GB/T 20438.6-2006 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 6: Guidelines on the application of GB/T 20438.2 and GB/T 20438.3 (English Version)
Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 6: Guidelines on the application of GB/T 20438.2 and GB/T 20438.3
1 Scope
This part contains information and guidelines on GB/T 20438.2 and GB/T 20438.3.
- Appendix A gives a brief overview of the requirements of GB/T 20438.2 and GB/T 20438.3 and sets out the functional steps in their application.
- Appendix B gives an example technique for calculating the probabilities of hardware failure and should be read in conjunction with 7.4.3 and Appendix C of GB/T 20438.2-2006 and Appendix D of this part.
- Appendix C gives a worked example of calculating diagnostic coverage and should be read in conjunction with Appendix C of GB/T 20438.2-2006.
- Appendix D gives a methodology for quantifying the effect of hardware-related common cause failures on the probability of failure.
- Appendix E gives worked examples of the application of the software safety integrity tables specified in Appendix A of GB/T 20438.3-2006 for safety integrity levels 2 and 3.
1.2 GB/T 20438.1, GB/T 20438.2, GB/T 20438.3 and GB/T 20438.4 are basic safety standards, although this status does not apply in the context of low complexity E/E/PE safety-related systems (see 3.4.4 of GB/T 20438.4-2006). As basic safety standards, they are intended for use by technical committees in the preparation of standards in accordance with the principles contained in IEC Guide 104 and ISO/IEC Guide 51. GB/T 20438 is also intended for use as a stand-alone standard.
1.3 One of the responsibilities of a technical committee is, wherever applicable, to make use of basic safety standards in the preparation of its standards. In this context, the requirements, test methods or test conditions of this basic safety standard do not apply unless specifically referred to or included in the standards prepared by those technical committees.
1.4 Figure 1 shows the overall framework of GB/T 20438 and indicates the role that this part plays in the achievement of functional safety for E/E/PE safety-related systems.
2 Normative References
The following documents contain provisions which, through reference in this text, constitute provisions of this part of GB/T 20438. For dated reference, subsequent amendments to (excluding any corrigendum), or revisions of, any of these publications do not apply. However, parties to agreements based on this part are encouraged to investigate the possibility of applying the most recent editions of the standards indicated below. For any undated references, the latest edition of the document referred to applies.
GB/T 20438 (All Parts) Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems (GB/T 20438-2006, IEC 61508, IDT)
IEC Guide 104:1997 The Preparation of Safety Publications and the Use of Basic Safety Publications and Group Safety Publications
IEC/ISO Guide 51:1990 Guidelines for the Inclusion of Safety Aspects in Standards
3 Definitions and Abbreviations
See GB/T 20438.4.
Foreword i
Introduction ii
1 Scope
2 Normative References
3 Definitions and Abbreviations
Appendix A (Informative) Application of GB/T 20438.2 and GB/T 20438.3
Appendix B (Informative) Example Technique for Evaluating Probabilities of Hardware Failure
Appendix C (Informative) Calculation of Diagnostic Coverage and Safe Failure Fraction: Worked Example
Appendix D (Informative) A Methodology for Quantifying the Effect of Hardware-related Common Cause Failures in E/E/PE Systems
Appendix E (Informative) Example Applications of Software Safety Integrity Tables of GB/T 20438.3
Bibliography
Table B.1 Terms and Their Ranges Used in This Appendix (Applies to 1oo1, 1oo2, 2oo2, 1oo2D and 2oo3)
Table B.2 Average Probability of Failure on Demand for a Proof Test Interval of Six Months and a Mean Time to Restoration of 8 h
