Big Chemical Encyclopedia

Chemical substances, components, reactions, process design ...

Articles Figures Tables About

Logic solver safety requirements

SIS Logic solver Software requirements Integrated systems Function protected against changes and override See user and/or safety manual requirements See user and/or manual requirements... [Pg.40]

This International Standard addresses the application of safety instrumented systems for the Process Industries. It also deals with the interface between safety instrumented systems and other safety systems in requiring that a process hazard and risk assessment be carried out. The safety instrumented system includes sensors, logic solvers and final elements. [Pg.13]

This subclause lists additional requirements to achieve SIL 1 and SIL 2 capability for a safety configured PE logic solver. For additional considerations, see Annex D. [Pg.43]

If the application software is written in a FVL, the developer should follow the requirements and guidelines in lEC 61508-3. If the application software is written in LVL or FPL, the developer may follow the lEC 61511-1 ANSI/ISA-84.00.01-2004 Part 1 (lEC 61511-1 Mod) requirements and guidelines. The developer should follow the restrictions and procedures provided by the logic solver vendor in the safety manual. Programming guidelines and coding/configuration rules should also be developed and used if needed. [Pg.62]

Safety requirements referring to the logic solver hardware (PLC) are described in the safety manual. The constraints refer mainly to such items as performance limits, memory size, response time. [Pg.82]

The limitations inherent in IWDTs may require the addition of external watchdog timers (EWDTs) for PE logic solvers performing safety instrumented functions. The use of EWDTs in no way eliminates the need for IWDTs for safety instrumented functions. [Pg.89]

It seems logical to list the following equipment for this safety instrumented function pressure transmitter, logic solver, inlet feed valve, pump control relay, and outlet isolation valve. However, for each piece of equipment ask the question, "Is this piece of equipment needed to protect against the specific hazardous event " In this case, the pump is turned off just to protect the pump from backpressure burnout. (NOTE - This may be part of another safety instrumented function.) The outlet isolation valve is closed in order to avoid process disruptions in the remainder of the plant. Neither is required to protect against the hazard and should not be included in the SIF verification calculation. The pump control relay may be part of another SIF intended to protect the pump. However, it is likely that this SIF may have a lower safety integrity requirement. [Pg.24]

ANSl/lSA-84.00.01-2004 (lEC 61511 Mod) has a requirement for nainimum levels of "hardware fault tolerance" as a function of SIL level. This means that redundancy for purposes of achieving the safety function must be done depending on the SIL level target of the SIF. For field instruments and non-programmable logic solvers, the chart is shown in Figure 7-6. [Pg.103]

Can a relay logic system be used to satisfy the requirements for a SIL 3 Safety Instrumented Function What are some of the issues that need to be addressed in using relays as a logic solver ... [Pg.154]

A manual emergency shutdown button is required to shutdown a process that uses a Safety PLC as the logic solver. Based on the requirements of lEC 61511, is the emergency shutdown button required to be wired directly to the input of the PLC ... [Pg.154]

The RPS is a sort of SIS (Safety Instrumented System) (Torrres et al., 2009). A SIS is defined as an instrumented system used to implement one or more safety instrumented control functions. A SIS is composed of any combination ofsensors, logic solver and final elements" (lEC 61511, 2003). The standard lEC 61508 requires every safety function to achieve a determined Safety Integrity Level (SIL). For low demand operating systems the SIL levels are defined in terms of average probability of failure on demand (PFDavg, see Table 2). [Pg.365]

Manual means (for example, emergency stop push button), independent of the logic solver, shall be provided to actuate the SIS final elements unless otherwise directed by the safety requirement specifications. [Pg.57]

The following requirements may only be applied to PE logic solvers used in safety instrumented systems which implement SIL 1 or SIL 2 safety instrumented functions. [Pg.62]

The objective of a factory acceptance test (FAT) is to test the logic solver and associated software together to ensure it satisfies the requirements defined in the safety requirement specification. By testing the logic solver and associated software prior to installing in a plant, errors can be readily identified and corrected. [Pg.86]

Defined software safety life cycle - required activities defined to develop application software for each programmed SIS subsystem (sensor, logic solver, and final elements) -12.1.1.1... [Pg.71]

To determine the required fault tolerance for PE logic solvers, the SIL of the SIF and the SFF of the PE logic solver should be determined. The SIL Is documented in the Safety Requirement Specification. The SFF of the PE logic solver is typically determined by a failure mode and effect analysis (FMEA) and is often supplied by the manufacturer for the specific version being specified. [Pg.167]

Programmable Electronic (PE) logic solvers have played an important part in process safety for thirty years. In the last decade, industry has been inundated with new terms and requirements as the functionai safety standards evolved. ANSI/ISA-84.00.01-2004-1 requires the foiiowing ... [Pg.195]

