IEC 61508 Functional Safety Assessment Emerson Process ... - Exida
IEC 61508 Functional Safety Assessment Emerson Process ... - Exida
IEC 61508 Functional Safety Assessment Emerson Process ... - Exida
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
5.2 Hardware <strong>Assessment</strong><br />
To evaluate the hardware design of the DVC6000 SIS Digital Valve Controller, a Failure Modes,<br />
Effects, and Diagnostic Analysis was performed by exida Consulting for each component in the<br />
system. This is documented in [R12], [R13], [R17], and [R18]. The FMEDA’s were verified using<br />
Fault Injection Testing as part of the development, see [D45] to [D50], and as part of the <strong>IEC</strong> <strong>61508</strong><br />
assessment.<br />
A Failure Modes and Effects Analysis (FMEA) is a systematic way to identify and evaluate the<br />
effects of different component failure modes, to determine what could eliminate or reduce the<br />
chance of failure, and to document the system in consideration. An FMEDA (Failure Mode Effect<br />
and Diagnostic Analysis) is an FMEA extension. It combines standard FMEA techniques with<br />
extension to identify online diagnostics techniques and the failure modes relevant to safety<br />
instrumented system design.<br />
From the FMEDA failure rates are derived for each important failure category. The detailed failure<br />
rates are listed in [R12], [R13], [R17] and [R18]. Table 2 lists these failure rates in <strong>IEC</strong> <strong>61508</strong><br />
format as reported in the FMEDA reports. The failure rates are valid for the useful life of the<br />
devices.<br />
Table 2 Failure rates according to <strong>IEC</strong> <strong>61508</strong><br />
Device λsd λsu 2 λdd λdu<br />
Fisher Controls DVC6000, DETT SIS Digital<br />
Valve Controller, 4 – 20 mA., Double or<br />
Single-Acting, Normal<br />
Fisher Controls DVC6000, DETT SIS Digital<br />
Valve Controller, 4 – 20 mA., Double or<br />
Single-Acting, w/PVST diagnostics<br />
Fisher Controls DVC6000 DETT SIS Digital<br />
Valve Controller, 0 – 20 mA., Double or<br />
Single-Acting, Normal<br />
Fisher Controls DVC6000 DETT SIS Digital<br />
Valve Controller, 0 – 20 mA., Double or<br />
Single-Acting, w/PVST diagnostics<br />
0 1183 0 144<br />
508 1004 97 47<br />
0 974 0 91<br />
543 786 62 29<br />
Tables in the FMEDA reports [R17], and [R18] lists these failure rates for the DVC6000 SIS<br />
including the optional LCP100 and LC340 under a variety of applications. The failure rates listed<br />
are valid for the useful life of the devices. Based on general field failure data a useful life period of<br />
approximately 10 years is expected for the DVC6000 SIS Digital Valve Controller. This is listed in<br />
the FMEDA report. However, when plant experience indicates a shorter useful lifetime than<br />
indicated in the FMEDA report, the number based on plant experience should be used. All other<br />
assumptions are also listed in the reports.<br />
2 It is important to realize that the “Residual Effect” failures are included in the “Safe Undetected” failure<br />
category according to <strong>IEC</strong> <strong>61508</strong>. Note that these failures on their own will not affect system reliability or<br />
safety, and should not be included in spurious trip calculations<br />
© exida Certification SA. EFC 07-07-41 R002 V1R2 <strong>IEC</strong> <strong>61508</strong><strong>Assessment</strong>.doc, March 13, 2008<br />
Iwan van Beurden Page 16 of 19
Change language