Fisher ET Automobile Parts User Manual


 
ED, ET, EZ, HP, HPA Valves w/ 657/667 Actuator
SIL Safety Manual
July 2010
4
Designing a SIF Using Fisher ED,
ET, EZ, HP, or HPA Valve
Safety Function
When the valve’s actuator is de-energized, the
actuator and valve shall move to its fail-safe position.
Depending on which configuration is specified
fail–closed or fail-open, the actuator will move the
valve plug to close off the flow path through the
valve body or open the flow path through the valve
body.
The ED, ET, EZ, HP, or HPA valve is intended to be
part of final element subsystem as defined per IEC
61508 and the achieved SIL level of the designed
function must be verified by the designer.
Environmental limits
The designer of a SIF must check that the product is
rated for use within the expected environmental
limits. Refer to the ED, ET, EZ, or HP and HPA valve
product bulletin for environmental limits.
Application limits
The materials of construction of ED, ET, EZ, HP, or
HPA valves are specified in the product bulletins. A
range of materials are available for various
applications. The serial card will indicate what the
materials of construction are for a given valve. It is
especially important that the designer check for
material compatibility considering on-site chemical
contaminants and environmental conditions. If the
ED, ET, EZ, HP, or HPA valve is used outside of the
application limits or with incompatible materials, the
reliability data provided becomes invalid.
Diagnostic Response Time
The ED, ET, EZ, HP, or HPA valve does not perform
any automatic diagnostic functions by itself and
therefore it has no diagnostic response time of its
own. However, automatic diagnostics of the final
control subsystem may be performed such as Partial
Valve Stroke Testing (PVST). This typically will
exercise the valve over a small percentage of its
normal travel without adversely affecting the flow
through the valve. If any failures of this PVST are
automatically detected and annunciated, the
diagnostic response time will be the PVST interval
time. The PVST must be performed 10 times more
often than an expected demand in order for credit to
be given for this test.
Design Verification
A detailed FMEDA report is available from Emerson
Process Management. This report details all failure
rates and failure modes as well as the expected
lifetime.
The achieved SIL of an entire SIF design must be
verified by the designer via a calculation of PFD
AVG
considering architecture, proof test interval, proof
test effectiveness, any automatic diagnostics,
average repair time and the specific failure rates of
all products included in the SIF. Each subsystem
must be checked to assure compliance with
minimum HFT requirements.
When using an ED, ET, EZ, HP, or HPA valve in a
redundant configuration, a common cause factor of
at least 5% should be included in the Safety Integrity
calculations.
The failure rate data listed in the FMEDA report is
only valid for the useful lifetime of an ED, ET, EZ,
HP, or HPA valve. The failure rates will increase
after this time period. Reliability calculations based
on the data listed in the FMEDA report for mission
times beyond the useful lifetime may yield results
that are too optimistic, i.e. the calculated Safety
Integrity Level will not be achieved.
SIL Capability
Systematic Integrity
Figure 2. exida SIL 3 Capable
The product has met manufacturer design process
requirements of SIL 3. These are intended to
achieve sufficient integrity against systematic errors
of design by the manufacturer. A SIF designed with
this product must not be used at a SIL level higher
than stated without “prior use” justification by the end