beautypg.com

Chapter 3, Aadvance system architectures – Rockwell Automation AADvance Controller Safety Manual User Manual

Page 35

background image


Document: 553630
ICSTT-RM446K-EN-P Issue: 10

_C

3-1

An AADvance controller can be configured to manage non-safety up to SIL 3
safety related system requirements and low demand or high demand fault

tolerant applications.
This chapter describes the different system architectures that can be
configured for an AADvance controller to meet this variety of requirements.

Note: Architectures are independent of I/O module capacity therefore 8
or 16 channel I/O modules can be used.

In This Chapter

SIL2 Architectures .............................................................................................. 3-1
SIL3 Architectures .............................................................................................. 3-7

Planned Certified Configurations .................................................................. 3-14

Internal Diagnostics .......................................................................................... 3-16
Safety Networks ............................................................................................... 3-16

SIL2 Architectures

SIL2 architectures are recommended for fail-safe low demand applications. All
SIL2 architectures can be used for energize or de-energize to trip

applications. In any configuration when a faulty processor or input module is

replaced then the previous fault tolerance level is restored. For example in a

fault tolerant input arrangement and one module is faulty then the system will
degrade to 1oo1D, by replacing the faulty module the configuration is

restored to 1oo2D.

SIL2 Fail-safe Architecture

The following is a simplex fail-safe SIL2 architecture, where I/O modules

operate in 1oo1D under no fault conditions and will fail-safe on the first
detected fault. The processor module operates in 1oo1D and will degrade

to fail-safe on the first detected fault.

Note: Simplex processors can only be used for low demand applications.

Simplex output modules used for energise to action applications can only
be used for low demand applications.

Chapter 3

AADvance System Architectures

See also other documents in the category Rockwell Automation Equipment: