FMEA

IEC 61508
Data Declaration
DOCUMENT NO. MTL08FMEA4544 Issue 1

Declaration relating to: MTL4544 and MTL5544

Manufactured and assessed by:

Measurement Technology Limited, Power Court, Luton, Bedfordshire, LU1 3JJ

This document is issued as a summary of the hardware failure data affecting the application of the
equipment as a sub-system being part of a Safety Function intended to conform with the
requirements of IEC61508 - Functional Safety of Electrical/Electronic/Programmable Electronic
Safety Systems. The hardware has been subjected to a Failure Modes and Effects Analysis (FMEA)
to determine the specific failure modes and failure rates with the relevant results presented herein.

Product Description
The MTL4544 and MTL5544 provide fully-floating dc supplies for energising two conventional 2-
or 3-wire 4/20mA transmitters located in a hazardous area and repeat the current in other floating
circuits to drive two safe area loads. For smart 2-wire transmitters the units allow bi-directional
communications signals superimposed on the 4/20mA signal current.

Product Failure Rates

The hardware assessment shows that MTL4544 and MTL5544 Repeater Power Supplies

• have a hardware fault tolerance of 0

• are classified as Type A devices

It is assumed that the module is powered from a nominal 24Vdc supply and operating with safe side
load resistances of 250 ohms on each channel.
The definitions for product failure of the MTL4544 and MTL5544 were determined as:-

Failure mode Failure rate (FIT)

Output current >21mA (upscale) 10
Output current <3.6mA (downscale) 415
Output current within range but >2% in error 42
Output current correct within ±2% 165

The failure rates apply to either channel 1 or channel 2 used in a safety function. Both channels
should not be used in the same safety function. Failures may effect both channels simultaneously.

FMEA/DD4544/08/08 Page 1 of 2
 FMEA
IEC 61508
Example of use in a safety function
In this example, the application context is assumed to be:

• the safety function is to repeat current within ±2%

• the logic solver will diagnose currents above 21mA and below 3.6mA as faults and take
appropriate action
The failure modes shown above can then be defined as
Failure mode Category
Output current >21mA (upscale) Dangerous detected, λdd
Output current <3.6mA (downscale) Dangerous detected, λdd
Output current within range but >2% in error Dangerous undetected, λdu
Output current correct within ±2% Safe undetected, λsu
The failure rates for these categories are then (FITs)
Model λsd λsu λdd λdu
MTL4544 or MTL5544 0 165 425 42

In this example, the safe failure fraction is 93.4 % and so the devices meet the hardware architecture
constraints to be used as single devices in Safety Instrumented Functions up to SIL3.

Notes
• FITs means failures per 109 hours or failures per thousand million hours.
• Reliability data for this analysis is taken from IEC TR 62380:2004 Reliability Data
Handbook.
• Failure mode distributions are taken principally from IEC 62061:2005 Safety of Machinery.
• Proof testing must be carried out according to the application requirements, but it is
recommended that this be carried out at least once every three years.
• Consideration should be made of the normal lifetime for a device of this type which would
be in the region of ten years.
• There are no internal diagnostic elements of this product.
• The transmission of HART data is not considered as part of the safety function and is
excluded from this analysis.
• For all other product parameters related to its application (voltage range, environment, etc.)
please refer to the published MTL data sheet for this product, at www.mtl-inst.com.

Signed on behalf of MTL

Analyst Chief Technical Officer
Howard Chetwin Jon Malins

Date: 28th August 2008 Date: 29th August 2008

FMEA/DD4544/08/08 Page 2 of 2