BS EN ISO 13849-2-2010.pdf



Search



Home



Saved

0

0 views



Upload

Sign In

RELATED TITLES

0

BS EN ISO 13849-2-2010.pdf Uploaded by Ja Chezz



Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music

Phases of Requirement

1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



Draft Draft for Public Comment Comment

DPC: 10/3

BSI Group headquarters

389 Chiswick Chiswick High High Road London W4 4AL Tel: +44 (0)20 8996 9000 Fax: +44 (0)20 8996 7400 www.bsigroup.com

Latest date for receipt of comments: 10 Septembe Septemberr 2010 2010 Responsible committee:

MCE/3 Safeguarding of machinery

Interested committees:

ALL MCE/3 SUBCOMMITTEES

Title:

Project n

Draft BS EN ISO 13849-2 Safety of machinery - Safety-related parts of control systems Part 2: Validation

Supersession information: If this document is published as a standard, the UK implementation of it BSENISO13849-2 : 2008 and partially supersede. NONE If you are aware of a current national stan may be affected, please notify the secretary (contact details below).

WARNING: THIS IS A DRAFT AND MUST NOT BE REGARDED OR USED AS A BRITISH S THIS DRAFT IS NOT CURRENT BEYOND 10 September 2010.

This draft is issued to allow comments from interested parties; all comments will be given considerat publication. No acknowledgement will normally be sent. See sent. See overleaf overleaf for information on commenti

No copying is allowed, in any form, without prior written permission from BSI except as permitted un Copyright, Designs and Patent Act 1988 or for circulation within a nominating organization for briefin Electronic circulation is limited to dissemination by e-mail within such an organization by committee m  Read Free Foron 30this Days Sign up to vote title  900 Further copies of this draft may be purchased from BSI Customer Services, Tel: +44(0) 20 8996 Useful Not useful   available from BSI Cu [email protected].. British, International and foreign standards [email protected] are also Cancel anytime. Special offer for students: Only $4.99/month. Information on the co-operating organizations represented on the committees referenced above may from the responsible committee secretary.

Master your semester with Scribd & The New York Times





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music

Master your semester with Scribd & The New York Times Special offer for students: Only $4.99/month.



Upload

Sign In

Read Free For 30 Days Cancel anytime.

Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

Commisioning

 

Ch4

 Search document



Introduction This draft standard is based on international discussions in which the UK has taken an active part. Your com on this draft are invited and will assist in the preparation of the consequent standard. Comments submitted reviewed by the relevant BSI committee before sending the consensus UK vote and comments to the interna secretariat, which will then decide appropriate action on the draft and the comments received.

If the international standard is approved, it is possible the text will be published as an identical British Standa

UK Vote Please indicate whether you consider the UK should submit a negative (with reasons) or positive vote on this

Submission The guidance given below is intended to ensure that all comments receive efficient and appropriate attention responsible BSI committee. An notat no tat ed draf d raf ts are not n ot acc ept abl e and w il l b e rej ect ed.

All comments must be submitted, preferably electronically, to the Responsible Committee Secretary at the ad given on the front cover. Comments should be compatible with Version 6.0 or Version 97 of Microsoft® Microsoft® Wor Windows™, if possible; otherwise comments in ASCII text format are acceptable. An y c ommen om ments ts not no t s ub electroni electroni cally shoul d sti ll adhere to these format requirements. requirements.

All comments submitted should be presented as given in the example below. Further information on submitt comments and how to obtain a blank electronic version of a comment form are available from the BSI web si http://www.bsigroup.com/en/Standards-and-Publications/Current-work/DPCs/

Template Te mplate for co mments and secretariat observations

Date: xx/xx/200x

Document: ISO/D

1

2

(3)

4

5

(6)

MB

Clause No./ Subclause No./ An nex (e.g. 3.1)

Paragraph/ Figure/Table/ Note (e.g. Table 1)

Type of comment

Comment (justification for change) by the MB

Proposed change by the MB

3.1

Definition 1

ed

Definition is ambiguous and needs clarifying.

Amend to read ‘... so that the mains connector to which no connection ...’

6.4

Paragraph 2

te

The use of the UV photometer as an alternative cannot be supported as serious problems have been encountered in its use in the UK.

Delete reference to UV photometer.

Secreta observat on each co submitt

Microsoft and MS-DOS are registered trademarks, and Windows is a trademark of Microsoft Corporation.


Read Free Foron 30this Days Sign up to vote title



Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

EUROPEAN STANDARD NORME EUROPÉENNE

Commisioning

Ch4

 Search document



DRAFT prEN ISO 13849-2

EUROPÄISCHE NORM May 2010 ICS 13.110

Will supersede EN IS

English Version

Safety of machinery - Safety-related parts of control systems Part 2: Validation (ISO/DIS 13849-2:2010) Sécurité des machines - Parties des systèmes de commande relatifs à la sécurité - Partie 2: Validation (ISO/DIS 13849-2:2010)

Sicherheit von Maschinen und Sicherheitsbezogene Teile von Steue Validierung (ISO/DIS 13849-2

This draft European Standard is submitted to CEN members f or parallel enquiry. It has been drawn up by the Technical C CEN/TC 114.

If this draft becomes a European Standard, CEN members are bound to comply with the CEN/CENELEC Internal Regula stipulate the conditions for giving this European Standard the status of a national standard without any alteration.

This draft European Standard was established by CEN in three official versions (English, French, German). A version in a made by translation under the responsibility of a CEN member into its own language and notified to the CEN Managemen same status as the official versions.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denma Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, N Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and United Kingdom.

Recipients of this draft are invited to submit, with their comm ents, notification of any relevant patent rights of which they a provide supporting documentation.

Warning : This document is not a European Standard. It is distributed for review and comments. It is subject to change w

shall not be referred to as a European Standard.





Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

1

Download



News



Documents


of 87

 

Commisioning

Ch4

 Search document



ISO/DIS DIS DRAFT INTERNATIONAL STANDARD ISO/



Sheet Music

INTERNA INTERN ATION TIONAL AL ORGA ORGANIZA NIZATION FOR ST STANDA ANDARDIZA RDIZATION

ISO/TC 199

Secretariat: DIN

Voting begins b egins on: 2010-05-27

Voting terminates ter minates on: 2010-10-27

•

МЕЖДУНАРОДНАЯ МЕЖДУНАРО ДНАЯ ОРГАНИЗАЦИЯ ПО СТАНД СТАНДАРТИЗАЦИИ АРТИЗАЦИИ

•

ORGANISA ORGAN ISATION INTER INTERNA NATIONA TIONA

Safety of machinery Safety machinery — Safety-related Safety-related parts of control control syst sy stem ems s— Part 2: Validation Sécurité des machine machines s — Parties des systèmes systèmes de commande commande relatifs relatifs à la sécurité sécurité — Partie 2: Validat Validation ion

[Revision [Rev ision of first edition (ISO 13849-2: 13849-2:2003)] 2003)] ICS IC S 13 13.1 .110 10 ISO/CEN PARALLEL PROCESSING

This draft has been developed within the International Organization for Standardization (ISO) ISO-lead mode processed under the ISO-lead mode of collaboration as defined in the Vienna Agreement.

This draft is hereby submitted to the ISO member bodies and to the CEN member bodies for a pa five-month enquiry enquiry..

Should this draft be accepted, a final draft, established on the basis of comments received, w submitted to a parallel two-month approval vote in ISO and formal vote in CEN.

Master your semester with Scribd  Read Free For 30 Days Sign15/1993 up to vote on this title is circulate In accordance with the provisions of Council Resolution this document  the English language only. only. & The New York Times Useful Not useful   Cancel anytime.

Special offer for students:Conformément Only $4.99/month. aux dispositions de la Résolution du Conseil 15/1993, ce document est distr en version anglaise seulement.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS ISO/D IS 1384 13849-2 9-2

PDF disclaimer

This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editin downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secre accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated.

Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-crea parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. I unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.

Copyright notice

This ISO document is a Draft International Standard and is copyright-protected by ISO. Except as perm Master semester Scribd  it ma under your the applicable laws of thewith user's country, neither this ISO draft nor any extract from Read Free Foron 30this Days Sign up to vote title  reproduced, stored in a retrieval system or transmitted in any a ny form or by any means, electronic, photocop & The New York Times Useful Not useful   recording or otherwise, without prior written permission being secured. Cancel anytime.

Special offer for students: Only $4.99/month. Requests for permission to reproduce should be addressed to either ISO at the address below or I





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Upload

Sign In

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Contents

Foreword ................................................................................. ........................................................................................................................................... ..........................................................

Introduction....................................................................................................................................... 1

Scope ............................................................................................ .................................................................................................................................... ........................................

2

Normative references ................................................................. .......................................................................................................... .........................................

3

Terms and definitions ........................................................................................................

4 4.1 4.2 4.3 4.4 4.5 4.6

Validation process........................................................................................................... Validation principles ................................................................................................... ........................................................................................................... ........ Validation plan ........................................................................................ ..................................................................................................................... ............................. Generic fault lists ......................................................................... ................................................................................................................ ....................................... Specific fault lists ............................................................................ ................................................................................................................ .................................... Information for validation ................................................................................................. Validation record .............................................................................. ................................................................................................................. ...................................

5 5.1 5.2

Validation by analysis ......................................................................................... ......................................................................................................... ................ General ................................................................................... ................................................................................................................................. .............................................. Analysis techniques ......................................................................................... ............................................................................................................ ...................

6 6.1 6.2 6.3 6.4

Validation by testing .............................................................................................. ........................................................................................................... ............. General ................................................................................... ................................................................................................................................. .............................................. Measurement accuracy accuracy...................................................................... ....................................................................................................... ................................. Higher requirements ........................................................................................................ Number of test samples......................................................................................................

7

Validation of safety requirements specification .............................................................

8

Validation of safety functions ...........................................................................................

9 9.1 9.2 9.3 9.4

Validation of performance levels and categories ........................................................... Analysis and testing of performance levels and categories.......................................... Validation of category specifications ............................................................................... Validation of MTTFd, DCavg and CCF.................................................................................. Validation of measures against systematic failures related to performance level and category of SRP/CS.............................................................................................................  9.5 Validation of safety-related software................................................................................. Read Free Foron 30this Days Sign up to vote title  9.6 Validation and verification of the performance level ...................................................... Useful Not useful   9.7 Validation of combination of safety-related parts............................................................ Cancel anytime. Special offer for students: Only $4.99/month. 10 Validation of environmental requirements ......................................................................






Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards b (ISO member bodies). The work of preparing International Standards is normally carried out through technical committees. Each member body interested in a subject for which a technical committee has established has the right to be represented on that committee. International organizations, governmenta non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.

The main task of technical committees is to prepare International Standards. Draft International Stand adopted by the technical committees are circulated to the member bodies for voting. Publication a International Standard requires approval by at least 75 % of the member bodies casting a vote.

Attention is drawn to the possibility poss ibility that some of the elements of this document docum ent may m ay be the subject of p rights. ISO shall not be held responsible for identifying any or all such patent rights. ISO 13849-2 was prepared by Technical Committee ISO/TC 199, Safety of machinery .

This second edition cancels and replaces the first edition (ISO 13849-2:2003), which has been techni revised in order to adapt to ISO 13849-1:2006. In addition the new Annex E provides an example fo validation of fault behaviour and diagnostic means. ISO 13849 consists of the following parts, under the general title Safety of machinery — Safety-related of control systems: systems : ⎯

Part 1: General principles for design

⎯

Part 2: Validation

Annexes A to D are informative and structured as given in Table 1. Table 1 — Structure of the clauses of Annexes A to D

Master yourTechnology semester with ScribdList of well-tried Annex List of basic List of Read Free Forwell-tried 30this Days Sign up to vote on title safety principles safety principles components & The New York Times  Useful  Not useful Special offer for students: Only $4.99/month.

Cancel anytime.

Clause



Fault lists a  fault exclusion





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Introduction This document is a type-B standard as stated in ISO 12100-1. The requirements of this document can be supplemented or modified by a type-C standard.

For machines which are covered by the scope of a type-C standard and which have been design according to the requirements of that standard, the requirements of that type-C standard take This International Standard specifies the validation process, including both analysis and testing, f functions, categories and performance levels for the safety–related parts of control systems. procedures and conditions in this International Standard are based on the assumption that th Procedure described in ISO 13849-1:2006, 4.5.4 is used for the estimation of Performance Leve a different procedure is used (e.g. Markov modelling), then some parts of this standard can not b and additional requirements can be necessary. This standard does not provide guidance specif case when other procedures are used to estimate PL.

Descriptions of the safety functions and the requirements for the categories and performance leve in ISO 13849-1 which deals with the general principles f or design. Some Som e requirements for general and some are specific to the technology used. ISO 13849-2 also specifies the conditions the validation by testing of the safety-related parts of control systems should be carried out.

ISO 13849-1 specifies the safety requirements and gives guidance on the principles for the ISO 12100-1) of the safety-related parts of control systems. For these parts it specifies ca performance levels and describes the characteristics of their safety functions, regardless of the ty used.

The achievement of the requirements can be validated by any combination of analysis (see Cl testing (see Clause 6). The analysis should be started as early as possible within the design proce





Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 


Commisioning

Ch4

 Search document




Useful



Not useful

Cancel anytime.



 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document

DRAFT INTERNATIO INTERNATIONAL NAL STANDARD



ISO/D

Safety of machinery Safety machinery — Safety-related Safety-related parts of control control syst sy stem ems s— Part 2: Validation 1

Scope

This International Standard specifies the procedures and conditions to be followed for the v analysis and testing of: ⎯

the safety functions provided, and

⎯

the category achieved, and

⎯

the performance level achieved

of the safety-related parts of the control system (SRP/CS) in compliance with ISO 13849-1, usin rationale provided by the designer. NOTE Requirements for programmable electronic systems, including embedded software, ISO 13849-1:2006, 4.6 and al so IEC 61508-series.

2

Normative references

The following referenced documents are indispensable for the application of this documen references, only the edition cited applies. For undated references, the latest edition of the document (including any amendments) applies.

ISO 12100-1, Safety of machinery — Basic concepts, general principles pri nciples for design — P terminology, methodology

ISO 13849-1:2006, Safety of machinery — Safety-related parts of control systems — Par principles for design

Master your semester with Scribd  3 Terms and definitions Read Free Foron 30this Days Sign up to vote title  & The New York Times Useful Not useful   For the purposes of this document, the terms and definitions given in ISO 13849-1 apply. Special offer for students: Only $4.99/month.

Cancel anytime.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

⎯

the requirements of the specified category (see ISO 13849-1:2006, 6.2);

⎯

the measures for control and avoidance of systematic failures (see ISO 13849-1:2006, Anne and

⎯

if applicable, applicable, the requirements of the software (see ISO 13849-1:2006, 4.6);

⎯

the ability to perform a safety function under expected environmental conditions.

NOTE Validation of the design of SRP/CS includes review activities. Validation and review should be person(s) other than designer(s) of the relevant item. Review should be based on the safety requirements specif and design documentation.

Validation consists of applying analysis and executing functional tests under normal conditions in accord with the validation plan. Figure 1 gives an overview of the validation process. The balance bet ween analysis and testing depends on the technology and performance level. Where necessary for Category and 4 the safety function shall be validated by testing also under fault conditions.

The analysis should be started as early as possible and in parallel with the design process, so that prob can be corrected early whilst they are still relatively easy to correct, i. e. during steps “design and tech realisation of the safety function” and “evaluate the performance level PL” [box 4 and 5 of Figure ISO 13849-1:2006]. It can be necessary for some parts of the analysis to be delayed until the design is developed.

For large systems, due to the size, complexity or integrated form (with the machinery) of the control sys special arrangements may be made for: ⎯

validation of the SRP/CS separately before integration including simulation of the appropriate inpu output signals;

⎯

validation of the effects of integrating safety-related parts into the remainder of the control system w the context of its use in the machine.





Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/D





Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

a) the identity of the specification documents; b) the operational and environmental conditions conditions during testing; c)

the analyses and tests to be applied;

d) the reference to test standards to be applied; e) the persons or parties who are responsible for each validation part.

