Big Chemical Encyclopedia

Chemical substances, components, reactions, process design ...

Articles Figures Tables About

Requirements for hardware fault tolerance

1 For safety instrumented functions, the sensors, logic solvers and final elements shall have a minimum hardware fauit toierance. [Pg.59]

NOTE 1 Hardware fault tolerance is the ability of a component or subsystem to continue to be able to undertake the required safety instrumented function in the presence of one or more dangerous faults in hardware. A hardware fault tolerance of 1 means that there are, for example, two devices and the architecture is such that the dangerous failure of one of the two components or subsystems does not prevent the safety action from occurring. [Pg.59]

NOTE 2 The minimum hardware fault tolerance has been defined to alleviate potential shortcomings in SIF design that may result due to the number of assumptions made in the design of the SIF, along with uncertainty in the failure rate of components or subsystems used in various process applications. [Pg.59]

NOTE 3 It is important to note that the hardware fault tolerance requirements represent the minimum component or subsystem redundancy. Depending on the application, component failure rate and proof-testing interval, additional redundancy may be required to satisfy the SIL of the SIF according to 11.9. [Pg.59]

2 For PE logic solvers, the minimum hardware fault tolerance shall be as shown in Table 5. [Pg.59]

The requirements of this part of the standard are targeted at ensuring that architectures have the necessary fault tolerance for random hardware faults and some systematic faults. In deciding the extent of fault tolerance needed there are a number of factors that should be taken into consideration as follows  [Pg.40]

The international working group that prepared lEC 61508 considered the above factors and specified the extent of fault tolerance required in lEC 61508-2. In preparing this sector-specific standard for the process sector it was considered that the requirements for fault tolerance of field devices and non PE logic solver could be simplified and the requirements in lEC 61511-1 ANSI/ISA-84.00.01-2004 Part 1 (lEC 61511-1 Mod) could be applied as an alternative. It should be noted that subsystem designs may require more component redundancy than what is stated in Tables 5 and 6 in order to satisfy availability requirements. [Pg.40]

No reproduction or n ortdng permitted without license from IHS [Pg.40]

The requirements for hardware fault tolerance can apply to individual components or subsystems required to perform a SIF. For example, in the case of a sensor subsystem comprising a number of redundant sensors, the fault tolerance requirement applies to the sensor subsystem in total, not to individual sensors. [Pg.41]

3 Table 6 of lEC 61511-1 ANSI/ISA-84.00.01-2004 Part 1 flEC 61511-1 Modi defines the basic level of fault tolerance for sensors, final elements, and non-PE logic solvers having the required SIL claim limit in the first column. The requirements in Table 6 are based on the requirements in lEC 61508-2 for PE devices with a SFF between 60 and 90 %. The requirements are based on the assumption that the dominant failure mode is to the safe state or that dangerous failures are detected. [Pg.41]

Requirements for hardware fault tolerance as per guides given in this standard (see and compare with Table VI/4.2.3-2 meant for lEC 61508), but SIL 4 as per lEC 61508. [Pg.453]

For hardware fault tolerance, faults with very low likelihood, in relation to the safety integrity requirements, may be excluded (to be justified and documented). [Pg.436]

This subclause allows the hardware fault tolerance of all subsystems except PE logic solvers to be reduced by one on certain conditions. These conditions will apply to devices such as valves or smart transmitters and reduce the likelihood of systematic failures such that the requirements are aligned to the requirements of lEC 61508-2 for non PE devices. [Pg.41]

ANSl/lSA-84.00.01-2004 (lEC 61511 Mod) has a requirement for nainimum levels of "hardware fault tolerance" as a function of SIL level. This means that redundancy for purposes of achieving the safety function must be done depending on the SIL level target of the SIF. For field instruments and non-programmable logic solvers, the chart is shown in Figure 7-6. [Pg.103]

Solution The sensor subsystem consists of one switch. Type A. It has hardware fault tolerance of 0 since one dangerous failure will fail the SIF. The SFF is 40%. According to Figure 7-8. Type A Architecture Requirements lEC 61508, the subsystem qualifies for SIL 1. [Pg.109]

Based on the requirements of lEC 61508, the above system satisfies the minimum hardware fault tolerance for SIL 1. [Pg.180]

The required SIL is shown with the relationship between hardware fault tolerance (HWFT) and safe failure fraction (SFF) for two types in Table 4. [Pg.1083]

According to die requirements o/IEC 6151 LI first edition 2003-01 Section 11.4-4 and the assessment described in Section 5.1 the Type B pressure transmitter XXX with a hardware fault tolerance of 0 and SFF 60 to <90% is considered suitable for use in SIL2 safety function. The decision on the usage of prior-use device, however, is always with the end user (to make a note by reader). [Pg.574]

The second objective of the requirements of this clause is to review and evaluate the requirements placed on the software by the hardware and embedded software architecture of the SIS. These include side-effects of the SIS hardware/software behaviour, the application specific configuration of SIS hardware, the inherent fault tolerance of the SIS and the interaction of the SIS hardware and embedded software architecture with the application software for safety. [Pg.77]

It may also be able to justify less fault tolerance than required by Table 6, when the dangerous failure modes of the SIF devices and associated process interfaces are well understood. Clause 11.4.4 states that if the selection of a device is based on prior use, then, under specific conditions, the fault tolerance for sensors, final control elements, and non-PE logic solvers can be reduced by 1. The reduction of fault tolerance is acceptable, since prior use establishes the field application data, which includes the random hardware failures for the device itself and the random failures due to the process and field device interfaces. [Pg.168]

The SIL value achievable by any sub system is determined by both its PFDavg for random hardware failures and by the level of fault tolerance required by the standard for a particular type of device. The standard defines these as architectural constraints in Tables 2 and 3 in part 2. [Pg.235]

The SIS logic solver has a claim limit of SIL 3, which addresses failures of hardware, architectural requirements (fault tolerance) and the embedded software. Note that systematic failures of application software were not addressed in the certification of the logic solver. Systematic logic solver application software failure issues were addressed by shadowing the logic in the BPCS (see bubble diagrams Figures 4, 6, and 8). The BPCS was used to reduce the systematic failures of SIS application software however, the contribution of the BPCS hardware to the PFD has not been included in the fault tree analysis for each SIF. [Pg.38]

See other pages where Requirements for hardware fault tolerance is mentioned: [Pg.40]    [Pg.18]    [Pg.59]    [Pg.40]    [Pg.18]    [Pg.59]    [Pg.148]    [Pg.66]    [Pg.818]    [Pg.129]    [Pg.131]    [Pg.40]    [Pg.41]    [Pg.36]    [Pg.99]    [Pg.6]    [Pg.282]    [Pg.66]    [Pg.181]    [Pg.194]    [Pg.282]    [Pg.28]    [Pg.379]    [Pg.198]    [Pg.28]    [Pg.235]    [Pg.623]   


SEARCH



Fault tolerance

Fault tolerant

Hardware

Hardware fault tolerance

Tolerances requirements

© 2024 chempedia.info