SIL Safety Manual

Manual SCS 24VDC P1SIL3DS

Contact Address

Weidmüller Interface GmbH & Co. KG

Klingenbergstraße 26
32758 Detmold
Germany
Phone +49 (0) 5231 14-0
Fax +49 (0) 5231 14-292083
[Link]

1373930000/03/04-2023 3
Content

Content

Contact Address ............................................................................................................................................... 3

Content ............................................................................................................................... 4

1. Scope and standards ............................................................................................ 5

1.1 Scope .................................................................................................................................................. 5
1.2 Abbreviations .................................................................................................................................... 5

2. Device description and application ..................................................................... 7

2.1 General ............................................................................................................................................... 7
2.2 Design and function .......................................................................................................................... 7
2.3 Block diagram .................................................................................................................................... 8

3. Notes on configuring ............................................................................................ 9

3.1 Low demand mode of operation ...................................................................................................... 9
3.2 High demand mode of operation ..................................................................................................... 9
3.3 Types of malfunctions ...................................................................................................................... 9
3.4 Test intervals ..................................................................................................................................... 9

4. Mounting and installation ................................................................................... 10

5. Periodic inspections ........................................................................................... 11

5.1 Functional check ............................................................................................................................. 12

6. Technical safety values ...................................................................................... 13

6.1 Assumptions .................................................................................................................................... 13
6.2 Safety data ....................................................................................................................................... 14

4 1373930000/03/04-2023
 Scope and standards

1. Scope and standards

1.1 Scope 1.2 Abbreviations

This safety manual applies to SIL3 relays from Safety Integrity Level (SIL):
Weidmüller's SAFESERIES for the following items Four discrete levels (SIL1 to SIL4). The higher the
produced after 03/2012: SIL of a safety-related system, the lower the
SCS 24VDC P1SIL3DS 1303890000 probability that it will not perform the required
SCS 24VDC P1SIL3DS M 1303760000 safety functions.
SCS 24VDC P1SIL3DS MG3 1304040000
SIL3 relays in the SCS 24VDC P1SIL3DS series Average Probability of Failure on Demand
from (PFDavg):
Weidmüller Interface GmbH & Co KG Average probability of failure of a safety function
Klingenbergstrasse 26 working in low demand mode of operation.
32758 Detmold
Germany Probability of Failure per Hour (PFH):
have been certified by Average probability of failure of a safety function
Certification Body TÜV NORD CERT GmbH working in high demand or continuous mode of
Am TÜV 1 operation.
45307 Essen
Germany Safe Failure Fraction (SFF):
according to EN 61508 SIL3. They are certified as Percentage part of safe failures and dangerous
“Safety Approved” for use in “low demand mode” detected failures of a safety function or a sub-
and “high demand mode” systems. system related to all failures.

Hardware Fault Tolerance (HFT):

HFT = n means, that n+1 faults could cause a loss
of the safety function.

Low demand mode of operation:

Frequency of demands on a safety-related system
no greater than one per year and no greater than
twice the proof-test frequency.

High demand or continuous mode of

operation:
Frequency of demands on a safety-related system
greater than one per year or greater than twice
the proof-test frequency.
Certificate Registration No:
44 207 12 405992
Device type A (simple subsystem):
The failure modes of all constituent components
are well defined and the behaviour under fault
conditions can be completely determined.

1373930000/03/04-2023 5
Scope and standards

FMEDA (Failure Mode, Effects and Diagnostic MTTF (Mean Time To Failure):
Analysis): Mean time between two failures. MTTF is a basic
Systematic way to identify and evaluate the measure of reliability for non-repairable systems.
effects of different component failure modes, to
determine what could eliminate or reduce the
chance of failure, and to document a system in Proof-test interval (Tproof):
consideration. Interval between periodic tests performed to
detect failures in a safety-related system.

