Rockwell Automation T8094 8000 Series TMR System Safety Manual User Manual

SAFETY MANUAL

D oc N umber T8094
I ssue 27 – June 2013

Page 56 of 103

4.2 ENGINEERING CHECKLISTS

4.2.1 I/O Architecture Checklist

Description

Reference

Has the PST

E

been established?

1.3.3

and

2.2.1.3

What is the PST

E

?

Has the fault detection time for the system

been established?

3.2.2

and 0

What is the fault detection time?

Where the fault detection time is greater than

the PST

E

, does the safety-related I/O

configuration provide a fail-safe

configuration?

If not, the system topology shall be discussed

with the client to ensure that the system

implementation is safe.

If a probability of failure on demand has been

specified, has this been met?

Do the selected architectures provide

solutions where there is no single power

source or distribution point of failure that

could lead the system to fail to function safely

when required?

3.13.4

Have sensor fault conditions been taken into

account?

3.3

For each of the I/O signal types, do the I/O

modules provide the correct characteristics

and behaviour for the intended sensor or

actuator (including minimum and maximum

load requirements)?

If not, have additional interfacing elements

been included to ensure that the effective

signal is compatible with the selected module

type?

Are the selected I/O module types compatible

with the required I/O architecture?

3.2.1

Is the safety-accuracy adequate for the

application?

If active and standby modules are to be

installed simultaneous, has allowance been

included for the effect on the accuracy?

3.2.3