Safety Instrumented Systems Verification: Practical Probabilistic Calculations
The 2oo2D is a four channel architecture that consists of two 1oo1D controllers arranged in a 2oo2 style (Figure F-26). Since the 1oo1D protects against dangerous failures when diagnostics detect the failure, two units can be wired in parallel to protect against shutdowns. Effective diagnostics are essential to this architecture as an undetected dangerous failure on either unit will fail the system dangerously.
Figure F-26: 2oo2D Architecture
PFD Fault Tree for 2oo2D
The 2oo2D architecture will fail with outputs energized if either unit has a dangerous undetected failure or if the system experiences a dangerous undetected common cause failure. This is shown in the fault tree of Figure F-27.
Figure F-27: PFS Fault Tree for the 2oo2D Architecture
The approximate equation derived from the fault tree for PFD is:
The equation for PFDavg is:
PFS Fault Tree for 2oo2D
Figure F-28 shows that a 2oo2D architecture will fail safely only if both units fail safely. This can happen due to common cause failures SDC, SUC, or DDC, or if A and B fail safely.
Figure F-28: PFS Fault Tree for the 2oo2D Architecture
First order approximation techniques can be used to generate a formula for probability of failing safely from this fault tree.
SD = the time required to restart the process after a shutdown
RT = average repair time for a detected failure
TI = the inspection time interval
This equation has the same form as Equation B-10 with ( ? SDN+ ? DDN)...