1 Failure Modes, Effects and Diagnostic Analysis Project: Emerson's Rosemount . 3051 Pressure Transmitter with 4-20mA HART. Device Label SW Company: Rosemount Inc. Shakopee, MN. USA. Contract No.: Q15/10-010. Report No.: ROS 13/01-010 R001. Version V2, Revision R3, October 14, 2016. Ted Stewart The document was prepared using best effort. The authors make no warranty of any kind and shall not be liable in any event for incidental or consequential damages in connection with the application of the document. All rights reserved. Management Summary This report summarizes the results of the Failure Modes, Effects , and Diagnostic Analysis (FMEDA). of the Emerson's Rosemount 3051 Pressure Transmitter with 4-20mA HART, Device Label SW. A Failure Modes, Effects , and Diagnostic Analysis is one of the steps to be taken to achieve functional safety certification per IEC 61508 of a device.
2 From the FMEDA, Failure rates and Safe Failure Fraction are determined. The FMEDA that is described in this report concerns only the hardware of the Rosemount 3051, electronic and mechanical. For full functional safety certification purposes all requirements of IEC 61508 must be considered. The Rosemount 3051 is a two-wire 4 20 mA smart device. It contains self-diagnostics and is programmed to send its output to a specified Failure state, either high or low upon internal detection of a Failure . For safety instrumented systems usage, it is assumed that the 4 20 mA output is used as the primary safety variable. Table 1 lists the versions of the Rosemount 3051 that have been considered for the hardware assessment. Table 1 Version Overview Option 1 Emerson's Rosemount 3051 Pressure Transmitter with 4-20mH HART: Coplanar Differential & Coplanar Gage Option 2 Emerson's Rosemount 3051 Pressure Transmitter with 4-20mH HART: Coplanar Absolute, In-Line Gage & Absolute The Rosemount 3051 is classified as a Type B1 device according to IEC 61508, having a hardware fault tolerance of 0.
3 The Failure rates for the Emerson's Rosemount 3051 Pressure Transmitter with 4-20mA HART are listed in Table 2. Table 2 Failure rates for Emerson's Rosemount 3051 Pressure Transmitter with 4-20mA HART. Failure Rate (FIT). Failure Category Coplanar Absolute, Coplanar Differential In-Line Gage &. & Coplanar Gage Absolute Fail Safe Undetected 84 94. Fail Dangerous Detected 258 279. Fail Detected (detected by internal diagnostics) 207 222. Fail High (detected by logic solver) 24 29. Fail Low (detected by logic solver) 27 28. Fail Dangerous Undetected 32 41. No effect 79 88. Annunciation Undetected 12 14. External Leak 23 23. 1 Type B element: Complex element (using micro controllers or programmable logic); for details see of IEC 61508-2, ed2, 2010.
4 Exida ROS 13-01-010 R001 V2R3 3051 T-001 V8,R1 Page 2 of 27. These Failure rates are valid for the useful lifetime of the product, see Appendix A. The Failure rates listed in this report do not include failures due to wear-out of any components. They reflect random failures and include failures due to external events, such as unexpected use, see section The Analysis shows that the reviewed Rosemount 3051 has a Safe Failure Fraction 90% (assuming that the logic solver is programmed to detect over-scale and under-scale currents) and therefore meets Route 1H hardware architectural constraints for up to SIL 2 as a single device. The Failure rate data used for this Analysis meets the exida criteria for Route 2H and the Diagnostic coverage is 60%.
5 Route 2H has over 25 billion supporting operating hours. Therefore, the reviewed 3051 models meet the hardware architectural constraints for up to SIL 2 as a single device when the listed Failure rates are used. Table 3 lists the Failure rates for the Rosemount 3051 according to IEC 61508, ed2, 2010. Table 3 Failure rates according to IEC 61508 in FIT. Device SD SU2 DD DU SFF3. Emerson's Rosemount 3051 Pressure Transmitter with 4-20mA HART: Coplanar 0 84 258 32 91%. Differential & Coplanar Gage Emerson's Rosemount 3051 Pressure Transmitter with 4-20mA HART: Coplanar 0 94 279 41 90%. Absolute, In-Line Gage & Absolute A user of the Emerson's Rosemount 3051 Pressure Transmitter with 4-20mA HART can utilize these Failure rates in a probabilistic model of a safety instrumented function (SIF) to determine suitability in part for safety instrumented system (SIS) usage in a particular safety integrity level (SIL).
