beautypg.com

Safety-related characteristics, Safety-related characteristics 7.1 assumptions – KROHNE DK 32-DK 34-DK 37 Safety V2 EN User Manual

Page 11

background image

SAFETY-RELATED CHARACTERISTICS

7

11

DK32 - DK34 - DK37

www.krohne.com

06/2013 - 4000574703 MA DK32 34 37 SIL R03 en

Safety-related characteristics

7.1 Assumptions

The following assumptions have been made during the Failure Modes, Effects and Diagnostic
Analysis of the variable area flowmeter DK32, DK34 and DK37.

• Failure rates are constant, wear out mechanisms are not included.
• Propagation of failures is not relevant.
• Failures resulting from incorrect use of the flowmeters DK3*, in particular humidity entering

through incompletely closed housings or inadequate cable feeding through the inlets, are not
considered.

• Sufficient tests are performed prior to shipment to verify the absence of vendor and/or

manufacturing defects that prevent proper operation of specified functionality to product
specifications or cause operation different from the design analysed.

• The mean time to restoration (MTTR) after safe failure is 24 hours.
• All modules are operated in the low demand mode of operation.
• External power failure rates are not included.
• The HART protocol at DK37M8E is only used for setup, calibration and diagnostics purpose,

not during safety operation mode.

• Practical fault insertion test can demonstrate the correctness of the failure effects assumed

during FMEDAs.

• The stress levels are average for an industrial outdoor environment and can be compared to

exida Profile 2 or Profile 4 with temperature limits within the manufacture’s rating. Other
environmental characteristics are assumed to be within the manufacturer’s ratings.

• The switching contact outputs are connected to a fail-safe NAMUR amplifier. The failure

rates of the amplifier are not included in the listed failure rates.

• The application program in the safety logic solver is configured to detect under-range and

over-range failures and does not automatically trip on these failures; therefore these failures
have been classified as dangerous detected failures. The failure rates of the safety logic
solver are not included in the listed failures rates.

The variable area flowmeter DK32, DK34, DK37M8M with inductive limit switches are classified
as Type A subsystems (non-complex subsystem according 7.4.3.1.2. of IEC 61508-2) with
hardware fault tolerance HFT=0. For Type A subsystems the SFF has to be > 60% for SIL2
subsystems with a hardware fault tolerance of 0 (table 2 of IEC 61508-2).

The variable area flowmeter DK37M8E with 4…20mA output is classified as Type B subsystem
(complex subsystem according 7.4.3.1.3. of IEC 61508-2) with hardware fault tolerance HFT=0.
For Type B subsystems the SFF has to be > 60% for SIL1 subsystems with a hardware fault
tolerance of 0 (table 3 of IEC 61508-2).

MA_DK32_34_37_SIL_R03_en_574703_PRT.book Page 11 Wednesday, June 26, 2013 9:17 AM

See also other documents in the category KROHNE Equipment: