Safety Considerations Guide for Triconex General ... - ICEWeb
Safety Considerations Guide for Triconex General ... - ICEWeb Safety Considerations Guide for Triconex General ... - ICEWeb
44 Chapter 4 Application Development Development Guidelines To avoid corruption of project files while developing an application (also known as a control program), you should: • Use a dedicated PC that is not connected to a network. • Use a PC with ECC memory, if possible. • Use, according to the vendor’s instructions, a regularly-updated, always-on virus scanner. • Use system utilities such as Checkdisk and vendor diagnostics to periodically determine the health of the PC. • Use dependable media, such as a CD-ROM instead of a floppy disk. • Not use a system prone to crashing. • Not use battery power if using a notebook computer. • Not copy a project file while it is open in the TriStation 1131 software. • Not e-mail project files. • Verify proper installation of the TriStation 1131 software using TriStation Install Check. You should run the TriStation Install Check program to verify that the TriStation 1131 software is correctly installed on your PC and that no associated files are corrupted. This is especially helpful if applications besides the TriStation 1131 software reside on your PC. See the TriStation 1131 Developer’s Guide for instructions on using the TriStation Install Check program. Triconex Product Alert Notices (PANs) Product Alert Notices document conditions that may affect the safety of your application. It is essential that you read all current PANs before starting application development, and that you keep up-to-date with any newly released PANs. All PANs can be found on the Invensys Global Customer Support (GCS) website, or contact the Invensys Global Customer Support (GCS) center for assistance (see page viii for contact information). Safety and Control Attributes Each element and tagname in the TriStation 1131 application has a safety attribute, and a control attribute. When the safety attribute is set, the TriStation 1131 software provides extra verification. If you are developing a safety application, you should set the safety attribute. VAR_IN_OUT Variables You should not use the VAR_IN_OUT variable in a safety application. Safety standards (such as IEC 61508) recommend limiting the use of pointers in safety applications; VAR_IN_OUT is used as a pointer in the TriStation 1131 application. To automatically check for the use of VAR_IN_OUT in your safety application, set the safety attribute (as described above). Safety Considerations Guide for Triconex General Purpose v2 Systems
Development Guidelines 45 Array Index Errors If an array index error is detected during runtime, the default behavior is to trap. This results in the Tri-GP controller going to the safe state, with all outputs de-energized. If your application requires some other behavior, you can use a CHK_ERR function block to detect the error, and a CLR_ERR function block to clear the error and prevent a trap. Note If an array index is too small or too large, the array operation is performed on the last element of the array. Array bounds checking is always turned on—there is no means to disable the array index checking. See the TriStation 1131 Libraries Reference for more information about the CHK_ERR and CLR_ERR function blocks. Infinite Loops If the actual scan time exceeds the maximum allowable scan time for the Tri-GP controller, the main processors will reset, causing the Tri-GP controller to go to the safe state, with all outputs de-energized. The maximum allowable scan time for the Tri-GP is 450 milliseconds. Although it is not possible to program an endless loop with TriStation 1131 software, it is possible to create a loop with a very long time, enough to increase the actual scan time beyond the controller’s maximum allowable scan time. See Setting Scan Time on page 47 for more information about actual and maximum scan times. Safety Considerations Guide for Triconex General Purpose v2 Systems
- Page 3 and 4: Contents Preface vii Summary of Sec
- Page 5 and 6: Contents v Partitioned Processes. .
