Safety Considerations Guide for Triconex General ... - ICEWeb

More documents

Recommendations

Info

56 Chapter 4 Application Development Defining Function Blocks You can create your own user-defined function blocks for a safety-critical module. Procedure 1 Copy the example EX02_CRITICAL_IO in the TdTUV.pt2 sample project provided with the TriStation 1131 Developer’s Workbench. 2 Edit the lines following the comment “Include here all safety-critical I/O modules.” Each line calls the safety-critical I/O (SCIO) function block for one safety-critical I/O module. Example (*****************************************************************) (* Include here all safety-critical I/O modules: *) SCIO( IOP:=1,SLOT:=1, APP:=DE_ENERGIZED, RELAY_OK:=FALSE ): (*DI*) SCIO( IOP:=1,SLOT:=2, APP:=RELAY, RELAY_OK:=RELAY1_OK); (*DO*) SCIO( IOP:=1,SLOT:=3, APP:=ENERGIZED, RELAY_OK:=FALSE ); (*DO*) (* IOP:=1,SLOT:=4, NOT CRITICAL) *) (*RO*) 3 Enter the correct IOP number, SLOT number, APP (application), and RELAY_OK parameters for the safety-critical I/O module. Table 15 Parameters for Safety-Critical Modules Application Type (App) RELAY (de-energized to trip with relay) RELAY (de-energized to trip with relay) Relay_OK Parameter True False Description A voter fault degrades the mode to dual. The relay provides a third channel for shutdown so that if an output voter fails, two independent channels (relay and other output voter channel) remain that can de-energize the output. A voter fault degrades the mode to single. A non-voter fault degrades the mode to dual. DE-ENERGIZED (de-energized to trip with no relay) — A voter fault degrades the mode to single. A non-voter fault degrades the mode to dual. Safety Considerations Guide for Triconex General Purpose v2 Systems
Sample Safety-Shutdown Programs 57 Partitioned Processes You can achieve greater system availability if you can allocate modules to processes that do not affect each other. For example, you could have two processes with: • Outputs for one process on one DO module • Outputs for another process on a second DO module • Inputs from a shared DI module You do this by partitioning processes. Procedure 1 Partition the safety-critical I/O modules into three function blocks: • SHARED_IO for the shared safety-critical I/O modules • PROCESS_1_IO for safety-critical I/O modules that do not affect process 2 • PROCESS_2_IO for safety-critical I/O modules that do not affect process 1 2 Connect the function blocks as shown in the EX03_SHUTDOWN example on page 58. CAUTION EX03_SHUTDOWN does not handle detected field faults, rare combinations of faults detected as field faults, or output voter faults hidden by field faults. The application, not the SYS_SHUTDOWN function block, must read the NO_FLD_FLTS module status or FLD_OK point status to provide the required application-specific action. Safety Considerations Guide for Triconex General Purpose v2 Systems
Page 1 and 2:
Triconex General Purpose v2 Systems
Page 3 and 4:
Contents Preface vii Summary of Sec
Page 5 and 6:
Contents v Partitioned Processes. .
Page 7 and 8:
Preface This guide provides informa
Page 9 and 10:
Preface ix • All other requests a
Page 11 and 12:
1 Safety Concepts Overview 2 Hazard
Page 13 and 14:
Overview 3 Protection Layers Method
Page 15 and 16: Hazard and Risk Analysis 5 Hazard a
Page 17 and 18: Hazard and Risk Analysis 7 Sample S
Page 19 and 20: Hazard and Risk Analysis 9 Safety L
Page 21 and 22: Hazard and Risk Analysis 11 • Eac
Page 23 and 24: Safety Standards 13 CAN/CSA-C22.2 N
Page 25 and 26: 2 Application Guidelines Overview 1
Page 27 and 28: General Guidelines 17 General Guide
Page 29 and 30: Guidelines for Triconex Controllers
Page 41 and 42: 3 Fault Management Overview 32 Syst
Page 43 and 44: System Diagnostics 33 System Diagno
Page 45 and 46: Operating Modes 35 Operating Modes
Page 47 and 48: Module Diagnostics 37 Analog Output
Page 49 and 50: Module Diagnostics 39 Calculation f
Page 51 and 52: Module Diagnostics 41 External Comm
Page 53 and 54: 4 Application Development Developme
Page 55 and 56: Development Guidelines 45 Array Ind
Page 57 and 58: Setting Scan Time 47 application. T
Page 59 and 60: Sample Safety-Shutdown Programs 49
Page 65: Sample Safety-Shutdown Programs 55
Page 69 and 70: Alarm Usage 59 Alarm Usage To imple
Page 71 and 72: A Triconex Peer-to-Peer Communicati
Page 73 and 74: Data Transfer Time 63 Data Transfer
Page 75 and 76: Data Transfer Time 65 A typical dat
Page 77 and 78: Examples of Peer-to-Peer Applicatio
Page 79 and 80: B HART Communication Overview 70 HA
Page 81 and 82: HART Position Paper from TÜV Rhein
Page 89 and 90: C Safety-Critical Function Blocks O
Page 91 and 92: SYS_CRITICAL_IO 81 SYS_CRITICAL_IO
Page 93 and 94: SYS_CRITICAL_IO 83 Library Trident
Page 95 and 96: SYS_CRITICAL_IO 85 END_IF ; PREVIOU
Page 97 and 98: SYS_SHUTDOWN 87 Output Parameters (
Page 99 and 100: SYS_SHUTDOWN 89 * the safety system
Page 101 and 102: SYS_SHUTDOWN 91 ALARM_DISABLED_POIN
Page 103 and 104: SYS_VOTE_MODE 93 Example For shutdo
Page 105 and 106: Index A abbreviations, list of viii
Page 107 and 108: Index 97 N NFPA 85 12 O operating m
Page 110: Invensys Operations Management 5601
show all

Safety Considerations Guide for Triconex General ... - ICEWeb

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?