Fault finding, 1 fault detection, 8000 series tmr processor – Rockwell Automation 8000 Series TMR System  User Manual

OPERATOR AND MAINTENANCE MANUAL

D o c N u m b e r 5 5 2 8 6 4

I s s u e 0 2 J u n e 2 0 0 4

P a g e 1 3 o f 2 3

5. FAULT FINDING

The 8000 Series

System is capable of detecting and isolating faults to module

level, while its two-out-of-three voting architecture prevents faults from propagating
to the system outputs. Various means are provided for directing maintenance
personnel to the faulty module. Most system modules are hot-replaceable,
providing continuous system operation.

The following paragraphs describe how faults are detected, annunciated, and
cleared in the 8000 Series

System.

They also describe some of the basic

procedures that the user should follow when diagnosing faults and repairing the
8000 Series

System.

Note:

System repair must be done promptly to ensure continued fault-tolerant operation
of the 8000 Series

System. TUV certification does not specify a minimum

replacement time for faulty modules, because safety is not compromised and the
faulty channel will fail-safe if further faults develop. However, it is recommended
that modules that have been diagnosed as having failed should always be replaced
within eight hours to maintain production (availability). Systems with a safety
integrity level (SIL) rating will have a time to repair as part of the calculation, which
must be followed to maintain the SIL. Modules must be replaced before the
Second Fault Occurrence Time (the average probable time before a second fault)
to avoid shutdown.