- Page 7 and 8: Preface This guide provides informa
- Page 9 and 10: Preface ix • All other requests a
- Page 11 and 12: 1 Safety Concepts Overview 2 Hazard
- Page 13 and 14: Overview 3 Protection Layers Method
- Page 15 and 16: Hazard and Risk Analysis 5 Hazard a
- Page 17 and 18: Hazard and Risk Analysis 7 Sample S
- Page 19 and 20: Hazard and Risk Analysis 9 Safety L
- Page 21 and 22: Hazard and Risk Analysis 11 • Eac
- Page 23 and 24: Safety Standards 13 CAN/CSA-C22.2 N
- Page 25 and 26: 2 Application Guidelines Overview 1
- Page 27 and 28: General Guidelines 17 General Guide
- Page 29 and 30: Guidelines for Triconex Controllers
- Page 31 and 32: Guidelines for Triconex Controllers
- Page 33 and 34: Guidelines for Triconex Controllers
- Page 35 and 36: Guidelines for Triconex Controllers
- Page 37 and 38: Guidelines for Triconex Controllers
- Page 39 and 40: Guidelines for Triconex Controllers
- Page 41 and 42: 3 Fault Management Overview 32 Syst
- Page 43 and 44: System Diagnostics 33 System Diagno
- Page 45 and 46: Operating Modes 35 Operating Modes
- Page 47 and 48: Module Diagnostics 37 Analog Output
- Page 49 and 50: Module Diagnostics 39 Calculation f
- Page 51 and 52: Module Diagnostics 41 External Comm
- Page 53: 4 Application Development Developme
- Page 57 and 58: Setting Scan Time 47 application. T
- Page 59 and 60: Sample Safety-Shutdown Programs 49
- Page 61 and 62: Sample Safety-Shutdown Programs 51
- Page 63 and 64: Sample Safety-Shutdown Programs 53
- Page 65 and 66: Sample Safety-Shutdown Programs 55
- Page 67 and 68: Sample Safety-Shutdown Programs 57
- Page 69 and 70: Alarm Usage 59 Alarm Usage To imple
- Page 71 and 72: A Triconex Peer-to-Peer Communicati
- Page 73 and 74: Data Transfer Time 63 Data Transfer
- Page 75 and 76: Data Transfer Time 65 A typical dat
- Page 77 and 78: Examples of Peer-to-Peer Applicatio
- Page 79 and 80: B HART Communication Overview 70 HA
- Page 81 and 82: HART Position Paper from TÜV Rhein
- Page 83 and 84: HART Position Paper from TÜV Rhein
- Page 85 and 86: HART Position Paper from TÜV Rhein
- Page 87 and 88: HART Position Paper from TÜV Rhein
- Page 89 and 90: C Safety-Critical Function Blocks O
- Page 91 and 92: SYS_CRITICAL_IO 81 SYS_CRITICAL_IO
- Page 93 and 94: SYS_CRITICAL_IO 83 Library Trident
- Page 95 and 96: SYS_CRITICAL_IO 85 END_IF ; PREVIOU
- Page 97 and 98: SYS_SHUTDOWN 87 Output Parameters (
- Page 99 and 100: SYS_SHUTDOWN 89 * the safety system
- Page 101 and 102: SYS_SHUTDOWN 91 ALARM_DISABLED_POIN
- Page 103 and 104: SYS_VOTE_MODE 93 Example For shutdo
44 Chapter 4 Application Development<br />
Development <strong>Guide</strong>lines<br />
To avoid corruption of project files while developing an application (also known as a control<br />
program), you should:<br />
• Use a dedicated PC that is not connected to a network.<br />
• Use a PC with ECC memory, if possible.<br />
• Use, according to the vendor’s instructions, a regularly-updated, always-on virus<br />
scanner.<br />
• Use system utilities such as Checkdisk and vendor diagnostics to periodically<br />
determine the health of the PC.<br />
• Use dependable media, such as a CD-ROM instead of a floppy disk.<br />
• Not use a system prone to crashing.<br />
• Not use battery power if using a notebook computer.<br />
• Not copy a project file while it is open in the TriStation 1131 software.<br />
• Not e-mail project files.<br />
• Verify proper installation of the TriStation 1131 software using TriStation Install Check.<br />
You should run the TriStation Install Check program to verify that the TriStation 1131<br />
software is correctly installed on your PC and that no associated files are corrupted. This<br />
is especially helpful if applications besides the TriStation 1131 software reside on your<br />
PC. See the TriStation 1131 Developer’s <strong>Guide</strong> <strong>for</strong> instructions on using the TriStation<br />
Install Check program.<br />
<strong>Triconex</strong> Product Alert Notices (PANs)<br />
Product Alert Notices document conditions that may affect the safety of your application. It is<br />
essential that you read all current PANs be<strong>for</strong>e starting application development, and that you<br />
keep up-to-date with any newly released PANs. All PANs can be found on the Invensys Global<br />
Customer Support (GCS) website, or contact the Invensys Global Customer Support (GCS)<br />
center <strong>for</strong> assistance (see page viii <strong>for</strong> contact in<strong>for</strong>mation).<br />
<strong>Safety</strong> and Control Attributes<br />
Each element and tagname in the TriStation 1131 application has a safety attribute, and a control<br />
attribute. When the safety attribute is set, the TriStation 1131 software provides extra<br />
verification. If you are developing a safety application, you should set the safety attribute.<br />
VAR_IN_OUT Variables<br />
You should not use the VAR_IN_OUT variable in a safety application. <strong>Safety</strong> standards (such<br />
as IEC 61508) recommend limiting the use of pointers in safety applications; VAR_IN_OUT is<br />
used as a pointer in the TriStation 1131 application. To automatically check <strong>for</strong> the use of<br />
VAR_IN_OUT in your safety application, set the safety attribute (as described above).<br />
<strong>Safety</strong> <strong>Considerations</strong> <strong>Guide</strong> <strong>for</strong> <strong>Triconex</strong> <strong>General</strong> Purpose v2 Systems