SIS应用及相关标准.ppt

SISApplicationFundamentalSafetyAspectsToBeConsideredforMeasurementandControlEquipmentDINVVDE0801,PrinciplesforComputersinSafetyRelatedSystems,TheInternationalSafetyStandards国际安全标准,FireandGasSystemsNFPA72NationalFireAlarmCodeEN54-2FireDetectionandFireAlarmSystems-Part2:ControlandIndicatingEquipment“BurnerManagementSystemsNFPA8501/97StandardforSingleBurnerBoilerOperationNFPA8502/99StandardforthePreventionofFurnaceExplosions/ImplosionsinMultipleBurnerBoilersDINVDE0116ElectricEquipmentofFurnaces,TheInternationalSafetyStandards国际安全标准,TheInternationalSafetyStandards国际安全标准,TV(1984)DINV19250/VDEV0801(Germany)Riskclassification1989风险等级1989Safetysystemrequirements安全系统要求Variousnationalstandards各种国家标准ANSI/ISAS84.01(USA)1996Safetyprocedures安全步骤SafetyLifeCycle安全生命周期SafetyIntegrityLevels安全整体要求等级NFPA/UL1998,IEC61508IEC61511OverallSafetyLifeCycle安全生命Safetyplan/安全计划/管理managementSafetyIntegrityLevels安全整体要求等级Safetysystemdiagnosticrequirements安全系统诊断要求Safetysystemarchitecturesandreliabilityfigures安全系统和可靠性数据,TheInternationalSafetyStandards国际安全标准,Specificationfailures设计技术规范不足,Design&ImplementationFailures设计和执行出错,Installation&CommissioningFailures安装调试出错,Operation&Maintenancefailures操作维护出错,RandomHardwarefailures硬/软件故障,Modificationfailures开车之后,在线修改出错,IEC61508FunctionalSafety:Safety-RelatedSystemsIEC61508功能性安全:安全有关系统,Part1:Generalrequirements一般要求IS通过表决Part2:Requirementsforelectrical/electronic/programmableelectronicsystemsIS通过表决电子/电气/电子可编控制器Part3:Softwarerequirements软件要求IS通过表决Part4:Definitionsandabbreviations名称定义和缩写IS通过表决Part5:ExamplesofmethodsforthedeterminationofIS通过表决safetyintegritylevels列举如果制定安全等级方法Part6:Guidelinesontheapplicationofparts2,3IS通过表决对第二,三部分应用的说明Part7:OverviewoftechniquesandmeasuresIS通过表决全面的技术和控制要求PublicationofALLpartsinJune2000,SafetyIntegrityLevel安全级别,NZRCpipelinesafetysolutions安全级别参考设定,RiskGraphaccordingto:DINV19250&IEC-1508风险图根据DINV19250&IEC-1508,CrossReferenceBetweenSISClass&StandardsSIS等级和其他标准之间的对比参考,LifecycleoftheSafetySystem安全系统的生命周期,BoldareasareANSI/S84.01concernsS84coversallaspectsoftheSISdesign:-R&D-PHA-Design-Installation-OperationandMaintenance-Decommissioning,ImpactofVotingSchemesonSafety&Availability表决结构在安全性和可用性上的冲突,IntegrityLevelVsAvailability安全等级和可用性要求,DefinitionsofSafetyLayers安全层的定义,SIL,SafetyIntegrityLevels-ChemicalIndustryAssessment石化行业安全等级的评估,“4”-CatastrophicCommunityImpact.灾难性的社会影响“3”-EmployeeandCommunityProtection.人员和社会的保护“2”-MajorPropertyandProductionProtection.Possibleinjurytoemployee.主要财产和生产的保护，对人员存在可能的伤害。“1”-MinorPropertyandProductionProtection.