Pepperl+Fuchs SIL KFD0-RSH-1, Руководство по безопасности

Страница: 7 / 20

Safety Manual SIL KFD0-RSH-1(-Y2), KFD2-SL-4
Planning
2
014-07
7
2.2 Assumptions
The following assumptions have been made during the FMEDA analysis:

The device shall claim less than 10 % of the total failure budget for a SIL2
safety loop.

For a SIL2 application operating in Low Demand Mode the total PFD
avg
value
of the SIF ( S afety I nstrumented F unction) should be smaller than 10
-2
, hence
the maximum allowable PFD
avg
value would then be 10
-3
.

For a SIL2 application operating in High Demand Mode of operation the total
PFH value of the SIF should be smaller than 10
-6
per hour, hence the
maximum allowable PFH value would then be 10
-7
per hour.

The device shall claim less than 10 % of the total failure budget for a SIL3
safety loop.

For a SIL3 application operating in Low Demand Mode the total PFD
avg
value
of the SIF ( S afety I nstrumented F unction) should be smaller than 10
-3
, hence
the maximum allowable PFD
avg
value would then be 10
-4
.

For a SIL3 application operating in High Demand Mode of operation the total
PFH value of the SIF should be smaller than 10
-7
per hour, hence the
maximum allowable PFH value would then be 10
-8
per hour.

Failure rate based on the Siemens SN29500 data base.

Failure rates are constant, wear out mechanisms are not included.

External power supply failure rates are not included.

The safety-related device is considered to be of type A components with a
Hardware Fault Tolerance of 0 .

Since the loop has a Hardware Fault Tolerance of 0 and it is a type A
component, the SFF must be > 60 % according to table 2 of IEC 61508-2 for a
SIL2 (sub)system.

Since the loop has a Hardware Fault Tolerance of 0 and it is a type A
component, the SFF must be > 90 % according to table 2 of IEC 61508-2 for a
SIL3 (sub)system.

It is assumed that the device will be used under average industrial ambient
conditions, which are comparable with the classification "stationary mounted"
in MIL-HDBK-217F. Alternatively, the following ambient conditions are
assumed:
• IEC 60654-1 Class C (sheltered location) with temperature limits in the
range of the manufacturer's specifications and an average temperature
of 40
º
C over a long period. A moisture level within the manufacturer's
specifications is assumed. For a higher average temperature of 60
º
C,
the failure rates must be multiplied by a factor of 2.5 based on empirical
values. A similar multiplier must be used if frequent temperature
fluctuations are expected.