Safety-related parts which have previously been validated to the same specification need only a referen that previous validation.

4.3

Generic fault lists

The validation process involves consideration of behaviour of the SRP/CS for all faults to be considere basis for fault consideration is given in the fault lists in the informative annexes (A.5, B.5, C.5 and D.5) w are based on experience. The generic fault lists contain: ⎯

the components/elements to be included, e. g. conductors/cables (see D.5.2);

⎯

the faults to be taken into account, e. g. short circuits between conductors;

⎯

the permitted fault exclusions taking taking into account environmental, operating and application aspects;

⎯

a remarks section giving the reasons for the fault exclusions.

In the fault lists only permanent faults are taken into account.

4.4

Specific fault lists

A specific product-related fault list shall be generated as a reference document for the validation proce the safety-related part(s). The list can be based on the appropriate generic list(s) found in the annex(es). Where the specific product-related fault list is based on the generic list(s) it shall state: ⎯

the faults taken from the generic list(s) to be included;

other relevant faults to be with included Scribd but not given in the generic list (e. g. common cause failures) Masteranyyour semester  Read Free Foron 30this Days Sign up to vote title  faults York taken from taken the generic list(s) which may be excludedonUseful the basis that t the he criteria given i & Thethe New Times Not useful  generic list(s) (see ISO 13849-1:2006, 7.3) are satisfied; ⎯ ⎯

Special offer for students: Only $4.99/month. and, exceptionally

Cancel anytime.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

a) specification of the performance level;

required characteristics of each safety function, and its required c

b) drawings and specifications, e. g. for mechanical, hydraulic and pneumatic parts, printed assembled boards, internal wiring, enclosure, materials, mounting; c)

block diagram(s) diagram(s) with functional description of the the blocks;

d) circuit diagram(s) including interfaces/connections; e) functional description of the circuit diagram(s); f)

time sequence diagram(s) for switching components, signals relevant for safety;

g) description of the relevant characteristics of components previously validated;

h) for other safety-related safety-related parts (excluding those listed in g)) component lists with with item design values, tolerances, relevant operating stresses, type designation, failure rate data and manufacturer and any other data relevant for safety; i)

analysis of all relevant faults (see also 4.2) listed e. g. in A.5, B.5, C.5 C.5 and D.5, including of any excluded faults;

j)

an analysis of the influence of processed materials;

k)

information for use, use, e.g. installation and operation manual.

Where software is relevant to the safety function(s), the software documentation shall include: 1)

a specification which is clear and unambiguous and states the safety performance the required to achieve, and

2)

evidence that the software is designed to achieve the required performance level, and

3)

details of tests (in particular test reports) carried out to prove that the required safety pe achieved.

Information is required on how the performance level and average probability of a dangerous fail is determined. The documentation of the quantifiable aspects shall include:

Master your semester with Scribd  arch 1) the safety-related block diagram (see ISO 13849-1:2006, Annex B) or designated Read Free Foron 30this Days Sign up to vote title  ISO 13849-1:2006, 6.2); & The New York Times Useful Not useful   Special offer for students: Onlydetermination $4.99/month. of MTTF d, DC(avg) and CCF; 2) the

Cancel anytime.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

1

Download



News



Documents



Sheet Music


of 87

 

Commisioning

Ch4



 Search document

ISO/DIS 13849-2

Table 2 — Documentation requirements for categories as part of the performance levels Documentation requirement

Category for which documentation is required B

1

2

3

Basic safety principles

X

X

X

X

Expected operating stresses

X

X

X

X

Influences of processed material

X

X

X

X

Performance during other relevant external influences

X

X

X

X

Well–tried components

–

X

–

–

Well–tried safety principles

–

X

X

X

Mean time to dangerous failure (MTTFd) of each channel

X

X

X

X

The check procedure of the safety function(s)

–

–

X

–

Diagnostic measures which are performed including fault reaction

–

–

X

X

Checking intervals, when specified

–

–

X

X

Diagnostic coverage (DCavg)

–

–

X

X

Foreseeable, single faults considered in the design and the detection method used

–

–

X

X

The common cause failures identified and how prevented

–

–

X

X

The foreseeable, single faults excluded

–

–

–

X

The faults to be detected

–

–

X

X

The variety of accumulations of faults considered in the design

–

–

–

–

How the safety function is maintained in the case of each of the fault(s)

–

–

–

X

How the safety function is maintained for each of the combination(s) of faults

–

–

–

–

Measures against systematic faults

X

X

X

X

Measures against software faults

X

–

X

X

– documentation is not required with Scribd Master your semester & The New York Times X

4

X

documentation required;




Useful



Not useful

Cancel anytime.

The categories mentioned in Table 2 are those given in ISO 13849-1:2006. SpecialNOTE offer for students: Only $4.99/month.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

1

Download



News



Documents



Sheet Music


of 87

 

Commisioning

Ch4

 Search document



ISO/D

5 5.1

Validation by analysis General

The validation of SRP/CS shall be carried out by analysis. Inputs to the analysis include: ⎯

the safety function(s) and the required performance level(s) identified during the risk a ISO 13849-1:2006, Figure 1 and 3);

⎯

the reliability (MTTF d, DCavg and CCF) (see ISO 13849-1:2006, 4.2 to 4.5);

⎯

the system structure (e.g. designated architectures) (see ISO 13849-1:2006, 4.2 to 4.5, Claus

⎯

the non–quantifiable, qualitative aspects aspects which affect system system behaviour (see ISO 13849-1: 4.5);

⎯

deterministic arguments.

Validation of the safety functions by analysis rather than testing requires the formulation of arguments.

NOTE 1 A deterministic argument is an argument based on qualitative aspects (e. g. quality of manu rates, experience of use). This consideration is depending on the application. This and other factors deterministic arguments.

NOTE 2 Deterministic arguments differ from other evidence evidence in that they show that the required propertie follow logically from a model of the system. Such arguments can be constructed on the basis of simple, w concepts, such as the correctness of a mechanical interlock.

5.2

Analysis techniques

The technique of analysis to be chosen depends upon the goal to be achieved. Two basic types o exist:

a) Top–down (deductive) techniques are suitable for determining the initiating events that identified top events, and calculating the probability of top events from the probability of events. They can also be used to investigate the consequences of identified multiple faults. top–down techniques are Fault Tree Analysis (FTA – see IEC 61025) and Event Tree Analysis

Master your semester with Scribd b) Bottom–up (inductive) techniques are suitable for investigating the consequence of  identified Read Free For 30 Days Sign up to vote on this title Examples of bottom–up techniques are Failure Modes and Effects Analysis (FMEA – see  IEC & The NewFailure York Times Modes, Effects and Criticality Analysis (FMECA). Useful  Not useful Special offer for students: Only $4.99/month.

Cancel anytime.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

3)

the chronology of the tests.

b) Test records shall be produced that include the following:

c)

1)

the name of the person carrying out the test;

2)

the environmental conditions (see Clause 10);

3)

the test procedures and equipment used;

4)

the date of the test;

5)

the results of the test.

The test records shall be compared with with the test plan to give assurance that the specified functiona performance targets are achieved.

The test sample shall be operated as near as possible to its final operating configuration, i. e. wi peripheral devices and covers attached. This testing can be applied manually or automatically, e. g. by computer.

Where applied, validation of the safety functions by testing shall be carried out by applying input signa various combinations, to the SRP/CS. The corresponding outputs shall be compared to the approp specified outputs.

It is recommended that the combination of these input signals be applied systematically to the control sy and the machine. An example of this logic is: power-on, start-up, operation, directional changes, resta Where necessary, an expanded range of input data shall be applied to take into account anomalou unusual situations to see how the SRP/CS respond. Such combinations of input data shall take into acc foreseeable incorrect operation(s).

The objectives of the test will determine the environmental conditions for that test. These conditions can b a) the environmental conditions of intended use, or b) conditions at a particular rating, or c)

a given range of conditions if drift is is expected. expected.

Master your semester with Scribd  NOTE The range of conditions which is considered stable and over which the tests are valid should be Read Free For 30this Days Sign up to vote on title  between the designer and the person(s) responsible for carrying out the tests and should be recorded. & The New York Times  Useful  Not useful Special6.2 offer for students: Only $4.99/month. Measurement accuracy

Cancel anytime.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/D

f)

linear measurements.

Deviations from these measurement accuracies shall be justified.

6.3

Higher requirements

If, according to its accompanying documentation, the requirements for the control system exceed this standard, the higher requirements shall apply.

NOTE Such higher requirements can apply if the control system has to withstand particularly conditions, e. g. rough handling, humidity e ffects, hydrolysation, ambient temperature variations, effec agents, corrosion, high strength of electromagnetic fields, for e xample due to close proximity of transmitters

6.4

Number of test samples

Unless otherwise specified, the tests shall be made on a single production sample of the safety–re which should withstand all the relevant tests. Safety–related part(s) under test shall not be modified during the course of the tests.

Some tests can permanently change the performance of some components. Where the permane the components causes the safety–related part to be incapable of meeting its design specific sample(s) shall be used for subsequent tests.

Where a particular test is destructive and equivalent results can be obtained by testing part of the isolation, a sample of that part may be used instead of the whole safety-related part(s) for the obtaining the results of the test. This approach shall only be applied where it has been shown by a testing of a safety–related part(s) is sufficient to demonstrate the safety performance of the w related part that performs the safety function.

7

Validation of safety requirements specification

Previous to the validation of the design of the SRP/CS or the combination of SRP/CS providin function, the requirement specification for the safety function shall be confirmed. NOTE Safety requirements specification should be analysed before starting the design since every based on these requirements.

Master your with Scribd It shall besemester ensured that requirements for all safety functions of the machine control system are doc Read Free Foron 30this Days Sign up to vote title  & The New York Times Useful Not useful In order to validate the specification, appropriate measures against systematic faults (errors, o   should be applied. Special offer forinconsistencies) students: Only $4.99/month.

Cancel anytime.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

8

Validation of safety functions

Validation of safety functions shall demonstrate that operation of the designed SRP/CS or combinatio SRP/CS providing the safety function is in accordance with the specified characteristics.

NOTE 1 Failures of the safety functions, in the absence of hardware fault, are due to systematic systematic faults duri design and integration stages (e.g. a misinterpretation of the safety function characteristics, an error in the logic des error in hardware assembling, an error in typing the code of software, etc). Some of the faults will be revealed duri design process through verifications, but others will pass unnoticed or they will not lead to a fault until the de advanced. In addition it is also possible to make an error (e.g. leave out some characteristic without checking) duri validation process.

Validation of the specified characteristics of the safety functions shall be achieved by the applicatio appropriate measures from the following list: ⎯

functional analysis of schematics, reviews of the program (see 9.5);

NOTE 2 Where a machine has complex complex or a large number of safety functions, the analysis can redu number of functional tests. ⎯

simulation;

⎯

inspection of the hardware components installed in the machine and the software to confirm confirm correspondence with the documentation (e.g. manufacture, type, version);

⎯

functional testing of the safety functions (in accordance with ISO 13849-1:2006, Clause 5) in all oper modes of the machine. The functional testing shall ensure that all safety–related outputs are realised their complete ranges. These will include overload tests. The test cases are normally derived from specifications but could also include some cases derived from analysis of the schematics or program

⎯

extended functional testing to check foreseeable abnormal signal or combinations of signals signals from input source including power interruption and restoration and incorrect operations;

⎯

checking the operator-SRP/CS interface for fulfilment of ergonomic principles principles (see ISO 13849-1:2 4.8)

NOTE 3 Other measures measures against systematic failures mentioned in 9.4 (e.g. diversity, failure detection by tests) could also contribute in the detection of functional faults.

Master your semester with Scribd 9 Validation of performance levels and categories Read Free Foron 30this Days Sign up to vote title & The New York Times  Useful  Not useful 9.1 Analysis and testing of performance levels and categories Special offer for students: Only $4.99/month.

 

Cancel anytime.

Validation of performance levels and categories of the SRP/CS or the combination of SRP/CS providin





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

1

Download



News



Documents



Sheet Music


of 87

 

Commisioning

Ch4

 Search document



ISO/D

In some applications it may be necessary to divide the connected safety–related parts into sever groups and to submit these groups and their interfaces to fault simulation tests. When carrying out validation by testing, the tests can include as appropriate: ⎯

fault injection tests into a production sample;

⎯

fault injection tests into a hardware model;

⎯

software simulation of faults;

⎯

subsystem failure, e. g. power supplies.

The precise instant at which a fault is injected into a system can be critical. The worst case eff injection should be determined by analysis and the fault injected at this appropriate critical time effect.

9.2

Validation of category specifications

9.2.1

Category B

The SRP/CS to category B shall be validated in accordance with basic safety principles (see A.2, D.2) by demonstrating that the specification, design, construction and choice of compon accordance with ISO 13849-1:2006, 6.2.3. The MTTF d of the channel shall be demonstrated to 3 years. This shall be achieved by checking that the SRP/CS are in accordance with its spe provided in the documents for validation (see 4.5). For the validation of environmental conditions s NOTE

9.2.2

In particular cases higher values of MTTFd can be required, for example when PLr = = b.

Category 1

SRP/CS to category 1 shall be validated by demonstrating that: a) they meet the requirements of of category B;

b) components are well–tried (see A.4 and D.4) by meeting at least one of the following condition 1)

they have been widely used in the past with successful results in similar applications;

Master your semester with Scribd  2) they have been made and verified using principlesRead which demonstrate their suitability Free Foron 30this Days Sign up to vote title  for safety-related applications; & The New York Times Useful Not useful   Cancel anytime.

Special offer forc)students: Onlysafety $4.99/month. well-tried principles (where applicable see A.3, B.3, C.3 and D.3) have been implemen Where newly developed principles have been used then the following shall be validated:





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

b)

the well–tried well–tried safety principles used (if applicable) meet the requirements of 9.2.2 c);

c)

the checking equipment detects all all relevant faults applied one at a time during the checking process generates an appropriate control action which: 1)

initiates a safe state, or when when this this is not possible,

2)

provides a warning of the hazard;

d)

the check(s) provided by checking equipment do not introduce an unsafe state;

e)

the initiation of the check is carried out 1)

at the machine start–up and prior to the initiation of an hazardous situation, and

2)

periodically during operation if the risk assessment and the kind of operations show that necessary;

f)

the MTTF d of the functional channel (MTTF d,L) is at least 3 years;

g)

the MTTF d,TE larger than half of MTTF d,L;

h)

demand rate ≤ test rate/100;

i)

the DCavg is at least 60 %;

j)

the common cause failures are sufficiently reduced (see ISO 13849-1:200 6, Annex F).

NOTE

9.2.4

In particular cases higher values of MTTFd can be required, for example due to high PLr .

Category 3

SRP/CS to category 3 shall be validated by demonstrating that: a)

they meet the requirements of category B;

b)

the well–tried well–tried safety principles (if (if applicable) meet the requirements of 9.2.2 c);

c)

a single fault does not lead to the loss of the safety function;

Master your semester with Scribd  Read Free Foron 30this Days Sign up to with vote title rationale d) single faults (including common mode faults) are detected in accordance the design  applied;Times & Thetechnology New York Useful Not useful   Special offer for students: Only $4.99/month. e) the MTTF d of each channel is at least 3 years;

Cancel anytime.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/D

c)

a single fault (including common mode faults) does not lead to the loss of the safety function;

d)

single faults are detected at or before the next demand on the safety function.

e)

if d) is not possible, possible, an accumulation of faults does not lead to the loss of the safety fun extent of the accumulation of faults considered shall be in accordance with the design rationa

f)

the MTTFd of each channel is at least 30 years;

g)

the DCavg is at least 99 %;

h)

the common cause failures are sufficiently reduced (see ISO 13849-1:2006, Annex F).

9.3

Validation of MTTFd, DCavg and CCF

The validation of MTTFd, DCavg and CCF is typically performed by analysis and visual inspection.