次要财产和生产的保护,TUV,TUVstandsforaratherlongGermanname,TecnischerUberwachungs-VereinRheinlande.V.TUV标准有一个很长的名字TecnischerUberwachungs-VereinRheinlande.V.Itistheonlyindependentthirdpartyagencyintheworldthatcertifiessafetyinstrumentedsystems(SIS).这是一个独立的第三方的机构，为安全仪表系统（SIS）进行认证。TUVRheinlandisapprovedandauthorizedbylawasatechnicalinspectorateTUV是经过法律批准的技术检查机构。Iftheproductistestedandmeetsthestricttechnicalandperformancerequirements,itisapprovedandcertifiedforClasses(AK)1-8.如果产品经过测试，满足严格的技术和性能要求，它就获得AK1-8级认证。,TUV,TUVhascertifiedmanydifferentvotingarchitecturesinlogicsolverse.g.1oo2,1oo2D,1oo3,2oo3and2oo3D.在逻辑表决方面，TUV认证了很多不同的表决结构，例如：1oo2,1oo2D,1oo3,2oo3and2oo3DTUVwillcertifyandapprovethelogicsolverfortheappropriateClassofsafetyservice1-7.TUV认证和批准逻辑表决器为适当的安全等级1-7级。,ThesafetysystemuserequestofTUVStandardaskedTUV标准对安全系统的使用要求,TUVCertifiedReport:www.tuv-TUV认证报告SystemSafetyUseManually系统安全使用手册SamekeyrequestforsafetysystemTUV对安全系统使用的一些关键要求：Securityofthesafetysystem安全系统的安全性Availabilityofthesafetysystem安全系统的可使用率Executetimeofthesafetysystem安全系统执行时间TherestrictforSelf-diagnosebestrowrateandSelf-diagnosetimeofthesafetysystem安全系统的自诊断覆盖率及自诊断时间性限制Degraderunandtimerestrictofthesafetysystem安全系统的降级运行及时间的限制,RestrictrequestofTUVTUV的限制性要求,AllproductscertifiedbyTUV,mustmeetgeneralandespecialrestrictrequestwhenitrunning.所有经过TUV认证的产品，都有在运行时其应满足的“一般和特殊的限制”要求。ThecommonrestrictofTUVrequestsclearly:AllClass5andClass6Safetysystemcantruninsinglemode.TUV的“一般限制”非常明确的要求：所有Class5andClass6级的安全系统不能以单通道的模式工作,RedundancySafetySystem冗余的安全系统,Advancethesecurityandusabilityofthesafetysystem提高安全系统的可靠性、可用性Achievetherestrictrequestthatthesafetystandardrequestedtosafetysystem达到安全标准对安全控制系统的限制性要求,MarkovModelingMethodology,MTTF:MeanTimeToFailure平均无故障时间MTTR:MeanTimeToRepair平均修复时间MTBF:MeanTimeBetweenFailure平均故障间隔时间MTBF=MTTF+MTTRFailureRate:=1/MTTF故障率Availability=MTBF/(MTBF+MTTR)可用性#MIL-HDBK-217E:PartsCountReliabilityPredictionEXAMPLE:OneModulecontainingtwoboards,Eachhaving20ofthesame2Kby8staticRAMs.=0.1420RAMX0.14=2.8FailuresPerMillionHours2.8+2.8=5.6FailuresPerMillionHoursMTTF=1000000/5.6Hours=178571HoursMTTF=20Years,MarkovModelingMethodology,SINGLESYSTEMA:AvailabilityistheprobabilitythatasystemisoperationalatanyinstantoftimeA=MTTF/MTBFR:Reliabilityisdefinedastheprobabilityofasystemperformingaspecificfunctionwithoutfailure.R=Exp(-t)Reliabilityistheprobabilitythatasystemwillworkproperlyforthetimeperiodrequiredbytheprocessbeingcontrolled.REDUNDANTSYSTEMA:R:C:DiagnosticCoveragerepresentsthepercentageofallfaultsasystemcansuccessfullydetectandrecoverfrom.Redundantsystem90%-95%TMRsystem99%,MarkovModelingMethodology,MarkovModelingMethodology,MarkovModelingMethodology,FAILSAFETYSYSTEMInasystemanalysis,Controllerfailurescanbeclassifiedassafefailuresordangerousfail