6 A full table of Failure rates is presented in section along with all assumptions. 2 It is important to realize that the No effect failures are no longer included in the Safe Undetected Failure category according to IEC 61508, ed2, 2010. 3 Safe Failure Fraction is calculated for the entire element when following Route 1 ,or is not required when H. following Route 2 H architectural constraints, for details see of IEC 61508, ed2, 2010. exida ROS 13-01-010 R001 V2R3 3051 T-001 V8,R1 Page 3 of 27. Table of Contents Management Summary .. 2. 1 Purpose and Scope .. 6. 2 Project 7. 7. Roles of the parties involved .. 7. Standards / Literature used .. 7. exida Tools Used .. 8. Reference 8. Documentation provided by Rosemount Inc.. 8. Documentation generated by exida.
7 8. 3 Product Description .. 9. Emerson's Rosemount 3051 Pressure Transmitter with 4-20mA HART .. 9. 4 Failure Modes, Effects , and Diagnostics Analysis .. 10. Failure categories 10. Methodology FMEDA, Failure rates .. 11. FMEDA .. 11. Failure rates .. 11. Assumptions .. 12. Results .. 13. 5 Using the FMEDA results .. 15. Impulse line clogging .. 15. PFDAVG Calculation Emerson's Rosemount 3051 Pressure Transmitter with 4-20mA. HART .. 15. exida Route 2H Criteria .. 15. 6 Terms and Definitions .. 17. 7 Status of the Document .. 18. Liability .. 18. Releases .. 18. Future Enhancements .. 18. Release Signatures .. 19. Appendix A Lifetime of Critical Components .. 20. Appendix B Proof tests to reveal dangerous undetected faults .. 21. Suggested Partial Proof 21.
8 Suggested Comprehensive Proof Test .. 22. Proof Test Coverage .. 22. exida ROS 13-01-010 R001 V2R3 3051 T-001 V8,R1 Page 4 of 27. Appendix C exida Environmental Profiles .. 23. Appendix D Determining Safety Integrity Level .. 24. exida ROS 13-01-010 R001 V2R3 3051 T-001 V8,R1 Page 5 of 27. 1 Purpose and Scope This document shall describe the results of the hardware assessment in the form of a Failure Modes, Effects , and Diagnostic Analysis (FMEDA) carried out on the Emerson's Rosemount 3051 Pressure Transmitter with 4-20mA HART. From this, Failure rates and example PFDAVG values may be calculated. The information in this report can be used to evaluate whether an element meets the average Probability of Failure on Demand (PFDAVG) requirements and if applicable, the architectural constraints / minimum hardware fault tolerance requirements per IEC 61508 / IEC 61511.
9 An FMEDA is part of effort needed to achieve full certification per IEC 61508 or other relevant functional safety standard. exida ROS 13-01-010 R001 V2R3 3051 T-001 V8,R1 Page 6 of 27. 2 Project Management exida exida is one of the world's leading accredited Certification Bodies and knowledge companies specializing in automation system safety and availability with over 300 years of cumulative experience in functional safety. Founded by several of the world's top reliability and safety experts from assessment organizations and manufacturers, exida is a global company with offices around the world. exida offers training, coaching, project oriented system consulting services, safety lifecycle engineering tools, detailed product assurance, cyber-security and functional safety certification, and a collection of on-line safety and reliability resources.
10 Exida maintains the largest process equipment database of Failure rates and Failure modes with over 100 billion unit operating hours. Roles of the parties involved Rosemount Inc. Manufacturer of the Rosemount 3051. exida Performed the hardware assessment Rosemount Inc. originally contracted exida in July 2011 with the hardware assessment of the above- mentioned device. Standards / Literature used The services delivered by exida were performed based on the following standards / literature. [N1] IEC 61508-2: ed2, 2010 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems [N2] Electrical Component exida LLC, Electrical Component Reliability Handbook, Reliability Handbook, 3rd Third Edition, 2012, ISBN 978-1-934977-04-0.