Table B.3 Average Probability of Failure on Demand for a Proof Test Interval of One Year and Mean Time to Restoration of 8h
Table B.4 Average Probability of Failure on Demand for a Proof Test Interval of Two Years and a Mean Time to Restoration of 8h
Table B.5 Average Probability of Failure on Demand for a Proof Test Interval of 10 Years and a Mean Time to Restoration of 8h
Table B.6 Average Probability of Failure on Demand for the Sensor Subsystem in the Example for Low Demand Mode of Operation (One Year Proof Test Interval and 8h MTTR)
Table B.7 Average Probability of Failure on Demand for the Logic Subsystem in the Example for Low Demand Mode of Operation (One Year Proof Test Interval and 8h MTTR)
Table B.8 Average Probability of Failure on Demand for the Final Element Subsystem in The Example for Low Demand Mode of Operation(One Year Proof Test Interval and 8h MTTR)
Table B.9 Example for a Non-perfect Proof Test
Table B.10 Probability of Failure Per Hour (in High Demand or Continuous Mode of Operation) for a Proof Test Interval of One Month and a Mean Time to Restoration of 8h
Table B.11 Probability of Failure Per Hour (in High Demand or Continuous Mode of Operation) for a Proof Test Interval of Three Months and a Mean Time to Restoration of 8h
Table B.12 Probability of Failure Per Hour (in High Demand or Continuous Mode of Operation) for a Proof Test Interval of Six Months and a Mean Time to Restoration of 8h
Table B.13 Probability of Failure Per Hour (in High Demand or Continuous Mode of Operation) for a Proof Test Interval of One Year and a Mean Time to Restoration of 8h
Table B.14 Probability of Failure per Hour for the Sensor Subsystem in the Example for High Demand or Continuous Mode of Operation (Six Months Proof Test Interval and 8h MTTR)
Table B.15 Probability of Failure Per Hour for the Logic Subsystem in the Example for High Demand or Continuous Mode of Operation (Six Months Proof Test Interval and 8h MTTR)
Table B.16 Probability of Failure Per Hour for the Final Element Subsystem in the Example for High Demand or Continuous Mode of Operation (Six Months Proof Test Interval and 8h MTTR)
Table C.1 Examples of Calculations for Diagnostic Coverage and Safe Failure Fraction
Table C.2 Diagnostic Coverage and Effectiveness for Different Subsystems
Table D.1 Scoring Programmable Electronics or Sensors/Final Elements
Table D.2 Value of Z: Programmable Electronics
Table D.3 Value of Z: Sensors or Final Elements
Table D.4 Calculation of β and βD
Table D.5 Example Values for Programmable Electronics
Table E.1 Software Safety Requirements Specification (See 7.2 of GB/T 20438.3-2006)
Table E.2 Software Design and Development: Software Architecture Design (See 7.4.3 of GB/T 20438.3-2006)
Table E.3 Software Design and Development: Support Tools and Programming Language (See 7.4.4 of GB/T 20438.3-2006)
Table E.4 Software Design and Development: Detailed Design (See 7.4.5 and 7.4.6 of GB/T 20438.3-2006) (This Includes Software System Design, Software Module Design and Coding)
Table E.5 Software Design and Development: Software Module Testing and Integration (See 7.4.7 and 7.4.8 of GB/T 20438.3-2006)
Table E.6 Programmable Electronics Integration (Hardware and Software) (See 7.5 of GB/T 20438.3-2006)
Table E.7 Software Safety Validation (See 7.7 of GB/T 20438.3-2006)
Table E.8 Software Modification (See 7.8 of GB/T 20438.3-2006)
Table E.9 Software Verification (See 7.9 of GB/T 20438.3-2006)
Table E.10 Functional Safety Assessment (See Chapter 8 of GB/T 20438.3-2006)
Table E.11 Software Safety Requirements Specification (See 7.2 of GB/T 20438.3-2006)
Table E.12 Software Design and Development: Software Architecture Design (See 7.4.3 of GB/T 20438.3-2006)
Table E.13 Software Design and Development: Support Tools and Programming Language (See 7.4.4 of GB/T 20438.3-2006)
