Safety Considerations Guide, Tricon v9.0 - Tuv-fs.com

More documents

Recommendations

Info

54 Setting Scan TimeScan OverrunsIf Scan Surplus becomes negative and a scan overrun occurs, the relevant statusattributes are set as follows:• SCAN_OVERRUNS is incremented once for each time that a longer scantime is needed.• SURPLUS_SCAN is set to a negative number to indicate the additionaltime period used by a scan overrun.SCAN_STATUSTR_SCAN_STATUS1 C1001COPOWERUPFIRSTSCANSCANREQUESTSCANSURPLUSSCANDELTADELTATSCANOVERRUNKEYSWITCHSCAN_SURPLUSSCAN_OVERRUNSFor more information, see the TriStation 1131 Developer's Guide and the TriconexLibraries Manual.Tricon Safety Considerations Guide
Sample Safety-Shutdown Programs 55Sample Safety-Shutdown ProgramsThe following section describes sample programs and methods for implementingsafety-shutdown networks.All I/O Modules Safety-CriticalThe sample program, PROGRAM EX01_SHUTDOWN, shows one way to verifythat the safety system is operating properly when every module in the safety systemis safety-critical. The example uses an instance of the Triconex Library functionblock TR_SHUTDOWN named CRITICAL_MODULES. (The sample program isan element of project ExTUV.pt2 found on the TriStation CD. The default locationof the project is C:\Program Files\Triconex\TS1131\_Tricon\Examples.)When the output CRITICAL_MODULES_OPERATING is true, all safety-criticalmodules are operating properly. The input MAX_TIME_DUAL specifies themaximum time allowed with two channels operating (with no connection defaultsto 40000 days). The input MAX_TIME_SINGLE specifies the maximum timeallowed with one channel operating (3 days in the example).Note In typical applications, continued operation in dual mode is restricted to1500 hours (two months).Continued operation in single mode is restricted to 72 hours for SIL/AK5 and onehour for SIL/AK6 guidelines.When CRITICAL_MODULES_OPERATING is false, the time in degradedoperation exceeds the specified limits; therefore, the control program should shutdown the process under safety control.! CAUTIONThe sample program called EX01_SHUTDOWN does not handle detected fieldfaults, rare combinations of faults detected as field faults, or output voter faultshidden by field faults. The application program, not the TR_SHUTDOWNfunction block, must read the NO_FLD_FLTS module status or FLD_OK pointstatus to provide the required application-specific action.For information on improving availability using external, power-disconnect relaysand advanced programming techniques, see the sample program calledEX02_SHUTDOWN.Chapter 4Application Development
Page 1 and 2:
TriconVersion 9Safety Consideration
Page 3:
AcknowledgementTriconex acknowledge
Page 6 and 7:
viRelated DocumentsRelated Document
Page 8 and 9:
viiiHow to Contact TriconexHow to C
Page 10:
xTrainingFor Turbomachinery Systems
Page 13 and 14:
xiCONTENTSAbout This Guide ........
Page 15 and 16:
xiiiAnalog Input Module Alarms ....
Page 17 and 18:
CHAPTER 1Safety ConceptsThis chapte
Page 19 and 20: Safety Overview 3Protection LayersT
Page 21 and 22: Hazard and Risk Analysis 5Hazard an
Page 23 and 24: Hazard and Risk Analysis 7Completio
Page 25 and 26: Hazard and Risk Analysis 9Equation
Page 27 and 28: Hazard and Risk Analysis 11Flowchar
Page 29 and 30: Hazard and Risk Analysis 13Some key
Page 31 and 32: Safety Standards 15Safety Standards
Page 33 and 34: Safety Standards 17Application-Spec
Page 35 and 36: CHAPTER 2Application GuidelinesThis
Page 37 and 38: General Guidelines 21• Under cert
Page 39 and 40: Guidelines for Tricon Controllers 2
Page 53 and 54: CHAPTER 3Fault ManagementThis chapt
Page 55 and 56: System Diagnostics 39System Diagnos
Page 57 and 58: Operating Modes 41Operating ModesEa
Page 59 and 60: Module Diagnostics 43Module Diagnos
Page 61 and 62: Module Diagnostics 45Relay Output M
Page 63 and 64: Module Diagnostics 47System Attribu
Page 65 and 66: CHAPTER 4Application DevelopmentThi
Page 67 and 68: Important TriStation Commands 51Imp
Page 69: Setting Scan Time 53Setting Scan Ti
Page 73 and 74: Sample Safety-Shutdown Programs 57I
Page 75 and 76: Sample Safety-Shutdown Programs 59A
Page 77 and 78: Sample Safety-Shutdown Programs 61P
Page 79 and 80: Sample Safety-Shutdown Programs 63O
Page 81 and 82: Sample Safety-Shutdown Programs 65D
Page 83 and 84: Sample Safety-Shutdown Programs 67P
Page 85 and 86: APPENDIX APeer-to-Peer Communicatio
Page 87 and 88: Data Transfer Time 71ParameterTS =S
Page 89 and 90: Examples of Peer-to-Peer Applicatio
Page 91 and 92: TR_CRITICAL_IO Function Block 75TR_
Page 93 and 94: TR_CRITICAL_IO Function Block 77Par
Page 95 and 96: TR_CRITICAL_IO Function Block 79Str
Page 97 and 98: TR_CRITICAL_IO Function Block 81CO
Page 99 and 100: TR_SHUTDOWN Function Block 83Parame
Page 101 and 102: TR_SHUTDOWN Function Block 85Relate
Page 103 and 104: TR_SHUTDOWN Function Block 87* Exam
Page 105 and 106: TR_SHUTDOWN Function Block 89TIMER_
Page 107 and 108: TR_VOTE_MODE Function Block 91Param
Page 109 and 110: TR_VOTE_MODE Function Block 93Appen
Page 111 and 112: APPENDIX BShutdown Function BlocksT
Page 113 and 114: TR_CRITICAL_IO Function Block 974 R
Page 115 and 116: TR_CRITICAL_IO Function Block 99Rel
Page 117 and 118: TR_CRITICAL_IO Function Block 101*
Page 119 and 120: TR_SHUTDOWN Function Block 103TR_SH
Page 121 and 122:
TR_SHUTDOWN Function Block 105Param
Page 123 and 124:
TR_SHUTDOWN Function Block 107Struc
Page 125 and 126:
TR_SHUTDOWN Function Block 109IF CI
Page 127 and 128:
TR_VOTE_MODE Function Block 111TR_V
Page 129 and 130:
TR_VOTE_MODE Function Block 113Stru
Page 131 and 132:
Index 115IndexAactual scan time 53a
Page 133 and 134:
Index 117Modbus master functions 25
Page 135 and 136:
Index 119timescan 53TMR architectur
show all

Safety Considerations Guide, Tricon v9.0 - Tuv-fs.com

Create successful ePaper yourself

Delete template?

Save as template?