KROHNE OPTISWITCH-5xx0C User Manual
Safety Manual
OPTISWITCH series 5000
- two-wire
1 Content
Content
1 Functional safety
1.1 In general . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1.2 Planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1.3 Adjustment instructions . . . . . . . . . . . . . . . . . . . . . . .
1.4 Setup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1.5 Reaction during operation and in case of failure . . . . .
1.6 Recurring function test . . . . . . . . . . . . . . . . . . . . . . .
1.7 Safety-related characteristics . . . . . . . . . . . . . . . . . . .
3
5
6
7
7
7
8
2 OPTISWITCH series 5000 • - two-wire
32750-EN-100128
1 Functional safety
1.1 In general
1 Functional safety
Scope
Area of application
SIL conformity
Abbreviations, terms
This safety manual applies to measuring systems consisting of the
vibrating level switch OPTISWITCH series 5000 with integrated
oscillator SWE60Z:
OPTISWITCH 5100 C, 51 50 C, 5200 C, 5250 C
For instruments with enamelled fork, oscillator SWE60Z.E or SWE60Z.
E1 is required.
The measuring system can be implemented for level detection (of
liquids) which meets the special requirements of safety technology.
This is possible up to S IL2 in a single channel architecture (1oo1D),
and up to SIL3 in a multiple channel, redundant architecture.
The SIL declaration of conformity can be downloaded from our
homepage in the Internet.
SIL Safety Integrity Level
HFT Hardware Fault Tolerance
SFF Safe Failure Fraction
PFD
PFH Probability of a dangerous Failure per Hour
FMEDA Failure Mode, Effects and Diagnostics Analysis
λ
sd
λ
su
λ
dd
λ
du
DC
S
DC
D
FIT Failure In Time (1 FIT = 1 failure/10
MTBF Mean Time Between Failure
MTTF Mean Time To Failure
MTTR Mean Time To Repair
Average Probability of dangerous Failure on Demand
avg
Rate for safe detected failure
Rate for safe undetected failure
Rate for dangerous detected failure
Rate for dangerous undetected failure
Diagnostic Coverage of safe failures; DCS= λsd/(λsd+λsu)
Diagnostic Coverage of dangerous failures; DCD= λdd/(λdd+λdu)
9
h)
Further abbreviations and terms are stated in IEC 61508-4.
32750-EN-100128
OPTISWITCH series 5000 • - two-wire 3
1 Functional safety
Relevant standards
Safety requirements
l IEC 61508
- Functional safety of electrical/electronic/programmable elec-
tronic safety-related systems
l IEC 61511-1
- Functional safety - safety instrumented systems for the
process industry sector - Part 1: Framework, definitions,
system, hardware and software requirements
Failure limit values for a safety function, depending on the SIL class (of
IEC 61508-1, 7.6.2)
Safety integrity level Low demand mode High demand mode
SIL PFD
4 ≥ 10
-5
… < 10
avg
3 ≥ 10-4… < 10
2 ≥ 10-3… < 10
1 ≥ 10-2… < 10
-4
-3
-2
-1
PFH
≥ 10-9… < 10
≥ 10-8… < 10
≥ 10-7… < 10
≥ 10-6… < 10
-8
-7
-6
-5
Safety integrity of the hardware for safety-related subsystems of type A
(IEC 61508-2, 7.4.3)
Safe failure fraction Hardware
SFF HFT = 0 HFT = 1 HFT = 2
< 60 % SIL1 SIL2 SIL3
60 % … < 90 % SIL2 SIL3 (SIL4)
90 % … < 99 % SIL3 (SIL4) (SIL4)
≥ 99 % SIL3 (SIL4) (SIL4)
fault tolerance
Service proven
According to IEC 61511-1, paragraph 11.4.4, the failure tolerance HFT
can be reduced by one for service-proven subsystems if the following
conditions are met:
l The instrument is service proven
l Only process-relevant parameters can be modified on the instru-
ment (e. g. measuring range, current output in case of failure …)
l The modification of these process-relevant parameters is pro-
tected (e. g. password, …)
l The safety function requires less than SIL4
The assessment by Change Management was a part of the "service
proven" verification.
4 OPTISWITCH series 5000 • - two-wire
32750-EN-100128
Loading...