Liquiphant S FDL 60, FDL 61 + Nivotester FTL 670 (SD) - E
Safety Manual SD 175F/00/en/11.03 52021926 Level limit measuring system liquiphant S FDL 60, FDL 61 + nivotester FTL 670 Functional safety manual FTL 670 s Application Overfill protection or operating maximum detection of all types of liquids in tanks to satisfy particular safety systems requirements to IEC 61508. The measuring device fulfils the requirements concerning • Safety functions up to SIL 3 • Explosion protection through intrinsic safety • EMC to EN 61326 and NAMUR Recommendation NE 21. Your benefits • For overfill protection up to SIL 3 – Independently assessed (Functional Assessment) by TÜV SÜDDEUTSCHLAND to IEC 61508 • Suitable for pressure vessels with liquefied gases according to VdTÜV, Merkblatt 100 – For tank categories B and C – No annual recurrent test required • Permanent self-monitoring • Fault message for line break and shortcircuit • Functional test of follow-up devices with press of button or remote operation • Monitoring for corrosion on the tuning fork of the sensor • No calibration • Insensitive to external vibration • Easy commissioning Liquiphant S FDL 60/61 + Nivotester FTL 670 (FailSafe) Table of contents SIL declaration of conformity. . . . . . . . . . . . . . . . . . 3 Validity of the Safety Manual . . . . . . . . . . . . . . . . . . 4 Valid device versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Abbreviations, standards and terms . . . . . . . . . . . . . . . . . . 5 Determining the Safety Integrity Level (SIL) . . . . . . . . . . . . 5 Safety function with Liquiphant S FDL 60/61 and Nivotester FTL 670 . . . . . . . . . . . . . . . . . . . . . . 7 Structure of the level limit measuring system . . . . . . . . . . . 7 Permitted combinations for the safety function . . . . . . . . . . 8 Supplementary device documentation . . . . . . . . . . . . . . . . 8 Settings and installation instructions . . . . . . . . . . . 9 Installation instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Recurrent test for SIL 3 to IEC 61508 . . . . . . . . . . . 9 ..............................................9 Response in operation and failure . . . . . . . . . . . . . 9 ..............................................9 Technical safety characteristic quantities . . . . . . 10 Specific technical safety characteristic quantities and wiring options for the Liquiphant S FDL 60/61 + Nivotester FTL 670 measuring system . . . . . . . . . . . . . 10 TÜV SÜDDEUTSCHLAND . . . . . . . . . . . . . . . . . . . . 11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 2 Endress + Hauser Liquiphant S FDL 60/61 + Nivotester FTL 670 (FailSafe) SIL declaration of conformity L0 0-FDL6 xxxx-01- 06- xx-a2- 000 Endress + Hauser 3 Liquiphant S FDL 60/61 + Nivotester FTL 670 (FailSafe) Validity of the Safety Manual Valid device versions The evaluation described in this Safety Manual regarding functional safety is valid for the device versions and software versions specified below. Unless otherwise stated, all of the following versions can also be used for safety functions because they are subject to the internal modification process, within which the effects of modifications regarding functional safety are also evaluated. The valid device versions are: • Liquiphant S FDL60 - # ### # 7 # • Liquiphant S FDL61 - # ### # # 7 # in conjunction with Nivotester FTL 670. 4 Endress + Hauser Liquiphant S FDL 60/61 + Nivotester FTL 670 (FailSafe) Introduction Abbreviations, standards and terms Abbreviations Information on abbreviations in connection with functional safety and their explanations can be found in the E+H brochure "Functional safety in the Process Industry - reducing risks with SIL" (SI 002Z) under www.endress.com/sil. Relevant standards Standard English IEC 61508, Part 1 - 7 Functional safety of electrical/electronic/programmable electronic safety-related systems (Target group: Manufacturers and Suppliers of Devices) IEC 61511, Part 1 - 3 Functional safety - Safety Instrumented Systems for the process industry sector (Target group: Safety Instrumented Systems Designers, Integrators and Users) Terms Term Determining the Safety Integrity Level (SIL) Explanation Dangerous failure Failure with the potential to put the safety-related system in a dangerous or non-functional condition. Safety-related system A safety-related system performs the safety functions that are required to achieve or maintain a safe condition e.g. in a plant. Example: sensor with switching amplifier (e.g. level switch), logic unit (e.g. PLC) and actuator (e.g. valve) form a safety-related system. Safety function Defined function, which is performed by a