6 safetyrelated characteristics, 6 safety-related characteristics – KROHNE SU 501 EX EN User Manual

The methods and procedures used during the tests must be

stated and their suitability must be specified. The tests must be

documented.
If the function test proves negative, the entire measuring

system must be switched out of service and the process held

in a safe condition by means of other measures.
In the double channel architecture 1oo2D this applies

separately to both channels.

9.6 Safety-related characteristics

The failure rates of the electronics are determined by an

FMEDA acc. to IEC 61508. These calculations are based on

component failure rates acc. to SN 29500. All numerical values

refer to an average ambient temperature during the operating

time of +40°C (104°F). The calculations are also based on the

specifications stated in chapter "Planning".
The data are also valid for overfill protection (A-mode) as well

as dry run protection (B-mode).

λ

sd

0 FIT

safe detected failure (1 FIT = failure/10

9

h)

λ

su

516 FIT

safe undetected failure

λ

dd

0 FIT

dangerous detected failure

λ

du

100 FIT

dangerous undetected failure

SFF

>84 %

Safe Failure Fraction

T

Reaction

Failure reaction time

0.5 sec

MTBF = MTTF + MTTR

1.52x10

6

h

max. useful life of the measuring system for the safety

function

approx. 10 years

Single channel architecture

The following characteristics are derived from the above

mentioned data:
SIL2 (Safety Integrity Level)
HFT = 0 (Hardware Fault Tolerance)

General data

SU 501 Ex - Signal conditioning instrument

29

Functional safety

27953

-EN

-050616