Upload File

cenelec standards effects of faults

2
From the Desk of Sandeep Patalay CENELEC Faults and Effects Effects of single faults It is necessary to ensure that the system/sub-system/equipment meets its THR in the event of single random fault. It is necessary to ensure that SIL 3 and SIL 4 systems remain safe in the event of any kind of single random hardware fault which is recognized as possible. Faults whose effects have been demonstrated to be negligible may be ignored. This principle, which is known as fail-safety, can be achieved in several different ways: 1) Composite fail-safety With this technique, each safety-related function is performed by at least two items. Each of these items shall be independent from all others, to avoid common-cause failures. Non-restrictive activities are allowed to progress only if the necessary number of items agree. A hazardous fault in one item shall be detected and negated in sufficient time to avoid a co-incident fault in a second item. 2) Reactive fail-safety This technique allows a safety-related function to be performed by a single item, provided its safe operation is assured by rapid detection and negation of any hazardous fault (for example, by encoding, by multiple computation and comparison, or by continual testing). Although only one item performs the actual safety-related function, the checking/testing/detection function shall be regarded as a second item, which shall be independent to avoid common-cause failures. 3) Inherent fail-safety This technique allows a safety-related function to be performed by a single item, provided all the credible failure modes of the item are non-hazardous. Any failure mode which is claimed to be incredible (for example, because of inherent physical properties) shall be justified using the procedure defined in Annex C. Inherent fail-safety may also be used for certain functions within Composite and Reactive fail-safe systems, for example to ensure independence between items, or to enforce shut-down if a hazardous fault is detected. Whichever technique or combination of techniques is used, assurance that no single random hardware component failure mode is hazardous shall be demonstrated using appropriate structured analysis methods. The component failure modes to be considered in the analysis shall be identified using the procedures defined in Annex C. In systems containing more than one item whose simultaneous malfunction could be hazardous, independence between items is a mandatory precondition for safety concerning single faults. Appropriate rules or guidelines shall be fulfilled to ensure this independence. The measures taken shall be effective for the whole life-cycle of the

Upload: sandeep-patalay

Post on 03-Mar-2015

92 views

Category:

Documents


0 download

Report

DESCRIPTION

CENELEC Standards Effects of Faults

TRANSCRIPT

Page 1: CENELEC Standards Effects of Faults

From the Desk of

Sandeep Patalay

CENELEC Faults and Effects

Effects of single faults

It is necessary to ensure that the system/sub-system/equipment meets its THR in the

event of single random fault. It is necessary to ensure that SIL 3 and SIL 4 systems

remain safe in the event of any kind of single random hardware fault which is recognized

as possible. Faults whose effects have been demonstrated to be negligible may be

ignored. This principle, which is known as fail-safety, can be achieved in several

different ways:

1) Composite fail-safety

With this technique, each safety-related function is performed by at least two items. Each

of these items shall be independent from all others, to avoid common-cause failures.

Non-restrictive activities are allowed to progress only if the necessary number of items

agree. A hazardous fault in one item shall be detected and negated in sufficient time to

avoid a co-incident fault in a second item.

2) Reactive fail-safety

This technique allows a safety-related function to be performed by a single item,

provided its safe operation is assured by rapid detection and negation of any hazardous

fault (for example, by encoding, by multiple computation and comparison, or by

continual testing). Although only one item performs the actual safety-related function, the

checking/testing/detection function shall be regarded as a second item, which shall be

independent to avoid common-cause failures.

3) Inherent fail-safety

This technique allows a safety-related function to be performed by a single item,

provided all the credible failure modes of the item are non-hazardous. Any failure mode

which is claimed to be incredible (for example, because of inherent physical properties)

shall be justified using the procedure defined in Annex C. Inherent fail-safety may also

be used for certain functions within Composite and Reactive fail-safe systems, for

example to ensure independence between items, or to enforce shut-down if a hazardous

fault is detected.

Whichever technique or combination of techniques is used, assurance that no single

random hardware component failure mode is hazardous shall be demonstrated using

appropriate structured analysis methods. The component failure modes to be considered

in the analysis shall be identified using the procedures defined in Annex C.

In systems containing more than one item whose simultaneous malfunction could be

hazardous, independence between items is a mandatory precondition for safety

concerning single faults. Appropriate rules or guidelines shall be fulfilled to ensure this

independence. The measures taken shall be effective for the whole life-cycle of the

Page 2: CENELEC Standards Effects of Faults

From the Desk of

Sandeep Patalay

system. In addition, the system/sub-system design shall be arranged to minimize

potentially hazardous consequences of loss-of-independence caused by, for example, a

Systematic design fault, if it could exist.

Detection of single faults

A first fault (single fault) which could be hazardous, either alone or if combined with a

second fault, shall be detected and a safe state enforced (i.e.: negated) in a time

sufficiently short to fulfill the specified quantified safety target. Demonstration of this

shall be achieved by a combination of Failure Modes and Effects Analysis (FMEA) and

quantified assessment of Random Failure Integrity.

