There are two types of failures. These are Safe failures and unsafe failures. A safe failure is where there are no safety consequences due to the failure. An example of this is a contactor failing with the contacts open. In this case no power is applied to the device it is switching. An example of an unsafe failure is if the contactor welds together so even if the control voltage is disconnected it is possible that the power is still applied to the device.
The diagnostic coverage is applied to individual components in the safety chain and is defined as a function of the effectiveness of the failure detection measures.
ƛDU = Dangerous undetected failures
ƛDD = Dangerous detected failures
ƛD = Total failures = ƛDU + ƛDD
Then the diagnostic coverage DC is
DC = ƛDD / ƛD
And is expressed as a percentage. So if half the dangerous failures are detected the diagnostic coverage is 50%
The diagnostic coverage is split into 4 categories
High: This is when more than 99% of dangerous failures are detected
Medium: This is when 90 – 99% of dangerous failures are detected
Low: This is when 60 – 90% of dangerous failures are detected
None: This is when less than 60% of dangerous failures are detected
Mean Time to Failure (MTTF)
Another factor when determining the performance level is the Mean Time to Failure. This is self explainatory but is split into three
Low is a mean time to failure of 3 – 10 years
Medium is a mean time to failure of 10 – 30 years
High is a mean time to failure of 30 – 100 years
The manufacturer can give a Failure in Time (FIT) figure
Where I FIT = 1 failure in 109 hours
For a safety system with several components the individual FIT values are added to gether to form a total value
FIT Total = FIT 1 + FIT 2 + FIT 3 ………….. = 1/ MTTF
So from the manufacturer’s information a precise figure for the meantime to dangerous failure can be identified. A Diagnostic Coverage figure can also be determined according to the number of dangerous failures detected divided by the total number of dangerous failures in the system. It is now a matter of placing the system in the above chart.
It is clear that to achieve Cat.4 then it is essential to have a high diagnostic coverage rate. It is also true that it appears that there is some overlap and the exact figure could be crucial in determining the Performance Level