Safety Manager Safety Manual - Tuv-fs.com

Special requirements for
TUV-approved applications
5
General
Safety Manager can be used for processes which require, amongst others, TUV
approval. The requirements for the safety applications are the following:
1. The maximum application cycle time is half the Process Safety Time. For
example, the accepted Process Safety Time for a burner control system in
accordance with TRD-411 for boilers > 30 kW (July 1985) Table 1, TRD-412
(July 1985) Table 1 and DIN 4788 (June 1977) Part 2 Chapter 3.2.3.2 1 is 1
second.
This implies that the application cycle time must be 0.5 second or less. The
application cycle time is monitored by the SM Controller and can be seen on
the System Information screen of Controller Management.
The application cycle time is limited to 2.3 seconds by the watchdog, resulting
in a maximum typical cycle time of 2 seconds. The typical application cycle
time can be calculated by the Safety Manager MTBF and Cycle time
calculation tool. This tool is available via Honeywell SMS and includes:
- cycle time estimation based upon amount of IO, DTI, application
complexity and communication parameters,
- MTBF calculation
2. If Safety Manager detects a fault in output hardware that is configured with
Fault Reaction Low or 0mA, it will de-energize the faulty output modules or
instead de-energize all outputs. The de-energization of faulty output modules
or all outputs is fully implemented in the software and cannot be influenced
by the user (see also item 3).
If an output module (configured with Fault Reaction Low or 0mA) is detected
faulty, the outputs of that output module are switched off and the repair timer
is started. The Control Processor then verifies the switch-off.
- If the switch-off is verified the faulty output module can be replaced
without affecting the status of the Control Processor and the
Safety Manager Safety Manual 47