Sunday, September 11, 2011

CENELEC Standard: Faults and Effects


From the Desk of
Sandeep Patalay

CENELEC Standard: Faults and Effects


Effects of single faults
It is necessary to ensure that the system/sub-system/equipment meets its THR in the event of single random fault. It is necessary to ensure that SIL 3 and SIL 4 systems remain safe in the event of any kind of single random hardware fault which is recognized as possible. Faults whose effects have been demonstrated to be negligible may be ignored. This principle, which is known as fail-safety, can be achieved in several different ways:

1) Composite fail-safety
With this technique, each safety-related function is performed by at least two items. Each of these items shall be independent from all others, to avoid common-cause failures. Non-restrictive activities are allowed to progress only if the necessary number of items agree. A hazardous fault in one item shall be detected and negated in sufficient time to avoid a co-incident fault in a second item.

2) Reactive fail-safety
This technique allows a safety-related function to be performed by a single item, provided its safe operation is assured by rapid detection and negation of any hazardous fault (for example, by encoding, by multiple computation and comparison, or by continual testing). Although only one item performs the actual safety-related function, the checking/testing/detection function shall be regarded as a second item, which shall be independent to avoid common-cause failures.

3) Inherent fail-safety
This technique allows a safety-related function to be performed by a single item, provided all the credible failure modes of the item are non-hazardous. Any failure mode which is claimed to be incredible (for example, because of inherent physical properties) shall be justified using the procedure defined in Annex C. Inherent fail-safety may also be used for certain functions within Composite and Reactive fail-safe systems, for example to ensure independence between items, or to enforce shut-down if a hazardous fault is detected.

Whichever technique or combination of techniques is used, assurance that no single random hardware component failure mode is hazardous shall be demonstrated using appropriate structured analysis methods. The component failure modes to be considered in the analysis shall be identified using the procedures defined in Annex C.

In systems containing more than one item whose simultaneous malfunction could be hazardous, independence between items is a mandatory precondition for safety concerning single faults. Appropriate rules or guidelines shall be fulfilled to ensure this independence. The measures taken shall be effective for the whole life-cycle of the system. In addition, the system/sub-system design shall be arranged to minimize potentially hazardous consequences of loss-of-independence caused by, for example, a
Systematic design fault, if it could exist.


 Detection of single faults
A first fault (single fault) which could be hazardous, either alone or if combined with a second fault, shall be detected and a safe state enforced (i.e.: negated) in a time sufficiently short to fulfill the specified quantified safety target. Demonstration of this shall be achieved by a combination of Failure Modes and Effects Analysis (FMEA) and quantified assessment of Random Failure Integrity.

In the case of Composite fail-safety, this requirement means that a first fault shall be detected, and a safe state enforced, in a time sufficiently short to ensure that the risk of a second fault occurring during the detection-plus-negation time is smaller than the specified probabilistic target. In the case of Reactive fail-safety, this requirement means that the maximum total time taken for detection-plus-negation shall not exceed the specified limit for the duration of a transient, potentially hazardous, condition.

Effects of multiple faults
A multiple fault (for example, a double or triple fault) which could be hazardous, either directly or if combined with a further fault, shall be detected and a safe state enforced (i.e.: negated) in a time sufficiently short to fulfill the specified safety target. A suitable method, for example Fault Tree Analysis (FTA), shall be used to demonstrate the effects of multiple faults. The techniques used to achieve detection-plus-negation of multiple faults within the permitted time shall be shown, including supporting calculations.

3 comments:

  1. Metronet Credit Solution is the best in terms of credit repair. I had many negative items on my credit report that were holding me back. I had late payments, inquiries collections, charge-offs and card debts which I had totally paid off and I am not sure of the others but they were all 3 years old. I filed bankruptcy a year ago and settled all of these. I was so surprised when I found out they were still on my reports. I recently got referred by my sister to hire Metronet via (METRONETCREDITSOLUTION at GMAIL dot COM) which I did and he helped me fix my credit report. I’m recommending him for anyone in need of credit repair. He is just the best.

    ReplyDelete
  2. I had built my credit score painstakingly over the past 3years with intention of getting a home loan by January 2023. My credit went down drastically when I went through a repossession which dropped my credit by almost 97pts; different negative items began to creep in. With my dream shattered I sought for help everywhere, and came across METRONET CREDIT SOLUTION. I contacted them after a careful review about their jobs. They helped boost my credit score across board to an excellent credit fix. I have been pre-approved for a home loan. You can reach them via customer service on WHATSAPP: +16265140620 or EMAIL: METRONETCREDITSOLUTION at GMAIL dot COM.

    ReplyDelete
  3. Are you in great need of credit rebuild? In order to get better rates/ low interest loans. I strongly recommend JERRYLINK CREDIT GROUP. They are top notch in terms of credit fix. They helped me delete negative items on my report, and my score rose to excellent. They can be reached via mail: jerrylinkgroup@gmail.com

    ReplyDelete