1 safety integrity of the hardware, Safety integrity of the hardware, 6 safety manual – JUMO 14597 safetyM STB/STW Ex - Safety Temperature Limiter and Safety Temperature Monitor Operating Manual User Manual
Page 50
6 Safety Manual
44
6.9.1
Safety integrity of the hardware
According to DIN EN 61508, a distinction must be made between systems of type A and systems of type B.
A subsystem can be considered to be type A if, for the components required to achieve the safety function,
-
the failure behavior of all components used is sufficiently defined and
-
the behavior of the subsystem can be fully determined under failure conditions and
-
reliable failure data from experience in the field exists for the subsystem to show that the assumed failure rates for detected
and undetected dangerous failures are achieved.
A subsystem can be considered to be type B if, for the components required to achieve the safety function,
-
the failure behavior of at least one of the components used is not sufficiently defined or
-
the behavior of the subsystem cannot be fully determined under failure conditions or
-
no sufficiently reliable failure data from experience in the field exists for the subsystem to support the utilized failure rates
for detected and undetected dangerous failures.
The JUMO safetyM STB/STW Ex corresponds to a type B system.
The following table shows the achievable Safety Integrity Level (SIL) in dependency on the safe failure fraction (SFF) and the
hardware fault tolerance (HFT) for safety-related type B subsystems.
Table 8: For JUMO safetyM STB/STW Ex
Safe failure fraction (SFF)
Hardware fault tolerance (HFT) for type B
0
1
2
< 60 %
Not allowed
SIL1
SIL2
60 to < 90 %
SIL1
SIL2
SIL3
90 to < 99 %
SIL2
SIL3
SIL4
≥
99 %
SIL3
SIL4
SIL4