In the case of Composite fail-safety, this requirement means that a first fault shall be

detected, and a safe state enforced, in a time sufficiently short to ensure that the risk of a

second fault occurring during the detection-plus-negation time is smaller than the

specified probabilistic target. In the case of Reactive fail-safety, this requirement means

that the maximum total time taken for detection-plus-negation shall not exceed the

specified limit for the duration of a transient, potentially hazardous, condition.

Effects of multiple faults

A multiple fault (for example, a double or triple fault) which could be hazardous, either

directly or if combined with a further fault, shall be detected and a safe state enforced

(i.e.: negated) in a time sufficiently short to fulfill the specified safety target. A suitable

method, for example Fault Tree Analysis (FTA), shall be used to demonstrate the effects

of multiple faults. The techniques used to achieve detection-plus-negation of multiple

faults within the permitted time shall be shown, including supporting calculations.


EFFECTS OF FAULTS ON STABILITY OF SLOPES IN …ethesis.nitrkl.ac.in/2064/1/Thesis_by_M.Soren.pdf · EFFECTS OF FAULTS ON STABILITY OF SLOPES IN ... faults on stability of slopes in

Faults, types and effects - Iwan78's Space · 2011-05-10 · Faults, types and effects 7 alternatively dug-up, or crushed by heavy machinery, but their joints are notoriously weak,

New IEC and CENELEC standards for motor efficiency · PDF fileNew IEC and CENELEC standards . for motor efficiency classes and testing. Dr. ... IEEE), regional (CENELEC)

Rapport annuel 2013 - CEN-CENELEC

CCA DE1 34410 - ABB · 2018. 5. 9. · CENELEC-Zertifizierungs-Abkommen CENELEC Certification Agreement CCA Accord de Certification du CENELEC Mitteilung von Prüfergebnissen Erzeugnis

ANALYSIS OF FAULTS IN OVERHEAD TRANSMISSION LINES ......2.2.1 Lightning 5 ... 3.3.1 Single Line-to-Ground Faults 20 ... the causes and effects of faults in the overhead transmission

CENELEC-European Committee for Electrotechnical

CEN-CENELEC Guide 8 CEN-CENELEC Guidelines for ... · CEN-CENELEC Guidelines for Implementation of the Common IPR Policy CEN/CENELEC Guide 8 (Patents and other statutory intellectual

CEN-CENELEC GUIDE 14

Effects of Faults and Stress on Open Stope Design

Faults effects analysis in a photovoltaic array based on

CEN-CENELEC GUIDE 11

CEN & CENELEC

CENELEC - u.dianyuan.com

CENELEC Annual Report 2015

Measuring the Effects of Internet Path Faults on Reactive Routing

CEN and CENELEC activities - unece.org...CEN JISC CENELEC JISC CEN-CENELEC KATS (Korea) signed July 2009 CEN-CENELEC-ETSI SAC (China) signed May 2009 ANSI (USA) without having signed

CENELEC GUIDE 25

Cenelec Spec Hd629-1

CENELEC EN-50126_1999

ACCORD DE CERTIFICATION DU CENELEC CENELEC CERTIFICATION

Cenelec Hd 637 s1

Towards Understanding The Effects of Intermittent Hardware Faults on Programs

Measuring the Effects of Internet Path Faults on Reactive ... · Measuring the Effects of Internet Path Faults on Reactive Routing Nick Feamster, David G. Andersen, Hari Balakrishnan,

CEN-CENELEC-ETSI Smart Grid Coordination Group …ec.europa.eu/.../xpert_group1_reference_architecture.pdfCEN-CENELEC-ETSI Smart Grid Coordination Group November 2012 CEN-CENELEC-ETSI

INFORMERER · IEC-normer og tekniske rapporter CENELEC Europanormer (EN) CENELEC Harmoniseringsdokumenter (HD) Prosjekter under behandling i CENELEC Sortert etter ICS-koder INFORMERER

A Numerical Evaluation on the Effects of Impermeable Faults ...A numerical evaluation on the effects of impermeable faults on degasi cation ef ciency and methane emissions during underground

of cohesive zones on small faults and implications for ... · Effects of cohesive zones on small faults and implications for secondary fracturing and fault ... mal mineralization

cenelec tr 50480

CEN/CENELEC Guide 10 Guidelines for the distribution and ... · of CEN-CENELEC publications The CEN and CENELEC General Assemblies decided to replace the CEN-CENELEC Guide 10 version

Techniques to Mitigate the Effects of Congenital Faults in Processors

Recognizing faults Practice with thrust faults and normal faults Practice with thrust faults and normal faults

~. E 7 E CENELEC

Preexisting faults and faults that should not exist: Effects of mechanical anisotropy on different scales? Jonas Kley 1 Alexander Malz 2 1 Geoscience Center

CEN and CENELEC activities - UNECE€¦ · CEN JISC CENELEC JISC CEN-CENELEC KATS (Korea) signed July 2009 CEN-CENELEC-ETSI SAC (China) signed May 2009 ANSI (USA) without having signed