background image

Functional Safety KFD2-SCD2-Ex*.LK, HiD2038

Planning

20

20

-0

6

11

3.2

Assumptions

The following assumptions have been made during the FMEDA:

Failure rate based on the Siemens standard SN 29500.

Failure rates are constant, wear is not considered.

External power supply failure rates are not included.

The safety-related device is considered to be of type 

A

 device with a hardware 

fault tolerance of 

0

.

The device will be used under average industrial ambient conditions comparable 

to the classification "stationary mounted" according to MIL-HDBK-217F.

Alternatively, operating stress conditions typical of an industrial field environment similar 

to IEC/EN 60654-1 Class C with an average temperature over a long period of time 

of 40

º

C may be assumed. For a higher average temperature of 60

º

C, the failure rates 

must be multiplied by a factor of 2.5 based on experience. A similar factor must be used 

if frequent temperature fluctuations are expected.

The application program in the programmable logic controller (PLC) is configured to 

detect line faults (lead breakage or lead short circuit).

3.3

Safety Function and Safe State

Safety Function

The safety function of the device is fulfilled, as long as the output repeats the input current 

(4 mA to 20 mA) with a tolerance of 2 %.
A dangerous detected failure is present if the output current is less than 4 mA or greater 

than 20 mA due to the line fault detection.
A dangerous undetected failure is present if the tolerance limits for the signal transfer 

are exceeded and the output current is between 4 mA and 20 mA. 

Reaction Time

The safety reaction time is the maximum time required from the occurrence of the fault 

to the reaction of the outputs in normal operation without faults.
The combined fault detection and fault reaction time is the time in which the device outputs 

react to an occurred fault. See chapter 3.4.

Note

See corresponding datasheets for further information.

Summary of Contents for KFD2-SCD2-Ex LK Series

Page 1: ...ISO9001 2 Functional Safety SMART Current Driver KFD2 SCD2 Ex LK HiD2038 Manual ...

Page 2: ...sion as well as the supplementary clause Expanded reservation of proprietorship Worldwide Pepperl Fuchs Group Lilienthalstr 200 68307 Mannheim Germany Phone 49 621 776 0 E mail info de pepperl fuchs com North American Headquarters Pepperl Fuchs Inc 1600 Enterprise Parkway Twinsburg Ohio 44087 USA Phone 1 330 425 3555 E mail sales us pepperl fuchs com Asia Headquarters Pepperl Fuchs Pte Ltd P F Bui...

Page 3: ... 2 2 Function 8 2 3 Interfaces 9 2 4 Marking 9 2 5 Standards and Directives for Functional Safety 9 3 Planning 10 3 1 System Structure 10 3 2 Assumptions 11 3 3 Safety Function and Safe State 11 3 4 Characteristic Safety Values 12 3 5 Useful Lifetime 13 4 Mounting and Installation 14 4 1 Configuration 14 5 Operation 15 5 1 Proof Test 15 6 Maintenance and Repair 18 7 List of Abbreviations 19 ...

Page 4: ...Functional Safety KFD2 SCD2 Ex LK HiD2038 Contents 4 2020 06 ...

Page 5: ...eshooting Dismounting Disposal The documentation consists of the following parts Present document Instruction manual Manual Datasheet Additionally the following parts may belong to the documentation if applicable EU type examination certificate EU declaration of conformity Attestation of conformity Certificates Control drawings FMEDA report Assessment report Additional documents For more informati...

Page 6: ...ead and understood the instruction manual and the further documentation Intended Use The device is only approved for appropriate and intended use Ignoring these instructions will void any warranty and absolve the manufacturer from any liability The device is developed manufactured and tested according to the relevant safety standards Use the device only for the application described with specified...

Page 7: ...es are displayed in descending order as follows Informative Symbols Action This symbol indicates a paragraph with instructions You are prompted to perform an action or a sequence of actions Danger This symbol indicates an imminent danger Non observance will result in personal injury or death Warning This symbol indicates a possible fault or danger Non observance may cause personal injury or seriou...

Page 8: ... 3 are used when no short circuit detection is required If the HART communication resistance in the loop is too low the internal resistance can be used Test sockets for the connection of HART communicators are integrated into the terminals of the device A fault is signalized by LEDs and a separate collective error message output The device is mounted on a 35 mm DIN mounting rail according to EN 60...

Page 9: ...elevant interfaces Non safety relevant interfaces none The HART communication is not relevant for functional safety 2 4 Marking 2 5 Standards and Directives for Functional Safety Device specific standards and directives System specific standards and directives Input I output I KFD2 SCD2 Ex1 LK Input I Input II output I output II KFD2 SCD2 Ex2 LK HiD2038 Note For corresponding connections see datas...

Page 10: ...hen usually the demand rate for this safety loop is assumed to be higher than once per year The relevant safety parameters to be verified are the PFH value Probability of dangerous Failure per Hour Fault reaction time of the safety system the SFF value Safe Failure Fraction the HFT architecture Hardware Fault Tolerance 3 1 3 Safe Failure Fraction The safe failure fraction describes the ratio of al...

Page 11: ...ence A similar factor must be used if frequent temperature fluctuations are expected The application program in the programmable logic controller PLC is configured to detect line faults lead breakage or lead short circuit 3 3 Safety Function and Safe State Safety Function The safety function of the device is fulfilled as long as the output repeats the input current 4 mA to 20 mA with a tolerance o...

Page 12: ...1 2 SC 3 Safety function Transfer of the analog signals s 0 FIT dd 153 FIT du 36 9 FIT total safety function 190 FIT SFF 80 MTBF 2 216 years PFH 3 69 x 10 8 1 h PFDavg for T1 1 year 1 62 x 10 4 PFDavg for T1 2 years 3 23 x 10 4 PFDavg for T1 5 years 8 08 x 10 4 PFDavg for T1 10 years 1 62 x 10 3 PTC 100 Safety reaction time Fault reaction time 3 20 ms 1000 ms Table 3 1 1 The statement for the SIL ...

Page 13: ...t is assumed that early failures are detected to a huge percentage during the installation and therefore the assumption of a constant failure rate during the useful lifetime is valid However according to IEC EN 61508 2 a useful lifetime based on general experience should be assumed Experience has shown that the useful lifetime often lies within a range period of about 8 to 12 years As noted in DIN...

Page 14: ...ety instructions in the instruction manual 2 Observe the information in the manual 3 Observe the requirements for the safety loop 4 Connect the device only to devices that are suitable for this safety application 5 Check the safety function to ensure the expected output behavior 4 1 Configuration A configuration of the device is not necessary and not possible ...

Page 15: ...etected otherwise Check the function of the subsystem at periodic intervals depending on the applied PFDavg in accordance with the characteristic safety values See chapter 3 4 It is under the responsibility of the plant operator to define the type of proof test and the interval time period Conditions Digital multimeter with an accuracy better than 0 1 Use for the proof test of the intrinsic safety...

Page 16: ...D2 Ex LK Channel II only for KFD2 SCD2 Ex2 LK Step No Set input value mA Set output value Rload Mandatory measuring points safety relevant output value mA 1 20 00 470 20 00 0 40 2 12 00 470 12 00 0 40 3 4 00 470 4 00 0 40 4 23 00 470 23 00 0 40 5 0 470 0 30 6 12 0 30 2 00 1 00 7 12 00 100000 0 30 8 12 00 Restored as step 2 Table 5 1 Steps to be performed for the proof test KFD2 SCD2 Ex2 LK Zone 0 ...

Page 17: ...a 7a 12 15 2 5 1a 1b 7 7a 6 3b 10a 9a 1a 1b 2a 2b 100Ω 100Ω mA mA I II Multimeter mA Multimeter mA 24 V DC Power supply 4 mA to 20 mA 4 mA to 20 mA 4 mA to 20 mA 4 mA to 20 mA Tip The easiest way to test HiD devices by using a stand alone HiDTB SCT termination board In this test it is not necessary to disconnect the wiring of the existing application Faults in a subsequent wiring can be avoided ...

Page 18: ...n does not work Take appropriate measures to protect personnel and equipment while the safety function is not available Secure the application against accidental restart 3 Do not repair a defective device A defective device must only be repaired by the manufacturer 4 If there is a defect always replace the device with an original device Danger Danger to life from missing safety function Changes to...

Page 19: ...ty function not part Probability of failure of components that are not in the safety loop total safety function Probability of failure of components that are in the safety loop HFT Hardware Fault Tolerance MTBF Mean Time Between Failures MTTR Mean Time To Restoration PCS Process Control System PFDavg Average Probability of dangerous Failure on Demand PFH Average frequency of dangerous failure per ...

Page 20: ...Pepperl Fuchs Quality Download our latest policy here www pepperl fuchs com quality www pepperl fuchs com Pepperl Fuchs Subject to modifications Printed in Germany DOCT 6526 ...

Reviews: