•
Only the current output 4..20mA is used for safety applications.
•
The application program in the safety logic solver is constructed in such a way that fail low
and fail high failures are detected regardless of the effect, safe or dangerous, on the safety
3
function
.
4.2.4 Example explaining the behavior of the safety logic solver
For IM33-**(Ex)-Hi/24VDC, the following scenarios are possible:
•
Low Trip: the safety function will go to the predefined fail-safe state when the process
value is below a predefined low set value. A current < 3.6mA (Fail Low) is below the
specified trip-point.
•
High Trip: the safety function will go to the predefined fail-safe state when the process
value exceeds a predefined high set value. A current > 21mA (Fail High) is above the
specified trip-point.
The Fail Low and Fail High failures can either be detected or undetected by a connected logic
solver. The SPLC Detection Behavior in Table 6 represents the under-range and over-range
detection capability of the connected safety logic solver.
Table 6 Application example
Application
Low trip
Low trip
Low trip
High trip
High trip
High trip
In this analysis it is assumed that the safety logic solver is able to detect under-range and over-
range currents, therefore the yellow highlighted behavior is assumed.
3
For further explanations see section 4.2.4 of this report.
4
The exact "low alarm" current is specified in section 4.1.
5
The exact "high alarm" current is specified in section 4.1.
exida.com
©
GmbH
Stephan Aschenbrenner
more@turck.com • www.turck.com • 2015/04
Anhang – EXIDA-Report FMEDA Turck 04/07-14 R001
SPLC Detection Behavior
4
< 4mA
5
> 20mA
< 4mA and > 20mA
< 4mA
> 20mA
< 4mA and > 20mA
λ λ λ λ
low
= λ
sd
= λ
su
= λ
sd
= λ
dd
= λ
du
= λ
dd
TURCK 04-07-14 R001 V2R0.doc; February 8, 2013
λ λ λ λ
high
= λ
du
= λ
dd
= λ
dd
= λ
su
= λ
sd
= λ
sd
Page 13 of 25
27