beautypg.com

Terminology – Rockwell Automation AADvance Controller Safety Manual User Manual

Page 12

background image

1-2

Document: 553630

ICSTT-RM446K-EN-P Issue: 10

_C

Safety Manual (AADvance Controller)


Previous experience and its relevance to the specific duties to be

performed and the technology being employed

In all of the above, the higher risk will require increased rigor with the

specification and assessment of the competence.

Terminology

Vocabulary and Conventions

The terms certification and certified are used widely within this

Manual, these terms refer principally to the functional safety certification
of the AADvance system to IEC 61508 SIL3 and other relevant standards.
This Manual contains rules and recommendations:

Rules are mandatory and shall be followed if the resulting system

is to be a SIL3 compliant application. These are identified by the term

'shall'.

Recommendations are not mandatory, but if they are not followed,

extra safety precautions shall be taken in order to certify the system.

Recommendations are identified by the term 'it is highly

recommended'.

Process Safety Time

The process safety time for the equipment under control relates to the

logic solver portion of PST

EUC

, it is the period a dangerous condition can

exist before a hazardous event occurs without a safety system as a

protection. It can be a fraction of a second or several hours, depending

on the process. A PST can be defined for a controller via the processor

module and independently for individual I/O modules, however, the
processor defined PST will always have priority over the I/O PST if the

I/O PST exceeds the processor value.

Fault Tolerance in Safety Applications

For safety applications you shall define how the control system will

respond in the presence of faults. As faults accumulate, this becomes the

system's defined state of degraded operation or fault tolerance level.

Simplex systems are not fault tolerant and do not have the ability to

continue their operation in the presence of fault conditions, however

they are designed to fail safe where possible.

Fault tolerant systems have redundant modules and processors that

allow the system to continue operation or to ensure that the system

fails safe in the presence of faults.

See also other documents in the category Rockwell Automation Equipment: