Safety Considerations Guide for Trident v2 Systems - TUV ...
Safety Considerations Guide for Trident v2 Systems - TUV ... Safety Considerations Guide for Trident v2 Systems - TUV ...
96 Appendix C Safety-Critical Function Blocks * 1. Convert redundancy status (TMR, GE_DUAL, GE_SINGLE) to (TMR, DUAL, SINGL, ZERO). * 2. "GE_" denotes "greater than or equal to". * 3. CO is true if CI is true and there is no programming error. * * Runtime Errors * EBADPARAM Bad parameter * CO= FALSE indicates a programming error if CI=true. * The outputs are all FALSE if there is a programming error. *=F=============================================================================== *) CO := CI ; IF CI THEN CO := GE_DUAL AND GE_SINGLE OR NOT GE_DUAL AND NOT IN_TMR; IF CO THEN TMR := IN_TMR ; DUAL := GE_DUAL AND NOT IN_TMR ; SINGL := GE_SINGLE AND NOT GE_DUAL ; ZERO := NOT GE_SINGLE ; ELSE U := ReportBadParam(0) ; TMR := FALSE ; DUAL := FALSE ; SINGL := FALSE ; ZERO := FALSE ; END_IF ; END_IF ; END_FUNCTION_BLOCK Safety Considerations Guide for Trident v2 Systems
A abbreviations, list of viii actual scan time 49 addressing error 18 alarms analog input modules 38 analog output modules 39 digital input modules 39 digital output modules 40 disabled points 23, 61 I/O modules 42 output operations 54 programming permitted 61 pulse input modules 40 remote access 61 response time 61 semaphores 43 solid-state relay output modules 40 system attributes 43 analog input modules alarms 38 diagnostics 38 analog output modules alarms 39 diagnostics 39 analysis, hazard and risk 5 ANSI/ISA S84.01 12 application-specific standards 12, 13 architecture, system 34 array index errors 47 attributes, safety and control 46 B black channel communication errors in 18 safety measures for 18 burner management systems, guidelines 21 bus, Tribus 34 C calculations, SIL examples 7 CAN/CSA-C22.2 NO 61010-1-04 13 certification, TÜV Rheinland 16 change control 26 commands Compare to Last Download 49 Download All 23 Download Change 48 TriStation 1131 48–49 Verify Last Download to the Controller 48 communication diagnostics for external 43–44 guidelines for Peer-to-Peer 23–25 serial 27 communication errors description of 18 preventing 18 Compare to Last Download command 49 connection authentication safety measure 19 control attribute 46 corruption error 18 customer support viii D data integrity assurance safety measure 19 data transfer time 65–70 DCS programs, recommendations 29 development guidelines 46 diagnostics analog input modules 38 analog output modules 39 calculation of fault reporting time 41 digital input modules 38 digital output modules 39 disabled output voter 23 external communication 43–44 main processors 42 pulse input modules 40 solid-state relay output modules 40 system 35 different data integrity safety measure 20 digital input modules alarms 39 diagnostics 38 digital output modules alarms 40 diagnostics 39 Index Safety Considerations Guide for Trident v2 Systems
- Page 55 and 56: 4 Application Development Developme
- Page 57 and 58: Array Index Errors Infinite Loops D
- Page 59 and 60: Setting Scan Time 49 application. T
- Page 61 and 62: Sample Safety-Shutdown Programs Sam
- Page 63 and 64: Sample Safety-Shutdown Programs 53
- Page 65 and 66: When Some I/O Modules Are Safety-Cr
- Page 67 and 68: Sample Safety-Shutdown Programs 57
- Page 69 and 70: Partitioned Processes Sample Safety
- Page 71 and 72: Alarm Usage Alarm Usage 61 To imple
- Page 73 and 74: A Triconex Peer-to-Peer Communicati
- Page 75 and 76: Data Transfer Time Data Transfer Ti
- Page 77 and 78: Data Transfer Time 67 A typical dat
- Page 79 and 80: Examples of Peer-to-Peer Applicatio
- Page 81 and 82: B HART Communication Overview 72 HA
- Page 83 and 84: 2008-04-01 Automation, Software and
- Page 85 and 86: 2008-04-01 HART Position Paper from
- Page 87 and 88: 2008-04-01 A possible impact to the
- Page 89 and 90: 2008-04-01 HART Position Paper from
- Page 91 and 92: C Safety-Critical Function Blocks O
- Page 93 and 94: SYS_CRITICAL_IO Accumulates the sta
- Page 95 and 96: Library Trident and Tri-GP (TRDLIB)
- Page 97 and 98: END_IF ; PREVIOUS_RESET := RESET ;
- Page 99 and 100: Output Parameters (continued) Name
- Page 101 and 102: SYS_SHUTDOWN 91 * the safety system
- Page 103 and 104: ALARM_DISABLED_POINTS := MPX.POINTS
- Page 105: Example For shutdown examples, see
- Page 109 and 110: message errors, external communicat
- Page 112: Invensys Operations Management 5601
A<br />
abbreviations, list of viii<br />
actual scan time 49<br />
addressing error 18<br />
alarms<br />
analog input modules 38<br />
analog output modules 39<br />
digital input modules 39<br />
digital output modules 40<br />
disabled points 23, 61<br />
I/O modules 42<br />
output operations 54<br />
programming permitted 61<br />
pulse input modules 40<br />
remote access 61<br />
response time 61<br />
semaphores 43<br />
solid-state relay output modules 40<br />
system attributes 43<br />
analog input modules<br />
alarms 38<br />
diagnostics 38<br />
analog output modules<br />
alarms 39<br />
diagnostics 39<br />
analysis, hazard and risk 5<br />
ANSI/ISA S84.01 12<br />
application-specific standards 12, 13<br />
architecture, system 34<br />
array index errors 47<br />
attributes, safety and control 46<br />
B<br />
black channel communication<br />
errors in 18<br />
safety measures <strong>for</strong> 18<br />
burner management systems, guidelines 21<br />
bus, Tribus 34<br />
C<br />
calculations, SIL examples 7<br />
CAN/CSA-C22.2 NO 61010-1-04 13<br />
certification, TÜV Rheinland 16<br />
change control 26<br />
commands<br />
Compare to Last Download 49<br />
Download All 23<br />
Download Change 48<br />
TriStation 1131 48–49<br />
Verify Last Download to the Controller 48<br />
communication<br />
diagnostics <strong>for</strong> external 43–44<br />
guidelines <strong>for</strong> Peer-to-Peer 23–25<br />
serial 27<br />
communication errors<br />
description of 18<br />
preventing 18<br />
Compare to Last Download command 49<br />
connection authentication safety measure 19<br />
control attribute 46<br />
corruption error 18<br />
customer support viii<br />
D<br />
data integrity assurance safety measure 19<br />
data transfer time 65–70<br />
DCS programs, recommendations 29<br />
development guidelines 46<br />
diagnostics<br />
analog input modules 38<br />
analog output modules 39<br />
calculation of fault reporting time 41<br />
digital input modules 38<br />
digital output modules 39<br />
disabled output voter 23<br />
external communication 43–44<br />
main processors 42<br />
pulse input modules 40<br />
solid-state relay output modules 40<br />
system 35<br />
different data integrity safety measure 20<br />
digital input modules<br />
alarms 39<br />
diagnostics 38<br />
digital output modules<br />
alarms 40<br />
diagnostics 39<br />
Index<br />
<strong>Safety</strong> <strong>Considerations</strong> <strong>Guide</strong> <strong>for</strong> <strong>Trident</strong> <strong>v2</strong> <strong>Systems</strong>
Change language