Safety Considerations Guide for Triconex General Purpose ...

1 Assembly Number 9700124-001 November 2010 Triconex General Purpose v2 SystemsSafety Considerations GuideInformation in this document is subject to change without notice. Companies, names and data used in examples herein are fictitious unless otherwise noted. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any Purpose , without the express written permission of Invensys Systems, Inc. 2010 by Invensys Systems, Inc. All rights , the Invensys logo, Triconex , Trident, and TriStation are trademarks of Invensys plc, its subsidiaries and affiliates. All other brands may be trademarks of their respective Number 9720124-001, Rev. 0 Printed in the United States of Considerations Guide for Triconex General Purpose v2 SystemsContentsPrefaceviiSummary of Sections.

2 ViiRelated Documentation ..viiAbbreviations Used.. viiiProduct and Training Information .. viiiTechnical Support .. viiiWe Welcome Your Comments .. xChapter 1 Safety Concepts1 Overview .. 2 Protection Layers .. 3 SIS Factors .. 4 SIL Factors.. 4 Hazard and Risk Analysis .. 5 Safety Integrity Levels..5 Safety Life Cycle Model .. 9 Safety Standards .. 12 General Safety Standards .. 12 Application-Specific Standards .. 12 Chapter 2 Application Guidelines15 Overview .. 16T V Rheinland Certification ..16 General Guidelines .. 17 All Safety Systems ..17 Emergency Shutdown Systems .. 18 Burner Management Systems .. 18 Fire and Gas Systems .. 18 Guidelines for Triconex Controllers .. 19 Safety -Critical Modules .. 19 Safety -Shutdown.

3 20 Response Time and Scan Time .. 20 Disabled Points Alarm .. 20 Disabled Output Voter Diagnostic .. 20 Download All at Completion of Project .. 20 Modbus Master Functions .. 20 Triconex Peer-to-Peer Communication .. 20ivContentsSafety Considerations Guide for Triconex General Purpose v2 SystemsSIL2 Guidelines ..22 Periodic Offline Test Interval Guidelines.. 23 Project Change and Control .. 23 Maintenance Overrides.. 24 Safety Controller Boundary .. 27 Chapter 3 Fault Management31 Overview .. 32 system Diagnostics .. 33 Types of Faults .. 34 External Faults .. 34 Internal Faults .. 34 Operating Modes .. 35 Module Diagnostics .. 36 Analog Input (AI) Modules .. 36 Analog Input/Digital Input (AI/DI) Modules .. 36 Analog Output (AO) Modules.

4 37 Digital Input (DI) Modules .. 37 Digital Output (DO) Modules .. 37 Pulse Input (PI) Module .. 38 Solid-State Relay Output (SRO) Modules .. 38 Calculation for Diagnostic Fault Reporting Time.. 39 Input/Output Processing .. 40 Main Processor and TriBus .. 40 External Communication .. 41 Chapter 4 Application Development43 Development Guidelines .. 44 Triconex Product Alert Notices (PANs) .. 44 Safety and Control Attributes .. 44 VAR_IN_OUT Variables .. 44 Array Index Errors .. 45 Infinite Loops .. 45 Important TriStation 1131 Software Commands .. 46 Download Changes .. 46 Verify Last Download to the Controller.. 46 Compare to Last Download .. 47 Setting Scan Time .. 47 Scan Time .. 47 Scan Surplus .. 47 Sample Safety -Shutdown Programs.

5 49 When All I/O Modules Are Safety -Critical.. 49 When Some I/O Modules Are Safety -Critical .. 53 Defining Function Blocks .. 56 ContentsvSafety Considerations Guide for Triconex General Purpose v2 SystemsPartitioned Processes.. 57 Alarm Usage.. 59 Programming Permitted Alarm.. 59 Remote Access Alarm .. 59 Response Time Alarm .. 59 Disabled Points Alarm .. 59 Appendix A Triconex Peer-to-Peer Communication61 Overview .. 62 Data Transfer Time .. 63 Estimating Memory for Peer-to-Peer Data Transfer Time.. 63 Estimating the Data Transfer Time .. 63 Examples of Peer-to-Peer Applications .. 66 Example 1: Fast Send to One Triconex Node .. 66 Example 2: Sending Data Every Second to One Node .. 66 Example 3: Controlled Use of SEND/RECEIVE Function Blocks.

