Lamtec F200K2 IR-1 Benutzerhandbuch
www.lamtec.de
Sensors and Systems for Combustion Engineering
Safety Manual
F200K
2
Table of Contents
Table of Contents
1 General Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1 Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2 Standards and Directives. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.3 Classification of the Safety Instructions and Warnings . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.4 Terms and Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2 General Safety Instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1 Intended Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.2 Safety Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.3 Safe State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.4 Scope of Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.5 Additional Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.6 Safety Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.7 Life time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
3 Installation and Commissioning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
3.1 Verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
4 Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
4.1 Proof Test. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
4.2 Proof Test Calculation and PTC. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
4.3 Proof Test Execution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
5 Repair and Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
6 Decommission and Dismount. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
7 Appendix. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
7.1 TÜV Confirmation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
7.2 Hints and requirements for installation, commissioning, operation and verification. . . . 18
8 EU Declaration of Conformity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
3
1 General Information
1 General Information
1.1 Purpose
The Safety Manual contains information for a device (E/E/PE-System) from the manufacture
LAMTEC in the scope of functional safety. It provides the necessary information and data for
all stages of the safety lifecycle according to IEC 61508:2010 (or DIN EN 61508:2011) and
related standards. It helps the user to plan, operate, maintain and dismount the device in
safety related appliances.
All given information is addressed to skilled and educated personnel, responsible for the
planning, assembly, commissioning, operation, maintenance and dismount of the device.
The plant operator is responsible for the correct execution of these operations.
NOTICE
The Safety Manual does not replace the operating and installation manuals of this device. It
contains necessary information focussed on the usage of the device in safety functions. For
additional manuals check the according product website at www.lamtec.de.
The Safety Manual applies to the following independent flames scanners:
• F200K Compact Flame Scanner
In single-burner and multiple-burner furnaces, the flame detector performs a safety monitoring
of the burner flame.
The flame detector is mainly used in large-scale power plants, thermal power stations and
chemical plants as well as for monitoring furnaces which are operated from.
• Oil
• Gas
• Bio-mass
• Dust coal
• Chemicals and other waste products
4
1 General Information
The Safety Manual is valid from device version HW 2.0, 2.1, 2.2 for the following models:
NOTICE
Because of different sensor materials, there are different ambient temperature ranges of the
models defined. The standard operating temperature range is -40 °C to +75 °C. See chapter
Appendix 7.2 Hints and requirements for installation, commissioning, operation and verifica-
tiondefines, which models are divergent.
WARNING!
Neglecting the temperature range as defined in Appendix see chapter 7.2 Hints and require-
ments for installation, commissioning, operation and verification leads to a loss of the safety
integrity and may cause personnel and material damage.
1.2 Standards and Directives
The basis of test for this device are the following standards and directives:
• DIN EN 298: 2012-11
• DIN EN 13611: 2011-12
• DIN EN 60730-2-5: 2015-10
• DIN EN 60730-1: 2012-10
Technical requirements of DIN EN 61508-2:2011-02
• 2014/35/EU Low Voltage Directive (LVD)
• 2014/30/EU Electromagnetic Compatibility (EMC) Directive
• 2014/68/EU Pressure Equipment Directive Cat.4 Mod. B+D
• EU/2016/426 Gas Appliance Directive
5
1 General Information
1.3 Classification of the Safety Instructions and Warnings
The following symbols are used in this document to draw the user's attention to important safe-
ty information. They are located at points where the information is required. It is essential that
the safety information is observed and followed, and that applies particularly to the warnings.
DANGER!
This draws the user's attention to imminent danger. If it is not avoided, it will result in death or
very serious injury. The plant including its surroundings could be damaged.
WARNING!
This draws the user's attention to the possibility of imminent danger. If it is not avoided, it may
result in death or very serious injury. The plant including its surroundings could be damaged.
CAUTION!
This draws the user's attention to the possibility of imminent danger. If it is not avoided, it may
result in minor injuries. The plant including its surroundings could be damaged.
NOTICE
This draws the user's attention to important additional information about the system or system
components and offers further tips.
The safety information described above is incorporated into the instructions.
Thus, the operator is requested to:
1 Comply with the accident prevention regulations whenever work is being carried out.
2 Do everything possible within his control to prevent personal injury and damage to
property.
6
1 General Information
1.4 Terms and Definitions
For further explanations of terms and definitions see IEC 61508-4 (or DIN EN 61508-4).