The MTTFd-values for components (including B 10d-, T10d- and nop-values) shall be checked for pla against ISO 13849-1:2006, Annex C). For example the documentation of the origin of these val checked.

The MTTFd of each channel of the SRP/CS, including symmetrisation, shall be checked for correc

The DC-values for components or blocks shall be checked for comprehensive documentation ( ISO 13849-1:2006, Annex E). The correct implementation (hardware and software) of checks and including appropriate fault reaction shall be validated by testing under typical environmental condit The DCavg of the SRP/CS shall be checked for correct calculation.

The correct implementation of sufficient measures against common cause failures shall be val against ISO 13849-1:2006, Annex F). Typical validation measures are static hardware analysis an testing under environmental conditions.

NOTE For the calculation of the MTTFd values of electronic components, an ambient temperature of as a basis. During validation, it is important to ensure that, for MTTFd values, the environmental and functio (in particular temperature) taken as basis are met. Where a device, or component, is operated significan more than 15°C) the specified temperature of +40°C, it will be necessary to use MTTFd values for the incre temperature.

9.4 Validation of measures systematic failures systematic failures related related to performance Master your semester withagainst Scribd  Read Free Foron 30this Days Sign up to vote title category of SRP/CS  & The New York Times Useful Not useful   Validation of measures m easures against systematic failures (definition see ISO 13849-1:2006, 3.1.7 Cancel anytime.

Special offer for students: Only $4.99/month. performance levels and categories of each SRP/CS can typically be provided by:





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Upload

Sign In

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

⎯

inspection and testing of data communication, where used;

⎯

check that a quality management system avoids avoids causes of systematic systematic failures in the manufact process.

9.5

Validation of safety-re safety-related lated software

The validation of both safety-related embedded software (SRESW) and application software (SRASW) include: ⎯

the specified functional behaviour behaviour and performance criteria (e. g. timing performance) of the so when executed on the target hardware

⎯

the specified PLr for the SRP/CS in which the software will be used;

⎯

measures and activities taken during software development to avoid avoid systematic software faults.

As a first step, it shall be checked that there is a documentation of the specification and design of the related software. This documentation shall be reviewed to check its completeness and absence of erron interpretations, omissions or inconsistencies.

NOTE In case of small programs, an analysis of the program by means of reviews or walk-through of contro procedures, etc using the software documentation (control flow chart, source code of modules or blocks, I/O and va allocation lists, cross-reference lists) can be sufficient.

In general, software can be considered as a "black box" or "grey box" (see ISO 13849-1:2006, 4.6.2) validated by the black-box tests or grey-box tests respectively.

Depending on the PLr [ISO 13849-1:2006, 4.6.2 (for SRE SW) and 4.6.3 (for SRASW)], the tests s include: ⎯

black-box testing of functional behaviour and performance (e. g. timing performance);

⎯

additional extended test-cases based upon limit value analyses, recommended for PL d or e;

⎯

I/O tests to ensure that the safety-related input and output signals are used properly;

test cases which simulate faults that are determined analytically beforehand and the expected resp in order to evaluate the adequacy of the software-based measures for control of failures.  Read Free For 30 Days Sign up to vote on this title Individual software functions which have evidently already been validated do not need to be validated a  Useful project, Not useful Where a number of such safety function blocks are combined for a specific however, the resu  Cancel anytime. total safety function shall be validated. Special offer for students: Only $4.99/month. ⎯






Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

⎯

checking the correct determination of ISO 13849-1:2006, 4.5.4 and Annex K);

PL

from

category,

DC avg and

MTTFd (a

⎯

Verification that the performance level level PL achieved by the SRP/CS matches the required level PLr resulting from the risk assessment: PL ≥ PLr

In case of other methods being used to evaluate the achieved performance level PL based on th average probability of a dangerous failure per hour, validation shall consider: ⎯

the MTTF d value for each component,

⎯

the DC,

⎯

the CCF,

⎯

the structure,

and documentation, application and calculation shall be checked for correctness.

9.7

Validation of combination of safety safety-related -related parts

Where the safety function is implemented by two or more safety-related parts, validation of the (by analysis and, if necessary, by testing) shall be undertaken to establish that the combination a performance specified in the design. Existing recorded validation results of safety-related parts c into account. The following validation steps shall be performed: ⎯

inspection of design documents describing describing the overall safety function(s);

⎯

checking of the correct determination of the overall PL based on the PL of the combi (according to ISO 13849-1:2006, 6.3).

NOTE A summation summation of the average average probability of dangerous failures per hour of all combined combined S used as an alternative to Table 11 of ISO 13849-1:2006. It is important to check the non quantifiable systematic, architectural and CCF aspects which can limit the overall performance level to lo wer values ⎯

consideration of the characteristics of the interfaces, e. g. voltage, current, pressure, da information, signal level;  Read Free Foron 30this Days Sign up to vote title failure analysis relating to combination/integration, e. g. by FMEA;  Useful Not useful  

Master your semester with Scribd & The New York Times ⎯

Cancel anytime.

for redundant systems fault injection tests relating to combination/integration. Special offer for ⎯ students: Only $4.99/month.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

⎯

expected mechanical stresses from shock, shock, vibration, vibration, ingress of contaminants;

⎯

mechanical durability;

⎯

electrical ratings and power supplies;

⎯

climatic conditions (temperature and humidity);

⎯

electromagnetic compatibility (immunity).

When testing is necessary to determine compliance with the environmental requirements the proced outlined in the relevant standards shall be followed as far as required for the application. After the completion of validation by testing the safety functions shall continue to be in accordance specifications for the safety requirements, or the SRP/CS shall provide output(s) for a safe state.

11 Validation of maintenance requirements

The validation process shall demonstrate that the provisions for maintenance requirements as specifi ISO 13849-1:2006, Clause 9, Paragraph 2, have been implemented. NOTE ⎯

⎯

Validation of maintenance requirements can be performed by:

inspecting the information for use to confirm that: ⎯

maintenance instructions instructions are complete [including procedures, required required tools, frequency of inspection interval for changing components subjected to wear (T10d) etc.] and are understandable,

⎯

if appropriate, there are provisions for the maintenance maintenance to be performed only by skilled maintenance pers

checking the application of measures measures for ease ease of maintainability (e. g. provision provision of diagnostic diagnostic tools to aid faultand repair).

In addition, the following measures can be applied: ⎯

measures against against mistakes mistakes during maintenance (e. g. detection of wrong input data via plausibility checks); checks);

⎯

measures against against modification (e. g. password password to prevent access to the program to unauthorized persons).

12 Validation of technical documentation documentation and information for use

Master your semester with Scribd  Free For 30this Days Sign up to vote on title as specifie The validation process shall demonstrate that the requirements forRead technical documentation  ISO 13849-1:2006, Clause 10, have been implemented. & The New York Times Useful Not useful   Cancel anytime.

Special offer for students: Only $4.99/month. The validation process shall demonstrate that the requirements for information for use as specifie ISO 13849-1:2006, Clause 11, have been implemented.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Upload

Sign In

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Annex A (informative) Validation tools for mechanical systems

Contents Annex A.1 A.2 A.3 A.4 A.5 A.5.1 A.5.2 A.5.3

A (informative) A (informative) Validation tools for mechanical systems................................................. Introduction.......................................................................................................................... List of basic safety principles ............................................................................................ List of well-tried safety principles .................................................................................... List of well–tried components............................................................................................ Fault lists and fault exclusions .......................................................................................... Introduction.......................................................................................................................... Various mechanical devices, components and elements............................................... Pressure coil springs .......................................................................................... ......................................................................................................... ...............

A.1 Introduction

When mechanical systems are used in conjunction with other technologies, then relevant tabl safety and well–tried safety principles should also be taken into account. For further fault exclusion

A.2 List of basic basic safety principles Table A.1 — Basic safety principles Basic safety principles Use of suitable manufacturing

materials

and

Remarks adequate

Selection of material, manufacturing methods in relation to, e. g. stress, durability, elasticity corrosion, temperature.

Correct dimensioning and shaping

Consider, e. g. stress, strain, fatigue, surfa tolerances, sticking, manufacturing.  Read Free Foron 30this Days Sign up to vote title Proper selection, combination, arrangements, Apply manufacturer's application notes,  Useful Not useful  assembly and installation of components/system sheets,  installation instructions, specification Cancel anytime. good engineering practice in similar compone Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times Use of de–energisation principle

The safe state is obtained by release of energ





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Table A.1 — Basic safety principles (continued) Basic safety principles

Remarks

Limitation of the generation and/or transmission of force and similar parameters

Examples are break pin, break plate, torque limiting cl

Limitation of range of environmental parameters

Examples of parameters are temperature, humidity, at the installation place. See Clause 8 and c manufacturer's application notes.

Limitation of speed and similar parameters

Consider e. g. the speed, acceleration, deceleration by the application

Proper reaction time

Consider e. g. spring tiredness, friction, lubr temperature, inertia during acceleration and decele combination of tolerances.

Protection against unexpected start–up

Consider unexpected start-up caused by stored ener after power "supply" restoration for different mod operation mode, maintenance mode etc.

Special equipment for release of stored energy c necessary.

Special applications, e. g. to keep energy energ y for devices or ensure a position need to be con separately. Simplification

Reduce the number of components in the safetysystem.

Separation

Separation of safety-related functions from other func

Proper lubrication

—

Proper prevention prevention of the ingress of fluids and dust

Consider IP rating (see IEC 60529)

A.3 List of well-tried safety principles Table A.2 — Well–tried safety principles Well–tried safety principles

Remarks

Master your semester with Scribd manufacturing methods and treatments related to the application.  Read Free Foron 30this Days Sign up to vote title Use of components with oriented failure mode The predominant failure mode of a componentis & The New York Times  Useful  Not useful advance and an d always the same, see s ee ISO 12100-2 Use

of

carefully

selected

materials

Special offer for students: Only $4.99/month.

and

Selection of suitable material, adequate manufa

Cancel anytime.

4.12.2.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

1

Download



News



Documents



Sheet Music


of 87

 

Commisioning

Ch4

 Search document



ISO/D

Table A.2 — Well–tried safety principles (continued) Well–tried safety principles

Remarks

Positive mechanical action

Dependent operation (e. g. parallel operation) is obtained by positive mechanical link(s). Sprin "flexible" elements should not be part of th ISO 12100-2:2003, 4.5 ].

Multiple parts

Reducing the effect of faults by multiplying par a fault of one spring (of many springs) does dangerous condition.

Use of well–tried spring

A well–tried spring requires:

(see also Table A.3)

⎯

use of carefully selected materials, methods (e. g. presetting and cycling be treatments (e. g. rolling and shot–peening),

⎯

sufficient guidance of the spring, and

⎯

sufficient safety factor for fatigue stress ( probability a fracture will not occur).

Well–tried pressure coil springs may also be de ⎯

use of carefully selected materials, methods (e. g. presetting and cycling be treatments (e. g. rolling and shot-peening),

⎯

sufficient guidance of the spring, and

⎯

clearance between between the turns less than the when unloaded, and

⎯

sufficient force after a fracture(s) is main fracture(s) will not lead to a dangerous con

Limited range of force and similar parameters

Decide the necessary limitation in relation to and application. Examples for limitations are br plate, torque limiting clutch.

Limited range of speed and similar parameters

Decide the the necessary limitation in relation to and application. Examples for limitations a governor, safe monitoring of speed or limited di

MasterLimited yourrange semester with Scribd of environmental parameters & The New York Times Special offer for students: Onlyof$4.99/month. Limited range reaction time, limited hysteresis

Decide the necessary limitations. Examples  Read Free Foron 30this Days Sign up to vote title at the ins are temperature, humidity, pollution  Clause 10 and consider manufacturer's applicat Useful Not useful  Cancel anytime.

Decide the necessary limitations.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Table A.3 — Well–tried components Well-tried components

Conditions for "well–tried"

Standard or specification

Screw

All factors influencing the screw connection and the application are to be considered. See Table A.2 "List of well–tried safety principles".

Mechanical jointing such as screw washers, rivets, pins, bolts et standardised.

Spring

See Table A.2 "Use of a well–tried spring".

Technical specifications for spring and other special applications are in ISO 4960.

Cam

All factors influencing the cam arrangement (e. g. part of an interlocking device) are to be considered.

See ISO 14119 (Interlocking devic

See Table A.2 "List of well–tried safety principles". Break–pin

All factors influencing the application are to be considered. See Table A.2 "List of well-tried safety principles".

—

A.5 Fault lists and fault exclusions exclusions A.5.1 Introduction The lists express some fault exclusions and their rationale. For further exclusions see 4.3. The precise instant that the fault occurs can be critical (see 8.1).

A.5.2 Various mechanical mechanical devices, components and elements Table A.4 — Mechanical devices, components and elements (e. g. cam, follower, chain, clutch, brake, shaft, screw, pin, guide, bearing) Fault considered Wear/corrosion

Fault exclusion

Remarks

Yes, in the case of carefully selected material, See ISO 13849(over)dimensioning, manufacturing process, treatment and 7.2 proper lubrication, according to the specified life-time (see also  Table A.2). Read Free Foron 30this Days Sign up to vote title

Master your semester with Scribd & The New YorkYes,Times Useful  Not useful Untightening/ in the case of carefully selected material, manufacturing Cancel anytime.

loosening locking means and treatment, according to the Special offer for students: Onlyprocess, $4.99/month. specified life-time (see also Table A.2).







Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

A.5.3 Pressure coil springs springs Table A.5 — Pressure coil springs Fault considered Wear/corrosion Force reduction by setting and fracture

Fault exclusion Yes, in the case of the use of well-tried spring(s) and carefully selected fastening(s) (see Table A.2).

See 7.2

Fracture Stiffness/sticking Loosening Deformation by overstressing





Useful



Not useful

Cancel anytime.

 

ISO





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Annex B (informative) Validation tools for pneumatic systems

Contents

Annex B (informative) B (informative) Validation tools for pneumatic systems............................................................... B.1 Introduction .......................................................................... ...................................................................................................................................... ............................................................ B.2 List of basic safety principles .............................................................................................. ........................................................................................................ .......... B.3 List of well–tried safety principles................................................................................................. B.4 List of well–tried components .................................................................................................. ........................................................................................................ ...... B.5 Fault lists and fault exclusions ............................................................................................... ...................................................................................................... ....... B.5.1 Introduction .......................................................................... ...................................................................................................................................... ............................................................ B.5.2 Valves................................................................................................................................................ B.5.3 Pipework, hose assemblies and connectors ............................................................................... B.5.4 Pressure transmitters and pressure medium transducers ........................................................ B.5.5 Compressed air treatment ......................................................................................... .............................................................................................................. ..................... B.5.6 Accumulators and pressure vessels ............................................................................................. B.5.7 Sensors............................................................................................................................................. B.5.8 Information processing...................................................................................................................

B.1 Introduction

When pneumatic systems are used in conjunction with other technologies, then relevant tables for safety and well-tried safety principles should also be taken into account. Where pneumatic components electrically connected/controlled the appropriate fault lists in Annex D should be considered. NOTE

Requirements of specific directives could apply such as simple pressure vessels, pressure equipment.

B.2 List of basic basic safety principles

Master your semester with Scribd Table B.1 — Basic safety principles Read Free Foron 30this Days Sign up to vote title & TheBasic New York Times Useful  Not useful Remarks safety principles Special offer for students: Only $4.99/month. Use of suitable materials and

 

Cancel anytime.

Selection of material, manufacturing methods and treatment in rela





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Table B.1 — Basic safety principles (continued) Basic safety principles

Remarks

Use of de–energisation principle

The safe state is obtained by release of energy to all relevan primary action for stopping in ISO 12100-2:2003, 4.11.3.

Energy is supplied for starting the movement of a mechanism action for starting in ISO 12100-2:2003, 4.11.3.

Consider different modes, e. g. operation mode, maintenance This principle shall not be used in some applications, e. g. of pneumatic pressure will create an additional hazard. Proper fastening

For the application of e. g. screw locking, fittings, gluin consider manufacturer's application notes.

