Honeywell RM7800, RM7823, RM7830, RM7838, RM7840 User Manual

SIL

3

RM/EC 7800 Burner Controller

SAFETY MANUAL

Edition 11.19 · 320023101 · EN

1 Scope and Purpose of the

Document

This document provides an overview of the user responsibil-

ities for installation and operation of the Honey well 780 0
Series Relay Modules in order to maintain the designed safety
level. Items that will be addressed are proof testing, repair and
replacement of the device, reliability data, lifetime, environ­mental and application limits, and parameter settings.

This Safety Manual is limited to Models: RM7800, RM7823,

RM7830, RM7838, RM7840, RM7845, RM7850, RM7865,
RM7885, RM7888, RM7890, RM7895, RM7896, RM7897,
RM7898, EC7820, EC7823, EC7830, EC784 0, EC7850,
EC7890, EC7895 with one of the following Flame Detectors
and Flame Amplifiers:

Table 1. 7800 Series Burner Controller Models and Series

MODEL SERIES MODEL SERIES MODEL SERIES MODEL SERIES

RM780 0

RM7823

RM7830

RM7838

RM784 0*

RM7845

*NOTE: RM7840E1016, RM78 40L1018 and RM7840L1026

MODEL SERIES

R78 47B 5

R7852B 1

R78 47C 5

R7851C 2

R7861A 2

R7886A 2

9

6

5

9

8

3

RM7850

RM7865

RM7885

RM7888

RM7890

5

4

5

5

9

RM7895

RM7896

RM7897

RM7898

6

EC7820

6

EC7823

6

EC7830

6

EC784 0

EC7850

EC7890

EC7895

are Series 5

Table 2. R78xx Flame Amplifier Models and Series

7

4

6

5

6

5

5

Table 3. C7xxx Flame Sensor Models and Series

MODEL SERIES

C7008A 1

C7009A 1

C7915A 1

C7012E 1

C7012F 1

C7061A 1

C7061F 1

C7076A 1

C7076D 1

C7961E 1

C7961F 1

CONTENTS

1 Scope and Purpose of the Document ....................1

2 Using the Honey well 7800 Series Relay Modules ........2

2.1 Safety Function .............................................2

2.2 Fail Safe State ...............................................2

2.3 Safety Response Time ......................................2

2.4 Diagnostic Response Time .................................2

2.5 Maximum Achievable SIL ...................................2

2.6 Model Selection and Specification of Honeywell 7800

Series Relay Modules .......................................2

2.7 Installation .................................................3

2.8 Required configuration settings........................... 3

2.9 Reliabilit y data .............................................3

2.10 Lifetime limits.............................................. 4

2.11 Proof Testing ...............................................4

2.12 Repair and replacement ................................... 4

2.13 Firmware update ........................................... 4

2.14 Environmental and EMC based limits ..................... 4

3 Definitions and Abbreviations ...........................5

3.1 Definitions ................................................. 5

3.2 Abbreviations .............................................. 5

4 Status of the document ..................................5

4.1 Releases ................................................... 5

4.2 Open issues ................................................6

4.3 Future enhancements of the document .................. 6

Capable

RM/EC 7800 Burner Controller Safety Manual

2 Using the Honeywell 7800 Series

Relay Modules

2.1 Safety Function

The 7800 Series provides automatic burner flame sequencing
and flame supervision with protection against loss of flame.

2.2 Fail Safe State

The Safety Shutdown (Lockout) mode is the failsafe state for
the Honey well 780 0 Series Relay Modules where all safety
critical terminals (main and pilot valves, and ignition trans­former) are de-energized and a manual reset is required to
return to normal operation.

2.3 Safety Response Time

The Honeywell 780 0 Series Relay Modules (all models ex­cept of EC7823 and RM7823) will respond to loss of flame
by means of shutting of f all safety outputs and transitioning
to the Safety Shutdown (Lockout) state within the published
Flame Failure Response Time (FFRT) for the selected Flame
Amplifier and Flame Sensor.

EC7823 and RM7823 will respond to loss of flame by means
of shutting off the safet y outputs and transitioning to the
Idle state within the published Flame Failure Response Time
(FFRT) for the selected Flame Amplifier and Flame Sensor.
Safety Shutdown (Lockout) state is not entered and manual
reset action is not needed in this case.

2.6 Model Selection and Specification of
Honeywell 7800 Series Relay Modules

The Honeywell 780 0 Series Relay Modules and optional com­ponents for certified SIL applications shall only be selected
and specified for applications consistent with the guidelines
presented in the Installation Instructions document and ad­ditional technical literature released for the specific model
available at web site https: //customer.honeywell.com and
further restricted to the certified Flame Amplifiers and Flame
Detectors identified in section 1 of this Safety Manual.

2.4 Diagnostic Response Time

The Honeywell 780 0 Series Relay Modules will report a de­tectable internal failure within 3 seconds for faults to the main

7800 Relay Module and within 15 seconds for faults to the

Flame Detector / Flame Amplifier.

2.5 Maximum Achievable SIL

The 7800 Relay Modules, Flame Amplifiers and Flame De-

tectors covered by this safety manual are suitable for use in
both high and low demand mode of operation Safety Integrity
Functions (SIF) up to SIL 3 in simplex (1oo1) configurations.

The achieved SIL for a particular SIF needs to be verified by

PFH or PFDavg calculation for the entire SIF including the
failure rates of the associated sensors and actuators that are
also part of the SIF.

Use of the Honeywell 7800 Series Relay Modules in a redun­dant (1ooN) configurations is not supported.

The 7800 Series Burner Controller System is classified as a

1

Type B

fault tolerance of 0.

1 Type B element: “Complex” element (using micro controllers or

element according to IEC 61508, having a hardware

programmable logic); for details see 7.4.4.1. 3 of IEC 61508-2, ed,
2010

32-00231-01 2