Failure rates (λ):

λSD, Total failure rate for safe detected failures
λSU, Total failure rate for safe undetected failures
λDD, Total failure rate for dangerous detected
failures
λDU, Total failure rate for dangerous undetected
failures

6 1373930000/03/04-2023
 Device description and application

2. Device description and application

2.1 General 2.2 Design and function

Our SAFESERIES line of safety relays are used Three relays are connected in parallel in the input
for safety-related shutdowns (DTS = de-energized circuit (A1/A2). The relay’s output contacts
to safe) of facilities in the process industry. (terminals 13 and 15) are wired in series. Thus,
All products in this series comply with the require- safety-related shutdowns are ensured even where
ments found in EN 61508, SIL 3 for “low demand there is a welding contact. The output is protected
mode” and “high demand mode”. The “M” and with a 5 A fuse against overloads and short
“M G3” types also feature a monitoring circuit for circuits. The output contacts (terminals 14 and 15)
receiving signals from the field. The “M G3” types are used when using external fuse protection or
also feature a special coating over the electronics when checking the fuse. It is also possible to
that protects them from harsh industrial check the switching status of a relay in the safety
conditions, as described in the standard circuit by using the output (NC) contact at
ISA S71.04-1985, Class G3. terminal T.
The relay coils are energised when the nominal
voltage of 24 V DC is applied between the input
terminals A1 and A2.
The switch function is signalled with the “RELAY
OUTPUT” LED display.

1373930000/03/04-2023 7
Device description and application

2.3 Block diagram

8 1373930000/03/04-2023
 Notes on configuring

3. Notes on configuring

3.1 Low demand mode of 3.3 Types of malfunctions

operation A safe failure is not able to render a technical safety
The SIL3 relays from the SAFESERIES are used in system dangerous or non-functional. The SIL3 relay
low demand mode, when their demand frequency is passes to a predefined safe state.
no more than five times per year and no more than A dangerous, undetected failure has the potential to
double the repeated testing frequency (refer to render a technical safety system dangerous or non-
DIN EN 61508-4, 3.5.12). functional. The SIL3 relay does not pass to a
The corresponding parameter is the value predefined safe state.
PFDavg = 3.07 ⋅ 10-6, which is valid for a testing
interval Tproof of 12 years.

3.4 Test intervals

The test interval is the time between complete
repeated tests.
3.2 High demand mode of Incidental hardware errors can be detected within
operation this time period (Tproof = 12 years).

If the “low demand mode of operation” usage cannot

be applied, then the SIL3 relay should be used as a
safety-critical sub-system operating at high demand
mode or continuous mode (DIN EN 61508-4,
3.5.12). The following values are valid for the
frequency of demand and the corresponding PFH
value:
Once per month PFH = 6,83 ⋅ 10-11 h-1
Once per week PFH = 1,83 ⋅ 10-10 h-1
Once per day PFH = 1,08 ⋅ 10-9 h-1

1373930000/03/04-2023 9
Mounting and installation

4. Mounting and installation

The operating instructions for the SIL3 relay with the The output circuit is protected with a miniature
order number device fuse (GS fuse).
IS SCS 24VDC P1SIL3DS 1345290000 The fuse is accessible on the front side of the
must be made available. housing. It can be swapped out without opening the
housing.
If there is a short circuit, you must make sure that
The instructions, constraints and limitations the cause of the short circuit has been fixed. A
contained in these instructions must be taken into functional test should be carried out after the fuse
consideration when installing and operating the SIL3 has been replaced.
relay.
The SIL3 relay should be checked to see if it is
functioning properly before it is first used and after
any wiring change is make. Refer to section 5.1
“Functional check” for more details.

10 1373930000/03/04-2023
 Periodic inspections

5. Periodic inspections

Periodic functional inspections are used to discover The inspections should be carried out so that the
non-visible and dangerous faults which cannot be flawless operation of the safety functions in
detected by the self-diagnostics. It is therefore conjunction with components can be proven.
important to check the functionality of the SIL3 relay
with the proper frequency.
The operator must determine the type of tests and
the proper time intervals. The time intervals are
partly determined by the calculation of each
individual safety circuit of the sys-
te

m (the PFD values).