Overloading can be avoided by applying adequate t technology. Pressure limitation

Examples are pressure relief valve, pressure reducing/contro

Speed limitation/ speed reduction

An example is the speed limitation of a piston by a flow valve

Sufficient avoidance contamination of the fluid

of

Consider filtration and separation of solid particles and water

Proper range of switching time

Consider, e. g. the length of pipework, pressure, exhaust spring tiredness, friction, lubrication, temperature, acceleration and deceleration, combination of tolerances.

Withstanding environmental conditions

Design the equipment so that it is capable of working in environments and in any foreseeable adverse temperature, humidity, vibration, pollution. See Clause manufacturer's specification/application notes.

Protection start–up

Consider unexpected start–up caused by stored energy an supply restoration for different modes, e. g. operation mode mode.

against

unexpected

Special equipment for release of stored energy may be n ISO 14118:2000, 5.3.1.3).

Special applications (e. g. to keep energy for clamping devic position) need to be considered separately.

Reduce the number of components in the safety–related sys MasterSimplification your semester with Scribd  Read Free Foron 30this Days Sign up to vote title  Proper temperature range To be considered throughout the whole system. & The New York Times Useful Not useful   Separation Special offer for students: Only $4.99/month.

Cancel anytime.

Separation of the safety–related functions from other functio separation).





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Table B.2 — Well–tried safety principles (continued) Well–tried safety principles

Remarks

Increased OFF force

One solution can be that the area ratio for moving spool to the safe position (OFF position) is significantly than for moving the spool to ON position (a safety facto

Valve closed by load pressure

These are generally seat valves, e. g. poppet valve valves.

Consider how to apply the load pressure in order to ke valve closed even if e. g. the spring closing the valve, b Positive mechanical action

The positive mechanical action is used for moving parts pneumatic components, see also Table A.2.

Multiple parts

See Table A.2.

Use of well-tried spring

See Table A.2.

Speed limitation/speed reduction by resistance to defined flow

Examples are fixed orifice, fixed throttle.

Force limitation/force reduction

This can be achieved by a well-tried pressure relie which is e. g. equipped with a well-tried spring, dimensioned and selected.

Appropriate range of working conditions

The limitation of working c onditions, e. g. pressure rang rate and temperature range should be considered.

Proper avoidance of contamination of the fluid

Consider high degree of filtration and separation o particles and water in the fluid.

Sufficient positive overlapping in piston valves

The positive overlapping ensures the the stopping functio prevents un-allowed movements.

Limited hysteresis

For example increased friction will increase the hys Combination of tolerances will also influence the hyster

B.4 List of well–tried components components

At the present time no list of well-tried components is given. The status of being well-tried is mainly applic specific. Components can be stated as being well-tried if they comply with the description give ISO 13849-1:2006, 6.2.2 and in ISO/DIS 4414:2008, Clauses 5 to 7.  Read Free Foron 30this Days Sign up to vote title  A well-tried component for some applications can be inappropriate for other Usefulappli cations. Not useful


B.5 Fault lists and fault exclusions exclusions





Cancel anytime.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Upload

Sign In

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

B.5.2 Valves Table B.3 — Directional control valves Fault considered

Fault exclusion

Change of switching times

Yes, in the case of positive mechanical action (see Table A.2) of the moving components as long as the actuating force is sufficiently large.

Non–switching (sticking at the end or zero position) or incomplete switching (sticking at a random intermediate position)

Yes, in the case of positive mechanical action (see Table A.2) of the moving components as long as the actuating force is sufficiently large.

Spontaneous change of the initial switching position (without an input signal)

Yes, in the case of positive mechanical action (see Table A.2) of the moving components as long as the holding force is sufficiently large, or Yes, if well–tried springs are used (see Table A.2) and if normal installation and operating conditions apply (see remark 1)), or Yes, in the case of spool valves with elastic sealing and if normal installation and operating conditions apply (see remark 1)).

Leakage

Remar —

1) Normal inst operating con when: ⎯

the conditions the manufactu observed and

⎯

the weight o component is n unfavorable s of safety installation) an

⎯

no special affect th components of motion take the orientation machine parts

⎯

no extreme shock stresses

Yes, in the case of spool type valves 2) In the case with elastic seal in so far as a sufficient valves with el positive overlap is present (see remark effects due to  2)) and if normal conditions of operation usually be Read Free Foron 30this Days Sign up to vote title apply and an adequate treatment and However,  a sm Useful Not useful  filtration of the compressed air is leakage may Cancel anytime. provided, or long period of t


Yes, in the case of seat valves if normal

3) Normal





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Table B.3 — Directional control valves (continued) Fault considered

Fault exclusion

Remarks

For servo and proportional valves: pneumatic faults which cause uncontrolled behaviour

Yes, in the case of servo and proportional directional valves if these can be assessed, in terms of technical safety, as conventional directional control valves due to their design and construction.

NOTE If the control functions are realised realised by a number number of single function valves, then a fault fault analysis analysis should out for each valve. The same procedure should be carried out in the case of piloted valves.

Table B.4 — Stop (shut-off) valves/non-return (check) valves/quick-action venting valves/shutt valves, etc. Fault considered

Fault exclusion

Remarks


None

Non-opening, incomplete opening, non-closure or incomplete closure (sticking at an end position or at an arbitrary intermediate position)

Yes, if the guidance system for the moving component(s) is designed in a manner similar to that for a non–controlled ball seat valve without a damping system (see rem ark 1)) and if well-tried springs are used (see Table A.2).

1) For a non–controlled ba valve without damping s the guidance system is ge designed in a manner su any sticking of the component is unlikely.

Spontaneous change of the initial switching position (without an input signal)

Yes, for normal installation and operating conditions (see remark 2)) and if there is sufficient closing force on the basis of the pressures and areas provided.

2) Normal installation operating conditions are met when:

Master your semester with Scribd For shuttle valves: simultaneous Yes, if, on the & The New York Times construction and closing of both input connections Special offer for students: Only $4.99/month.

⎯

the conditions laid down manufacturer are followed, and

⎯

no special inertial forces the moving components direction of motion take account the orientation moving machine parts, an

no extreme vibration vibration or stresses occur.  Read Free Foron 30this Days Sign up to vote title  basis of the — Useful Not useful   design of the Cancel anytime. moving component, simultaneous closing is unlikely. ⎯





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Table B.5 — Flow valves Fault considered

Fault exclusion

Change in flow rate without any change in setting device

Yes, for flow control valves without moving parts (see remark 1)), e. g. throttle valves, if normal operating conditions apply (see remark 2)) and adequate treatment and filtration of the compressed air is provided.

1) The setting de considered to be Changes in flow changes in press are physically limi of valve and are n this assumed faul

Change in the flow rate in the case of non–adjustable, circular orifices and nozzles

Yes, if the diameter is ≥ 0,8 mm, normal operating conditions apply (see remark rem ark 2)) and if adequate treatment and filtration of the compressed air is provided.

2) Normal operatin apply when the down by the ma being observed.

For proportional flow valves: change in the flow rate due to an unintended change in the set value.

None

—

Spontaneous change in the setting device

Yes, where there is an effective protection of the setting device adapted to the particular case, based upon technical safety specification(s).

Unintended loosening (unscrewing) of the operating element(s) of the setting device

Yes, if an effective positive locking device against loosening (unscrewing) is provided.

Bursting of the valve housing or breakage of the moving component(s) as well as the breakage/fracture of the mounting or housing screws

Yes, if construction, dimensioning and installation are in accordance with good engineering practice.


Remark




Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Table B.6 — Pressure valves Fault considered Non–opening or insufficient opening (spatially and temporarily) when exceeding the set pressure (sticking or sluggish movement of the moving component) (see remark 1))

Fault exclusion Yes, if: ⎯

Non–closing or insufficient closing (spatially and temporarily) if pressure drops below the set value (sticking or sluggish movement of the moving component) (see remark 1)) ⎯

the guidance system for the moving component(s) is similar to the case of a non– controlled ball seat or membrane valve (see remark 2)), e. g. for a pressure reducing valve with secondary pressure relief, and

Remarks

1) This fault applies only pressure valve(s) is us forced actions, e. g. clamp

This fault does not appl normal function in pneumatic systems, pressure limitation, pr decrease. 2)

the installed springs are welltried springs (see Table A.2).

For a non–controlled valve or for a membrane the guidance syste generally designed in s manner that any sticking moving component is unl

Change of the pressure control behaviour without changing the setting device (see remark 1))

Yes, for directly actuated pressure limiting valves and pressure switching valves if the installed spring(s) are well–tried (see Table A.2).

For proportional pressure valves: change in the pressure control behaviour due to unintended change in the set value (see remark 1))

None


Yes, where there is effective protection of the setting device within the requirements of the application, e. g. lead seals.

Unintended unscrewing of the operating element of the setting device

Yes, if an effective positive locking device against unscrewing is provided.

Leakage

Yes, for seat valves, membrane 3) Normal operating conditio valves and spool valves with being met when the con elastic sealing in normal operating laid down by the manuf conditions (see remark 3)) and if are being followed.  adequate treatment and filtration Read Free Foron 30this Days Sign up to vote title of the compressed air is provided.  Useful Not useful   Cancel None — anytime.

Master your semester with Scribd & The New York Times Change of the leakage flow rate, Special offer for students: Only over a long period of use$4.99/month.

—





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4



 Search document

ISO/D

B.5.3 Pipework, hose assemblies assemblies and connectors connectors Table B.7 — Pipework Fault considered

Fault exclusion

Remark

Bursting and leakage

Yes, ifif the dimensioning, choice of materials and fixing are in accordance with good engineering practice (see remark 1)).

1) When using plas necessary to manufacturer's da with respect to environmental thermal influenc influences, influe radiation. When pipes that have no with a corros medium, it is important to pro drying of the comp

Failure at the connector (e. g. tearing off, leakage)

Yes, if using bite type fittings or threaded pipes (i. e. steel fittings, steel pipes) and if dimensioning, choice of materials, manufacture, configuration and fixing are in accordance with good engineering practice.

—

Clogging (blockage)

Yes, for pipework in the power circuit. Yes, for the control and measurement pipework if the nominal diameter is ≥ 2 mm.

Kinking of the plastic pipes with a small nominal diameter

Yes, if properly protected and installed, taking into account the relevant manufacturer's data, e. g. minimum bending radius.

Table B.8 — Hose assemblies Fault considered

Fault exclusion

Remark

tearing off Yes, if hose assemblies using hoses 1) Fault exclusion MasterBursting, with Scribd atyour the semester fitting manufactured to ISO 4079-1 or similar hoses (see when:  Read Free Foron 30this Days Sign up to vote title attachment and remark 1)) with the corresponding hose fittings.  the intended & The New York Times Useful Not useful   leakage expired, ⎯


Cancel anytime.

⎯

fatigue





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

1

Download



News



Documents



Sheet Music


of 87

 

Commisioning

Ch4



 Search document

ISO/DIS 13849-2

Table B.9 — Connectors Fault considered

Fault exclusion

Bursting, breaking of screws or stripping of threads

Yes, if dimensioning, choice of material, manufacture, configuration and connection to the piping and/or to the fluid technology components are in accordance with good engineering practice.

—

Leakage (loss airtightness)

None (see remark 1))

1) Due to wear, deterioration of elasticity, is not possible to exclude over a long period. A major failure of the airtig is not assumed.

Yes, for applications in the power circuit.

—

of

Clogging (blockage)

Remarks

Yes, in the case of the control and measurement connectors if the nominal diameter is ≥ 2 mm.

B.5.4 Pressure transmitters transmitters and pressure medium transducers transducers Table B.10 — Pressure transmitters and pressure medium transducers Fault considered

Fault exclusion

Remarks

Loss or change of air/oil-tightness of pressure chambers

None

—

Bursting of the pressure chambers as well as fracture of the attachment or cover screws

Yes, if dimensioning, choice of material, configuration and attachment are in accordance with good engineering practice.

B.5.5 Compressed air treatment treatment

Master your semester with Scribd Table B.11 — Filters & The New York Times SpecialFault offer for students: Only $4.99/month. considered

Fault exclusion




Useful



Not useful

 

Cancel anytime.

Remarks





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Table B.12 — Oilers Fault considered

Fault exclusion

Remar

Change in the set value (oil volume per unit time) without change to the setting device

None

—


Yes, if effective protection of the setting device is provided, adapted to the particular case.



Bursting of the housing or fracture of the cover, fixing or connecting elements.

Yes, if the dimensioning, choice of materials, arrangement in the system and fixing are in accordance with good engineering practice.

Table B.13 — Silencer Fault considered

Fault exclusion

Remar

Blockage (clogging) of the silencer

Yes, if the design and construction of the silencer element fulfils remark 1).

1) Clogging of element and/or the exhaust air above a certai is unlikely if th a suitably large is designed operating cond

B.5.6 Accumulators and pressure pressure vessels Table B.14 — Accumulators and pressure vessels

Master your semester with Scribd Fault considered Fault exclusion Read Free Foron 30this Days Sign up to vote title Fracture/bursting of Yes, if construction, choice of equipment, choice of — & The New York Times  Useful  Not useful the accumulator/ materials and arrangement in the system are in Cancel anytime.

Special offer for students: Only $4.99/month. pressure vessel or accordance with good engineering practice. connectors or stripping

 Remar 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

of 87

 

Commisioning

Ch4



 Search document

ISO/DIS 13849-2

B.5.7 Sensors Table B.15 — Sensors Fault considered Faulty sensor remark 1))

Fault exclusion

Remarks

(see

None

1) Sensors in this table signal capture, processin output in particular for pr flow rate, temperature, etc

Change of the detection or output characteristics

None

—

B.5.8 Information processing Table B.16 — Logical elements Fault considered

Fault exclusion

Faulty logical log ical element (e. g. AND element, OR element, Logic–storage–element) due to, e. g. change in the switching time, failing to switch or incomplete switching

For corresponding fault assumptions and fault exclusions see Tables B.3, B.4 and B.5 for the relevant related components.

Remarks —

Table B.17 — Time delay devices Fault considered

Fault exclusion

Faulty time delay device, e. g. pneumatic and pneumatic/mechanical time and counting elements

Yes, for time delay devices without moving components, e. g. fixed resistance, if normal operating conditions (see remark 1)) apply and adequate treatment and filtration of the compressed air is provided.

Change of detection output characteristics

or

Remarks

1) Normal operating conditio being met when the con laid down by the manuf are being followed.

Master your semester with Scribd Bursting of the housing or Yes, if construction, dimensioning Read and up — Free Foron 30this Days Sign to vote title fracture of the cover or fixing installation are in accordance with good & The New York Times  Useful  Not useful elements engineering practice . Special offer for students: Only $4.99/month.

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Table B.18 — Converters Fault considered Faulty converter remark 1))

Fault exclusion (see


Remark

Yes, for converters without moving components, e. g. reflex nozzle, if normal operating conditions apply (see remark 2)) and adequate treatment and filtration of the compressed air is provided.

1) This covers e. of a pneumatic electrical one, detection (cylinde nozzle), the am pneumatic signals

2) Normal operating being met when laid down by the are being followed Bursting of the housing or fracture of the cover or fixing elements



—




Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Annex C (informative) Validation tools for hydraulic systems

Contents

Annex C (informative) C (informative) Validation tools for hydraulic systems................................................................. C.1 Introduction .......................................................................... ...................................................................................................................................... ............................................................ C.2 List of basic safety principles .............................................................................................. ........................................................................................................ .......... C.3 List of well–tried safety principles................................................................................................. C.4 List of well–tried components .................................................................................................. ........................................................................................................ ...... C.5 Fault lists and fault exclusions ............................................................................................... ...................................................................................................... ....... C.5.1 Introduction .......................................................................... ...................................................................................................................................... ............................................................ C.5.2 Valves................................................................................................................................................ C.5.3 Metal pipework, hose assemblies and connectors...................................................................... C.5.4 Filters .................................................................................... ................................................................................................................................................ ............................................................ C.5.5 Energy storage ..................................................................................... ................................................................................................................................. ............................................ C.5.6 Sensors.............................................................................................................................................

