Logic Solver for Tank Overfill Protection

3. Probability of Failure on Demand The equations to use for 1oo2 (sensors and logic) and 1oo1 (final element) architectures are shown in the Appendix. For this example we will assume the following values: Proof Test Interval, T1 = 8,760 hrs (= 1 yr) Mean time to repair, MTTR = 8 hrs Common cause factor for undetected failures, = 10% This must be confirmed by the operator and the PFD calculation re-performed if different from this assumption. A user parameter - as comment above. Typically this is in the range 3-10%. The strategies and justification are outside the scope of this paper (refer to IEC 61508 Part 2, clause 7.4.3.4 and 7.4.5.2d and Part 6 Annex D) hence a worst case of 10% is assumed for each instance in this example. As comment above (a worst case figure is used).

Common cause factor for detected failures, D = 10%

As before, we need to calculate the PFDAVG for each subsystem by referring to the failure data given in Table 1 (above), the assumptions listed above for T1, MTTR, , D and the appropriate equation in the Appendix for the voting arrangement used. Sensor Subsystem (Level Sensor, 1oo2) EQUATION D DU D DU D T1 2 T1 3
=

CALCULATION = DD D DD D 1.4E-07 + 2.5E-08 =

RESULT 1.65E-07

DD

DU

tCE =

+ MTTR +

MTTR

= (1.4E-08/1.65E-07)(8760/2+8)+(2.5E-07/1.65E-07)8

674

tGE =

+ MTTR +

MTTR

= (2.5E-08/1.65E-07)(8760/3+8)+(1.4E-07/1.65E-07)8

452

PFDAVG = 6((1-D) DD+ (1-)DU)2tCEtGE = + D DDMTTR+ DU (T1/2+MTTR)

2((0.9x1.4E-07)+(0.9x2.5E-08)2 674x452 + (0.1x1.4E-07x8) + (0.1x2.5E-08)((8760/2)+8)

1.11E-05

Moore Industries-International, Inc.

-7-

www.miinet.com