safety-related system with the aim of achieving or maintaining a safe condition for the plant, considering a specified dangerous incident. Example: limit level monitoring The achievable Safety Integrity Level is determined by the following technical safety characteristic quantities: • Average probability of Failure on Demand (PFDav ) • Hardware Fault Tolerance (HFT) and • Safe Failure Fraction (SFF). The specific technical safety characteristic quantities for the Liquiphant S FDL 60/61 + Nivotester FTL 670 measuring system are listed in the "Technical safety characteristic quantities" chapter. The following table displays the dependence of the "Safety Integrity Level" (SIL) on the "Average probability of Failure on Demand" (PFDav). Here, the "Low demand mode" has been observed, i.e. the requirement rate for the safety-related system is on average once a year. Safety Integrity Level (SIL) 4 Endress + Hauser PFD av (Low demand mode) ≥ 10-5...< 10-4 3 33 ≥ ≥10 -4...< 10 - 33 ≥≥ 2 ≥ 10-3 ...< 10-2 1 ≥ 10-2 ...< 10-1 5 Liquiphant S FDL 60/61 + Nivotester FTL 670 (FailSafe) Sensor, logic unit and actuator together form a safety-related system, which performs a safety function. The "Average probability of Failure on Demand" (PFDav) is usually divided up into the sensor, logic unit and actuator sub-systems as per Figure 1. Logic Unit (e.g. PLC) Sensor (e.g. Level Limit Measuring System) PFDav ≤ 35 % Actuator (e.g. Valve) ≤ 15 % ≤ 50 % = 100 % L00 -FTL xxxxx-05- 06- xx-en- 000 Fig. 1: usual division of the "Average probability of Failure on Demand" (PFDav ) into the sub-systems ! Note! This documentation considers Liquiphant S FDL 60/61 + Nivotester FTL 670 as components of a safety function. The following table displays the achievable "Safety Integrity Level" (SIL) of the entire safety-related system for type B systems depending on the "Safe Failure Fraction" (SFF) and the "Hardware Fault Tolerance" (HFT). Type B systems are, for example, sensors with complex components such as microprocessors (→see also IEC 61508, Part 2). Safe Failure Fraction (SFF) < 60 % Hardware Fault Tolerance (HFT) 0 1 2 not permitted SIL 1 SIL 2 60 ...< 90% SIL 1 SIL 2 SIL 3 90 ...< 99% SIL 2 SIL 3 - ≥ 99 % SIL 3 - - For Liquiphant S FDL 60/61 + Nivotester FTL 670, the HFT-value 1 applies. The Safe Failure Fraction (SFF) is in the range of 90...< 99 %. 6 Endress + Hauser Liquiphant S FDL 60/61 + Nivotester FTL 670 (FailSafe) Safety function with Liquiphant S FDL 60/61 and Nivotester FTL 670 Structure of the level limit measuring system The measuring system's devices are displayed in the following diagram. Cover FEL 67 Electronic insert FTL 670 Liquiphant S (FailSafe) s Nivotester FTL 670 L 00-F DL xxxxx-16- 06- xx-en- 000 Liquiphant S FDL 60/61 with FEL 67 and Nivotester FTL 670 Safety function The measuring line only works in the overfill protection safety function (MAX safety) using the level relay. The level relay always works in quiescent current safety; i.e. the relay contact opens when: • The switch point is exceeded (level exceeds response height) • A fault occurs • The mains voltage fails In addition to the level relay, the fault-signalling contact (alarm relay) works in quiescent current safety and opens when: • One of the following faults occurs: – Fault in the sensor FDL 60, FDL 61 (e.g. corrosion, electronics error) – Fault in data transfer – Fault in FTL 670 limit switch • The mains voltage fails ! Endress + Hauser Note! When the alarm relay opens, the level relay also opens. 7 Liquiphant S FDL 60/61 + Nivotester FTL 670 (FailSafe) Permitted combinations for the safety function The following combinations are permitted for the measuring system: Nivotester Liquiphant S FDL 60/61 + FEL 67 FTL 670 Order number: 016501-0040 FDL 60-# ### # 7 #* FDL 61-# ### # # 7 #* Permitted instrument types (# = all instrument versions permitted); * 7 = FEL 67 Safety function data The safety function is guaranteed by the: • Redundant design of all the important electronic components in the Liquiphant S sensor with FEL 67 • Redundant design of all the important electronic components in the Nivotester switching unit • Interference-free PFM- signal transmission The measuring system reacts as follows: – Approx. 0.5 s when the tuning fork is covered – Approx. 