C.1 Introduction

When hydraulic systems are used in conjunction with other technologies, then relevant tables for basic s and well-tried safety principles should also be taken into account. Where hydraulic components are electri connected/controlled the appropriate fault lists in Annex D should be considered. NOTE

Requirements of specific directives could apply such as pressure equipment.

C.2 List of basic basic safety principles NOTE Air bubbles and cavitation in the hydraulic fluid should be avoided because they can create additional e. g. unintended movements.

Master your semester with Scribd Read Free Foron 30this Days Sign up to vote title Table C.1 — Basic safety principles & The New York Times  Useful  Not useful safety principles Special offer for Basic students: Only $4.99/month.

Use of suitable materials and adequate

 

Cancel anytime.

Remarks

Selection of material, manufacturing methods and treatm





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Table C.1 — Basic safety principles (continued) Basic safety principles Use of de–energisation principle

Remarks The safe state is obtained by release of energy devices. See pr imary action for stopping in ISO 4.11.3.

Energy is supplied for starting the movement of a See primary action for starting in ISO 12100-2:2003,

Consider different modes, e. g. operation mode, mode.

This principle shall not be used in some application the loss of hydraulic pressure will create an additiona Proper fastening

For the application of e. g. screw locking, fittings, ring, consider manufacturer's application notes.

Overloading can be avoided by applying adequate t technology. Pressure limitation

Examples are pressure relief valve, pressure valve.

Speed limitation / speed reduction

An example is the speed limitation of a piston by throttle.

Sufficient avoidance of contamination of the fluid

Consider filtration/separation of solid particles/water

Proper range of switching time

Consider e. g. the length of pipework, pressure, capacity, spring tiredness, friction, temperature/viscosity, inertia during accele deceleration, combination of tolerances.


Design the equipment so that it is capable of expected environments and in any foreseea conditions, e. g. temperature, humidity, vibration, Clause 10 and consider manufacturer's spec application notes.


Consider unexpected start–up caused by stored power supply restoration for different modes, e mode, maintenance mode.  Read Free For 30this Days Sign up to vote on title Special equipment for release of stored ene

Consider also an indication of the need of filter–serv

Master your semester with Scribd & The New York Times necessary. Special offer for students: Only $4.99/month.



Useful



Not useful

Cancel anytime.



Special applications, (e. g. keep energy for clampi ensure a position) need to be considered separately





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

C.3 List of well–tried safety principles Table C.2 — Well–tried safety principles Well–tried safety principles

Remarks

Over–dimensioning/safety factor

The safety factor is given in standards or by good experience in related applications.

Safe position

The moving part of the component is held in one of the possible by mechanical means (friction only is not enough). Force is need change the position.

Increased OFF force

One solution can be that the area ratio for moving a valve spool to position (OFF position) is significantly larger than for moving the sp ON position (a safety factor).

Valve closed by load pressure

Examples are seat and cartridge valves.

Consider how to apply the load pressure in order to keep the valve c even if, e. g. the spring closing the valve, breaks. Positive mechanical action

The positive mechanical action is used for moving parts inside components, see also Table A.2.

Multiple parts

See Table A.2.

Use of well–tried spring

See Table A.2.

Speed limitation/speed reduction by resistance to defined flow

Examples are fixed orifice, fixed throttle.

Force limitation/force reduction

This can be achieved by a well–tried pressure relief valve which equipped with a well–tried spring, correctly dimensioned and selected

Appropriate conditions

The limitation of working conditions, e. g. pressure range, flow rat temperature range should be considered.

range

of

working

Monitoring of the condition of the fluid

Consider high degree of filtration/separation of solid particles/water fluid. Consider also the chemical/physical conditions of the fluid. Consider an indication of the need of filter–service.

Sufficient positive overlapping in piston valves

The positive overlapping ensures the stopping function and pre unallowed movements.

Limited hysteresis

For example increased friction will increase the hysteresis. Combina tolerances will also influence the hysteresis.  Read Free Foron 30this Days Sign up to vote title

Master your semester with Scribd & The Times C.4 New List of York well–tried components components



Useful



Not useful

Cancel anytime.



Special offer for students: Only $4.99/month. At the time no list of well–tried components is given. The status of being well–tried is mainly applic





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

C.5.2 Valves Table C.3 — Directional control valves Fault considered Change times

of

switching

Fault exclusion Yes, in the case of positive mechanical action (see Table A.2) of the moving components as long as the actuating force is sufficiently large, or Yes, in respect of the non–opening of a special type of cartridge seat valve, when used with at least one other valve, to control the main flow of the fluid (see remark 1)).

Non–switching (sticking at an end or zero position) or incomplete switching (sticking at a random intermediate position)

Remarks

1) Special type of c valve is achieved if: ⎯

the active area for safety–related movement is at leas total area of component (poppet)

⎯

the effective contro the active area, can up to the maxim pressure (in acco ISO 5598:2008, with the behaviour valve in question an

⎯

the effective contro the area opposite area of the moving vented to a ver compared with th operating pressure pressure in case dump valves or supp case of suction/fill va

⎯

the moving compone provided with periph grooves and

Yes, in the case of positive mechanical action (see Table A.2) of the moving components as long as the actuating force is sufficiently large, or

Yes, in respect of the non–opening of a special type of cartridge seat valve, when used with at least one other valve, to control the main flow of the fluid (see remark 1)).

the pilot valve(s) is designed togethe block (i. e. assemblies and p connection of these  Spontaneous change of Yes in the case of positive mechanical 2)on Normal Read Free For 30 Days Sign up to vote this title installation  whe the initial switching action (see Table A.2) of the moving conditions apply Useful Not useful   Cancel anytime. position (without an input components as long as the holding force ⎯ the conditions laid Special offer for students: Only $4.99/month. is sufficiently large, or signal) manufacturer are b ⎯






Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Upload

Sign In

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

of 87

 

Commisioning

Ch4



 Search document

ISO/DIS 13849-2

Table C.3 — Directional control valves (continued) Fault considered

Fault exclusion

Remarks

Leakage

Yes, in the case of seat valves, if normal installation and operating conditions apply (see remark 3)) and an adequate filtration system is provided.

3) Normal installation and conditions apply when conditions laid down by manufacturer are being obse

Change in the leakage flow rate over a long period of use

None

—

Bursting of the valve housing or breakage of the moving component(s) as well as breakage/ fracture of the mounting or housing screws


For servo and proportional valves: hydraulic faults which cause uncontrolled behaviour

Yes in the case of servo and proportional directional valves if these can be assessed, in terms of safety, as conventional directional control valves due to their design and construction.

NOTE If the control functions functions are realised by a number of single function valves, valves, then a fault analysis should be out for each valve. The same procedure should be carried out in the case of piloted valves.

Table C.4 — Stop (shut–off) valves/non–return (check) valves/shuttle valves, etc. Fault considered

Remarks

Fault exclusion


None

—

Non–opening, incomplete opening, non–closure or incomplete closure (sticking at an end position or at an arbitrary intermediate position)

Yes, if the guidance system for the moving component(s) is designed in a manner similar to that for a non–controlled ball seat valve without a damping system (see remark r emark 1)) and if well–tried springs are used (see Table A.2).

1) For a non–controlled ball seat without damping system, guidance system is ge designed in a manner such th sticking of the moving compon unlikely.

Master yourchange semester with Scribd  Spontaneous of the Yes, for normal installation and Read 2) Normal installation and ope Free Foron 30this Days Sign up to vote title initial switching position (without operating conditions (see conditions are being met when: & The New York Times Useful Not useful  an input signal) remark 2)) and if there is  Special offer for students: Only $4.99/month.sufficient closing force on the basis of the pressures and

⎯

Cancel anytime. the conditions laid down b manufacturer are being followe





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Table C.4 — Stop (shut–off) valves/non–return (check) valves/shuttle valves, etc. (con Fault considered

Remarks

Fault exclusion

Leakage

Yes, if normal conditions of operation apply (see remark 3)) and an adequate filtration system is provided.

3) Normal conditions of when the conditions laid manufacturer are being

Change in the leakage flow rate over a long period of use

None

—

Bursting of the valve housing or breakage of the moving component(s) as well as breakage/fracture of the mounting or housing screws


Table C.5 — Flow valves Fault considered

Fault exclusion

Remarks

Change in the flow rate without change in the setting device

Yes, in the case of flow valves without moving parts (see remark 1)), e. g. throttle valves, if normal operating conditions apply (see remark 2)) and an adequate filtration system is provided (see remark 3)).

Change in the flow rate in the case of non–adjustable, circular orifices and nozzles

Yes, if the diameter is > 0,8 mm, normal operating conditions apply (see remark 2)) and if an adequate filtration system is provided.

1) The setting considered to be Changes in flow changes in t differences and physically limited valve and are not c assumed fault.

2) Normal operating being met when laid down by the are being followed.

3) Where a non–re integrated into th then in additio assumptions fo valves have to be o For proportional flow valves: Change in the flow rate due to an unintended change in the set value

None

Master your semester with Scribd & The New York Times Spontaneous in the Special offer for students: Onlychange $4.99/month. setting device

—




Useful



Not useful

Cancel anytime.

Yes, where there is an effective protection of the setting device

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Upload

Sign In

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music


1

of 87

 

Commisioning

Ch4



 Search document

ISO/DIS 13849-2

Table C.6 — Pressure valves Fault considered

Fault exclusion

Non–opening or insufficient opening (spatially and temporarily) when exceeding the set pressure (sticking or sluggish movement of the moving component) (see remark 1))

Yes, in respect of the non–opening of a special type of cartride seat valve, when used with at least one other valve, to control the main flow of the fluid (see remark 1) of Table C.3), or

Non–closing or insufficient closing (spatially and temporarily) if the pressure drops below the set value (sticking or sluggish movement of the moving component) (see remark 1))

Yes, if the guidance system for the moving component(s) is similar to the case of a non–controlled ball seat valve without a damping device (see remark 2)) and if the installed springs are well–tried (see Table A.2).

Change of the pressure control behaviour without changing the setting device (see remark 1))

Yes, in the case of directly actuated pressure relief valves, if the installed spring(s) are well–tried (see Table A.2).

For proportional pressure valves: change in the pressure control behaviour due to unintended change in the set value (see remark 1))

None


Yes, where there is an effective protection of the setting device adapted to the particular case in relation to technical safety specifications (e. g. lead seals).



Leakage

Yes for seat valves if normal operating conditions apply (see remark 3)) and if an adequate filtration system is provided.

Master your semester with Scribd Change of the leakage flow rate over None a long period of use & The New York Times Bursting the valve housing or Special offer for of students: Only $4.99/month. breakage of the moving

Remarks 1)

This fault applies when the pressure v is used, for forced a e. g. clamping, and control of haz movement, suspension of load fault does not appl normal function hydraulic systems pressure lim pressure decrease.

2) For a non–controll seat valve with damping device guidance system generally designed a manner that any s of the moving com is unlikely. —

3) Normal conditions apply wh conditions laid down manufacturer are observed.

—on Read Free For 30this Days Sign up to vote title

 Useful  Not useful Cancel anytime. Yes, if construction, dimensioning and installation are in accordance with

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Upload

Sign In

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

of 87

 

Commisioning

Ch4



 Search document

ISO/D

C.5.3 Metal pipework, hose assemblies and and connectors Table C.7 — Metal pipework Fault considered

Fault exclusion

Rem

Bursting and leakage

Yes, if the dimensioning, choice of materials and fixing are in accordance with good engineering practice.

—

Failure at the connector (e. g. tearing off, leakage)

Yes, if using welded fittings or welded flanges or flared fittings and if dimensioning, choice of materials, manufacture, configuration and fixing are in accordance with good engineering practice.

—

Clogging (blockage)

Yes, for pipework in the power circuit. Yes, for the control and measurement pipework if the nominal diameter is ≥ 3 mm. Table C.8 — Hose assemblies

Fault considered

Fault exclusion

Bursting, tearing off at the fitting attachment and leakage

None

Clogging (blockage)

Yes, for hose assemblies in the power circuit.

Rem —

Yes, for the control and measurement hose assemblies if the nominal diameter is ≥ 3 mm. Table C.9 — Connectors Fault considered Bursting, breaking stripping of threads

of

screws

Fault exclusion or

Yes, if dimensioning, choice of material, — manufacture, configuration and connection to the piping and/or to the Read Free Foron 30this Days Sign up to vote title fluid technology component are in  Useful  Not useful accordance with good engineering Cancel anytime. practice.


Leakage (loss of the leak–tightness)

Rem

None (see remark 1))



1) Due



to





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Upload

Sign In

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music


1

of 87

Commisioning

 

Ch4



 Search document

ISO/DIS 13849-2

C.5.4 Filters Table C.10 — Filters Fault considered

Fault exclusion

Remarks

Blockage of the filter element

None

Rupture of the filter element

Yes, if the filter element is sufficiently resistant to pressure and an effective bypass valve or an effective monitoring of dirt is provided.

Failure of the bypass valve

Yes, if the guidance system of the bypass valve is designed in a manner similar to that for a non–controlled ball seat valve without a damping device (see Table C.4) and if well–tried springs are used (see Table A.2).

Failure of the dirt indicator or dirt monitor

None

Bursting of the filter housing or fracture of the cover or connecting elements

Yes, if dimensioning, choice of material, arrangement in the system and fixing are in accordance with good engineering practice.

—

C.5.5 Energy storage Table C.11 — Energy storage Fault considered

Fault exclusion

Fracture/bursting of the energy storage vessel or connectors or cover screws as well as stripping of the screw threads

Yes, if construction, choice of equipment, choice of materials and arrangement in the system are in accordance with good engineering practice.

Leakage at the separating element None Master semester between your the gas and the operating with Scribd fluid & The New York Times Failure/breakage of the separating Yes, in the case

Special offer for students: Only $4.99/month. element between the gas and the operating fluid

of storage (see remark 1)).

Remarks —


 

 Useful  Not useful Cancel anytime. cylinder/piston 1) A sudden major is not to be conside





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

1

Download



News



Documents



Sheet Music


of 87

 

Commisioning

Ch4



 Search document

ISO/D

C.5.6 Sensors Table C.12 — Sensors Fault considered

Fault exclusion

Rem

Faulty sensor (see remark 1))

None

1) Sensors include si processing particular flow rate, etc.


None

—





Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Annex D (informative) Validation tools for electrical systems

Contents

Annex D (informative) D (informative) Validation tools for electrical systems ................................................................ D.1 Introduction .......................................................................... ...................................................................................................................................... ............................................................ D.2 List of basic safety principles .............................................................................................. ........................................................................................................ .......... D.3 List of well–tried safety principles................................................................................................. D.4 List of well–tried components .................................................................................................. ........................................................................................................ ...... D.5 Fault lists and fault exclusions ............................................................................................... ...................................................................................................... ....... D.5.1 Introduction .......................................................................... ...................................................................................................................................... ............................................................ D.5.2 Conductors and connectors........................................................................................................... D.5.3 Switches ................................................................................ ........................................................................................................................................... ........................................................... D.5.4 Discrete electrical components...................................................................................................... D.5.5 Electronic components ................................................................................................. ................................................................................................................... ..................

D.1 Introduction

When electrical systems are used in conjunction with other technologies, then relevant tables for basic s and well–tried safety principles should also be taken into account.

NOTE The environmental conditions of IEC 60204-1 do apply to the validation validation process. If other environ conditions are specified they should be ad ditionally taken into account.

D.2 List of basic basic safety principles Table D.1 — Basic safety principles Basic safety principles

Remarks

Master yourmaterials semester with Scribd Use of suitable and adequate Selection of material, manufacturing methods and treatment in  Read Free For 30 Days Sign up to vote on this title manufacturing to e. g. stress, durability, elasticity, friction, wear,  rigidity. & The New York Times temperature, conductivity, dielectric Useful Not useful   Special offer for students: Only $4.99/month. Correct dimensioning and shaping

Cancel anytime.

