© Handermann 2011
Functional
Safety
.net
The three most important documents for planning a safety system are
-the safety plan,
-the verification & validation plan and -the safety requirement specification.
The hardware and software design of a safety system is shown in phase 9 of the
lifecycle of IEC 61508.
The lifecyce phase 9.1 is the E/E/PES safety requirements specification.
There are important hardware concepts like
redundancy vs diversity, type A or B components, hardware fault tolerance (HFT),
safe failure fraction (SFF) and the probability of failure on demand (PFD).
Voting is defined as the number of redundant paths (N) required out of the total number
of redundant paths (M) in order to carry out the (safety) function. Expressed N out of M,
NooM.
The hardware fault tolerance (HFT) is a measure of redundancy.
Of N means that N+1 faults could cause a loss of the safety function (SF).
1oo1 : redundancy no; HFT = 0; Voting = 1;
2oo2 : redundancy no; HFT = 0; Voting = 2;
1oo2 : redundancy yes; HFT = 1; Voting = 1;
2oo3 : redundancy yes; HFT = 1; Voting = 2;
1oo3 : redundancy yes; HFT = 2; Voting = 1;
2oo4 : redundancy yes; HFT = 2; Voting = 2;
For example a 1oo2 safety system can handle 1 dangerous failure and 0 safe failure
and a 2oo2 safety system can handle 0 dangerous failure and 1 safe failure.