIL 2 : PFH from 10
-7
to 10
-6
SIL 1 : PFH from 10
-6
to 10
-5
4-20mA signal isolator, signal splitter with 2,3,4 outputs
SIL2 / SIL3
CAL4/100ig CAL4/100igM
SIL levels scale :
Mode of operations
SIL*
Low demand
PFD**
High demand
PFH***
Risk reduction
factor
4
≥10
-5
to <10
-4
≥10
-9
to <10
-8
10 000 to 100 000
3
≥10
-4
to <10
-3
≥10
-8
to <10
-7
1 000 to 10 000
2
≥10
-3
to <10
-2
≥10
-7
to <10
-6
100 to 1 000
1
≥10
-2
to <10
-1
≥10
-6
to <10
-5
10 to 100
* Safety integrity level
** Probability of Failure on low Demand
*** Probability of a dangerous Failure per Hour