Consider e. g. stress, strain, fatigue, surface roughness, toler manufacturing.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

1

Download



News



Documents



Sheet Music


of 87

 

Commisioning

Ch4

 Search document



ISO/D

Table D.1 — Basic safety principles (continued) Basic safety principles

Remarks

Use of de–energisation

A safe state is obtained by de–energising all relevant using of normally closed (NC) contact for inputs (pus position switches) and normally open (NO) contact for re ISO 12100-2:2003, 4.11.3).

Exceptions may exist in some applications, e. g. where electrical supply will create an additional hazard. Time d may be necessary to achieve a system safe IEC 60204-1:2005, 9.2.2). Transient suppression

Use of a suppression device (RC, diode, varistor) paral but not parallel to the contacts. NOTE

A diode increases the switch off time.

Reduction of response time

Minimise delay in de–energising of switching components

Compatibility

Use components compatible with the voltages and curren


Design the equipment so that it is capable of working environments and in any foreseeable f oreseeable adverse temperature, humidity, vibration and electromagnetic inte (see Clause 10).

Secure fixing of input devices

Secure input devices, e. g. interlocking switches, position switches, proximity switches, so that position, alignment tolerance is maintained under all expected conditions, normal wear, ingress of foreign bodies, temperature. See ISO 14119:1998, Clause 5.


Prevent unexpected start–up, e. g. after power power supply ISO 12100-2:2003, 4.11.4, ISO 14118, IEC 60204-1).

Protection of the control circuit

The control control circuit circuit should be IEC 60204-1:2005, 7.2 and 9.1.1.

Sequential switching for circuit of serial contacts of redundant signals

To avoid the common mode failure of the welding of bot switching on and off does not happen simultaneously contact always switches without current.

Master your semester with Scribd D.3 List of well–tried safety principles & The New York Times Special offer for students: Only $4.99/month.

protected




Useful



Not useful

Cancel anytime.

Table D.2 — Well–tried safety principles

in

 

acc





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Table D.2 — Well–tried safety principles (continued) Well–tried safety principles

Remarks

Energy limitation

Use of a capacitor for supplying a finite amount of energy, e. g. application.

Limitation of electrical parameters

Limitation in voltage, current, energy or frequency resulting, torque limitation, hold–to–run with displacement/time limited, re speed, to avoid leading to an unsafe state.

No undefined states

Avoid undefined states in the control system. Design and constr control system so that during normal operation and all ex operating conditions its state, e. g. its output(s) can be predicted.

Positive mode actuation

Direct action is transmitted by the shape (and not by the strengt no elastic elements, e. g. spring between actuator and the (see ISO 14119:1998, 5.1, ISO 12100-2:2003, 4.5).

Failure mode orientation

Wherever possible, the device/circuit should fail to the safe condition.

Oriented failure mode

Oriented failure mode components or systems should be used practicable (see ISO 12100-2:2003, 4.12.2).

Over–dimensioning

Derate components when used in safety circuits, e. g. by : ⎯

current passed through switched contacts should be less their rated current,

⎯

the switching frequency of components should be less their rated value, and

⎯

total number of expected switching operation operation shall be ten than the device's electrical durability.

NOTE

Derating can depend on the design rationale.

Minimise possibility of faults

Separate safety–related functions from the other functions.

Balance complexity/simplicity

Balance should be made between: ⎯

complexity to reach a better control, and

⎯

simplify to have a better reliability.

Master your semester D.4 List of well–tried compwith components onentsScribd  Read Free Foron 30this Days Sign up to vote title  The components listed in Table D.3 are considered to be well–tried  if they comply with the description giv & The New York Times Useful Not useful  Cancel anytime.

6.2.4. The standards listed in this table can demonstrate their suitability and reliability SpecialISO offer13849-1:2006, for students: Only $4.99/month. particular application.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Table D.3 — Well–tried components Well–tried components

Additional conditions for "well–tried"

Spe Switch with positive mode actuation (direct opening action), e. g.:

—

IEC 609 Annex K

Emergency stop device

—

ISO 138

Fuse

—

IEC 602

Circuit breaker

—

IEC 609

Switches, Disconnectors

—

IEC 609

—

IEC 609 Annex B

Only well–tried if:

IEC 609

⎯

push–button;

⎯

position switch;

⎯

cam-operated selector switch, e. g. for mode of operation

Differential circuit breaker/ (Residual current detection)

RCD

Main contactor

a) other influences are taken into account, e. g. vibration, and b) failure avoided by appropriate methods, e. g. over–dimensioning (see Table D.2) and c)

the current to the load is is limited by thermal protection device, and

d) the circuits are protected by a protection protection device against overload. NOTE

Fault exclusion is not possible.

Control and protective switching device or equipment (CPS)

—

IEC 609

Auxiliary relay)


EN 502

contactor

(e. g.

contactor

a) other influences are taken into account, IEC 609 Master your semester with Scribd  e. g. vibration, and Read Free Foron 30this Days Sign up to vote title IEC  609 b) positively energised action, and Annex F & The New York Times Not useful  Useful


Cancel anytime.

c)

failure avoided by appropriate methods, e. g. over–dimensioning (see Table D.2)





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Table D.3 — Well–tried components (continued) Well–tried components Relay

Additional conditions for "well–tried"

Standard Specificatio


IEC 61810-1

a) other influences influences are taken into account, e. g. vibration, and

IEC 61810-2

b) positively energised action, and c)

failure avoided by appropriate methods, e. g. over–dimensioning (see Table D.2) and

d) the current in the contacts is limited by fuse or circuit–breaker to avoid the welding of the contacts. NOTE

Fault exclusion is not possible.

Transformer

—

IEC 61558

Cable

Cabling external to enclosure should be protected against mechanical damage (including e. g. vibration or bending).

IEC 60204-1:200 Clause 12

Plug and socket

—

According electrical sta relevant for intended applica

For interlocking also ISO 14119. Temperature switch

—

For electrical EN 60730-1

Pressure switch

—

For electrical ISO 13856 (all p

For pressure sid Annexes B and C

Master your semester with Scribd & The New York Times Solenoid for valve


—

No European International  Read Free Foron 30this Days Sign up to vote title Standards exist.  Useful  Not useful Cancel anytime.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

of 87

 

Commisioning

Ch4



 Search document

ISO/D

D.5.2 Conductors and connectors connectors Table D.4 — Conductors/cables Fault considered

Fault exclusion

Short–circuit between any two conductors

Rem

Short–circuits between conductors which are: ⎯

permanently connected (fixed) and protected protected against external damage, e. g. by cable ducting, armouring, or

⎯

separate multicore cables, or

⎯

within an electrical enclosure (see remark 1)), or

⎯

individually shielded with earth connection.

Short–circuit of any conductor to an exposed conductive part or to earth or to the protective bonding conductor

Short circuits between conductor and any exposed conductive part within an electrical enclosure (see remark 1)).

Open–circuit conductor

None

of

any

1) Provided conductors enclosure appropriate (see IEC 6

—

Table D.5 — Printed circuits boards/assemblies Fault considered

Fault exclusion

Short–circuit between two adjacent tracks/pads

Short–circuits between adjacent conductors in accordance with remarks 1) to 3).

Remarks 1) The base material IEC 61249-2.


is

2) The creepage distances are dime least IEC 60664-5 with pollution overvoltage category III; NOTE 1 required.


used

Reinforced insulation between

3) The assembled board is mounted in giving protection against conductive e. g. an enclosure with protection of and the printed side(s) are  coated w Read Free Foron 30this Days Sign up to vote title resistant varnish or protective  laye Useful Not useful   conductor paths. Cancel anytime. NOTE 2 Solder masks masks are satisfactory satisfactory layer if they comply with the relevant





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Table D.6 — Terminal block Fault considered

Fault exclusion

Short–circuit between adjacent terminals

Short–circuit between adjacent terminals in accordance with remarks 1) or 2).

Remarks 1)

The terminals and connections used accordance with IEC 60947-7-1 or IEC 609 and the requirements of IEC 60204-1:2006, are satisfied.

2) The design by itself ensures that short ci avoided, e. g. by shaping shrink down plastic over connection point. Open–circuit of individual terminals

None

—

Table D.7 — Multi–pin connector Faults considered

Fault exclusion

Short–circuit between any two adjacent pins

Short–circuit between adjacent pins in accordance with remark 1).

Remarks

1) By using ferrules or other suitable means fo stranded wires. Creepage distances and clea and all gaps should be dimensioned to a IEC 60664-1 with overvoltage category III.

If the connector is mounted on a PCB the fault exclusion considerations of Table D.5 apply. Interchanged or incorrectly inserted connector when not prevented by mechanical means

None

—

Short–circuit of any conductor (see remark 2)) to earth or a conductive part or to the protective conductor

None

2) The core of the cable is considered as a par multi–pin connector.

Open–circuit of individual None with Scribd— Master your semester connector pins & The New York Times





Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

D.5.3 Switches Table D.8 — Electromechanical position switch, manually operated switch

(e. g. push–button, reset actuator, DIP switch, magnetically operated contacts, reed switch, press temperature switch) Fault considered

Fault exclusion

Remarks

Contact will not close

None

—

Contact will not open

Contacts in accordance with IEC 60947-5-1:2003, Annex K are expected to open.

—

Short–circuit between adjacent contacts insulated from each other

Short–circuit can be excluded for switches in accordance with IEC 60947-5-1 (see remark 1)).

Simultaneous short–circuit between three terminals of change–over contacts

Simultaneous short–circuit can be excluded for switches in accordance with IEC 60947-5-1 (see remark 1)).

1) Conductive parts loose should no bridge the insula contacts.

NOTE 1 The fault lists for the mechanical aspects aspects are considered considered in Annex A.

NOTE 2 For PL e a fault exclusion for mechanical (e. g. the mechanical link between actuator and conta electrical aspects is not allowed. In this case redundancy is necessary. For emergency stop devices in a IEC 60947-5-5 a fault exclusion for mechanical aspects is allowed if a maximum number of operations is con

Table D.9 — Electromechanical devices (e. g. relay, contactor relays) Fault considered

Exclusions

All contacts remain in the energised position when the coil is de–energized (e. g. due to mechanical fault)

None

All contacts remain in the de– energised position when power is applied (e. g. due to m echanical fault, open circuit of coil)

None

Master your semester with Scribd & The New York Times Contact will not open None Special offer for students: $4.99/month. Contact willOnly not close

None

Remark —




Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

of 87

 

Commisioning

Ch4



 Search document

ISO/DIS 13849-2

Table D.10 — Proximity switches Fault considered

Fault exclusion

Remarks

Permanently low resistance at output

None (see remark 1)).

1)

Permanently output

None (see remark 2)).

2) Fault prevention me should be described.

None

—

No operation due to mechanical failure when remark 3) is fulfilled.

3) All parts of the switch sufficiently well fixed mechanical aspects Annex A.

None

—

high

resistance

at

Interruption in power supply No operation of mechanical failure

switch

due

to

Short–circuit between the three connections of a change–over switch

See IEC 60947-5-3

Table D.11 — Solenoid valves Fault considered

Fault exclusion

Does not energise

None

Does not de-energise

None

Remarks —

NOTE The fault lists for the mechanical mechanical aspects aspects of pneumatic pneumatic and hydraulic valves valves are considered in Annexes respectively.





Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

D.5.4 Discrete electrical components Table D.12 — Transformers Fault considered

Fault exclusion

Remark

Open circuit of individual winding

None

—

Short–circuit windings

Short–circuit between different windings can be excluded if remark 1) and 2) is fulfilled.

1) The requirements parts of IEC 615 met.

Short–circuit in one winding

A Short–circuit in one winding can be excluded if remark 1) is fulfilled.

Change in effective turns ratio

Change in effective turns ratio can be excluded if remark 1) is fulfilled. See also the guidance in remark 3).

2) Between differe doubled or reinfo or a protective s Testing according of IEC 61558-1:2 Appropriate test given in IEC 61558-1:2005

between

different

Short–circuits in windings need to taking appropriate ⎯

impregnating the fill all the cav individual coils an the coil and the co

⎯

using winding within their insula temperature rating

3) In the event of short–circuit hea specified operatin should not occur. Table D.13 — Inductances Fault considered

Fault exclusion

Remark

MasterOpen–circuit your semester with Scribd None —  Read Free Foron 30this Days Sign up to vote title  Short–circuit Short–circuit can be excluded if Not 1) useful Coil is single laye & The New York Times Useful   remark 1) is fulfilled. or potted and w Special offer for students: Only $4.99/month.

Cancel anytime.

connections and a





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Table D.14 — Resistors Fault considered

Fault exclusion

Remarks

Open–circuit

None

—

Short–circuit

Short–circuit can be excluded if remark 1) or 2) is fulfilled.

1) The resistor is of the film wire-wound single-layer with protection to p unwinding of wire in the e breakage, with axial connections, axial mount varnished.

2) Resistors in surface technology must be th metal type in package MELF, mini MELF or µME Random change of value

None

3) Depending upon the construction other ranges considered.

0,5 R N < R < < 2 R N where R N is the nominal value of resistance (see remark 3)). Table D.15 — Resistor networks Fault considered

Fault exclusion

Open–circuit Short–circuit connections

None between

Short–circuit connections.

any

between

two

None

any

None

Random change of value

None

0,5 R N < R < < 2 R N

Remarks —

1) Depending upon the construction other ranges considered.

where R N is the nominal value of resistance (see remark 1)). Table D.16 — Potentiometers Master your semester with Scribd  Read Free Foron 30this Days Sign up to vote title  Fault considered Fault exclusion Remarks & The New York Times Useful Not useful  

Special offer for students: Only $4.99/month. Open–circuit of individual connection

Cancel anytime.

None

—





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

 

of 87

Commisioning

Ch4



 Search document

ISO/D

Table D.17 — Capacitors Fault considered

Fault exclusion

Remark

Open–circuit

None

—

Short–circuit

None

Random change of value

None

1) Depending upon construction other considered.

None

—

0,5 C N < C < C N + tolerance where C N = nominal value capacitance (see remark 1)). Changing value tan

of

δ

D.5.5 Electronic components Table D.18 — Discrete semi conductors

(e. g. diodes, Zener diodes, transistors, triacs, thyristors, voltage regulators, quartz crystal, photo light–emitting diodes [LEDs]) Fault considered

Fault exclusion

Open–circuit of any connection Short–circuit connections

between

any

Remark —

None two

None

Short–circuit between all connections

None

Change in characteristics

None

Table D.19 — Optocouplers Fault considered

Fault exclusion

Open–circuit of individual connection

None

between any with two input None MasterShort–circuit your semester Scribd connections & The New York Times Short–circuit between any two output None connections Special offer for students: Only $4.99/month. Short–circuit

between

any

two

Remark —




Useful



Not useful

 

Cancel anytime.

Short–circuit between input and

1)

The

optocoupler





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

of 87

 

Commisioning

Ch4



 Search document

ISO/DIS 13849-2

Table D.20 — Non–programmable integrated circuits NOTE In this standard ICs with less than 1 000 gates and/or less than 24 pins, operational amplifiers, shift and hybrid modules are considered to be non-complex. This definition is arbitrary.

Fault considered Open–circuit connection

of

each

Short–circuit connections

between

Fault exclusions individual

any

Remarks

None

two

None

Stuck–at–fault (i. ( i. e. short–circuit shor t–circuit to 1 and 0 with isolated input or disconnected output). Static "0" and "1" signal at all inputs and outputs, either individually or simultaneously

None

Parasitic oscillation of outputs

None

Changing values (e. ( e. g. input/ output voltage of analogue devices)

None

—

Table D.21 — Programmable and/or complex integrated circuits

NOTE In this standard standard an IC is considered to be complex if it consists of more than 1 000 gates gates and/or mor 24 pins. This definition is arbitrary. The analysis should identify additional faults which should be considered influence the operation of the safety function.