1.0 s when the tuning fork is exposed – When an error occurs: max. 3.0 s safety time ! Supplementary device documentation Note! MTTR (Mean Time To Repair) is set at 8 hours. Safety systems without a self-locking function must be monitored or set to an otherwise safe state after carrying out the safety function within MTTR. Depending on the version, the following documentation must be available for the measuring system: Devices " 8 Technical Information Operating Instructions, Compact Instructions (TI + BA + KA) Explosion protection / certificate Other documentation (XA, ZE or ZD) Liquiphant S TI 223F, BA 140F; FDL 60/61 + KA 031F Nivotester FTL 670 Functional safety AK5 TÜV (Product Service) Liquiphant S FDL 60, FDL 61 TI 223F, BA 140F; Overfill protection for liquefied gas Safety Instructions ZE 126F Liquiphant S FDL 60, FDL 61 TI 223F, BA 140F; ATEX II 1/2 G EEx ia IIC T6 Safety Instructions XA 027F Nivotester FTL 670 TI 223F, BA 140F; KA 031F ATEX II (1) G EEx [ia IIC] Safety Instructions XA 069F None Liquiphant S TI 223F, BA 140F; FDL 60/61 + KA 031F Nivotester FTL 670 Standard None Caution! The installation and setting instructions, and the technical limit values must be observed in accordance with the Operating Instructions (BA 140F). For devices used in explosion-hazardous areas, the additional documentation (XA, ZE) in accordance with the table must also be observed. Endress + Hauser Liquiphant S FDL 60/61 + Nivotester FTL 670 (FailSafe) Settings and installation instructions Installation instructions Since the application conditions have an effect on the safety of the measurement, please refer to the applicable device documentation for information regarding the correct installation of the Liquiphant S FDL 60/61 + Nivotester FTL 670. The following settings are permitted for the safety function: Instrument Setting Liquiphant S FDL 60/61 with FEL 67 No settings possible. --- Nivotester FTL 670 Setting for product density: ρ > 0.50* (without jumper) ρ > 0.70 (with jumper) As-deliver ed state ρ > 0.50* (without jumper) *also suitable for liquefied gas ρ > 0.44 . " " Caution! Observe the following for the Nivotester FTL 670: The operator must use suitable measures (e.g. current limiter, fuse) to ensure the relay contact characteristics are not exceeded: • U ≤ 230 V AC 50/60 Hz , I ≤ 2.5 A, P ≤ 600 VA at cos ϕ = 1.0 or P ≤ 300 VA at cos ϕ ≥ 0.7 or • U ≤ 120 V DC, I ≤ 2.5 A, P ≤ 75 W Caution! Changes to the measuring system and settings after start-up can impair the protection function! Recurrent test for SIL 3 to IEC 61508 The operativeness of the measuring system must be checked every five years if the PFD av values given in the Appendix are used. This is required to avoid a small remaining risk which can never be ruled out for any safety-related function. Response in operation and failure ! Endress + Hauser Note! The behaviour in operation and failure is described in the Operating Instructions BA 140F. 9 Liquiphant S FDL 60/61 + Nivotester FTL 670 (FailSafe) Technical safety characteristic quantities Specific technical safety characteristic quantities and wiring options for the Liquiphant S FDL 60/61 + Nivotester FTL 670 measuring system The tables show the specific values and wiring options for the measuring system. Note! Note the following points on the tables below: • The wiring scheme shows the number of instruments (Liquiphant and Nivotester) and the limit relay contact circuits (open, when the sensor signals covering). 1oo1 architecture (1 out of 1) Liquiphant S FDL 60/61 Settings None Nivotester FTL 670 Settings Density 0.44 / 0.7 SIL SIL 3 HFT 1 SFF > 90 % PFD av ** 2.4 x 10-4 Recurrent test e.g. approaching level ** TI (test interval) = every five years The PFD av of 2.4x10 -4 applies provided that the measuring line is tested every five years by approaching the liquid level. 10 Endress + Hauser Liquiphant S FDL 60/61 + Nivotester FTL 670 (FailSafe) TÜV SÜDDEUTSCHLAND L00- FDL6xxxx-0 1-06 -xx-xx- 002 L00- FDL6xxxx-0 1-06 -xx-xx- 001 Endress + Hauser 11 Liquiphant S FDL 60/61 + Nivotester FTL 670 (FailSafe) Deutschland Vertrieb: • Beratung • Information • Auftrag • Bestellung Service: • Help-Desk • Feldservice • Ersatzteile/Reparatur • Kalibrierung Endress+Hauser Messtechnik GmbH+Co. KG Colmarer Straße 6 D-79576 Weil am Rhein Telefon: 0 800 EHVERTRIEB 0 800 3 48 37 87 E-Mail: [email protected] Telefon: 0 800 EHSERVICE 0 800 3 47 37 84 E-Mail: [email protected] Telefax: 0 800 EHFAXEN 0 800 3 43 29 36 Österreich Schweiz Endress+Hauser Messtechnik Ges.m.b.H. Lehnergasse 4 Endress+Hauser Metso AG Sternenhofstraße 21 A-1230 Wien Tel. (01) 8 80 56-0 Fax (01) 8 80 56-335 E-Mail: [email protected] CH-4153 Reinach/BL1 Tel. (0 61) 7 15 75 75 Fax (0 61) 7 11 16 50 E-Mail: [email protected] Internet: www.at.endress.com Internet: www.ch.endress.com Internet: www.de.endress.com Technische Büros in: Hamburg . Hannover . Ratingen . Frankfurt . Stuttgart . München . Teltow 08.02 SD 175F/00/en/11.03 52021926 FM+SGML 6.0 ProMoDo 52021926
© Copyright 2024