IEC IEC61131-6 Edition 1.02012-10 INTERNATIONAL STANDARD NORME INTERNATIONALE Programmablecontrollers- Part 6:Functional safety Automates programmables- Partie6:Securitefonctionnelle INTERNATIONAL ELECTROTECHNICAL COMMISSION COMMISSION ELECTROTECHNIQUE INTERNATIONALE PRICE CODE XD CODE PRIX ICS 25.040.40: 35.240.50 ISBN 978-2-83220-402-3 Warning! Make sure that you obtained this publication from an authorized distributor. Registered trademark of the mematioral Becrotechical Comrision Marque depcsee dela Commiasion Electrotechnique Intermationale
2 61131-6 IEC:2012 CONTENTS FOREWORD. .6 INTRODUCTION. .8 1 Scope. ..10 2 Normative references ..11 3 Terms and definitions . 4 Conformance to this standard. 25 5 FS-PLC safety lifecycle 25 5.1 General .25 5.2 FS-PLC functional safety SIL capability requirements. .27 5.2.1 General .27 5.2.2 Data security . ..28 5.3 Quality management system... 28 5.4 Management of FS-PLC safety lifecycle 29 5.4.1 Objectives 29 5.4.2 Requirements and procedures.... 29 5.4.3 Execution and monitoring 5.4.4 Management of functional safety .... FS-PLC design requirements specification.. 6.1 General.. ..33 6.2 Design requirements specification contents. 34 6.3 Target failure rate. 35 FS-PLC design development and validation plan 96 7.1 General. .36 7.2 Segmenting requirements. 36 8 FS-PLC architecture. .37 8.1 General. .37 8.2 Architectures and subsystems 38 8.3 Data munication. .38 6 HW design development and validation planning 8 9.1 HW general requirements . 8 9.2 HW functional safety requirements specification .. .38 9.3 HW safety validation planning 8 9.4 HW design and development .. .39 9.4.1 General. .39 9.4.2 Requirements for FS-PLC behaviour on detection of a fault. 9.4.3 HW safety integrity 40 9.4.4 Random HW failures. 48 9.4.5 HW requirements for the avoidance of systematic failures. 53 9.4.6 HW requirements for the control of systematic faults .53 9.4.7 HW classification of faults. 54 9.4.8 HW implementation .55 9.4.9 De-rating of ponents. .56 9.4.10 ASIC design and development. 56 9.4.11 Techniques and measures to prevent the introduction of faults in ASICs... 56
61131-6 IEC:2012 3 9.5 HW and embedded SW and FS-PLC integration . .56 9′6 HW operation and maintenance procedures ..57 9.6.1 Objective .57 9.6.2 2Requirements. 57 9.7 HW safety validation.... .58 9.7.1 General . .58 9.7.2 Requirements..... .58 8°6 HW verification. .59 9.8.1 Objective. .59 9.8.2 Requirements. .59 10 FS-PLC SW design and development . ...60 10.1 General. .60 10.2 Requirements. .61 10.3 Classification of engineering tools ..61 10.4 SW safety validation planning. ..62 11 FS-PLC safety validation. ..62 12 FS-PLC type tests .62 12.1 General. 62 12.2 Type test requirements. 62 12.3 Climatic test requirements. .65 12.4 Mechanical test requirements.. ...65 12.5 EMC test requirements. ..65 12.5.1 General .65 12.5.2 General EMC environment. 65 12.5.3 Specified EMC environment. ..67 13 FS-PLC verification ..69 13.1 Verification plan .69 13.2 Fault insertion test requirements .70 13.3 As qualified versus as shipped .. .71 14 Functional safety assessment. ..71 14.1 Objective.. .71 14.2 Assessment requirements .72 14.2.1 Assessment evidence and documentation ...2 14.2.2 Assessment method .72 14.3 FS-PLC assessment information. -74 14.4 Independence... .74 15 FS-PLC operation maintenance and modification procedures 75 15.1 Objective. .75 15.2 FS-PLC modification.. .75 16 Information to be provided by the FS-PLC manufacturer for the user. .76 16.1 General. ..76 16.2 Information on conformance to this standard 76 16.3 Information on type and content of documentation. .76 16.4 Information on catalogues and/or datasheets .76 16.5 Safety manual ...76 16.5.1 General .76 16.5.2 Safety manual contents .76 Annex A (informative) Reliability calculations. .79
61131-6 IEC:2012 Annex B (informative) Typical FS-PLC Architectures. ..80 Annex C (informative) Energise to trip applications of FS-PLC ..86 Annex D (informative) Available failure rate databases . ...88 Annex E (informative) Methodology for the estimation of mon cause failure rates in a multiple channel FS-PLC.. ..90 Bibliography... ..92 Figure 1 - FS-PLC in the overall E/E/PE safety-related system safety lifecycle phases. ..9 Figure 2 - Failure model ... ...16 Figure 3 - FS-PLC safety lifecycle (in realization phase) .26 Figure 4 - Relevant parts of a safety function . ..35 Figure 5 - FS-PLC to engineering tools relationship ..37 Figure 6 HW subsystem deposition.. ..43 Figure 7 Example: determination of the maximum SIL for specified architecture ... ..45 Figure 8 Example of limitation on hardware safety integrity for a multiple-channel safety function..... ..47 Figure 9 - Fault classification and FS-PLC behaviour ..54 Figure 10 - ASIC development lifecycle (V-Model). ..56 Figure 11 - Model of FS-PLC and engineering tools layers .. ..60 Figure B.1 - Single FS-PLC with single I/O and external watchdog (1oo1D) ..81 Figure B.2 - Dual PE with single I/O and external watchdogs (1oo1D). ..81 Figure B.3 Dual PE with dual I/O no inter-processor munication and 1oo2 shutdown logic.... ..82 Figure B.4 - Dual PE with dual 1/O inter-processor munication and 1oo2D shutdown logic..... ...8.3 Figure B.5 Dual PE with dual I/O no inter-processor munication external watchdogs and 2oo2 shutdown logic.... .83 Figure B.6 - Dual PE with dual 1/O inter-processor munication external watchdogs and 2oo2D shutdown logic ...84 Figure B.7 - Triple PE with triple I/O inter-processor munication and 2oo3D shutdown logic.. ...85 Table 1 Safety integrity levels for low demand mode of operation . .35 Table Safety integrity levels for highdemand or continuous mode of operation......36 Table Faults to be detected and notified (alarmed) to the application program.....40 Table 4 Hardware safety integrity - low plexity (type A) subsystem .. ..41 Table 5 - Hardware safety integrity - high plexity (type B) subsystem ... Table 6 - Faults or failures to be assumed when quantifying the effect of random hardware failures or to be taken into account in the derivation of safe failure fraction ..... ..50 Table 7 - Examples of tool classification... ..61 Table 8 - Performance criteria. ...4 Table 9 Immunity test levels for enclosure port tests in general EMC environment... ..66 Table 10 - Immunity test levels in general EMC environment.. .67 Table 11 Immunity test levels for enclosure port tests in specified EMC environment. ..68 Table 12 - Immunity test levels in specified EMC environment ..69 Table 13 - Fault tolerance test required effectiveness .71
61131-6IEC:2012 5 Table 14 - Functional safety assessment Information ..74 Table 15 Minimum levels of independence of those carrying out functional safety assessment . .75 Table E.1 - Criteria for estimation of mon cause failure. 06 Table E.2 - Estimation of mon cause failure factor .91
IEC 61131-6 可编程控制器 第6部分 功能安全 英文版.pdf