Fault considered

Fault exclusions

Faults in all or part of the function including software faults

None

Open–circuit connection

of

None

Short–circuit connections

between

each

individual any

two

None

Stuck–at–fault (i. ( i. e. short–circuit shor t–circuit to 1 and 0 with isolated input or disconnected output) Static "0" and "1" signal at all inputs and outputs, either individually or simultaneously Special offer for students: Only $4.99/month. Parasitic oscillation of outputs

None

Master your semester with Scribd & The New York Times None

Remarks —




Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/D

D.5.6.2

Tin whisker growth

If lead-free processes and products are applied, electrical short circuits due to tin whiskers (see occur. The risk of whiskers should be evaluated (see Note 2) and considered when apply exclusion “short circuit …” of any component (see Note 3 and 4).

NOTE 1 Tin Whisker growing is a phenomenon related mainly to pure bright tin finishes. The needlecan grow to several 100 µm length and can cause electrical shorts. Prevailing theory is that whiskers compressive stress build-up in tin plating. NOTE 2

The following publications can be helpful for evaluation: see [28], [29].

NOTE 3 Example: If the risk risk of whisker growing is considered high, the fault exclusion exclusion “Short circuit useless, since a short between the contacts of this component has to be regarded.

NOTE 4 Whiskers on printed circuit boards have not been reported yet. Tracks Tracks usually consist of coating. Pads can be coated with tin alloy, but the production process seems not to stimulate the susceptib growing.

D.5.6.3

Short circuits on PWB-mounted parts

Short circuits for parts which are mounted on a printed wiring board (PWB) can only be exclude exclusion “short circuit between two adjacent tracks/pads” as described in Table D.5 is made.





Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Annex E (informative)

Example of the validation of fault behaviour and diagnostic means

E.1 Introduction

This example considers the validation of the PL of a safety function, with the exception of requirements fo ⎯

MTTFd values,

⎯

common cause failures (CCF),

⎯

software analysis,

⎯

systematic failures.

This example does not cover the validation of ⎯

safety requirements (see Clause 7),

⎯

characteristics of safety functions (see Clause 8),

⎯

environmental requirements (see Clause 10),

⎯

maintenance requirements (see Clause 11),

⎯

documentation requirements (see Clause 12).

It provides guidance on how to examine the fault behaviour and diagnostic coverage of a given circuit. methods it uses for determination of the diagnostic coverage used are based on failure mode and ef analysis (FMEA), taking into account Annex E of ISO 13849-1:2006. (SRP/CS). In particular, the necessarywith validationScribd of the PLC software has not been considered. Master your semester Read Free Foron 30this Days Sign up to vote title & The New York Times  Useful  Not useful NOTE

This example does not cover the complete validation process of safety related parts of control

Description the machine the machine SpecialE.2 offer for students: Onlyof $4.99/month.

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/D

At the first workstation a ball is inserted into the workpiece by a horizontally-mounted pneum which is controlled by a monostable 5/2 port directional control valve (1V1). The basic positio energised) of this cylinder is the retracted position. The depth of the inserted ball is checked by limit switch at the fully extended position of the cylinder, and the applied pressing pressure is mo pressure sensor in the air supply line for cylinder extension.

The screwdriving workstation consists of a vertically-mounted rodless pneumatic cylinder th pneumatically-driven rotary screwdriver unit. The screwdriver unit is raised and lowered by th cylinder, which is controlled by a monostable 5/2 port directional control valve (1V2). The basic po de-energised) of this cylinder is the upper position, with the screwdriver unit raised. Additio controlled check valve is provided in the lower connection of the pneumatic cylinder.

Rotary motion of the screwdriver unit is provided by a pneumatic motor, which is also con monostable 5/2 port directional control valve (3V1). The basic position (valve de-energised) of thi motor is the OFF-state. The torque provided by the screwdriver unit is monitored by a pressure s air supply line for the screwdriver unit.

A single cycle of the machine is initiated by actuating the start-push-button. At the beginning rotary table holds three workpieces: a newly-loaded workpiece, a partially-finished workpiece (b and a finished workpiece (ball inserted and screw fixed). Each cycle consists of a rotation of the through 90°, followed by simultaneous ball insertion and screwdriving operations on the newly partially-finished workpieces. The machine then comes to an operational stop, and the operator c interlocking guard to unload the finished workpiece and load a new workpiece. The completion of requires three machine cycles to rotate it by 270° from the loading station through to the unloading The following modes of operation are provided: ⎯

automatic mode with manual loading and unloading;

⎯

set-up mode for the rotary table.

The machine presents mechanical hazards arising out of movements of the pneumatically-driv actuators (on the ball insertion and screwdriving workstations) and the electrically-driven rotary tab





Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Key 1

loading station

8

workpiece

2

ball insertion workstation

9

rotary table

3

ball insertion cylinder (A1)

10 pulse sensor

4

screwdriving workstation

11 drive belt

5

unloading station

12 planetary gear

6

screwdriver unit (A3)

13 electric motor

7

screwdriving cylinder (A2)

14 rotation sensor

Master your semester with Scribd Read Free Foron 30this Days Figure E.1 — Example - automatic assembly machine Sign up to vote title & The New York Times  Useful  Not useful Special offer for students: Only $4.99/month.

E.3 Specification of safety function requirements requirements

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

⎯

SF 1.4: the screwdriving cylinder.

NOTE In this example, the safety related stop and the protection against unexpected start-up are single safety function because they are implemented in the same SRP/CS.

During the set-up mode for the rotary table (with pneumatically-driven machine actuators disable interlocking guard is open, the safe condition is achieved by the combination of the following safet ⎯

SF 2:

safely-limited speed, and

⎯

SF 3:

hold-to-run mode.

After performing a risk assessment, the following values of PL r were assigned to the safety functio ⎯

PLr d for safety-related stopping and prevention of unexpected start-up (SF 1);

⎯

PLr d for safely-limited speed (SF 2);

⎯

PLr c for hold to run (SF 3) (considering that PL d is required for the safety function of s speed).

When SF 1 is demanded, the rotary table must perform a controlled stop in accordance with stop of IEC 60204-1. For this example, the risk assessment determined that loss of controlled decel result of an inverter malfunction was acceptable. The vertically-mounted pneumatic cylinder screwdriving workstation and the horizontally-mounted pneumatic cylinder (A1) of the b workstation must return to and/or remain in their basic positions (i.e. upper and retracted respe screwdriver unit (A3) must stop immediately. The minimum distance between the interlocking gua moving parts of the machine has been set according accordin g to ISO 13855, based on the mach performance.

The machine is provided with other safety functions, such as an emergency stop, restart interlock but these are not considered in this example.

E.4 Design of SRP/CS

The control system for this example has been implemented using a combination of electro electronic and pneumatic technologies.

Master your semester In order to achieve the PLwith for the Scribd various safety functions (see E.3), the requirements of Cate Read Free For 30 Days Sign up to vote on this title been selected. A diverse redundant and monitored structure has therefore been adopted for  all e pneumatic partsTimes (see Figures E.2 and E.3). & The New York  Useful  Not useful r


Cancel anytime.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Figure E.2 — Automatic assembly machine, electrical and pneumatic diagram





Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/D

control for them. A pressure switch (1S0) enables the status of this release valve to be monito supply for machine actuators A1 and A2 is taken from the main air supply.

A pilot-controlled check valve (2V2), which also takes its control air from 1V0, is provided connection of machine actuator A2 (vertically-mounted rodless pneumatic cylinder). This provides channel for stopping the downward motion and retaining the machine actuator in its basic (upper)

The air supply for machine actuator A3 (pneumatic motor) is taken from the control air supply than the main air supply. This ensures a redundant channel for controlling the air supply to A3, would continue to rotate if 3V1 were to fail in the energised position.

In accordance with Category 3, basic and well-tried safety principles are observed, and the req Category B are also satisfied. In particular, the requirements of the standards IEC 60204-1 an have also been applied.

The position switch (B1) is a switch with direct mode of actuation in accordance with IEC 609 Annex K, and it is therefore a well-tried component according to Tab le D.3.

The contact relay K1 possess mechanically-linked contact elements in accordance with IEC 609 Annex L, and it is therefore a well-tried component according to Tab le D.2.

The corresponding application programmes of PLC A and PLC B contain specific software fun (SRASW) programmed in accordance with the requirements of ISO 13849-1:2006, 4.6 for PL d.

The attributes of the control valves 1V1, 2V1, 3V1, 2V2 and 1V0 are explained in detail in Table E





Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 


Commisioning

Ch4

 Search document




Useful



Not useful

Cancel anytime.



 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

2 9 4 8 3 1 S I D / O S I

of 87

 

Commisioning

Ch4

 Search document



n o i s u l c x e t l u a f e l b i s s o p

y t e f a s d e i r t – l l e w s / l e s i e p l c p i n i c r p n i r ) p y d t e e u f n a i s t c n i o s c a ( t b

s i l s t r a p 3 . E e r u g s i e F t u — b i r 1 . t t A a e l b a T

o n

o n

o n

o n

o n

) n o i t c n u f y t e f a s o n ( g n i r o t i n o m r o f d e r i u q e r t o n





t u p t u o g o l a n a

e l p i c n i r p g n i r u s a e m c i t e n g a m

e l p i c n i r p g n i r u s a e m c i t e n g a m

t n i o p h c t i w s d e x i f

t u p t u o g o l a n a

Master your semester with Scribd & The New York Times Special offer for students: Only $4.99/month. r t h o n

r o

r o

r o

d r a d n a t s s i h t f o e p o c s n i t o n


l a r c n r e i e d t t a x n





Useful

r o t



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

SF 1: Safety-related stopping initiated by the opening of the interlocking guard and preventio unexpected start-up whenever the interlocking guard is open

According to the machine specification, opening of the interlocking guard must initiate the stopping machine actuators: rotary table (driven by inverter-controlled motor), ball insertion cylinder, screwdr cylinder and screwdriver unit. This function can therefore be represented as shown in Figure E.4.

Figure E.4 — Function blocks of SF 1

When the interlocking guard is opened, PLC A initiates a stop of the rotary table by providing a stop sign the inverter (T1a). PLC B monitors the deceleration of the rotary table, and when this reaches a standstill energises contactor K1 to initiate pulse blocking at the inverter (T1b). If the rotary table does not stop due fault, then PLC B will still provide a further stop signal to the inverter (T1b). This is the second indepen channel for the stopping function. The part of the safety function relating to prevention of unexpected sta is performed in the same way.

Opening the interlocking guard also causes PLC A to initiate a first stop of the ball insertion cylinder screwdriving cylinder and the screwdriver unit by de-energising 1V1, 2V1 and 3V1. PLC B initiates a se stop signal for these three actuators by de-energising 1V0.

If the rotary table is stopped but the ball insertion and screwdriving workstations are in operation when interlocking guard is opened, then PLC A will immediately de-energise 1V1, 2V1 and 3V1, and PLC immediately de-energise K1 and de-energise 1V0 after a delay.

Whilst the interlocking guard is in the open position, it must be ensured that a fault in the enabling pa PLC A does not lead to an uncontrolled start-up. This can be achieved by the action of PLC B  de-energ Read Free For 30 Days Sign up to vote on this title K1 as soon as the rotary table motor has reached a standstill, and also de-energising 1V0 to prevent as  up of the ball insertion cylinder or the screwdriving cylinder.  Useful  Not useful


Cancel anytime.

Special offer for students: Only $4.99/month. The evaluation of the PL for the SRP/CS performing SF 1 has been carried out as follows:





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

Commisioning

 

Ch4

 Search document



ISO/D

Similarly, the safety-related parts of the stopping functions SF 1.2, SF 1.3 and SF 1.4 and their channels can be illustrated by the safety-related block diagram shown in Figure E.6

* SF 1.3

Figure E.6 — Stopping of the ball insertion cylinder, screwdriving cylinder and screwdr b)

Representation as logic blocks

The two parts or logic blocks of the diagram can be mapped to the designated architecture for Ca the safety chain can therefore be divided into two SRP/CS (input, logic/output), see Figure E.7.

Figure E.7 — Safety-related block diagram of the safety function

For each SRP/CS, a PL has been estimated by applying the simplified procedure in ISO 13849-1: c)

Estimation of MTTFd of each channel

For estimation of component MTTF d values, reliability data provided by the manufacturers has bee

For estimation of the MTTF d of a channel, the parts count method has been applied (see ISO 13 Annex D). The diverse redundant structure leads to dissimilar MTTF d, values for each channel, s of the symmetrisation equation provides an average result of medium MTTF d (more than 2 different channels (see ISO 13849-1:2006, D.2). d)

Estimation of DCavg

The DCavg has been calculated for both SRP/CS from the DC of the internal test and monitorin executed on the different parts.

Master your semester with Scribd  Plausibility check of the input signals for the guard sensors and B2 to ISO Read Free For 30according Days SignB1 up to vote on this title  Annex York E, resultsTimes in a DC high (99 %) for the SRP/CS . & The New Useful Not useful   avg

Special offer forThe students: Only diagnostic $4.99/month. following measures are provided:

I

Cancel anytime.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

⎯

fault detection via process for directional control valves;

⎯

further information see Table E.3.

According to ISO 13849-1:2006, Annex E, these diagnostic measures provide a DC avg result of me (90 %) for the SRP/CS L/O. e)

Estimation of measures against common cause failure (CCF)

It is estimated that adequate measures against common cause failures (separation, diversity, prote against over-pressure, environmental) have been taken for both SRP/CS, which according to ISO 13 1:2006, Annex F achieves a score of 75 points for each SRP/CS. f)

Determination of PL for each SRP/CS

The PL for each SRP/CS is determined as follows: SRP/CSI ⎯

Category 3;

⎯

Medium MTTF d of each channel;

⎯

High DCavg;

⎯

75 points for measures against CCF;

Applying these values valu es to ISO 13849-1:2006, Figure 5, but with DC avg restricted to medium (Category 3), a result of PL d. SRP/CSL/O ⎯

Category 3;

⎯


⎯

Medium DCavg;

points for measures against CCF; Master75 your semester with Scribd Read Free Foron 30this Days Sign up to vote title Applying these values to ISO 13849-1:2006, Figure 5 gives a result of P L d. & The New York Times  Useful  Not useful ⎯

Cancel anytime.

 

According to ISO Only 13849-1:2006, 6.3, the PL of the ov erall combination of SRP/CS is determined as follow Special offer for students: $4.99/month.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

of 87

 

Commisioning

Ch4

 Search document



ISO/D

When the interlocking guard is in the open position, it must be ensured that the rotary table can on safely-limited speed (SLS), which is monitored by tachogenerator G2. Each of the PLCs monito from G2, and they perform the desired/actual speed comparisons independently. If the s successfully reduced to the limited value by the inverter T1a, then the PLCs can react by blocking signal and pulse blocking on inverter T1b.

The safety-related parts of safety function SF 2 and its division into channels can be illustrated b related block diagram shown in Figure E.8:

Figure E.8 — Block diagram for the safely-limited speed (SLS)

For the SRP/CS, a PL has been estimated by applying the simplified procedure in ISO 13849-1:20 a) Estimation of MTTF d of each channel

For estimation of component MTTF d values, reliability data provided by the manufacturers has bee

For estimation of the MTTF d of a channel, the parts count method has been applied (see ISO 13 Annex D). The T he diverse redundant structure str ucture leads to dissimilar dissim ilar MTTF d values for each channel, s of the symmetrisation equation provides an average result of medium MTTF d (more than 25 ye channel of the SRP/CS. b)

Estimation of DCavg

The DCavg has been calculated for the SRP/CS from the DC of the internal test and monitorin executed on the different parts. Plausibility check of the input signals for the guard sensors B1 and B2 B 2 according to ISO Annex E, results in a DC avg high (99 %) for the SRP/CS I. The following diagnostic measures are provided:

Master your semester with Scribd direct monitoring of the position of of K1 contacts by PLC A; Read Free Foron 30this Days Sign up to vote title & The Newindirect York Times Useful  Not useful monitoring of the operation of PLC A by PLC B; ⎯ ⎯

Cancel anytime.

