AADvance Safety Manual - Tuv-fs.com
Share Embed Flag
Download ePaper

AADvance Safety Manual - Tuv-fs.com

AADvance Safety Manual - Tuv-fs.com AADvance Safety Manual - Tuv-fs.com

tuv.fs.com
12.07.2015 Views

AADvance Safety ManualModules for SIL3 Fail-safe I/O, Fault Tolerant ProcessorPositionModule TypeI/P A 9401/2 Digital Input Module, 24V c, 8/16 Channel +9802 Digital Input TA, 16 Channel, Dual or9431/2 Analogue Input Module, 8/16 channel +9832 Analogue Input TA, 16 Channel, DualCPU A &CPU B2 x 9110 Processor Module, 9100 Base Unit, 9300 BaseUnitO/P A 9451 Digital Output Module, 24V dc, 8 Channel +9851 Digital Output TA, 24V dc, 8 Channel, SimplexSIL3 Fault Tolerant I/O ArchitecturesA SIL3 fault tolerant processor and I/O is achieved by dual input and output moduleconfigurations with dual or triple processor modules. The processor modules operatein 1oo2D under no fault conditions, degrade to 1oo1D on the detection of the firstfault in either module and fail-safe when there are faults on both modules.Similarly the input modules operate in 1oo2D under non faulted conditions and 1oo1Don detection of the first fault in either module and will fail-safe when there are faults onboth modules.For de-energize to trip operation, the output modules operate in 2oo2D under nofault conditions, degrade to 1oo1D on detection of the first fault in either module andfail-safe when there are faults on both modules.For energize to action operation, the output modules operate in 1oo2D under no faultconditions, degrade to 1oo1D on the detection of the first fault in either module andfail-safe when there are faults on both modules.4-8 Document number 553630 Issue 7: February 2010

Chapter 4 AADvance System ArchitecturesTable 6:Modules for SIL3 Fault Tolerant ArchitecturesPositionI/P AandI/P BCPU A &CPU BO/P AandO/P BModule Type2 × 9401/2 Digital Input Module, 24V dc, 8/16 Channel, +9802 Digital Input TA, 16 Channel, Dual or2 × 9431/2 Analogue Input Module, 8/16 Channel +9832 Analogue Input TA, 16 Channel, Dual2 × 9110 Processor Module, 9100 Processor Base Unit,9300 I/O Base Unit2 × 9451 Digital Output Module, 24V dc, 8 Channel +9852 Digital Output TA, 24V dc, 8 Channel, DualSIL3 TMR Input and Processor, Fault Tolerant OutputA SIL3 TMR architecture offers the highest level of fault tolerance for an AADvancecontroller and consists of triple input modules, triple processors and dual outputmodules. The input and processor modules operate in a 2oo3D under no fault conditions,degrade to 1oo2D on detection of the first fault in any module, and degrade to1oo1D on the detection of faults in any two modules and will fail-safe when thereare faults on all three modules. For de-energized to trip operation the output modules operate in 2oo2D undernon faulted conditions and degrade to 1oo1D on detection of the first fault ineither module and fail-safe when there are faults on both modules. For energize to action operation the output modules operate a 1oo2D under nofault conditions and degrade to 1oo1D on the detection of the first fault in eithermodule and fail-safe when there are faults on both modules.In the event of a failure in any element of a channel, the channel processor will stillproduce a valid output which could be voted on because of the coupling between thechannels. This is why the triple modular redundant implementation provides aconfiguration that is inherently better than a typical 2oo3 voting system.Document number 553630 Issue 7: February 2010 4-9

<strong>AADvance</strong> <strong>Safety</strong> <strong>Manual</strong>Modules for SIL3 Fail-safe I/O, Fault Tolerant ProcessorPositionModule TypeI/P A 9401/2 Digital Input Module, 24V c, 8/16 Channel +9802 Digital Input TA, 16 Channel, Dual or9431/2 Analogue Input Module, 8/16 channel +9832 Analogue Input TA, 16 Channel, DualCPU A &CPU B2 x 9110 Processor Module, 9100 Base Unit, 9300 BaseUnitO/P A 9451 Digital Output Module, 24V dc, 8 Channel +9851 Digital Output TA, 24V dc, 8 Channel, SimplexSIL3 Fault Tolerant I/O ArchitecturesA SIL3 fault tolerant processor and I/O is achieved by dual input and output moduleconfigurations with dual or triple processor modules. The processor modules operatein 1oo2D under no fault conditions, degrade to 1oo1D on the detection of the firstfault in either module and fail-safe when there are faults on both modules.Similarly the input modules operate in 1oo2D under non faulted conditions and 1oo1Don detection of the first fault in either module and will fail-safe when there are faults onboth modules.For de-energize to trip operation, the output modules operate in 2oo2D under nofault conditions, degrade to 1oo1D on detection of the first fault in either module andfail-safe when there are faults on both modules.For energize to action operation, the output modules operate in 1oo2D under no faultconditions, degrade to 1oo1D on the detection of the first fault in either module andfail-safe when there are faults on both modules.4-8 Document number 553630 Issue 7: February 2010

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!