Table E.14 Software Design and Development: Detailed Design (See 7.4.5 and 7.4.6 of GB/T 20438.3-2006) (This Includes Software System Design, Software Module Design and Coding)
Table E.15 Software Design and Development: Software Module Testing and Integration (See 7.4.7 and 7.4.8 of GB/T 20438.3-2006)
Table E.16 Programmable Electronics Integration (Hardware and Software) (See 7.5 of GB/T 20438.3-2006)
Table E.17 Software Safety Validation (See 7.7 of GB/T 20438.3-2006)
Table E.18 Modification (See 7.8 of GB/T 20438.3-2006)
Table E.19 Software Verification (See 7.9 of GB/T 20438.3-2006)
Table E.20 Functional Safety Assessment (See Chapter 8 of GB/T 20438.3-2006)
Figure 1 Overall Framework of GB/T 20438
Figure A.1 Application of GB/T 20438.2
Figure A.2 Application of GB/T 20438.2
Figure A.3 Application of GB/T 20438.3
Figure B.1 Example Configuration for Two Sensor Channels
Figure B.2 Subsystem structure
Figure B.3 1oo1 Physical Block Diagram
Figure B.4 1oo1 Reliability Block Diagram
Figure B.5 1oo2 Physical Block Diagram
Figure B.6 1oo2 Reliability Block Diagram
Figure B.7 2oo2 Physical Block Diagram
Figure B.8 2oo2 Reliability Block Diagram
Figure B.9 1oo2D Physical Block Diagram
Figure B.10 1oo2D Reliability Block Diagram
Figure B.11 2oo3 Physical Block Diagram
Figure B.12 2oo3 Reliability Block Diagram
Figure B.13 Architecture of an Example for Low Demand Mode of Operation
Figure B.14 Architecture of an Example for High Demand or Continuous Mode of Operation
Figure D.1 Relationship of Common Cause Failures to the Failures of Individual Channels
GB/T 20438.6-2006 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 6: Guidelines on the application of GB/T 20438.2 and GB/T 20438.3 (English Version)
Standard No.
GB/T 20438.6-2006
Status
superseded
Language
English
File Format
PDF
Word Count
25000 words
Price(USD)
320.0
Implemented on
2007-1-1
Delivery
via email in 1 business day
Detail of GB/T 20438.6-2006
Standard No.
GB/T 20438.6-2006
English Name
Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 6: Guidelines on the application of GB/T 20438.2 and GB/T 20438.3
1 Scope
This part contains information and guidelines on GB/T 20438.2 and GB/T 20438.3.
- Appendix A gives a brief overview of the requirements of GB/T 20438.2 and GB/T 20438.3 and sets out the functional steps in their application.
- Appendix B gives an example technique for calculating the probabilities of hardware failure and should be read in conjunction with 7.4.3 and Appendix C of GB/T 20438.2-2006 and Appendix D of this part.
- Appendix C gives a worked example of calculating diagnostic coverage and should be read in conjunction with Appendix C of GB/T 20438.2-2006.
- Appendix D gives a methodology for quantifying the effect of hardware-related common cause failures on the probability of failure.
- Appendix E gives worked examples of the application of the software safety integrity tables specified in Appendix A of GB/T 20438.3-2006 for safety integrity levels 2 and 3.
1.2 GB/T 20438.1, GB/T 20438.2, GB/T 20438.3 and GB/T 20438.4 are basic safety standards, although this status does not apply in the context of low complexity E/E/PE safety-related systems (see 3.4.4 of GB/T 20438.4-2006). As basic safety standards, they are intended for use by technical committees in the preparation of standards in accordance with the principles contained in IEC Guide 104 and ISO/IEC Guide 51. GB/T 20438 is also intended for use as a stand-alone standard.
1.3 One of the responsibilities of a technical committee is, wherever applicable, to make use of basic safety standards in the preparation of its standards. In this context, the requirements, test methods or test conditions of this basic safety standard do not apply unless specifically referred to or included in the standards prepared by those technical committees.