ANSI/ISA-84.00.01-2004 contains several references to the need to provide a manual shutdown backup for the logic solver. The main reference is clause 11.2.8, which states, Manual means (for example, emergency stop push button), independent of the logic solver, shall be provided to actuate the SIS final elements unless otherwise directed by the safety requirement specifications. This clause outlines a specific way a manual shutdown may be implemented, but allows the user to specify other ways to provide a manual shutdown. Manual shutdown can be initiated by the operator using the BPCS, remote or local pushbuttons and switches, or directly with process equipment, e.g., manual closure of valves. Manual shutdown capability should be provided for any SIS where maintenance bypasses are used to support online equipment repair, maintenance, and proof test. [Pg.225]

The ability to shutdown the process, independent of the BPCS controller and SIS logic, solver may be required for some applications. The current editions of NFPA 85 and NFPA 86 require independent means for equipment covered by these practices. The SIS logic solver has a very low failure rate, but what will you do when it fails Even with the very low failure rate, programmable electronic systems can fail. Equipment safety manuals may specifically require independence, especially for SIL 3 applications. When non-fail-safe design is used, e.g., energize to shutdown, independent shutdown facilities should be provided that do not require the SIF support system to be operational. [Pg.226]

The potential for systematic failure in the process specification, programming, and checkout of the SIS is not considered in the safety system PFDavg calculation. That failure rate may have a significant contribution to the potential for loss of the ability to bring the process to a safe state. When there is a failure, whether you have redundancy or not, you need to provide a way to bring the process to a safe state. Clause 11.3 presents requirements for system behavior when a fault is detected. The manual shutdown does not have to be an emergency stop button, which activates the final elements of the SIS, Independent of the logic solver, but some alternate shutdown method should be provided. [Pg.226]

ANSI/ISA-84.01-1996 excluded systems where the operator was the sole means of returning the process to a safe state. ANSI/ISA-84.00.01-2004-1 did not specifically exclude this type of system, but did not explicitly include it either. ANSI/ISA-84.00.01-2004-1 Clauses 11.3.1 through Clauses 11.3.3 provide requirements where the operator is required to take specific action in response to safety critical alarms and diagnostic alarms. When the Hazard and Risk Analysis (H RA) identifies a critical alarm as a protection layer, the detection and response may include many different components, such as sensor(s), logic solver, operator HMI, and final element(s). It is important that all elements, including the operator, be capable of achieving the required risk reduction. ISA-TR84.00.04-1 Annex B provides additional discussion on this subject. [Pg.245]

The term prior use is used in ANSI/ISA-84.00.01-2004-1. This term is applied when the owner/operator is justifying the implementation of a device in an SIF application based on prior use of the device in a similar operating profile. The standard provides specific requirements for assessing prior use for devices based on the device type, safety integrity level, and, in the case of PE logic solvers, the safe failure... [Pg.246]

It is quite a common feeling in people s minds that there are special requirements for SIL instruments. Alternatively, some put a lot of stress on selecting SIL for a logic solver as it controls the loop. What is a safety loop To answer these issues, it is important to understand how the safety of a loop can be assessed. In this clause the emphasis will be on calculation of SIL for the safety loop and what this actually means. [Pg.563]

Referring to Fig. VIII/1.4 1 it is seen that the safety loop comprises sensor S1L2, logic solver S1L3, and final element S1L2. (For better understanding of a safety loop Fig. VIII/1.4 2 may be referred to.) Here, focus is on the sensor to check that the certificate conforms to the requirements. As discussed earlier and shown in... [Pg.573]

Another important issue here is that a PLC can be used for safety function after proper PHA only. The basic technical requirements of specifications for a PLC or logic solver are beyond the scope of this book. Interested readers may refer to Chapter VII of [1], where details are discussed. Here only safety aspects of a PLC/logic solver are discussed based on lEC 61508/61511. The requirements of safety specifications shall cover both function and safety properties to be considered during the design phase for achievement of functional safety for PE systems. [Pg.579]

See other pages where Logic solver safety requirements is mentioned: [Pg.356]    [Pg.54]    [Pg.66]    [Pg.77]    [Pg.84]    [Pg.90]    [Pg.24]    [Pg.68]    [Pg.71]    [Pg.121]    [Pg.122]    [Pg.122]    [Pg.195]    [Pg.196]    [Pg.172]    [Pg.517]    [Pg.519]    [Pg.538]    [Pg.548]    [Pg.595]    [Pg.602]    [Pg.670]    [Pg.712]   
See also in sourсe #XX -- [ Pg.680 , Pg.681 , Pg.681 ]



SEARCH



Safety requirements

Solver

© 2024 chempedia.info