1373930000/03/04-2023 11
Periodic inspections

5.1 Functional check

Active input circuit

• Apply U1 = 21.6 V DC to the connection terminals
A1(+) and A2(-)
◊ The current consumption is I1 = 35 to 44.3 mA
(current meter A1)
• The “RELAY OUTPUT” LED lights up
• No electrical connection between terminal 14 and
terminal T
◊ The current consumption is I2 = 0 mA
(current meter A2)
• Electrical connection between terminal 14 and
terminal 15
◊ The current consumption is I3 = 10 mA
(current meter A3)

Inactive input circuit

• Apply U1 = 0 V DC to the connection terminals
A1(+) and A2(-)
◊ The current consumption is I1 = 0 mA
(current meter A1)
• The “RELAY OUTPUT” LED does not light up
• Electrical connection between terminal 14 and
terminal T
◊ The current consumption is I2 = 10 mA
(current meter A2)
• No electrical connection between terminal 13 and
terminal 15
◊ The current consumption is I3 = 0 mA
(current meter A3)

(The illustration shows the front view of the parts (order number)
1303760000 SCS 24VDC P1SIL3DS M and the
1304040000 SCS 24VDC P1SIL3DS MG3.
The monitoring circuit is not applicable for the part
1303890000 SCS 24VDC P1SIL3DS).

12 1373930000/03/04-2023
 Technical safety values

6. Technical safety values

6.1 Assumptions
• The monitoring circuit is used exclusively for • The environmental conditions correspond to
detecting field signals and responding to the the average industrial environment.
control unit throughout the range 24 to • The specifications in the data sheet and the
230 V UC. operating instructions should not be exceeded.
The monitoring circuit should not be used for
technical safety-critical operations.
• The max. allowable ambient temperature is
50 °C.

1373930000/03/04-2023 13
Technical safety values

6.2 Safety data

Safety basic data
Safety category SIL3
Safety standard DIN EN 61508
Device type A
HFT 2
Tproof in years 12

Safety parameters “low demand mode”

Frequency of demands 5 per year
Part of architecture 1oo1 1oo3
PFDavg 1.75 ⋅ 10-6 1.31 ⋅ 10-6
λDD in FIT 0.00 0.00
λDU in FIT 0.03 1.00
λSD + λSU in FIT 188.97 1.00
λTotal in FIT 189.00 2.00
SFF in % 99.98 50.00
PFDavg (complete) 3.07 ⋅ 10-6

Safety parameters “high demand mode”

Frequency of demands Once per month Once per week Once per day
Part of architecture 1oo1 1oo3 1oo1 1oo3 1oo1 1oo3
PFH in h-1 3.33 ⋅ 10-11 3.43 ⋅ 10-11 3.33 ⋅ 10-11 1.48 ⋅ 10-10 3.33 ⋅ 10-11 1.05 ⋅ 10-9
λDD in FIT 0.00 0.00 0.00 0.00 0.00 0.00
λDU in FIT 0.03 0.69 0.03 2.97 0.03 21.00
λSD + λSU in FIT 188.97 0.69 188.97 2.97 188.97 21.00
λTotal in FIT 189.00 1.38 189.00 5.94 189.00 42.00
SFF in % 99.98 50.00 99.98 50.00 99.98 50.00
PFH in h-1 (complete) 6.76 ⋅ 10-11 1.82 ⋅ 10-10 1.08 ⋅ 10-9

14 1373930000/03/04-2023
1373930000/03/04-2023 15
Weidmüller Interface GmbH & Co. KG
Klingenbergstraße 26
32758 Detmold
Germany
Phone +49 (0) 5231 14-0
Fax +49 (0) 5231 14-292083 Order number:
[Link] 1373930000/03/04-2023