1.4 Figure 1 shows the overall framework of GB/T 20438 and indicates the role that this part plays in the achievement of functional safety for E/E/PE safety-related systems.
2 Normative References
The following documents contain provisions which, through reference in this text, constitute provisions of this part of GB/T 20438. For dated reference, subsequent amendments to (excluding any corrigendum), or revisions of, any of these publications do not apply. However, parties to agreements based on this part are encouraged to investigate the possibility of applying the most recent editions of the standards indicated below. For any undated references, the latest edition of the document referred to applies.
GB/T 20438 (All Parts) Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems (GB/T 20438-2006, IEC 61508, IDT)
IEC Guide 104:1997 The Preparation of Safety Publications and the Use of Basic Safety Publications and Group Safety Publications
IEC/ISO Guide 51:1990 Guidelines for the Inclusion of Safety Aspects in Standards
3 Definitions and Abbreviations
See GB/T 20438.4.
Contents of GB/T 20438.6-2006
Foreword i
Introduction ii
1 Scope
2 Normative References
3 Definitions and Abbreviations
Appendix A (Informative) Application of GB/T 20438.2 and GB/T 20438.3
Appendix B (Informative) Example Technique for Evaluating Probabilities of Hardware Failure
Appendix C (Informative) Calculation of Diagnostic Coverage and Safe Failure Fraction: Worked Example
Appendix D (Informative) A Methodology for Quantifying the Effect of Hardware-related Common Cause Failures in E/E/PE Systems
Appendix E (Informative) Example Applications of Software Safety Integrity Tables of GB/T 20438.3
Bibliography
Table B.1 Terms and Their Ranges Used in This Appendix (Applies to 1oo1, 1oo2, 2oo2, 1oo2D and 2oo3)
Table B.2 Average Probability of Failure on Demand for a Proof Test Interval of Six Months and a Mean Time to Restoration of 8 h
Table B.3 Average Probability of Failure on Demand for a Proof Test Interval of One Year and Mean Time to Restoration of 8h
Table B.4 Average Probability of Failure on Demand for a Proof Test Interval of Two Years and a Mean Time to Restoration of 8h
Table B.5 Average Probability of Failure on Demand for a Proof Test Interval of 10 Years and a Mean Time to Restoration of 8h
Table B.6 Average Probability of Failure on Demand for the Sensor Subsystem in the Example for Low Demand Mode of Operation (One Year Proof Test Interval and 8h MTTR)
Table B.7 Average Probability of Failure on Demand for the Logic Subsystem in the Example for Low Demand Mode of Operation (One Year Proof Test Interval and 8h MTTR)
Table B.8 Average Probability of Failure on Demand for the Final Element Subsystem in The Example for Low Demand Mode of Operation(One Year Proof Test Interval and 8h MTTR)
Table B.9 Example for a Non-perfect Proof Test
Table B.10 Probability of Failure Per Hour (in High Demand or Continuous Mode of Operation) for a Proof Test Interval of One Month and a Mean Time to Restoration of 8h
Table B.11 Probability of Failure Per Hour (in High Demand or Continuous Mode of Operation) for a Proof Test Interval of Three Months and a Mean Time to Restoration of 8h
Table B.12 Probability of Failure Per Hour (in High Demand or Continuous Mode of Operation) for a Proof Test Interval of Six Months and a Mean Time to Restoration of 8h
Table B.13 Probability of Failure Per Hour (in High Demand or Continuous Mode of Operation) for a Proof Test Interval of One Year and a Mean Time to Restoration of 8h
Table B.14 Probability of Failure per Hour for the Sensor Subsystem in the Example for High Demand or Continuous Mode of Operation (Six Months Proof Test Interval and 8h MTTR)