 

Special offer for students: Only $4.99/month. of rotary table movement for G2, inverter T1a and PLC A by PLC B; ⎯ indirect monitoring of





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

Download



News



Documents



Sheet Music

Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

It is estimated that the adequate measures against common cause failures (separation, diversity, prote against over-pressure, environmental) have been taken for both SRP/CS, which according to ISO 13 1:2006, Annex F achieves a score of 75 points for each SRP/CS. d)

Determination of the PL for each SRP/CS

The PL for each SRP/CS is determined as follows: SRP/CSI ⎯

Category 3;

⎯


⎯

High DCavg;

⎯

75 points for measures against CCF.

Applying these values valu es to ISO 13849-1:2006, Figure 5, but with DC avg restricted to medium (Category 3), a result of PL d. SRP/CSL/O ⎯

Category 3;

⎯


⎯

Medium DCavg;

⎯

75 points for measures against CCF.

Applying these values to ISO 13849-1:2006, Figure 5 gives a result of P L d.

According to ISO 13849-1:2006, 6.3, the PL of the ov erall combination of SRP/CS is determined as follow ⎯

PLlow = d;

⎯

Nlow = 2;

Master your semester with Scribd PL for the combination is PL d. & The New York e) Systematic failures Times




Useful



Not useful

Cancel anytime.

 

Special offer for students: Only $4.99/month. It is estimated that the adequate measures against systematic failures have been taken for SRP/CS acco





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Figure E.9 — Block diagram for hold-to-run mode

The two parts or logic blocks of the diagram can be mapped to the designated architecture for Ca Category 1, so the safety chain can therefore be divided into two SRP/CS (input, logic/output) Figure E.10.

Figure E.10 — Safety related block diagram for the hold-to-run mode

For each SRP/CS, a PL has been estimated by applying the simplified procedure in ISO 13849-1:

The diagnostic coverage (DC) and MTTF d values for the SRP/CS L/O have already been dete SF 2). The determination of the MTTFd of the SRP/CS I (hold-to-run push-button) is calculated on the B10d value provided by the manufacturer, which meets PL = c for the complete safety function.

E.5 Validation

As stated in E.1, the example has been restricted to the validation of f ault behaviour and diagnost According to 9.3, validation of diagnostic means m eans should be performed by a revision of design d and some complementary fault injection tests. The following steps are applied: a) Identify the diagnostic measures and the tested units (components, blocks). b)

Verify the DC value assigned to each diagnostic circuit for a certain/related unit.

Master your semester with Scribd c) Analyse the fault behaviour of the system and define the test cases. Read Free Foron 30this Days Sign up to vote title d) Check for correct calculation of the DCavg for each SRP/CS. calculation & The New York Times  Useful  Not useful Special offer for students: Only $4.99/month. e) Carry out tests to confirm the DC values.

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Upload

Sign In

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

of 87

 

Commisioning

Ch4



 Search document

ISO/DIS 13849-2

SF 1.1: Stop function of the rotary table initiated by opening an interlocking guard and the preve of unexpected start-up

Table E.2 — FMEA of the stop function and the prevention of unexpected start-up of the rotary ta Systems / Characteristics

Effect / reaction

Short-circuit; mechanical failure; electrical failure; earth fault

Is recognized by no signal change when safety function demanded (opening of the interlocking guard). Monitoring of plausibility is realized in both evaluation systems. DC = 99 %

Stop with detection; A static re-start prevented at the in both PLC to be app

Failure interlocking switch B2

of



Stop with detection; A static re-start prevented at the in both PLC to be app

Failure of PLC A

Faults of the input card; complex faults in the CPU; faults in the output card;

Reading of the G2 and comparison to the expected change in the number of revolutions; time-related in PLC B. DC = 99 %

The inverter is stopped after a timedelay. This switch-off is realized via K1 which is controlled by PLC B.

Stop outp the PLC high level

Failure of PLC B

Faults of the input card; complex faults in the CPU; faults in the output card;

Through feedback of K1, it is recognized that PLC B is not responding. DC = 99 %

Inverter is immediately stopped by PLC A; re-start is is prevented

Set the o K1 of PLC high

Failure of inverter

the

No response to the STOP command

Detection through reading of G2 in PLC A and PLC B. DC = 99 %

Inhibit re-start means of PLC B

Set the input of inverter to

Failure of the encoder (G1)

missing pulses or faulty pulses are generated

Comparison of pulse frequency with given value. DC = 99 %

F3

F4

Master your semester with Scribd Failure of Welded contacts feedback in PLC A F7 & The New Times contactorYork K1 Special offer for students: Failure of Only the $4.99/month. Break of the drive F8

Test mea

of

F2

F6

Fault detection

Failure interlocking switch B1 F1

F5

Potential faults

drive belt

belt,

wear

of

the

Failure into direction, no

by

Inverter is Pulse immediately stopped sequence by PLC A; re-start is i s impresse prevented PLC-inpu  Read Free Foron 30this Days Sign up to vote title  Re-start prevented Keep Useful Not useful   ON positi Cancel anytime.

the safe movement

not required

not requir





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

Join

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Table E.2 (continued ) Systems / Characteristics

F11

Failure of (prevention unexpected start-up)

G1 of

Potential faults

Fault detection

Effect / reaction

Pulses are generated although the inverter stands still; initiation of external torques

Fault is recognized through reading of G2 (plausibility test) in PLC A and PLC B

Fault is not relevant in this operating mode, since the start is inhibited via K1

Conclusion: Each fault listed is safely detected. For this, the DCavg can be assessed to 99% (ISO Conclusion: Equation E.1)

SF 1.2 to SF 1.4: Stop function of the pneumatically-driven machine actuators initiated by interlocking guard and the prevention of unexpected start-up Table E.3 — FMEA of the stop function and the prevention of unexpected start-up of the drives Systems / Characteristics

Potential faults

Fault detection

Effect / reaction


of



Stop with detection; re-start prevented


of




Faults of the input card; complex faults in the CPU; faults in the output card

Reading of the G2 and The inverter is comparison to the expected stopped after a timechange in the number of delay. This switch-off revolutions; time-related in is realized via K1  PLC B. DC = 99 Read % which istitle controlled by Free For 30this Days Sign up to vote on  PLC B.

F1

F2

Failure of PLC A

F3 Master your semester with Scribd & The New York Times



Useful

Failure of$4.99/month. PLC B Faults of the input Through feedback of K1, it Special offer for students: Only F4

card; complex faults in the CPU; faults in

 Not useful

Cancel anytime.

is recognized that PLC B is not responding. DC = 99 %

Inverter is immediately stopped by PLC A; re-start is





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

1

Download



News



Documents



Sheet Music


of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Table E.3 ( E.3 (continued continued ) Systems / Characteristics

F7

F8

F9

F10

F11

F12

F13

F14

Potential faults

Fault detection

Effect / reaction

Test mea

Failure of solenoid directional control valve 1V1

No switch-back, time-delayed switchback, getting stuck in the intermediate positiona

Reading of sensor signal 1S1 and end switch 1S2/1S3 in PLC A. DC = 99 %


Low Sign 1S2; signal than 1 input of 1S

Failure pneumatic cylinder A1

of

Stucking in out position, mechanical failure, breakdown of pressurized air

Through reading of end switch 1S2. DC = 99 %

re-start is prevented; if required, interrupting main air supplyb

Low Sign 1S2; signal than 1 input of 1S

Failure of proximity sensor 1S2

Short-circuit; mechanical failure; electrical failure, earth-fault

Detected due to missing signal change (high > low). DC = 99 %


Interrupt input at PLC A


Non-opening / welding of contacts



Input of PLC A to 2

Failure of solenoid directional control valve 2V1

No switch-back, time-delayed switchback, getting stuck in the intermediate positiona

Reading of end switch 2S2 in PLC A. DC = 99 %


Low 2S2

sign

Failure pneumatic cylinder A2

of

Stucking in inposition, mechanical failure, breakdown of pressurized air

Reading of end switch 2S2 in PLC A. DC = 99 %

re-start is prevented; if required, interrupting main air b supply

Low 2S2

sign


Short-circuit; mechanical failure; electrical failure, earth-fault



Interrupt in the PLC A


Non-opening / gluing of contacts

Detected due to missing signal alternation (high > low). DC = 99 %


Input at PLC A to 2

Failure of the Getting stuck, break The fault cannot be detected Master your F15 check valve semester 2V2 of the with spring, Scribd in this operating mode. Read Free Foron 30this Days Sign up to vote title leakage DC = 0 % & The New York Times Not useful  Useful Failure of No switch-back, Reading of sensor signal Stop  with detection;

Special offer for students: Only $4.99/month. solenoid time-delayed switchF16

directional

back, getting stuck

Cancel anytime.

3S1 in PLC A. DC = 99 %

re-start prevented

 

Static higher tha at input of





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print


1

Download



News



Documents



Sheet Music

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Table E.3 ( E.3 (continued continued ) Systems / Characteristics

F18


Potential faults

Fault detection

Effect / reaction

Short-circuit; mechanical failure; electrical failure; earth-fault

Only "switching-on" recognized. DC = 99 %

is

Fault not relevant in this operating mode. Re-start is prevented.

Conclusion: Not each fault treated is detected. For this, the DCavg can be assessed to 90% (ISO 13849-1:2 Conclusion: Not E.1). The fault F15 is not relevant for this operating mode. a

Magnet valves valves with piston valves and and positive covering covering can get stuck in a position position in which which all connections connections are blocke

b

or else other suitable measures measures for switching switching possibly possibly jammed drives drives force-free, force-free, in order order to exclude exclude hazards d changes. c

Voltage value value and/or current higher than the response threshold at the analogue analogue input. input.

SF 2 and SF 3: Safely-limited speed (SLS) and hold-to-run Table E.4 — FMEA of the safely-limited speed of the rotary table Systems / Characteristics

F1

Potential faults

Fault detection

Effect / reaction

Test

Failure of drive belt

the

Break of the drive belt, wear of the pulley, skipping teeth

Fault detection during the process. DC = 99 %

Inhibit start by means of PLC B

Simula indicati target v

Failure PLC A

the

Complex faults within the CPU; faults in the output card, systematic faults in the software

Reading of the G2 and comparison to the expected change in the number of increments time-related in PLC B. DC = 99 %

The drive is stopped after a time-delay. This switch-off is realized via K1 which is controlled by PLC B.

Simula indicati target v

Faults of the input card; complex faults in the CPU; faults in the output card; systematic software faults

In this operating mode, the fault is detected through plausibility testing in PLC A. DC = 99 %

Shut-down of the main drive by PLC A

Data fa commu interrup both PL

of

F2

Failure of PLC B F3

Master your semester with Scribd the Internal fault of the Detection & The NewFailure Yorkof Times F4

inverter

inverter





through Useful Inhibit useful by   Notre-start Cancel anytime. reading of G2 in PLC A means of PLC B and PLC B. DC = 99 %

 Simula indicati target v





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines











Save

Embed

Share

Print

News



Documents



Sheet Music


1

Download



Join

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

Table E.5 — FMEA of the hold-to-run mode of the rotary table Systems / Characteristics

F1

Potential faults

Fault detection

Effect / reaction

Test measure

the

Break of the drive belt, wear of the pulley, skipping teeth

Fault detection during process. DC = 99 %

the

Inhibit start by means of PLC B

Simulate a indication of target value

Failure PLC A

of

Complex faults within the CPU; faults in the output card, systematic faults in the software

Reading of the G2 and comparison to the expected change in the number of increments time-related in PLC B. DC = 99 %

The drive is stopped after a time-delay. This switch-off is realized via K1 which is controlled by PLC B.


Failure PLC B

of

Faults of the input card; complex faults in the CPU; faults in the output card; systematic software faults

In this operating mode, the fault is detected through plausibility testing in PLC A. DC = 99 %

Shut-down of the inverter by PLC A

Data falsifi (e.g. communicatio interruption between PLCs)

the

Internal fault of the inverter

Detection through reading of G2 in PLC A and PLC B. DC = 99 %

Inhibit re-start by means of PLC B


Failure of G1

Slippage of the drive (clutch loosened)

Fault is recognized through reading of G2 (plausibility test). DC = 99 %


Falsification o target value

Failure of the hold-to-run push-button

Welding of contacts

Fault can be recognized recognized by means of time-monitoring (low-high alternation in a timeframe/window). Perhaps fault detection is not required (due to measure "safe velocity"). DC = 75 %


Bridging of switch ("perm pressing")

Failure of drive belt

F2

F3

F4

Failure of inverter

F5

F6

Failure of G2 missing pulses, Fault is detected through Inhibit re-start by Simulate a Master your semester with Scribdwith the target  F7 pulses are comparison means of PLC B indication of Read Free Foron 30this Days Sign up to vote title generated value. DC = 99 % target  value & The New York Times  Useful  Not useful


Cancel anytime.





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

Join

RELATED TITLES

0




Books



Audiobooks



Magazines









Save

Embed

Share

Print

Download



News



Documents



Sheet Music




1

of 87

 

Commisioning

Ch4

 Search document



ISO/D

Bibliography

[1]

EN 952:1996, Safety of machinery — Safety requirements for fluid power system components — Hydraulics

[2]

EN 953:1996, Safety of machinery — Safety requirements for fluid power system components — Pneumatics

[3]

EN 50205, Relays with forcibly guided (mechanically linked) contacts

[4]

EN 60730 (all parts), parts), Automatic Automatic electric controls for household and similar use

[5]

ISO/DIS 4413:2008, Hydraulic fluid power — General rules relating to systems

[6]

ISO/DIS 4414:2008, Pneumatic fluid power — General rules and safety requirements for their components

[7]

ISO 4960, Cold-reduced carbon steel strip with a mass fraction of carbon over 0,25 %

[8]

ISO 5598:2008, 5598:2008, Fluid Fluid power systems and components — Vocabulary

[9]

ISO 11161, Safety of machinery — Integrated manufacturing systems — Basic requiremen

[10]

ISO 12100-2:2003, Safety of machinery — Basic concepts, general principles for desig Technical principles

[11]

ISO 13850, Safety of machinery — Emergency stop — Principles for design

[12]

ISO 13851, Safety of machinery — Two-hand control devices — Functional aspects principles

[13]

ISO 13856 (all parts), Safety of machinery — Pressure-sensitive protective devices

[14]

ISO 14118:2000, Safety of machinery — Prevention of unexpected start-up

[15]

ISO 14119:1998, Safety of machinery — Interlocking devices associated with guards — P design and selection  Read Free Foron 30this Days Sign up to vote title IEC 60204-1:2005, Safety of machinery — Electrical Electric al equipment of machines  — Pa Useful Not useful requirements  

Master your semester with Scribd [16] & The New York Times

Cancel anytime.

Special offer for students: Only $4.99/month. [17] IEC 60269-1, Low-voltage fuses — Part 1: General requirements





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

0

0 views



Sign In

Upload

RELATED TITLES

0




Books



Audiobooks



Magazines News



Documents



Sheet Music











Save

Embed

Share

Print

Download



Join


1

of 87

 

Commisioning

Ch4

 Search document



ISO/DIS 13849-2

[24]

IEC 61165, 61165, Application Application of Markov techniques

[25]

IEC 61249-2, Materials for printed boards and other interconnecting structures

[26]

IEC 61558 (all parts), Safety of power transformers, power supplies, reactors and similar products

[27]

IEC 61810 (all parts), Electromechanical elementary relays — Part 1: General and safety requirem

[28]

Test Method for Measuring Whisker Growth on Tin and Alloy Surfaces Finishes, JESD22A12 JEDEC Solid State Technology Association, 2500 Wilson Boulevard Arlington, VA 22201-3 www.jedec.org/download/search/22a1121-01.pdf

[29]

Environmental Acceptance Requirements Requirements for Tin Whisker Susceptibility of Tin and Alloy Finishes, JESD201, JEDEC Solid State Technology Association, 2500 Wilson Boulevard Arlington 22201-3834, www.jedec.org/download/search/JESD201.pdf





Useful



Not useful

Cancel anytime.

 





Home



Saved



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join



BS EN ISO 13849-2-2010.pdf

Recommend Documents