Application manual for PSRclassic and PSRmultifunction, and the modular safety relay system
PHOENIX CONTACT
102597_en_03
2.3.5
Determination of the achieved safety integrity for the entire
SRECS
To determine the achieved safety integrity level, the PFH
D
values of the individual subsys-
tems must now be added together. The result must lie within the SIL required for the safety
function.
Furthermore, the SILCL of an individual subsystem determines the maximum achievable
SIL for the SRECS. For safety components with integrated diagnostics, this is provided by
the manufacturer. For subsystems consisting of discrete components, this value must be
determined using the table below.
1)
A hardware fault tolerance of N means that N + 1 faults can lead to a loss of the SRCF.
2)
See EN 62061, Section 6.7.7.
2.3.6
Verification of the achieved SIL
Each individual subsystem and the entire safety chain must both meet the requirements of
the necessary SIL. This includes both the quantitative evaluation and the consideration of
systematic aspects.
The systematic aspects include:
–
Correct dimensioning of components
–
Consideration of expected operating conditions and ambient conditions
–
Use of basic and proven safety principles
–
Avoidance of specification errors and software errors through testing
Table 2-2
Determination of the safety integrity level (in accordance with EN 62061)
Safety integrity
level
Average frequency of a dangerous failure per hour (PFH
D
)
3
≥
10
-8
to <10
-7
2
≥
10
-7
to <10
-6
1
≥
10
-6
to <10
-5
Table 2-3
Determination of the safety integrity level for a subsystem with discrete com-
ponents (in accordance with EN 62061)
Safe failure fraction
Hardware fault tolerance
1)
0
1
2
<60 %
Not permitted
2)
SIL 1
SIL 2
60 % to <90 %
SIL 1
SIL 2
SIL 3
90 % to <99 %
SIL 2
SIL 3
SIL 3
≥
99 %
SIL 3
SIL 3
SIL 3
Содержание 2702924
Страница 137: ......