DC Diagnostic coverage
DCAVG Average diagnostic coverage
E/E/PE-System Electrical/electronic/programmable electronic system
EUC Equipment under control
FIT Failure In Time in 10-9 1/h
FMEDA Failure Mode, Effects, and Diagnostics Analysis
λsProbability of safe failure (detected and undetected)
λdProbability of dangerous failure
λdd Probability of dangerous detected failure
λdu Probability of dangerous undetected failure
λno effect, λdon’t care Probability of failures with no effect (not used in SFF calculation)
HFT Hardware fault tolerance
MooN M out of N channel architecture
MTBF Mean time between failures
MTTR Mean time to repair
MTTF Mean time to failure
PFD Probability of dangerous failure on demand (Low Demand mode)
PFDAVG Average probability of dangerous failure on demand
PFH Average frequency of a dangerous failure per hour (Continuous mode)
PTC Proof Test Coverage, proportion of detectable unsafe failures
SFF Safe failure fraction
SIF Safety instrumented function
SIS Safety instrumented system
SIL Safety integrity level
SIL AC Safety integrity level architectural constraint
SC Systematic Capability
T1Proof test interval
T2Diagnostic test interval
T
2 IBD
Interval between demands of the safety function
7
2 General Safety Instructions
2 General Safety Instructions
2.1 Intended Use
The device is developed and approved for appropriate and intended use. If the device is used
improperly, the protection of personnel and plant is not ensured.
The corresponding manuals or chapters for each particular stage of the product life cycle must
be regarded in addition to this Safety Manual see chapter 1.1 Purpose. Ignoring these instruc-
tions will void any warranty and absolve the manufacturer from any liability.
2.2 Safety Functions
The independent compact flame scanner F200K is suitable for flame detection of burners and
combustion systems for gaseous, liquid or solid fuels with permanent operation.
WARNING!
The type approval lapses in the event of modifications to the unit. The unit's inputs and outputs
must be wired according to the specifications in the instruction manual only.
DANGER!
The appendix Hints and requirements for installation, commissioning, operation and
verification" must be considered properly.
2.3 Safe State
The safe state is achieved when the flame signal contact is opened (Flame OFF) and in a
de-energized condition.
2.4 Scope of Application
The F200K flame scanner fulfil
• technical requirements according to DIN EN 61508:2011, part 2 for SIL 3
• the requirements to be used as single device for SIF according to
DIN EN 61511-1:2005-05 up to SIL 3.
• the requirements to be used as single device for safety related control functions (SRCF)
according to EN ISO 13849-1:2006 up to performance level PL e (CAT. 3)
and
• the applicable requirements according to DIN EN 746-2:2011-02 for flame detection in
industrial thermo processing equipment.
8
2 General Safety Instructions
2.5 Additional Components
The safety parameters do not include external components such as burner controls or any oth-
er sensors and actors.
2.6 Safety Values
The safety values have been determined by the use of a FMEDA with the following basic con-
ditions:
• Component failure rates based on Siemens standard SN 29500, DIN EN 13611: 2011-12
and B10d values of manufactures where no other values are available.
• Specific load parameters, quality factors and an ambient temperature of 60 °C have been
used for the calculation.
• Failure models from DIN EN 13611 and additionally failure model drift have been used.
Under special circumstances short circuits have not to be assumed.
• Estimation of common cause factors β = 2% βD = 1%.
• The "Proof test interval" T1 is equivalent to the product mission or life time.
• The calculation of the safety probability values has been done with a lifetime of 10 years1.
• For redundant structures a diagnostic test interval of T2 = 120s has been defined.
• For redundant subsystems (HFT>=1) the SFF is > 90%, for subsystems without
redundancy (HFT=0) the SFF is > 99%
• The F200K is designed as one safety unit (PES). There is no separation within the
F200K electronic between safety and non safety related components by architectural
design.
• There is no difference between λs detected and undetected. All safe failures can be
assumed as safe undetected (λsu).
1 See chapter 2.7 Life timefor more information.
9
2 General Safety Instructions
Device type Type B (complex component)
Mode of operation High demand or continuous mode5
Safety function De-energized flame contact (safety valves)
HFT20
SIL (SC) 3
λs (λsu) 1,31E+03 FIT
λdd 6,32E+02 FIT
λdu 6,43E+01 FIT
λno effect, λdon‘t care 2,04E+03 FIT
SFF396,4%
DCAVG 90,7%
PFH 1,8E-09 1/h
PFDAVG 7,2E-05
T1 10 years
T2 120 seconds
MTTF 28 years
MTTR48 hours
MTBF 28 years
2According to DIN EN 61508:2011 HFT > 0 requires complete redundancy, including sensors, actors and power sup-
plies. Nevertheless, a HFT=0 device may reach the safety integrity for the usage in SIL3 safety functions according
to DIN EN 61508 or DIN EN 61511 (see 2.4 Scope of Application).
3SFF is relevant for elements, subsystems or systems in a complete safety loop. This device is always part of a com-
plete safety loop. A SIL calculation of a safety loop must be evaluated finally with the safe failure fraction of elements,
subsystems and the complete system. Nevertheless, the SFF of the device is given in this document for reference.
4The MTTR is assumed with 8h for the calculation of PFD/PFH (exchange of the device). In practise, the devices will
be locked in the safe state until it is replaced.
5 An electronic safety device without wear which is certified for the usage in safety functions in high demand mode
can be used in low demand functions as well. Therefore the diagnostic test intervall must be sufficient. For F200K
this is given and the PDFAVG can be used for further calculations.
Dieses Handbuch passt für folgende Modelle
5
Inhaltsverzeichnis
Andere Lamtec Scanner Handbücher