6 66 Example 4: Using SEND/RECEIVE Function Blocks for Safety -Critical Data .. 67 Appendix B HART Communication69 Overview .. 70 HART Position Paper from T V Rheinland .. 70 Appendix C Safety -Critical Function Blocks79 Overview .. 80 SYS_CRITICAL_IO .. 81 SYS_SHUTDOWN.. 86 SYS_VOTE_MODE .. 92 Index95viContentsSafety Considerations Guide for Triconex General Purpose v2 SystemsSafety Considerations Guide for Triconex General Purpose v2 SystemsPrefaceThis Guide provides information about Safety concepts and standards that apply to the version Triconex General Purpose the rest of this Guide , the Triconex General Purpose system also may be referred to as the of Sections Chapter 1, Safety Concepts Describes Safety issues, Safety standards, and implementation of Safety measures.

7 Chapter 2, Application Guidelines Provides information on industry guidelines and recommendations. Chapter 3, Fault Management Discusses fault tolerance and fault detection. Chapter 4, Application Development Discusses methods for developing applications properly to avoid application faults. Appendix A, Triconex Peer-to-Peer Communication Provides examples of using Triconex Peer-to-Peer function blocks to transfer data between applications. Appendix C, Safety -Critical Function Blocks Describes the function blocks intended for use in Safety -critical applications and shows their Structured Text DocumentationThese Invensys books contain related information. Planning and Installation Guide for Triconex General Purpose v2 Systems Communication Guide for Triconex General Purpose v2 Systems Developer s Guide for TriStation 1131 TriStation 1131 Libraries ReferenceviiiPrefaceSafety Considerations Guide for Triconex General Purpose v2 SystemsAbbreviations UsedThe TriStation 1131 Developer s Workbench is hereafter called TriStation 1131 following list provides full names for abbreviations of Safety terms used in this and Training InformationTo obtain information about Triconex products and in-house and on-site training.

8 See the Invensys website or contact your regional customer SupportCustomers in the and Canada can obtain technical support from the Invensys Global Customer Support (GCS) center at the numbers below. International customers should contact their regional Triconex support for support are prioritized as follows: Emergency requests are given the highest priority Requests from participants in the system Watch Agreement (SWA) and customers with purchase order or charge card authorization are given next priorityBPCSB asic process control systemESDE mergency shutdownHAZOPH azard and operability studyMOCM anagement of changeMTBFMean time between failurePESP rogrammable electronic systemPFDavgAverage probability of failure to perform design function on demandPHAP rocess hazard analysisPSMP rocess Safety managementRMPRisk management programRRFRisk reduction factorSFFSafe failure fractionSILS afety integrity levelSISS afety-instrumented systemSOVS olenoid-operated valveSRSS afety requirements specificationSVSafety (relief)

9 ValvePrefaceixSafety Considerations Guide for Triconex General Purpose v2 Systems All other requests are handled on a time-available basisIf you require emergency or immediate response and are not an SWA participant, you may incur a charge. Please have a purchase order or credit card available for number 866-746-6477, orToll number508-549-2424 (outside )FaxToll number508-549-4999 Web (registration Considerations Guide for Triconex General Purpose v2 SystemsWe Welcome Your CommentsTo help us improve future versions of Triconex documentation, we want to know about any corrections, clarifications, or further information you would find useful. When you contact us, please include the following information: The title and version of the Guide you are referring to A brief description of the content you are referring to (for example, step-by-step instructions that are incorrect, information that requires clarification or more details, missing information that you would find helpful) Your suggestions for correcting or improving the documentation The version of the Triconex hardware or software you are using Your name, company name, job title, phone number and e-mail addressSend e-mail to us keep in mind that this e-mail address is only for documentation feedback.)

10 If you have a technical problem or question, please contact the Invensys Global Customer Support (GCS) center. See Technical Support on page viii for contact , you can write to us at:Attn: Technical Publications - TriconexInvensys15345 Barranca ParkwayIrvine, CA 92618 Thank you for your Considerations Guide for Triconex General Purpose v2 Systems1 Safety ConceptsOverview2 Hazard and Risk Analysis5 Safety Standards 12 Application-Specific Standards122 Chapter 1 Safety ConceptsSafety Considerations Guide for Triconex General Purpose v2 SystemsOverviewModern industrial processes tend to be technically complex, involve substantial energies, and have the potential to inflict serious harm to persons or property during a IEC 61508 standard defines Safety as freedom from unacceptable risk.