beautypg.com

KROHNE OPTISWITCH 5xx0C Relay SIL EN User Manual

Page 4

background image

l

IEC

61508

-

Functional safety of electrical/electronic/programmable elec-
tronic safety-related systems

l

IEC

61511-1

-

Functional safety - safety instrumented systems for the
process industry sector - Part 1: Framework, definitions,
system, hardware and software requirements

Failure limit values for a safety function, depending on the SIL class (of
IEC

61508-1, 7.6.2)

Safety integrity level

Low demand mode

High demand mode

SIL

PFD

avg

PFH

4

10

-5

… < 10

-4

10

-9

… < 10

-8

3

10

-4

… < 10

-3

10

-8

… < 10

-7

2

10

-3

… < 10

-2

10

-7

… < 10

-6

1

10

-2

… < 10

-1

10

-6

… < 10

-5

Safety integrity of the hardware for safety-related subsystems of type A
(IEC 61508-2, 7.4.3)

Safe failure fraction

Hardware
fault toler-
ance

SFF

HFT = 0

HFT = 1

HFT = 2

<

60 %

SIL

1

SIL

2

SIL

3

60 % … < 90 %

SIL

2

SIL

3

(SIL4)

90 % … < 99 %

SIL

3

(SIL4)

(SIL4)

99 %

SIL

3

(SIL4)

(SIL4)

According to IEC 61511-1, paragraph 11.4.4, the failure tolerance HFT
can be reduced by one for service-proven subsystems if the following
conditions are met:

l

The instrument is service proven

l

Only process-relevant parameters can be modified on the instru-
ment (e. g. measuring range, current output in case of failure …)

l

The modification of these process-relevant parameters is pro-
tected (e. g. password, …)

l

The safety function requires less than SIL4

The assessment by Change Management was a part of the "service
proven" verification.

Relevant standards

Safety requirements

Service proven

4

OPTISWITCH series 5000 • - relay (DPDT)

1 Functional safety

32748

-EN

-100128