Table B.15 Probability of Failure Per Hour for the Logic Subsystem in the Example for High Demand or Continuous Mode of Operation (Six Months Proof Test Interval and 8h MTTR)
Table B.16 Probability of Failure Per Hour for the Final Element Subsystem in the Example for High Demand or Continuous Mode of Operation (Six Months Proof Test Interval and 8h MTTR)
Table C.1 Examples of Calculations for Diagnostic Coverage and Safe Failure Fraction
Table C.2 Diagnostic Coverage and Effectiveness for Different Subsystems
Table D.1 Scoring Programmable Electronics or Sensors/Final Elements
Table D.2 Value of Z: Programmable Electronics
Table D.3 Value of Z: Sensors or Final Elements
Table D.4 Calculation of β and βD
Table D.5 Example Values for Programmable Electronics
Table E.1 Software Safety Requirements Specification (See 7.2 of GB/T 20438.3-2006)
Table E.2 Software Design and Development: Software Architecture Design (See 7.4.3 of GB/T 20438.3-2006)
Table E.3 Software Design and Development: Support Tools and Programming Language (See 7.4.4 of GB/T 20438.3-2006)
Table E.4 Software Design and Development: Detailed Design (See 7.4.5 and 7.4.6 of GB/T 20438.3-2006) (This Includes Software System Design, Software Module Design and Coding)
Table E.5 Software Design and Development: Software Module Testing and Integration (See 7.4.7 and 7.4.8 of GB/T 20438.3-2006)
Table E.6 Programmable Electronics Integration (Hardware and Software) (See 7.5 of GB/T 20438.3-2006)
Table E.7 Software Safety Validation (See 7.7 of GB/T 20438.3-2006)
Table E.8 Software Modification (See 7.8 of GB/T 20438.3-2006)
Table E.9 Software Verification (See 7.9 of GB/T 20438.3-2006)
Table E.10 Functional Safety Assessment (See Chapter 8 of GB/T 20438.3-2006)
Table E.11 Software Safety Requirements Specification (See 7.2 of GB/T 20438.3-2006)
Table E.12 Software Design and Development: Software Architecture Design (See 7.4.3 of GB/T 20438.3-2006)
Table E.13 Software Design and Development: Support Tools and Programming Language (See 7.4.4 of GB/T 20438.3-2006)
Table E.14 Software Design and Development: Detailed Design (See 7.4.5 and 7.4.6 of GB/T 20438.3-2006) (This Includes Software System Design, Software Module Design and Coding)
Table E.15 Software Design and Development: Software Module Testing and Integration (See 7.4.7 and 7.4.8 of GB/T 20438.3-2006)
Table E.16 Programmable Electronics Integration (Hardware and Software) (See 7.5 of GB/T 20438.3-2006)
Table E.17 Software Safety Validation (See 7.7 of GB/T 20438.3-2006)
Table E.18 Modification (See 7.8 of GB/T 20438.3-2006)
Table E.19 Software Verification (See 7.9 of GB/T 20438.3-2006)
Table E.20 Functional Safety Assessment (See Chapter 8 of GB/T 20438.3-2006)
Figure 1 Overall Framework of GB/T 20438
Figure A.1 Application of GB/T 20438.2
Figure A.2 Application of GB/T 20438.2
Figure A.3 Application of GB/T 20438.3
Figure B.1 Example Configuration for Two Sensor Channels
Figure B.2 Subsystem structure
Figure B.3 1oo1 Physical Block Diagram
Figure B.4 1oo1 Reliability Block Diagram
Figure B.5 1oo2 Physical Block Diagram
Figure B.6 1oo2 Reliability Block Diagram
Figure B.7 2oo2 Physical Block Diagram
Figure B.8 2oo2 Reliability Block Diagram
Figure B.9 1oo2D Physical Block Diagram
Figure B.10 1oo2D Reliability Block Diagram
Figure B.11 2oo3 Physical Block Diagram
Figure B.12 2oo3 Reliability Block Diagram
Figure B.13 Architecture of an Example for Low Demand Mode of Operation
Figure B.14 Architecture of an Example for High Demand or Continuous Mode of Operation
Figure D.1 Relationship of Common Cause Failures to the Failures of Individual Channels